|
290221
|
- |
|
bss
|
continuity_cms
|
SQL injection vulnerability in wcm/system/pages/admin/getnode.aspx in BSS Continuity CMS 4.2.22640.0 allows remote attackers to execute arbitrary SQL commands via the nodeid parameter.
|
CWE-89
SQL Injection
|
CVE-2014-3446
|
2024-11-21 11:08 |
2014-10-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290222
|
- |
|
pidgin
|
pidgin
|
The jabber_idn_validate function in jutil.c in the Jabber protocol plugin in libpurple in Pidgin before 2.10.10 allows remote attackers to obtain sensitive information from process memory via a craft…
|
CWE-200
Information Exposure
|
CVE-2014-3698
|
2024-11-21 11:08 |
2014-10-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290223
|
- |
|
pidgin
|
pidgin
|
Absolute path traversal vulnerability in the untar_block function in win32/untar.c in Pidgin before 2.10.10 on Windows allows remote attackers to write to arbitrary files via a drive name in a tar ar…
|
CWE-22
Path Traversal
|
CVE-2014-3697
|
2024-11-21 11:08 |
2014-10-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290224
|
- |
|
pidgin
|
pidgin
|
nmevent.c in the Novell GroupWise protocol plugin in libpurple in Pidgin before 2.10.10 allows remote servers to cause a denial of service (application crash) via a crafted server message that trigge…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2014-3696
|
2024-11-21 11:08 |
2014-10-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290225
|
- |
|
pidgin
|
pidgin
|
markup.c in the MXit protocol plugin in libpurple in Pidgin before 2.10.10 allows remote servers to cause a denial of service (application crash) via a large length value in an emoticon response.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2014-3695
|
2024-11-21 11:08 |
2014-10-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290226
|
- |
|
opensuse
canonical
debian
pidgin
|
opensuse
ubuntu_linux
debian_linux
pidgin
|
The (1) bundled GnuTLS SSL/TLS plugin and the (2) bundled OpenSSL SSL/TLS plugin in libpurple in Pidgin before 2.10.10 do not properly consider the Basic Constraints extension during verification of …
|
CWE-310
Cryptographic Issues
|
CVE-2014-3694
|
2024-11-21 11:08 |
2014-10-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290227
|
- |
|
php
|
php
|
The exif_ifd_make_value function in exif.c in the EXIF extension in PHP before 5.4.34, 5.5.x before 5.5.18, and 5.6.x before 5.6.2 operates on floating-point arrays incorrectly, which allows remote a…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2014-3670
|
2024-11-21 11:08 |
2014-10-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290228
|
- |
|
php
|
php
|
Integer overflow in the object_custom function in ext/standard/var_unserializer.c in PHP before 5.4.34, 5.5.x before 5.5.18, and 5.6.x before 5.6.2 allows remote attackers to cause a denial of servic…
|
CWE-189
Numeric Errors
|
CVE-2014-3669
|
2024-11-21 11:08 |
2014-10-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290229
|
- |
|
php
|
php
|
Buffer overflow in the date_from_ISO8601 function in the mkgmtime implementation in libxmlrpc/xmlrpc.c in the XMLRPC extension in PHP before 5.4.34, 5.5.x before 5.5.18, and 5.6.x before 5.6.2 allows…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2014-3668
|
2024-11-21 11:08 |
2014-10-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290230
|
- |
|
freebsd
|
freebsd
|
namei in FreeBSD 9.1 through 10.1-RC2 allows remote attackers to cause a denial of service (memory exhaustion) via vectors that trigger a sandboxed process to look up a large number of nonexistent pa…
|
CWE-399
Resource Management Errors
|
CVE-2014-3711
|
2024-11-21 11:08 |
2014-10-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
