|
282671
|
- |
|
linux
|
linux_kernel
|
The sctp_process_param function in net/sctp/sm_make_chunk.c in the SCTP implementation in the Linux kernel before 3.17.4, when ASCONF is used, allows remote attackers to cause a denial of service (NU…
|
CWE-399
Resource Management Errors
|
CVE-2014-7841
|
2024-11-21 11:18 |
2014-11-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
282672
|
- |
|
freeipa
|
freeipa
|
Cross-site scripting (XSS) vulnerability in the Web UI in FreeIPA 4.x before 4.1.2 allows remote attackers to inject arbitrary web script or HTML via vectors related to breadcrumb navigation.
|
CWE-79
Cross-site Scripting
|
CVE-2014-7850
|
2024-11-21 11:18 |
2014-11-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
282673
|
- |
|
cisco
|
ios_xr
|
Race condition in the lighttpd module in Cisco IOS XR 5.1 and earlier on Network Convergence System 6000 devices allows remote attackers to cause a denial of service (process reload) by establishing …
|
CWE-362
Race Condition
|
CVE-2014-8005
|
2024-11-21 11:18 |
2014-11-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
282674
|
- |
|
cisco
|
ios_xr
|
Cisco IOS XR allows remote attackers to cause a denial of service (LISP process reload) by establishing many LISP TCP sessions, aka Bug ID CSCuq90378.
|
CWE-399
Resource Management Errors
|
CVE-2014-8004
|
2024-11-21 11:18 |
2014-11-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
282675
|
- |
|
cisco
|
openh264
|
Use-after-free vulnerability in decode_slice.cpp in Cisco OpenH264 1.2.0 and earlier allows remote attackers to execute arbitrary code via an encoded media file.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2014-8002
|
2024-11-21 11:18 |
2014-11-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
282676
|
- |
|
cisco
|
openh264
|
Buffer overflow in decode.cpp in Cisco OpenH264 1.2.0 and earlier allows remote attackers to execute arbitrary code via an encoded media file.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2014-8001
|
2024-11-21 11:18 |
2014-11-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
282677
|
- |
|
arubanetworks
|
airwave
|
The web interface in Aruba Networks AirWave before 7.7.14 and 8.x before 8.0.5 allows remote authenticated users to gain privileges and execute arbitrary commands via unspecified vectors.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2014-8368
|
2024-11-21 11:18 |
2014-11-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
282678
|
- |
|
arubanetworks
|
clearpass_policy_manager
|
SQL injection vulnerability in Aruba Networks ClearPass Policy Manager (CPPM) 6.2.x, 6.3.x before 6.3.6, and 6.4.x before 6.4.2 allows remote attackers to execute arbitrary SQL commands via unspecifi…
|
CWE-89
SQL Injection
|
CVE-2014-8367
|
2024-11-21 11:18 |
2014-11-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
282679
|
- |
|
redhat
|
resteasy
|
DocumentProvider in RESTEasy 2.3.7 and 3.0.9 does not configure the (1) external-general-entities or (2) external-parameter-entities features, which allows remote attackers to conduct XML external en…
|
CWE-20
Improper Input Validation
|
CVE-2014-7839
|
2024-11-21 11:18 |
2014-11-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
282680
|
- |
|
liferay
|
liferay_portal
|
Cross-site scripting (XSS) vulnerability in Liferay Portal Enterprise Edition (EE) 6.2 SP8 and earlier allows remote authenticated users to inject arbitrary web script or HTML via the _20_body parame…
|
CWE-79
Cross-site Scripting
|
CVE-2014-8349
|
2024-11-21 11:18 |
2014-11-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
