|
276751
|
- |
|
x.org
|
xorg-server
x11
|
X.Org X Window System (aka X11 and X) X11R5 and X.Org Server (aka xserver and xorg-server) before 1.16.3, when using SUN-DES-1 (Secure RPC) authentication credentials, does not check the return value…
|
NVD-CWE-Other
|
CVE-2014-8091
|
2024-11-21 11:18 |
2014-12-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
276752
|
- |
|
apache
|
struts
|
Apache Struts 2.0.0 through 2.3.x before 2.3.20 uses predictable <s:token/> values, which allows remote attackers to bypass the CSRF protection mechanism.
|
CWE-352
Origin Validation Error
|
CVE-2014-7809
|
2024-11-21 11:18 |
2014-12-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
276753
|
- |
|
apache
|
cloudstack
|
Apache CloudStack 4.3.x before 4.3.2 and 4.4.x before 4.4.2 allows remote attackers to bypass authentication via a login request without a password, which triggers an unauthenticated bind.
|
CWE-287
Improper Authentication
|
CVE-2014-7807
|
2024-11-21 11:18 |
2014-12-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
276754
|
- |
|
qemu
|
qemu
|
Heap-based buffer overflow in the Cirrus VGA emulator (hw/display/cirrus_vga.c) in QEMU before 2.2.0 allows local guest users to execute arbitrary code via vectors related to blit regions. NOTE: this…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2014-8106
|
2024-11-21 11:18 |
2014-12-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
276755
|
- |
|
vmware
|
vcenter_server_appliance
|
VMware vCenter Server Appliance (vCSA) 5.5 before Update 2, 5.1 before Update 3, and 5.0 before Update 3c does not properly validate certificates when connecting to a CIM Server on an ESXi host, whic…
|
CWE-310
Cryptographic Issues
|
CVE-2014-8371
|
2024-11-21 11:18 |
2014-12-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
276756
|
- |
|
antiword_project
|
antiword
|
Buffer overflow in the bGetPPS function in wordole.c in Antiword 0.37 allows remote attackers to cause a denial of service (crash) via a crafted document.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2014-8123
|
2024-11-21 11:18 |
2014-12-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
276757
|
- |
|
zohocorp
|
manageengine_social_it_plus
manageengine_opmanager
manageengine_it360
|
Multiple SQL injection vulnerabilities in ZOHO ManageEngine OpManager 11.3 and 11.4, IT360 10.3 and 10.4, and Social IT Plus 11.0 allow remote attackers or remote authenticated users to execute arbit…
|
CWE-89
SQL Injection
|
CVE-2014-7868
|
2024-11-21 11:18 |
2014-12-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
276758
|
- |
|
zohocorp
|
manageengine_opmanager
manageengine_social_it_plus
manageengine_it360
|
SQL injection vulnerability in the com.manageengine.opmanager.servlet.UpdateProbeUpgradeStatus servlet in ZOHO ManageEngine OpManager 11.3 and 11.4, IT360 10.3 and 10.4, and Social IT Plus 11.0 allow…
|
CWE-89
SQL Injection
|
CVE-2014-7867
|
2024-11-21 11:18 |
2014-12-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
276759
|
- |
|
mageia
debian
opensuse
openvpn
canonical
|
mageia
debian_linux
opensuse
openvpn
openvpn_access_server
ubuntu_linux
|
OpenVPN 2.x before 2.0.11, 2.1.x, 2.2.x before 2.2.3, and 2.3.x before 2.3.6 allows remote authenticated users to cause a denial of service (server crash) via a small control channel packet.
|
CWE-399
Resource Management Errors
|
CVE-2014-8104
|
2024-11-21 11:18 |
2014-12-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
276760
|
- |
|
redhat
|
undertow
|
Directory traversal vulnerability in JBoss Undertow 1.0.x before 1.0.17, 1.1.x before 1.1.0.CR5, and 1.2.x before 1.2.0.Beta3, when running on Windows, allows remote attackers to read arbitrary files…
|
CWE-22
Path Traversal
|
CVE-2014-7816
|
2024-11-21 11:18 |
2014-12-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
