|
278301
|
- |
|
xen
debian
fedoraproject
opensuse
|
xen
debian_linux
fedora
opensuse
|
The x86_emulate function in arch/x86/x86_emulate/x86_emulate.c in Xen 4.4.x and earlier does not properly check supervisor mode permissions, which allows local HVM users to cause a denial of service …
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2014-7155
|
2024-11-21 11:16 |
2014-10-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
278302
|
- |
|
fedoraproject
debian
xen
opensuse
|
fedora
debian_linux
xen
opensuse
|
Race condition in HVMOP_track_dirty_vram in Xen 4.0.0 through 4.4.x does not ensure possession of the guarding lock for dirty video RAM tracking, which allows certain local guest domains to cause a d…
|
CWE-362
Race Condition
|
CVE-2014-7154
|
2024-11-21 11:16 |
2014-10-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
278303
|
- |
|
openstack
|
keystonemiddleware
python-keystoneclient
|
OpenStack keystonemiddleware (formerly python-keystoneclient) 0.x before 0.11.0 and 1.x before 1.2.0 disables certification verification when the "insecure" option is set in a paste configuration (pa…
|
CWE-310
Cryptographic Issues
|
CVE-2014-7144
|
2024-11-21 11:16 |
2014-10-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
278304
|
- |
|
openfiler
|
openfiler
|
Multiple cross-site request forgery (CSRF) vulnerabilities in Openfiler 2.99.1 allow remote attackers to hijack the authentication of administrators for requests that (1) shutdown or (2) reboot the s…
|
CWE-352
Origin Validation Error
|
CVE-2014-7190
|
2024-11-21 11:16 |
2014-10-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
278305
|
- |
|
mediawiki
|
mediawiki
|
Cross-site scripting (XSS) vulnerability in MediaWiki before 1.19.19, 1.22.x before 1.22.11, and 1.23.x before 1.23.4 allows remote attackers to inject arbitrary web script or HTML via a crafted SVG …
|
CWE-79
Cross-site Scripting
|
CVE-2014-7199
|
2024-11-21 11:16 |
2014-09-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
278306
|
- |
|
gnu
|
bash
|
Off-by-one error in the read_token_word function in parse.y in GNU Bash through 4.3 bash43-026 allows remote attackers to cause a denial of service (out-of-bounds array access and application crash) …
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2014-7187
|
2024-11-21 11:16 |
2014-09-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
278307
|
- |
|
gnu
|
bash
|
The redirection implementation in parse.y in GNU Bash through 4.3 bash43-026 allows remote attackers to cause a denial of service (out-of-bounds array access and application crash) or possibly have u…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2014-7186
|
2024-11-21 11:16 |
2014-09-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
278308
|
- |
|
redhat
linux
canonical
|
enterprise_linux_desktop
enterprise_linux_workstation
enterprise_linux_server
enterprise_linux_hpc_node
linux_kernel
ubuntu_linux
|
The SMB2_tcon function in fs/cifs/smb2pdu.c in the Linux kernel before 3.16.3 allows remote CIFS servers to cause a denial of service (NULL pointer dereference and client system crash) or possibly ha…
|
CWE-399
Resource Management Errors
|
CVE-2014-7145
|
2024-11-21 11:16 |
2014-09-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
278309
|
- |
|
mailchimp
|
easy_mailchimp_forms_plugin
|
Cross-site scripting (XSS) vulnerability in the Easy MailChimp Forms plugin 3.0 through 5.0.6 for WordPress allows remote attackers to inject arbitrary web script or HTML via the update_options actio…
|
CWE-79
Cross-site Scripting
|
CVE-2014-7152
|
2024-11-21 11:16 |
2014-09-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
278310
|
- |
|
huge-it
|
image_gallery
|
SQL injection vulnerability in the editgallery function in admin/gallery_func.php in the Huge-IT Image Gallery plugin 1.0.1 for WordPress allows remote authenticated users to execute arbitrary SQL co…
|
CWE-89
SQL Injection
|
CVE-2014-7153
|
2024-11-21 11:16 |
2014-09-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
