|
290311
|
- |
|
python
debian
opensuse
|
pillow
python-imaging
opensuse
|
PIL/IcnsImagePlugin.py in Python Imaging Library (PIL) and Pillow before 2.3.2 and 2.5.x before 2.5.2 allows remote attackers to cause a denial of service via a crafted block size.
|
CWE-20
Improper Input Validation
|
CVE-2014-3589
|
2024-11-21 11:08 |
2014-08-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290312
|
- |
|
php
|
php
|
Multiple buffer overflows in the php_parserr function in ext/standard/dns.c in PHP before 5.4.32 and 5.5.x before 5.5.16 allow remote DNS servers to cause a denial of service (application crash) or p…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2014-3597
|
2024-11-21 11:08 |
2014-08-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290313
|
- |
|
christos_zoulas
php
|
file
php
|
Integer overflow in the cdf_read_property_info function in cdf.c in file through 5.19, as used in the Fileinfo component in PHP before 5.4.32 and 5.5.x before 5.5.16, allows remote attackers to cause…
|
CWE-189
Numeric Errors
|
CVE-2014-3587
|
2024-11-21 11:08 |
2014-08-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290314
|
- |
|
saltstack
|
salt
|
Multiple unspecified vulnerabilities in Salt (aka SaltStack) before 2014.1.10 allow local users to have an unspecified impact via vectors related to temporary file creation in (1) seed.py, (2) salt-s…
|
CWE-59
Link Following
|
CVE-2014-3563
|
2024-11-21 11:08 |
2014-08-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290315
|
- |
|
openstack
opensuse
|
horizon
opensuse
|
Cross-site scripting (XSS) vulnerability in the Host Aggregates interface in OpenStack Dashboard (Horizon) before 2013.2.4, 2014.1 before 2014.1.2, and Juno before Juno-3 allows remote administrators…
|
CWE-79
Cross-site Scripting
|
CVE-2014-3594
|
2024-11-21 11:08 |
2014-08-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290316
|
- |
|
apache
|
traffic_server
|
Unspecified vulnerability in Apache Traffic Server 3.x through 3.2.5, 4.x before 4.2.1.1, and 5.x before 5.0.1 has unknown impact and attack vectors, possibly related to health checks.
|
NVD-CWE-noinfo
|
CVE-2014-3525
|
2024-11-21 11:08 |
2014-08-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290317
|
- |
|
symantec
|
pgp_desktop
encryption_desktop
|
Symantec Encryption Desktop 10.3.x before 10.3.2 MP3, and Symantec PGP Desktop 10.0.x through 10.2.x, allows remote attackers to cause a denial of service (CPU and memory consumption) via a crafted e…
|
CWE-310
Cryptographic Issues
|
CVE-2014-3436
|
2024-11-21 11:08 |
2014-08-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290318
|
- |
|
apache
|
httpclient
httpasyncclient
|
org.apache.http.conn.ssl.AbstractVerifier in Apache HttpComponents HttpClient before 4.3.5 and HttpAsyncClient before 4.0.2 does not properly verify that the server hostname matches a domain name in …
|
NVD-CWE-Other
|
CVE-2014-3577
|
2024-11-21 11:08 |
2014-08-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290319
|
- |
|
fedoraproject
redhat
|
389_directory_server
enterprise_linux
directory_server
|
Red Hat Directory Server 8 and 389 Directory Server, when debugging is enabled, allows remote attackers to obtain sensitive replicated metadata by searching the directory.
|
CWE-200
Information Exposure
|
CVE-2014-3562
|
2024-11-21 11:08 |
2014-08-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290320
|
- |
|
rubyonrails
|
rails
|
activerecord/lib/active_record/relation/query_methods.rb in Active Record in Ruby on Rails 4.0.x before 4.0.9 and 4.1.x before 4.1.5 allows remote attackers to bypass the strong parameters protection…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2014-3514
|
2024-11-21 11:08 |
2014-08-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
