|
286531
|
- |
|
linux
|
linux_kernel
|
Array index error in the aio_read_events_ring function in fs/aio.c in the Linux kernel through 3.15.1 allows local users to obtain sensitive information from kernel memory via a large head value.
|
NVD-CWE-Other
|
CVE-2014-0206
|
2024-11-21 11:01 |
2014-06-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
286532
|
- |
|
samba
|
samba
|
The sys_recvfrom function in nmbd in Samba 3.6.x before 3.6.24, 4.0.x before 4.0.19, and 4.1.x before 4.1.9 allows remote attackers to cause a denial of service (infinite loop and CPU consumption) vi…
|
CWE-20
Improper Input Validation
|
CVE-2014-0244
|
2024-11-21 11:01 |
2014-06-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
286533
|
5.5 |
MEDIUM
Local
|
linux
oracle
|
linux_kernel
linux
|
The __do_follow_link function in fs/namei.c in the Linux kernel before 2.6.33 does not properly handle the last pathname component during use of certain filesystems, which allows local users to cause…
|
CWE-416
Use After Free
|
CVE-2014-0203
|
2024-11-21 11:01 |
2014-06-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
286534
|
- |
|
theforeman
|
foreman
|
The Smart-Proxy in Foreman before 1.4.5 and 1.5.x before 1.5.1 allows remote attackers to execute arbitrary commands via shell metacharacters in the path parameter to tftp/fetch_boot_file.
|
NVD-CWE-Other
|
CVE-2014-0007
|
2024-11-21 11:01 |
2014-06-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
286535
|
- |
|
redhat
|
enterprise_linux
|
A certain tomcat7 package for Apache Tomcat 7 in Red Hat Enterprise Linux (RHEL) 7 allows remote attackers to cause a denial of service (CPU consumption) via a crafted request. NOTE: this vulnerabil…
|
NVD-CWE-Other
|
CVE-2014-0186
|
2024-11-21 11:01 |
2014-06-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
286536
|
- |
|
redhat
fedoraproject
|
enterprise_linux
sssd
|
The System Security Services Daemon (SSSD) 1.11.6 does not properly identify group membership when a non-POSIX group is in a group membership chain, which allows local users to bypass access restrict…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2014-0249
|
2024-11-21 11:01 |
2014-06-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
286537
|
- |
|
microsoft
|
windows_server_2012
windows_8.1
windows_7
windows_8
|
The Remote Desktop Protocol (RDP) implementation in Microsoft Windows 7 SP1, Windows 8, Windows 8.1, and Windows Server 2012 Gold and R2 does not properly encrypt sessions, which makes it easier for …
|
CWE-310
Cryptographic Issues
|
CVE-2014-0296
|
2024-11-21 11:01 |
2014-06-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
286538
|
- |
|
microsoft
|
internet_explorer
|
Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corru…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2014-0282
|
2024-11-21 11:01 |
2014-06-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
286539
|
- |
|
cloudera
|
cloudera_manager
|
Cloudera Manager before 4.8.3 and 5.x before 5.0.1 allows remote authenticated users to obtain sensitive configuration information via the API.
|
CWE-200
Information Exposure
|
CVE-2014-0220
|
2024-11-21 11:01 |
2014-06-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
286540
|
7.4 |
HIGH
Network
|
openssl
redhat
fedoraproject
opensuse
filezilla-project
siemens
mariadb
python
nodejs
|
openssl
jboss_enterprise_web_platform
enterprise_linux
storage
jboss_enterprise_web_server
jboss_enterprise_application_platform
fedora
opensuse
filezilla_server
applicatio…
|
OpenSSL before 0.9.8za, 1.0.0 before 1.0.0m, and 1.0.1 before 1.0.1h does not properly restrict processing of ChangeCipherSpec messages, which allows man-in-the-middle attackers to trigger use of a z…
|
CWE-326
Inadequate Encryption Strength
|
CVE-2014-0224
|
2024-11-21 11:01 |
2014-06-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
