|
276721
|
- |
|
broadcom
|
release_automation
|
Cross-site request forgery (CSRF) vulnerability in CA Release Automation (formerly iTKO LISA Release Automation) before 4.7.1 b448 allows remote attackers to hijack the authentication of unspecified …
|
CWE-352
Origin Validation Error
|
CVE-2014-8246
|
2024-11-21 11:18 |
2014-12-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
276722
|
- |
|
zoneo-soft
|
phptraffica
|
SQL injection vulnerability in Php/Functions/log_function.php in phpTrafficA 2.3 and earlier allows remote attackers to execute arbitrary SQL commands via a User-Agent HTTP header.
|
CWE-89
SQL Injection
|
CVE-2014-8340
|
2024-11-21 11:18 |
2014-12-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
276723
|
- |
|
rpm
|
rpm
|
Integer overflow in RPM 4.12 and earlier allows remote attackers to execute arbitrary code via a crafted CPIO header in the payload section of an RPM file, which triggers a stack-based buffer overflo…
|
CWE-189
Numeric Errors
|
CVE-2014-8118
|
2024-11-21 11:18 |
2014-12-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
276724
|
- |
|
google
|
android
|
luni/src/main/java/java/io/ObjectInputStream.java in the java.io.ObjectInputStream implementation in Android before 5.0.0 does not verify that deserialization will result in an object that met the re…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2014-7911
|
2024-11-21 11:18 |
2014-12-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
276725
|
- |
|
honeywell
|
opos_suite
|
Multiple stack-based buffer overflows in (1) HWOPOSScale.ocx and (2) HWOPOSSCANNER.ocx in Honeywell OPOS Suite before 1.13.4.15 allow remote attackers to execute arbitrary code via a crafted file tha…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2014-8269
|
2024-11-21 11:18 |
2014-12-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
276726
|
3.3 |
LOW
Local
|
linux
canonical
opensuse
suse
oracle
|
linux_kernel
ubuntu_linux
evergreen
opensuse
suse_linux_enterprise_server
linux
|
The paravirt_ops_setup function in arch/x86/kernel/kvm.c in the Linux kernel through 3.18 uses an improper paravirt_enabled setting for KVM guest kernels, which makes it easier for guest OS users to …
|
NVD-CWE-noinfo
|
CVE-2014-8134
|
2024-11-21 11:18 |
2014-12-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
276727
|
- |
|
openstack
fedoraproject
opensuse
oracle
|
horizon
fedora
opensuse
solaris
|
OpenStack Dashboard (Horizon) before 2014.1.3 and 2014.2.x before 2014.2.1 does not properly handle session records when using a db or memcached session engine, which allows remote attackers to cause…
|
CWE-400
Uncontrolled Resource Consumption
|
CVE-2014-8124
|
2024-11-21 11:18 |
2014-12-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
276728
|
- |
|
qemu
redhat
|
qemu
enterprise_linux_desktop
enterprise_linux_workstation
enterprise_linux_server
enterprise_linux_server_aus
enterprise_linux_eus
virtualization
|
The host_from_stream_offset function in arch_init.c in QEMU, when loading RAM during migration, allows remote attackers to execute arbitrary code via a crafted (1) offset or (2) length value in savev…
|
CWE-20
Improper Input Validation
|
CVE-2014-7840
|
2024-11-21 11:18 |
2014-12-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
276729
|
- |
|
bmc
|
track-it\!
|
BMC Track-It! 11.3 allows remote attackers to gain privileges and execute arbitrary code by creating an account whose name matches that of a local system account, then performing a password reset.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2014-8270
|
2024-11-21 11:18 |
2014-12-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
276730
|
- |
|
vmware
|
vcloud_automation_center
|
The VMware Remote Console (VMRC) function in VMware vCloud Automation Center (vCAC) 6.0.1 through 6.1.1 allows remote authenticated users to gain privileges via vectors involving the "Connect (by) Us…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2014-8373
|
2024-11-21 11:18 |
2014-12-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
