|
285101
|
- |
|
dell
|
bsafe_share
|
The Dual_EC_DRBG implementation in EMC RSA BSAFE-C Toolkits (aka Share for C and C++) processes certain requests for output bytes by considering only the requested byte count and not the use of cache…
|
CWE-310
Cryptographic Issues
|
CVE-2014-4192
|
2024-11-21 11:09 |
2014-06-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
285102
|
- |
|
dell
|
bsafe_share
|
The TLS implementation in EMC RSA BSAFE-C Toolkits (aka Share for C and C++) sends a long series of random bytes during use of the Dual_EC_DRBG algorithm, which makes it easier for remote attackers t…
|
CWE-310
Cryptographic Issues
|
CVE-2014-4191
|
2024-11-21 11:09 |
2014-06-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
285103
|
- |
|
powerpc-utils_project
|
powerpc-utils
|
snap in powerpc-utils 1.2.20 produces an archive with fstab and yaboot.conf files potentially containing cleartext passwords, and lacks a warning about reviewing this archive to detect included passw…
|
CWE-310
Cryptographic Issues
|
CVE-2014-4040
|
2024-11-21 11:09 |
2014-06-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
285104
|
- |
|
redhat
ppc64-diag_project
suse
|
enterprise_linux_server
ppc64-diag
linux_enterprise_server
|
ppc64-diag 2.6.1 uses 0775 permissions for /tmp/diagSEsnap and does not properly restrict permissions for /tmp/diagSEsnap/snapH.tar.gz, which allows local users to obtain sensitive information by rea…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2014-4039
|
2024-11-21 11:09 |
2014-06-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
285105
|
- |
|
suse
ppc64-diag_project
redhat
|
linux_enterprise_server
ppc64-diag
enterprise_linux_server
|
ppc64-diag 2.6.1 allows local users to overwrite arbitrary files via a symlink attack related to (1) rtas_errd/diag_support.c and /tmp/get_dt_files, (2) scripts/ppc64_diag_mkrsrc and /tmp/diagSEsnap/…
|
CWE-59
Link Following
|
CVE-2014-4038
|
2024-11-21 11:09 |
2014-06-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
285106
|
- |
|
huawei
|
campus_series_switch_software
campus_lsw_s9700
campus_s3300hi
campus_s3700hi
campus_s5300
campus_s5700
campus_s6300
campus_s6700
campus_s7700
campus_s9300
campus_s9300e<…
|
Multiple heap-based buffer overflows in Huawei Campus Series Switches S3700HI, S5700, S6700, S3300HI, S5300, S6300, S9300, S7700, and LSW S9700 with software V200R001 before V200R001SPH013; S5700, S6…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2014-4190
|
2024-11-21 11:09 |
2014-06-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
285107
|
- |
|
hitachi
|
tuning_manager
jp1\/performance_management-manager_web_option
|
Cross-site scripting (XSS) vulnerability in Hitachi Tuning Manager before 7.6.1-06 and 8.x before 8.0.0-04 and JP1/Performance Management - Manager Web Option 07-00 through 07-54 allows remote attack…
|
CWE-79
Cross-site Scripting
|
CVE-2014-4189
|
2024-11-21 11:09 |
2014-06-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
285108
|
- |
|
hitachi
|
tuning_manager
jp1\/performance_management-manager_web_option
|
Cross-site request forgery (CSRF) vulnerability in Hitachi Tuning Manager before 7.6.1-06 and 8.x before 8.0.0-04 and JP1/Performance Management - Manager Web Option 07-00 through 07-54 allows remote…
|
CWE-352
Origin Validation Error
|
CVE-2014-4188
|
2024-11-21 11:09 |
2014-06-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
285109
|
- |
|
clip-bucket
|
clipbucket
|
Cross-site scripting (XSS) vulnerability in signup.php in ClipBucket allows remote attackers to inject arbitrary web script or HTML via the Username field.
|
CWE-79
Cross-site Scripting
|
CVE-2014-4187
|
2024-11-21 11:09 |
2014-06-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
285110
|
- |
|
digium
|
asterisk
|
The PJSIP Channel Driver in Asterisk Open Source before 12.3.1 allows remote attackers to cause a denial of service (deadlock) by terminating a subscription request before it is complete, which trigg…
|
NVD-CWE-noinfo
|
CVE-2014-4048
|
2024-11-21 11:09 |
2014-06-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
