|
291051
|
- |
|
openssl
|
openssl
|
The Montgomery ladder implementation in OpenSSL through 1.0.0l does not ensure that certain swap operations have a constant-time behavior, which makes it easier for local users to obtain ECDSA nonces…
|
CWE-310
Cryptographic Issues
|
CVE-2014-0076
|
2024-11-21 11:01 |
2014-03-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291052
|
- |
|
linux
opensuse
suse
|
linux_kernel
evergreen
linux_enterprise_server
|
Use-after-free vulnerability in the skb_segment function in net/core/skbuff.c in the Linux kernel through 3.13.6 allows attackers to obtain sensitive information from kernel memory by leveraging the …
|
CWE-416
Use After Free
|
CVE-2014-0131
|
2024-11-21 11:01 |
2014-03-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291053
|
- |
|
stunnel
|
stunnel
|
stunnel before 5.00, when using fork threading, does not properly update the state of the OpenSSL pseudo-random number generator (PRNG), which causes subsequent children with the same process ID to u…
|
CWE-332
Insufficient Entropy in PRNG
|
CVE-2014-0016
|
2024-11-21 11:01 |
2014-03-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291054
|
- |
|
moodle
|
moodle
|
The time-validation implementation in (1) mod/feedback/complete.php and (2) mod/feedback/complete_guest.php in Moodle through 2.3.11, 2.4.x before 2.4.9, 2.5.x before 2.5.5, and 2.6.x before 2.6.2 al…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2014-0127
|
2024-11-21 11:01 |
2014-03-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291055
|
- |
|
moodle
|
moodle
|
badges/mybadges.php in Moodle 2.5.x before 2.5.5 and 2.6.x before 2.6.2 does not properly track the user to whom a badge was issued, which allows remote authenticated users to modify the visibility o…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2014-0129
|
2024-11-21 11:01 |
2014-03-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291056
|
- |
|
moodle
|
moodle
|
repository/alfresco/lib.php in Moodle through 2.3.11, 2.4.x before 2.4.9, 2.5.x before 2.5.5, and 2.6.x before 2.6.2 places a session key in a URL, which allows remote attackers to bypass intended Al…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2014-0125
|
2024-11-21 11:01 |
2014-03-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291057
|
- |
|
moodle
|
moodle
|
Cross-site request forgery (CSRF) vulnerability in enrol/imsenterprise/importnow.php in Moodle through 2.3.11, 2.4.x before 2.4.9, 2.5.x before 2.5.5, and 2.6.x before 2.6.2 allows remote attackers t…
|
CWE-352
Origin Validation Error
|
CVE-2014-0126
|
2024-11-21 11:01 |
2014-03-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291058
|
- |
|
moodle
|
moodle
|
The identity-reporting implementations in mod/forum/renderer.php and mod/quiz/override_form.php in Moodle through 2.3.11, 2.4.x before 2.4.9, 2.5.x before 2.5.5, and 2.6.x before 2.6.2 do not properl…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2014-0124
|
2024-11-21 11:01 |
2014-03-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291059
|
- |
|
moodle
|
moodle
|
mod/chat/chat_ajax.php in Moodle through 2.3.11, 2.4.x before 2.4.9, 2.5.x before 2.5.5, and 2.6.x before 2.6.2 does not properly check for the mod/chat:chat capability during chat sessions, which al…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2014-0122
|
2024-11-21 11:01 |
2014-03-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291060
|
- |
|
moodle
|
moodle
|
The wiki subsystem in Moodle through 2.3.11, 2.4.x before 2.4.9, 2.5.x before 2.5.5, and 2.6.x before 2.6.2 does not properly restrict (1) view and (2) edit access, which allows remote authenticated …
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2014-0123
|
2024-11-21 11:01 |
2014-03-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
