|
281601
|
- |
|
oracle
|
oracle_and_sun_systems_product_suite
|
Unspecified vulnerability in the Solaris Cluster component in Oracle Sun Systems Products Suite 3.3 and 4.1 allows remote authenticated users to affect confidentiality, integrity, and availability vi…
|
NVD-CWE-noinfo
|
CVE-2014-4259
|
2024-11-21 11:09 |
2015-01-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
281602
|
- |
|
mongodb
|
mongodb
|
The CmdAuthenticate::_authenticateX509 function in db/commands/authentication_commands.cpp in mongod in MongoDB 2.6.x before 2.6.2 allows remote attackers to cause a denial of service (daemon crash) …
|
CWE-20
Improper Input Validation
|
CVE-2014-3971
|
2024-11-21 11:09 |
2014-12-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
281603
|
- |
|
linux
|
linux_kernel
|
drivers/misc/qseecom.c in the QSEECOM driver for the Linux kernel 3.x, as used in Qualcomm Innovation Center (QuIC) Android contributions for MSM devices and other products, does not validate certain…
|
CWE-787
Out-of-bounds Write
|
CVE-2014-4322
|
2024-11-21 11:09 |
2014-12-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
281604
|
- |
|
linux
|
linux_kernel
|
The mdp_lut_hw_update function in drivers/video/msm/mdp.c in the MDP display driver for the Linux kernel 3.x, as used in Qualcomm Innovation Center (QuIC) Android contributions for MSM devices and ot…
|
CWE-20
Improper Input Validation
|
CVE-2014-4323
|
2024-11-21 11:09 |
2014-12-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
281605
|
- |
|
zohocorp
|
manageengine_password_manager_pro
manageengine_it360
|
SQL injection vulnerability in the MetadataServlet servlet in ManageEngine Password Manager Pro (PMP) and Password Manager Pro Managed Service Providers (MSP) edition 5 through 7 build 7003, IT360 an…
|
CWE-89
SQL Injection
|
CVE-2014-3997
|
2024-11-21 11:09 |
2014-12-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
281606
|
- |
|
manageengine
|
it360
password_manager_pro
desktop_central
|
SQL injection vulnerability in the LinkViewFetchServlet servlet in ManageEngine Desktop Central (DC) and Desktop Central Managed Service Providers (MSP) edition before 9 build 90043, Password Manager…
|
CWE-89
SQL Injection
|
CVE-2014-3996
|
2024-11-21 11:09 |
2014-12-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
281607
|
- |
|
sunhater
|
kcfinder
|
Cross-site scripting (XSS) vulnerability in index.php in SunHater KCFinder 3.11 and earlier allows remote attackers to inject arbitrary web script or HTML via (1) file or (2) directory (folder) name …
|
CWE-79
Cross-site Scripting
|
CVE-2014-3988
|
2024-11-21 11:09 |
2014-12-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
281608
|
- |
|
rubyonrails
|
rails
|
The str_buf_cat function in string.c in Ruby 1.9.3, 2.0.0, and 2.1 allows context-dependent attackers to cause a denial of service (segmentation fault and crash) via a long string.
|
CWE-19
Data Processing Errors
|
CVE-2014-3916
|
2024-11-21 11:09 |
2014-11-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
281609
|
- |
|
microsoft
|
.net_framework
|
Microsoft .NET Framework 1.1 SP1, 2.0 SP2, 3.5, 3.5.1, 4, 4.5, 4.5.1, and 4.5.2 does not properly perform TypeFilterLevel checks, which allows remote attackers to execute arbitrary code via crafted d…
|
CWE-20
Improper Input Validation
|
CVE-2014-4149
|
2024-11-21 11:09 |
2014-11-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
281610
|
- |
|
microsoft
|
internet_explorer
|
Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corru…
|
CWE-399
Resource Management Errors
|
CVE-2014-4143
|
2024-11-21 11:09 |
2014-11-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
