|
282821
|
- |
|
postgresql
|
postgresql
|
The validator functions for the procedural languages (PLs) in PostgreSQL before 8.4.20, 9.0.x before 9.0.16, 9.1.x before 9.1.12, 9.2.x before 9.2.7, and 9.3.x before 9.3.3 allow remote authenticated…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2014-0061
|
2024-11-21 11:01 |
2014-03-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
282822
|
- |
|
postgresql
|
postgresql
|
PostgreSQL before 8.4.20, 9.0.x before 9.0.16, 9.1.x before 9.1.12, 9.2.x before 9.2.7, and 9.3.x before 9.3.3 does not properly enforce the ADMIN OPTION restriction, which allows remote authenticate…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2014-0060
|
2024-11-21 11:01 |
2014-03-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
282823
|
- |
|
zohocorp
|
manageengine_opstor
|
Properties.do in ZOHO ManageEngine OpStor before build 8500 does not properly check privilege levels, which allows remote authenticated users to obtain Admin access by using the name parameter in con…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2014-0344
|
2024-11-21 11:01 |
2014-03-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
282824
|
- |
|
opensuse
f5
|
opensuse
nginx
|
Heap-based buffer overflow in the SPDY implementation in nginx 1.3.15 before 1.4.7 and 1.5.x before 1.5.12 allows remote attackers to execute arbitrary code via a crafted request.
|
CWE-787
Out-of-bounds Write
|
CVE-2014-0133
|
2024-11-21 11:01 |
2014-03-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
282825
|
- |
|
theforeman
|
foreman
|
Cross-site scripting (XSS) vulnerability in app/views/common/500.html.erb in Foreman 1.4.x before 1.4.2 allows remote authenticated users to inject arbitrary web script or HTML via the bookmark name …
|
CWE-79
Cross-site Scripting
|
CVE-2014-0089
|
2024-11-21 11:01 |
2014-03-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
282826
|
- |
|
redhat
|
enterprise_linux
|
The get_rx_bufs function in drivers/vhost/net.c in the vhost-net subsystem in the Linux kernel package before 2.6.32-431.11.2 on Red Hat Enterprise Linux (RHEL) 6 does not properly handle vhost_get_v…
|
NVD-CWE-noinfo
|
CVE-2014-0055
|
2024-11-21 11:01 |
2014-03-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
282827
|
- |
|
virtualaccess
|
gw6110a_firmware
gw6110a
|
The web interface on Virtual Access GW6110A routers with software 9.00 before 9.09.27, 9.50 before 9.50.21, and 10.00 before 10.00.21 allows remote authenticated users to gain privileges via a modifi…
|
NVD-CWE-Other
|
CVE-2014-0343
|
2024-11-21 11:01 |
2014-03-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
282828
|
- |
|
openssl
|
openssl
|
The Montgomery ladder implementation in OpenSSL through 1.0.0l does not ensure that certain swap operations have a constant-time behavior, which makes it easier for local users to obtain ECDSA nonces…
|
CWE-310
Cryptographic Issues
|
CVE-2014-0076
|
2024-11-21 11:01 |
2014-03-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
282829
|
- |
|
linux
opensuse
suse
|
linux_kernel
evergreen
linux_enterprise_server
|
Use-after-free vulnerability in the skb_segment function in net/core/skbuff.c in the Linux kernel through 3.13.6 allows attackers to obtain sensitive information from kernel memory by leveraging the …
|
CWE-416
Use After Free
|
CVE-2014-0131
|
2024-11-21 11:01 |
2014-03-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
282830
|
- |
|
stunnel
|
stunnel
|
stunnel before 5.00, when using fork threading, does not properly update the state of the OpenSSL pseudo-random number generator (PRNG), which causes subsequent children with the same process ID to u…
|
CWE-332
Insufficient Entropy in PRNG
|
CVE-2014-0016
|
2024-11-21 11:01 |
2014-03-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
