|
279891
|
- |
|
linux
debian
canonical
oracle
|
linux_kernel
debian_linux
ubuntu_linux
linux
|
The (1) BPF_S_ANC_NLATTR and (2) BPF_S_ANC_NLATTR_NEST extension implementations in the sk_run_filter function in net/core/filter.c in the Linux kernel through 3.14.3 do not check whether a certain l…
|
CWE-190
Integer Overflow or Wraparound
|
CVE-2014-3144
|
2024-11-21 11:07 |
2014-05-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
279892
|
- |
|
linux
canonical
debian
|
linux_kernel
ubuntu_linux
debian_linux
|
The try_to_unmap_cluster function in mm/rmap.c in the Linux kernel before 3.14.3 does not properly consider which pages must be locked, which allows local users to cause a denial of service (system c…
|
CWE-400
Uncontrolled Resource Consumption
|
CVE-2014-3122
|
2024-11-21 11:07 |
2014-05-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
279893
|
- |
|
isc
|
bind
|
The prefetch implementation in named in ISC BIND 9.10.0, when a recursive nameserver is enabled, allows remote attackers to cause a denial of service (REQUIRE assertion failure and daemon exit) via a…
|
CWE-20
Improper Input Validation
|
CVE-2014-3214
|
2024-11-21 11:07 |
2014-05-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
279894
|
- |
|
semantictitle_project
|
semantictitle
|
Cross-site scripting (XSS) vulnerability in the SemanticTitle extension before 1.1.0 for MediaWiki allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
|
CWE-79
Cross-site Scripting
|
CVE-2014-2854
|
2024-11-21 11:07 |
2014-05-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
279895
|
- |
|
sks_keyserver_project
|
sks_keyserver
|
Cross-site scripting (XSS) vulnerability in wserver.ml in SKS Keyserver before 1.1.5 allows remote attackers to inject arbitrary web script or HTML via the PATH_INFO to pks/lookup/undefined1.
|
CWE-79
Cross-site Scripting
|
CVE-2014-3207
|
2024-11-21 11:07 |
2014-05-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
279896
|
- |
|
wpgetready
|
nextcellent_gallery
|
Cross-site scripting (XSS) vulnerability in admin/manage-images.php in the NextCellent Gallery plugin before 1.19.18 for WordPress allows remote authenticated users with the NextGEN Upload images, Ne…
|
CWE-79
Cross-site Scripting
|
CVE-2014-3123
|
2024-11-21 11:07 |
2014-05-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
279897
|
- |
|
fortinet
|
fortiweb
|
Multiple cross-site request forgery (CSRF) vulnerabilities in the web administration console in Fortinet FortiWeb before 5.2.0 allow remote attackers to hijack the authentication of administrators vi…
|
CWE-352
Origin Validation Error
|
CVE-2014-3115
|
2024-11-21 11:07 |
2014-05-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
279898
|
- |
|
selinuxproject
|
policycoreutils
|
seunshare in policycoreutils 2.2.5 is owned by root with 4755 permissions, and executes programs in a way that changes the relationship between the setuid system call and the getresuid saved set-user…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2014-3215
|
2024-11-21 11:07 |
2014-05-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
279899
|
- |
|
caldera
|
caldera
|
The directory manager in Caldera 9.20 allows remote attackers to conduct variable-injection attacks in the global scope via (1) the maindir_hotfolder parameter to dirmng/index.php, or an unspecified …
|
CWE-94
Code Injection
|
CVE-2014-2936
|
2024-11-21 11:07 |
2014-05-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
279900
|
- |
|
caldera
|
caldera
|
costview3/xmlrpc_server/xmlrpc.php in CostView in Caldera 9.20 allows remote attackers to execute arbitrary commands via shell metacharacters in a methodCall element in a PHP XMLRPC request.
|
CWE-78
OS Command
|
CVE-2014-2935
|
2024-11-21 11:07 |
2014-05-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
