|
282591
|
- |
|
debian
canonical
|
dpkg
ubuntu_linux
|
Directory traversal vulnerability in the unpacking functionality in dpkg before 1.15.9, 1.16.x before 1.16.13, and 1.17.x before 1.17.8 allows remote attackers to write arbitrary files via a crafted …
|
CWE-22
Path Traversal
|
CVE-2014-0471
|
2024-11-21 11:02 |
2014-04-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
282592
|
- |
|
super_project
|
super
|
super.c in Super 3.30.0 does not check the return value of the setuid function when the -F flag is set, which allows local users to gain privileges via unspecified vectors, aka an RLIMIT_NPROC attack.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2014-0470
|
2024-11-21 11:02 |
2014-04-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
282593
|
- |
|
adobe
|
flash_player
|
Buffer overflow in Adobe Flash Player before 11.7.700.279 and 11.8.x through 13.0.x before 13.0.0.206 on Windows and OS X, and before 11.2.202.356 on Linux, allows remote attackers to execute arbitra…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2014-0515
|
2024-11-21 11:02 |
2014-04-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
282594
|
- |
|
softmotion3d
festo
3s-software
|
softmotion
cecx-x-m1_modular_controller
codesys_runtime_system
cecx-x-c1_modular_master_controller
|
The Festo CECX-X-C1 Modular Master Controller with CoDeSys and CECX-X-M1 Modular Controller with CoDeSys and SoftMotion do not require authentication for connections to certain TCP ports, which allow…
|
CWE-287
Improper Authentication
|
CVE-2014-0769
|
2024-11-21 11:02 |
2014-04-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
282595
|
- |
|
3s-software
festo
softmotion3d
|
codesys_runtime_system
cecx-x-c1_modular_master_controller
softmotion
cecx-x-m1_modular_controller
|
The Festo CECX-X-C1 Modular Master Controller with CoDeSys and CECX-X-M1 Modular Controller with CoDeSys and SoftMotion provide an undocumented access method involving the FTP protocol, which allows …
|
CWE-287
Improper Authentication
|
CVE-2014-0760
|
2024-11-21 11:02 |
2014-04-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
282596
|
- |
|
ibm
|
lotus_domino
lotus_notes
|
IBM Notes and Domino 8.5.x before 8.5.3 FP6 IF3 and 9.x before 9.0.1 FP1 on 32-bit Linux platforms use incorrect gcc options, which makes it easier for remote attackers to execute arbitrary code by l…
|
CWE-200
Information Exposure
|
CVE-2014-0892
|
2024-11-21 11:02 |
2014-04-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
282597
|
- |
|
canonical
djangoproject
|
ubuntu_linux
django
|
The (1) FilePathField, (2) GenericIPAddressField, and (3) IPAddressField model field classes in Django before 1.4.11, 1.5.x before 1.5.6, 1.6.x before 1.6.3, and 1.7.x before 1.7 beta 2 do not proper…
|
CWE-399
Resource Management Errors
|
CVE-2014-0474
|
2024-11-21 11:02 |
2014-04-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
282598
|
- |
|
djangoproject
canonical
|
django
ubuntu_linux
|
The caching framework in Django before 1.4.11, 1.5.x before 1.5.6, 1.6.x before 1.6.3, and 1.7.x before 1.7 beta 2 reuses a cached CSRF token for all anonymous users, which allows remote attackers to…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2014-0473
|
2024-11-21 11:02 |
2014-04-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
282599
|
- |
|
djangoproject
canonical
|
django
ubuntu_linux
|
The django.core.urlresolvers.reverse function in Django before 1.4.11, 1.5.x before 1.5.6, 1.6.x before 1.6.3, and 1.7.x before 1.7 beta 2 allows remote attackers to import and execute arbitrary Pyth…
|
CWE-94
Code Injection
|
CVE-2014-0472
|
2024-11-21 11:02 |
2014-04-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
282600
|
- |
|
progea
|
movicon
|
The TCPUploader module in Progea Movicon 11.4 before 11.4.1150 allows remote attackers to obtain potentially sensitive version information via network traffic to TCP port 10651.
|
CWE-200
Information Exposure
|
CVE-2014-0778
|
2024-11-21 11:02 |
2014-04-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
