|
279811
|
- |
|
linux
debian
|
linux_kernel
debian_linux
|
Integer overflow in the ping_init_sock function in net/ipv4/ping.c in the Linux kernel through 3.14.1 allows local users to cause a denial of service (use-after-free and system crash) or possibly gai…
|
CWE-416
Use After Free
|
CVE-2014-2851
|
2024-11-21 11:07 |
2014-04-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
279812
|
- |
|
openafs
|
openafs
|
OpenAFS before 1.6.7 delays the listen thread when an RXS_CheckResponse fails, which allows remote attackers to cause a denial of service (performance degradation) via an invalid packet.
|
CWE-20
Improper Input Validation
|
CVE-2014-2852
|
2024-11-21 11:07 |
2014-04-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
279813
|
- |
|
sophos
|
web_appliance_firmware
web_appliance
|
The network interface configuration page (netinterface) in Sophos Web Appliance before 3.8.2 allows remote administrators to execute arbitrary commands via shell metacharacters in the address paramet…
|
CWE-78
OS Command
|
CVE-2014-2850
|
2024-11-21 11:07 |
2014-04-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
279814
|
- |
|
sophos
|
web_appliance_firmware
web_appliance
|
The Change Password dialog box (change_password) in Sophos Web Appliance before 3.8.2 allows remote authenticated users to change the admin user password via a crafted request.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2014-2849
|
2024-11-21 11:07 |
2014-04-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
279815
|
- |
|
tenable
|
nessus
plugin-set
|
A race condition in the wmi_malware_scan.nbin plugin before 201402262215 for Nessus 5.2.1 allows local users to gain privileges by replacing the dissolvable agent executable in the Windows temp direc…
|
CWE-362
Race Condition
|
CVE-2014-2848
|
2024-11-21 11:07 |
2014-04-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
279816
|
- |
|
construtiva
|
cis_manager_cms
|
SQL injection vulnerability in default.asp in CIS Manager CMS allows remote attackers to execute arbitrary SQL commands via the TroncoID parameter.
|
CWE-89
SQL Injection
|
CVE-2014-2847
|
2024-11-21 11:07 |
2014-04-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
279817
|
- |
|
erlang-solutions
|
mongooseim
|
Erlang Solutions MongooseIM through 1.3.1 rev. 2 does not properly restrict the processing of compressed XML elements, which allows remote attackers to cause a denial of service (resource consumption…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2014-2829
|
2024-11-21 11:07 |
2014-04-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
279818
|
8.8 |
HIGH
Network
|
fortinet
|
fortibalancer_400_firmware
fortibalancer_1000_firmware
fortibalancer_2000_firmware
fortibalancer_3000_firmware
|
In FortiBalancer 400, 1000, 2000 and 3000, a platform-specific remote access vulnerability has been discovered that may allow a remote user to gain privileged access to affected systems using SSH. Th…
|
CWE-276
Incorrect Default Permissions
|
CVE-2014-2723
|
2024-11-21 11:06 |
2020-03-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
279819
|
8.8 |
HIGH
Network
|
fortinet
|
fortibalancer_400_firmware
fortibalancer_1000_firmware
fortibalancer_2000_firmware
fortibalancer_3000_firmware
|
In FortiBalancer 400, 1000, 2000 and 3000, a platform-specific remote access vulnerability has been discovered that may allow a remote user to gain privileged access to affected systems using SSH. Th…
|
CWE-276
Incorrect Default Permissions
|
CVE-2014-2722
|
2024-11-21 11:06 |
2020-03-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
279820
|
8.8 |
HIGH
Network
|
fortinet
|
fortibalancer_400_firmware
fortibalancer_1000_firmware
fortibalancer_2000_firmware
fortibalancer_3000_firmware
|
In FortiBalancer 400, 1000, 2000 and 3000, a platform-specific remote access vulnerability has been discovered that may allow a remote user to gain privileged access to affected systems using SSH. Th…
|
CWE-276
Incorrect Default Permissions
|
CVE-2014-2721
|
2024-11-21 11:06 |
2020-03-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
