|
279371
|
- |
|
cisofy
|
lynis
|
include/tests_webservers in Lynis before 1.5.5 on AIX allows local users to overwrite arbitrary files via a symlink attack on a /tmp/lynis.##### file.
|
CWE-59
Link Following
|
CVE-2014-3982
|
2024-11-21 11:09 |
2014-06-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
279372
|
- |
|
php
|
php
|
acinclude.m4, as used in the configure script in PHP 5.5.13 and earlier, allows local users to overwrite arbitrary files via a symlink attack on the /tmp/phpglibccheck file.
|
CWE-59
Link Following
|
CVE-2014-3981
|
2024-11-21 11:09 |
2014-06-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
279373
|
- |
|
libav
|
libav
|
Multiple unspecified vulnerabilities in Libav before 0.8.12 allow remote attackers to have unknown impact and vectors.
|
NVD-CWE-noinfo
|
CVE-2014-3984
|
2024-11-21 11:09 |
2014-06-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
279374
|
- |
|
mediawiki
|
mediawiki
|
Cross-site scripting (XSS) vulnerability in Special:PasswordReset in MediaWiki before 1.19.16, 1.21.x before 1.21.10, and 1.22.x before 1.22.7, when wgRawHtml is enabled, allows remote attackers to i…
|
CWE-79
Cross-site Scripting
|
CVE-2014-3966
|
2024-11-21 11:09 |
2014-06-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
279375
|
- |
|
xen
|
xen
|
Xen 4.4.x, when running on an ARM system, does not properly check write permissions on virtual addresses, which allows local guest administrators to gain privileges via unspecified vectors.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2014-3969
|
2024-11-21 11:09 |
2014-06-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
279376
|
- |
|
xen
opensuse
|
xen
opensuse
|
The HVMOP_inject_msi function in Xen 4.2.x, 4.3.x, and 4.4.x allows local guest HVM administrators to cause a denial of service (host crash) via a large number of crafted requests, which trigger an e…
|
NVD-CWE-noinfo
|
CVE-2014-3968
|
2024-11-21 11:09 |
2014-06-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
279377
|
- |
|
xen
opensuse
|
xen
opensuse
|
The HVMOP_inject_msi function in Xen 4.2.x, 4.3.x, and 4.4.x does not properly check the return value from the IRQ setup check, which allows local HVM guest administrators to cause a denial of servic…
|
NVD-CWE-Other
|
CVE-2014-3967
|
2024-11-21 11:09 |
2014-06-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
279378
|
- |
|
a10networks
|
advanced_core_operating_system
|
Buffer overflow in A10 Networks Advanced Core Operating System (ACOS) before 2.7.0-p6 and 2.7.1 before 2.7.1-P1_55 allows remote attackers to cause a denial of service (crash) and possibly execute ar…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2014-3976
|
2024-11-21 11:09 |
2014-06-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
279379
|
- |
|
auracms
|
auracms
|
Absolute path traversal vulnerability in filemanager.php in AuraCMS 3.0 allows remote attackers to list a directory via a full pathname in the viewdir parameter.
|
CWE-22
Path Traversal
|
CVE-2014-3975
|
2024-11-21 11:09 |
2014-06-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
279380
|
- |
|
auracms
|
auracms
|
Cross-site scripting (XSS) vulnerability in filemanager.php in AuraCMS 3.0 and earlier allows remote attackers to inject arbitrary web script or HTML via the viewdir parameter.
|
CWE-79
Cross-site Scripting
|
CVE-2014-3974
|
2024-11-21 11:09 |
2014-06-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
