|
281031
|
- |
|
google
|
chrome
|
The InMemoryUrlProtocol::Read function in media/filters/in_memory_url_protocol.cc in Google Chrome before 35.0.1916.114 relies on an insufficiently large integer data type, which allows remote attack…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2014-1746
|
2024-11-21 11:04 |
2014-05-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
281032
|
- |
|
google
|
chrome
|
Use-after-free vulnerability in the SVG implementation in Blink, as used in Google Chrome before 35.0.1916.114, allows remote attackers to cause a denial of service or possibly have unspecified other…
|
CWE-399
Resource Management Errors
|
CVE-2014-1745
|
2024-11-21 11:04 |
2014-05-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
281033
|
- |
|
google
|
chrome
|
Integer overflow in the AudioInputRendererHost::OnCreateStream function in content/browser/renderer_host/media/audio_input_renderer_host.cc in Google Chrome before 35.0.1916.114 allows remote attacke…
|
CWE-189
Numeric Errors
|
CVE-2014-1744
|
2024-11-21 11:04 |
2014-05-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
281034
|
- |
|
google
|
chrome
|
Use-after-free vulnerability in the StyleElement::removedFromDocument function in core/dom/StyleElement.cpp in Blink, as used in Google Chrome before 35.0.1916.114, allows remote attackers to cause a…
|
CWE-399
Resource Management Errors
|
CVE-2014-1743
|
2024-11-21 11:04 |
2014-05-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
281035
|
- |
|
pocoo
|
jinja2
|
The default configuration for bccache.FileSystemBytecodeCache in Jinja2 before 2.7.2 does not properly create temporary files, which allows local users to gain privileges via a crafted .cache file wi…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2014-1402
|
2024-11-21 11:04 |
2014-05-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
281036
|
- |
|
apple
|
itunes
|
Apple iTunes before 11.2.1 on OS X sets world-writable permissions for /Users and /Users/Shared during reboots, which allows local users to modify files, and consequently obtain access to arbitrary u…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2014-1347
|
2024-11-21 11:04 |
2014-05-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
281037
|
- |
|
dotclear
|
dotclear
|
Dotclear before 2.6.2 allows remote attackers to execute arbitrary PHP code via a serialized object in the dc_passwd cookie to a password-protected page, which is not properly handled by (1) inc/publ…
|
CWE-94
Code Injection
|
CVE-2014-1613
|
2024-11-21 11:04 |
2014-05-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
281038
|
- |
|
djangoproject
canonical
|
django
ubuntu_linux
|
Django 1.4 before 1.4.13, 1.5 before 1.5.8, 1.6 before 1.6.5, and 1.7 before 1.7b4 does not properly include the (1) Vary: Cookie or (2) Cache-Control header in responses, which allows remote attacke…
|
NVD-CWE-noinfo
|
CVE-2014-1418
|
2024-11-21 11:04 |
2014-05-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
281039
|
- |
|
symantec
|
workspace_streaming
|
The server in Symantec Workspace Streaming (SWS) before 7.5.0.749 allows remote attackers to access files and functionality by sending a crafted XMLRPC request over HTTPS.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2014-1649
|
2024-11-21 11:04 |
2014-05-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
281040
|
- |
|
get-simple
|
getsimple_cms
|
Multiple cross-site scripting (XSS) vulnerabilities in GetSimple CMS 3.3.1 allow remote attackers to inject arbitrary web script or HTML via the (1) param parameter to admin/load.php or (2) user, (3)…
|
CWE-79
Cross-site Scripting
|
CVE-2014-1603
|
2024-11-21 11:04 |
2014-05-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
