|
290861
|
- |
|
redhat
|
jboss_enterprise_brms_platform
jboss_enterprise_application_platform
|
PicketBox and JBossSX, as used in Red Hat JBoss Enterprise Application Platform (JBEAP) 6.2.2 and JBoss BRMS before 6.0.3 roll up patch 2, allows remote authenticated users to read and modify the app…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2014-0005
|
2024-11-21 11:01 |
2015-02-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290862
|
- |
|
apache
|
tomcat
|
java/org/apache/coyote/http11/filters/ChunkedInputFilter.java in Apache Tomcat 6.x before 6.0.42, 7.x before 7.0.55, and 8.x before 8.0.9 does not properly handle attempts to continue reading data af…
|
CWE-19
Data Processing Errors
|
CVE-2014-0227
|
2024-11-21 11:01 |
2015-02-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290863
|
- |
|
ovirt
|
ovirt
|
oVirt Engine before 3.5.0 does not include the HTTPOnly flag in a Set-Cookie header for the session IDs, which makes it easier for remote attackers to obtain potentially sensitive information via scr…
|
CWE-200
Information Exposure
|
CVE-2014-0154
|
2024-11-21 11:01 |
2015-02-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290864
|
- |
|
redhat
|
ovirt-engine
|
Cross-site request forgery (CSRF) vulnerability in oVirt Engine before 3.5.0 beta2 allows remote attackers to hijack the authentication of users for requests that perform unspecified actions via a RE…
|
CWE-352
Origin Validation Error
|
CVE-2014-0151
|
2024-11-21 11:01 |
2015-02-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290865
|
- |
|
oracle
|
fusion_middleware
|
The xmlParserHandlePEReference function in parser.c in libxml2 before 2.9.2, as used in Web Listener in Oracle HTTP Server in Oracle Fusion Middleware 11.1.1.7.0, 12.1.2.0, and 12.1.3.0 and other pro…
|
NVD-CWE-noinfo
|
CVE-2014-0191
|
2024-11-21 11:01 |
2015-01-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290866
|
- |
|
redhat
odata4j_project
|
jboss_data_virtualization
odata4j
|
XML external entity (XXE) vulnerability in StaxXMLFactoryProvider2 in Odata4j, as used in Red Hat JBoss Data Virtualization before 6.0.0 patch 4, allows remote attackers to read arbitrary files via a…
|
NVD-CWE-Other
|
CVE-2014-0171
|
2024-11-21 11:01 |
2015-01-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290867
|
- |
|
redhat
|
jboss_enterprise_application_platform
|
JBoss SX and PicketBox, as used in Red Hat JBoss Enterprise Application Platform (EAP) before 6.2.3, use world-readable permissions on audit.log, which allows local users to obtain sensitive informat…
|
CWE-200
Information Exposure
|
CVE-2014-0059
|
2024-11-21 11:01 |
2014-11-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290868
|
- |
|
freerdp
opensuse
|
freerdp
opensuse
|
Multiple integer overflows in client/X11/xf_graphics.c in FreeRDP allow remote attackers to have an unspecified impact via the width and height to the (1) xf_Pointer_New or (2) xf_Bitmap_Decompress f…
|
CWE-189
Numeric Errors
|
CVE-2014-0250
|
2024-11-21 11:01 |
2014-11-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290869
|
- |
|
apache
|
hive
|
Apache Hive before 0.13.1, when in SQL standards based authorization mode, does not properly check the file permissions for (1) import and (2) export statements, which allows remote authenticated use…
|
CWE-284
Improper Access Control
|
CVE-2014-0228
|
2024-11-21 11:01 |
2014-11-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290870
|
- |
|
redhat
|
openshift
|
Red Hat OpenShift Enterprise 2.0 and 2.1 and OpenShift Origin allow remote authenticated users to execute arbitrary commands via shell metacharacters in a directory name that is referenced by a cartr…
|
CWE-94
Code Injection
|
CVE-2014-0233
|
2024-11-21 11:01 |
2014-11-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
