|
282661
|
- |
|
apache
|
cloudstack
|
Apache CloudStack 4.3.x before 4.3.2 and 4.4.x before 4.4.2 allows remote attackers to bypass authentication via a login request without a password, which triggers an unauthenticated bind.
|
CWE-287
Improper Authentication
|
CVE-2014-7807
|
2024-11-21 11:18 |
2014-12-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
282662
|
- |
|
qemu
|
qemu
|
Heap-based buffer overflow in the Cirrus VGA emulator (hw/display/cirrus_vga.c) in QEMU before 2.2.0 allows local guest users to execute arbitrary code via vectors related to blit regions. NOTE: this…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2014-8106
|
2024-11-21 11:18 |
2014-12-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
282663
|
- |
|
vmware
|
vcenter_server_appliance
|
VMware vCenter Server Appliance (vCSA) 5.5 before Update 2, 5.1 before Update 3, and 5.0 before Update 3c does not properly validate certificates when connecting to a CIM Server on an ESXi host, whic…
|
CWE-310
Cryptographic Issues
|
CVE-2014-8371
|
2024-11-21 11:18 |
2014-12-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
282664
|
- |
|
antiword_project
|
antiword
|
Buffer overflow in the bGetPPS function in wordole.c in Antiword 0.37 allows remote attackers to cause a denial of service (crash) via a crafted document.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2014-8123
|
2024-11-21 11:18 |
2014-12-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
282665
|
- |
|
zohocorp
|
manageengine_social_it_plus
manageengine_opmanager
manageengine_it360
|
Multiple SQL injection vulnerabilities in ZOHO ManageEngine OpManager 11.3 and 11.4, IT360 10.3 and 10.4, and Social IT Plus 11.0 allow remote attackers or remote authenticated users to execute arbit…
|
CWE-89
SQL Injection
|
CVE-2014-7868
|
2024-11-21 11:18 |
2014-12-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
282666
|
- |
|
zohocorp
|
manageengine_opmanager
manageengine_social_it_plus
manageengine_it360
|
SQL injection vulnerability in the com.manageengine.opmanager.servlet.UpdateProbeUpgradeStatus servlet in ZOHO ManageEngine OpManager 11.3 and 11.4, IT360 10.3 and 10.4, and Social IT Plus 11.0 allow…
|
CWE-89
SQL Injection
|
CVE-2014-7867
|
2024-11-21 11:18 |
2014-12-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
282667
|
- |
|
mageia
debian
opensuse
openvpn
canonical
|
mageia
debian_linux
opensuse
openvpn
openvpn_access_server
ubuntu_linux
|
OpenVPN 2.x before 2.0.11, 2.1.x, 2.2.x before 2.2.3, and 2.3.x before 2.3.6 allows remote authenticated users to cause a denial of service (server crash) via a small control channel packet.
|
CWE-399
Resource Management Errors
|
CVE-2014-8104
|
2024-11-21 11:18 |
2014-12-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
282668
|
- |
|
redhat
|
undertow
|
Directory traversal vulnerability in JBoss Undertow 1.0.x before 1.0.17, 1.1.x before 1.1.0.CR5, and 1.2.x before 1.2.0.Beta3, when running on Windows, allows remote attackers to read arbitrary files…
|
CWE-22
Path Traversal
|
CVE-2014-7816
|
2024-11-21 11:18 |
2014-12-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
282669
|
- |
|
linux
|
linux_kernel
|
The __clear_user function in arch/arm64/lib/clear_user.S in the Linux kernel before 3.17.4 on the ARM64 platform allows local users to cause a denial of service (system crash) by reading one byte bey…
|
CWE-17
Code
|
CVE-2014-7843
|
2024-11-21 11:18 |
2014-11-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
282670
|
- |
|
linux
|
linux_kernel
|
Race condition in arch/x86/kvm/x86.c in the Linux kernel before 3.17.4 allows guest OS users to cause a denial of service (guest OS crash) via a crafted application that performs an MMIO transaction …
|
CWE-362
Race Condition
|
CVE-2014-7842
|
2024-11-21 11:18 |
2014-11-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
