|
279511
|
- |
|
mumble
|
mumble
|
The client in Mumble 1.2.x before 1.2.6 allows remote attackers to force the loading of an external file and cause a denial of service (hang and resource consumption) via a crafted string that is tre…
|
CWE-19
Data Processing Errors
|
CVE-2014-3756
|
2024-11-21 11:08 |
2014-11-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
279512
|
- |
|
mumble
|
mumble
|
The QSvg module in Qt, as used in the Mumble client 1.2.x before 1.2.6, allows remote attackers to cause a denial of service (hang and resource consumption) via a local file reference in an (1) image…
|
CWE-399
Resource Management Errors
|
CVE-2014-3755
|
2024-11-21 11:08 |
2014-11-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
279513
|
- |
|
apache
|
cordova
|
Apache Cordova Android before 3.5.1 allows remote attackers to open and send data to arbitrary applications via a URL with a crafted URI scheme for an Android intent.
|
CWE-200
Information Exposure
|
CVE-2014-3502
|
2024-11-21 11:08 |
2014-11-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
279514
|
- |
|
apache
|
cordova
|
Apache Cordova Android before 3.5.1 allows remote attackers to bypass the HTTP whitelist and connect to arbitrary servers by using JavaScript to open WebSocket connections through WebView.
|
CWE-254
7PK - Security Features
|
CVE-2014-3501
|
2024-11-21 11:08 |
2014-11-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
279515
|
- |
|
apache
|
cordova
|
Apache Cordova Android before 3.5.1 allows remote attackers to change the start page via a crafted intent URL.
|
CWE-17
Code
|
CVE-2014-3500
|
2024-11-21 11:08 |
2014-11-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
279516
|
- |
|
canonical
apple
opensuse
oracle
debian
haxx
|
ubuntu_linux
mac_os_x
opensuse
hyperion
debian_linux
libcurl
|
The curl_easy_duphandle function in libcurl 7.17.1 through 7.38.0, when running with the CURLOPT_COPYPOSTFIELDS option, does not properly copy HTTP POST data for an easy handle, which triggers an out…
|
CWE-200
Information Exposure
|
CVE-2014-3707
|
2024-11-21 11:08 |
2014-11-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
279517
|
- |
|
qemu
debian
canonical
|
qemu
debian_linux
ubuntu_linux
|
The vmware-vga driver (hw/display/vmware_vga.c) in QEMU allows local guest users to write to qemu memory locations and gain privileges via unspecified parameters related to rectangle handling.
|
CWE-269
Improper Privilege Management
|
CVE-2014-3689
|
2024-11-21 11:08 |
2014-11-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
279518
|
- |
|
redhat
|
openshift
|
Red Hat OpenShift Enterprise before 2.2 does not properly restrict access to gears, which allows remote attackers to access the network resources of arbitrary gears via unspecified vectors.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2014-3674
|
2024-11-21 11:08 |
2014-11-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
279519
|
- |
|
redhat
|
openshift
|
Red Hat OpenShift Enterprise before 2.2 allows local users to obtain IP address and port number information for remote systems by reading /proc/net/tcp.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2014-3602
|
2024-11-21 11:08 |
2014-11-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
279520
|
7.5 |
HIGH
Network
|
linux
redhat
canonical
debian
opensuse
suse
oracle
|
linux_kernel
enterprise_linux
enterprise_mrg
ubuntu_linux
debian_linux
evergreen
linux_enterprise_workstation_extension
suse_linux_enterprise_server
linux_enterprise_software_…
|
The SCTP implementation in the Linux kernel through 3.17.2 allows remote attackers to cause a denial of service (system crash) via a malformed ASCONF chunk, related to net/sctp/sm_make_chunk.c and ne…
|
CWE-20
Improper Input Validation
|
CVE-2014-3673
|
2024-11-21 11:08 |
2014-11-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
