|
282711
|
- |
|
google
|
chrome
|
Google Chrome before 38.0.2125.101 allows remote attackers to spoof the address bar by placing a blob: substring at the beginning of the URL, followed by the original URI scheme and a long username s…
|
CWE-20
Improper Input Validation
|
CVE-2014-7899
|
2024-11-21 11:18 |
2014-11-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
282712
|
- |
|
cisco
|
unified_computing_system
|
Cross-site request forgery (CSRF) vulnerability in the web framework in Cisco Integrated Management Controller in Cisco Unified Computing System allows remote attackers to hijack the authentication o…
|
CWE-352
Origin Validation Error
|
CVE-2014-7996
|
2024-11-21 11:18 |
2014-11-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
282713
|
- |
|
opensuse
rubyonrails
|
opensuse
ruby_on_rails
rails
|
Directory traversal vulnerability in actionpack/lib/action_dispatch/middleware/static.rb in Action Pack in Ruby on Rails 3.x before 3.2.21, 4.0.x before 4.0.12, 4.1.x before 4.1.8, and 4.2.x before 4…
|
CWE-22
Path Traversal
|
CVE-2014-7829
|
2024-11-21 11:18 |
2014-11-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
282714
|
- |
|
freedesktop
debian
mageia_project
canonical
|
dbus
debian_linux
mageia
ubuntu_linux
|
D-Bus 1.3.0 through 1.6.x before 1.6.26, 1.8.x before 1.8.10, and 1.9.x before 1.9.2 allows local users to cause a denial of service (prevention of new connections and connection drop) by queuing the…
|
CWE-399
Resource Management Errors
|
CVE-2014-7824
|
2024-11-21 11:18 |
2014-11-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
282715
|
- |
|
cisco
|
ios
|
The DLSw implementation in Cisco IOS does not initialize packet buffers, which allows remote attackers to obtain sensitive credential information from process memory via a session on TCP port 2067, a…
|
CWE-200
Information Exposure
|
CVE-2014-7992
|
2024-11-21 11:18 |
2014-11-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
282716
|
- |
|
cisco
|
ios
|
Cisco IOS on Aironet access points, when "dot11 aaa authenticator" debugging is enabled, allows remote attackers to cause a denial of service via a malformed EAP packet, aka Bug ID CSCul15509.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2014-7998
|
2024-11-21 11:18 |
2014-11-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
282717
|
- |
|
cisco
|
ios
|
The DHCP implementation in Cisco IOS on Aironet access points does not properly handle error conditions with short leases and unsuccessful lease-renewal attempts, which allows remote attackers to cau…
|
CWE-399
Resource Management Errors
|
CVE-2014-7997
|
2024-11-21 11:18 |
2014-11-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
282718
|
- |
|
qemu
debian
redhat
canonical
suse
|
qemu
debian_linux
enterprise_linux_desktop
enterprise_linux_workstation
enterprise_linux_server
enterprise_linux_server_aus
enterprise_linux_eus
virtualization
ubuntu_linux
The set_pixel_format function in ui/vnc.c in QEMU allows remote attackers to cause a denial of service (crash) via a small bytes_per_pixel value.
|
CWE-20
Improper Input Validation
|
CVE-2014-7815
|
2024-11-21 11:18 |
2014-11-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
|
282719
|
- |
|
cisco
|
unified_communications_manager
|
The Remote Mobile Access Subsystem in Cisco Unified Communications Manager (CM) 10.0(1) and earlier does not properly validate the Subject Alternative Name (SAN) field of an X.509 certificate, which …
|
CWE-310
Cryptographic Issues
|
CVE-2014-7991
|
2024-11-21 11:18 |
2014-11-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
282720
|
- |
|
hp
|
helion_cloud_development_platform
|
The Application Lifecycle Service (ALS) in HP Helion Cloud Development Platform 1.0, when a virtual machine is derived from the Seed Node image, uses the same security keys across different customers…
|
CWE-310
Cryptographic Issues
|
CVE-2014-7878
|
2024-11-21 11:18 |
2014-11-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
