|
276411
|
- |
|
debian
qemu
|
debian_linux
qemu
|
The (1) BMDMA and (2) AHCI HBA interfaces in the IDE functionality in QEMU 1.0 through 2.1.3 have multiple interpretations of a function's return value, which allows guest OS users to cause a host OS…
|
CWE-399
Resource Management Errors
|
CVE-2014-9718
|
2024-11-21 11:21 |
2015-04-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
276412
|
- |
|
opensuse
gnu
|
opensuse
less
|
The is_utf8_well_formed function in GNU less before 475 allows remote attackers to have unspecified impact via malformed UTF-8 characters, which triggers an out-of-bounds read.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2014-9488
|
2024-11-21 11:21 |
2015-04-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
276413
|
- |
|
facebook
|
hiphop_virtual_machine
|
Cross-site scripting (XSS) vulnerability in the WddxPacket::recursiveAddVar function in HHVM (aka the HipHop Virtual Machine) before 3.5.0 allows remote attackers to inject arbitrary web script or HT…
|
CWE-79
Cross-site Scripting
|
CVE-2014-9714
|
2024-11-21 11:21 |
2015-04-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
276414
|
- |
|
openldap
debian
|
openldap
debian_linux
|
The default slapd configuration in the Debian openldap package 2.4.23-3 through 2.4.39-1.1 allows remote authenticated users to modify the user's permissions and other user attributes via unspecified…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2014-9713
|
2024-11-21 11:21 |
2015-04-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
276415
|
- |
|
oracle
embedthis
juniper
|
enterprise_communications_broker
appweb
junos
|
Embedthis Appweb before 4.6.6 and 5.x before 5.2.1 allows remote attackers to cause a denial of service (NULL pointer dereference) via a Range header with an empty value, as demonstrated by "Range: x…
|
CWE-476
NULL Pointer Dereference
|
CVE-2014-9708
|
2024-11-21 11:21 |
2015-03-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
276416
|
- |
|
embedthis
|
goahead
|
EmbedThis GoAhead 3.0.0 through 3.4.1 does not properly handle path segments starting with a . (dot), which allows remote attackers to conduct directory traversal attacks, cause a denial of service (…
|
CWE-17
Code
|
CVE-2014-9707
|
2024-11-21 11:21 |
2015-03-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
276417
|
- |
|
debian
dulwich_project
|
debian_linux
dulwich
|
The build_index_from_tree function in index.py in Dulwich before 0.9.9 allows remote attackers to execute arbitrary code via a commit with a directory path starting with .git/, which is not properly …
|
CWE-19
Data Processing Errors
|
CVE-2014-9706
|
2024-11-21 11:21 |
2015-03-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
276418
|
- |
|
php
opensuse
libgd
debian
canonical
|
php
opensuse
libgd
debian_linux
ubuntu_linux
|
The GetCode_ function in gd_gif_in.c in GD 2.1.1 and earlier, as used in PHP before 5.5.21 and 5.6.x before 5.6.5, allows remote attackers to cause a denial of service (buffer over-read and applicati…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2014-9709
|
2024-11-21 11:21 |
2015-03-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
276419
|
- |
|
php
|
php
|
Heap-based buffer overflow in the enchant_broker_request_dict function in ext/enchant/enchant.c in PHP before 5.4.38, 5.5.x before 5.5.22, and 5.6.x before 5.6.6 allows remote attackers to execute ar…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2014-9705
|
2024-11-21 11:21 |
2015-03-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
276420
|
- |
|
file_project
php
debian
|
file
php
debian_linux
|
readelf.c in file before 5.22, as used in the Fileinfo component in PHP before 5.4.37, 5.5.x before 5.5.21, and 5.6.x before 5.6.5, does not consider that pread calls sometimes read only a subset of …
|
CWE-20
Improper Input Validation
|
CVE-2014-9653
|
2024-11-21 11:21 |
2015-03-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
