|
290861
|
- |
|
open_assessment_technologies_
|
tao
|
Cross-site request forgery (CSRF) vulnerability in Open Assessment Technologies TAO 2.5.6 allows remote attackers to hijack the authentication of administrators for requests that create administrativ…
|
CWE-352
Origin Validation Error
|
CVE-2014-2989
|
2024-11-21 11:07 |
2014-05-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290862
|
- |
|
makina-corpus
|
soappy
|
SOAPpy 0.12.5 does not properly detect recursion during entity expansion, which allows remote attackers to cause a denial of service (memory and CPU consumption) via a crafted SOAP request containing…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2014-3243
|
2024-11-21 11:07 |
2014-05-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290863
|
- |
|
makina-corpus
|
soappy
|
SOAPpy 0.12.5 allows remote attackers to read arbitrary files via a SOAP request containing an external entity declaration in conjunction with an entity reference, related to an XML External Entity (…
|
CWE-200
Information Exposure
|
CVE-2014-3242
|
2024-11-21 11:07 |
2014-05-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290864
|
- |
|
f5
|
big-ip_webaccelerator
big-ip_local_traffic_manager
big-ip_protocol_security_module
big-ip_link_controller
big-ip_application_security_manager
big-ip_global_traffic_manager
big-ip_wa…
|
The iControl API in F5 BIG-IP LTM, APM, ASM, GTM, Link Controller, and PSM 10.0.0 through 10.2.4 and 11.0.0 through 11.5.1, BIG-IP AAM 11.4.0 through 11.5.1, BIG-IP AFM and PEM 11.3.0 through 11.5.1,…
|
NVD-CWE-Other
|
CVE-2014-2928
|
2024-11-21 11:07 |
2014-05-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290865
|
- |
|
linux
oracle
canonical
debian
|
linux_kernel
linux
ubuntu_linux
debian_linux
|
The BPF_S_ANC_NLATTR_NEST extension implementation in the sk_run_filter function in net/core/filter.c in the Linux kernel through 3.14.3 uses the reverse order in a certain subtraction, which allows …
|
CWE-125
Out-of-bounds Read
|
CVE-2014-3145
|
2024-11-21 11:07 |
2014-05-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290866
|
- |
|
linux
debian
canonical
oracle
|
linux_kernel
debian_linux
ubuntu_linux
linux
|
The (1) BPF_S_ANC_NLATTR and (2) BPF_S_ANC_NLATTR_NEST extension implementations in the sk_run_filter function in net/core/filter.c in the Linux kernel through 3.14.3 do not check whether a certain l…
|
CWE-190
Integer Overflow or Wraparound
|
CVE-2014-3144
|
2024-11-21 11:07 |
2014-05-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290867
|
- |
|
linux
canonical
debian
|
linux_kernel
ubuntu_linux
debian_linux
|
The try_to_unmap_cluster function in mm/rmap.c in the Linux kernel before 3.14.3 does not properly consider which pages must be locked, which allows local users to cause a denial of service (system c…
|
CWE-400
Uncontrolled Resource Consumption
|
CVE-2014-3122
|
2024-11-21 11:07 |
2014-05-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290868
|
- |
|
isc
|
bind
|
The prefetch implementation in named in ISC BIND 9.10.0, when a recursive nameserver is enabled, allows remote attackers to cause a denial of service (REQUIRE assertion failure and daemon exit) via a…
|
CWE-20
Improper Input Validation
|
CVE-2014-3214
|
2024-11-21 11:07 |
2014-05-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290869
|
- |
|
semantictitle_project
|
semantictitle
|
Cross-site scripting (XSS) vulnerability in the SemanticTitle extension before 1.1.0 for MediaWiki allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
|
CWE-79
Cross-site Scripting
|
CVE-2014-2854
|
2024-11-21 11:07 |
2014-05-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290870
|
- |
|
sks_keyserver_project
|
sks_keyserver
|
Cross-site scripting (XSS) vulnerability in wserver.ml in SKS Keyserver before 1.1.5 allows remote attackers to inject arbitrary web script or HTML via the PATH_INFO to pks/lookup/undefined1.
|
CWE-79
Cross-site Scripting
|
CVE-2014-3207
|
2024-11-21 11:07 |
2014-05-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
