|
280201
|
- |
|
xen
|
xen
|
Xen 4.4.x, when running on an ARM system, does not properly check write permissions on virtual addresses, which allows local guest administrators to gain privileges via unspecified vectors.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2014-3969
|
2024-11-21 11:09 |
2014-06-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
280202
|
- |
|
xen
opensuse
|
xen
opensuse
|
The HVMOP_inject_msi function in Xen 4.2.x, 4.3.x, and 4.4.x allows local guest HVM administrators to cause a denial of service (host crash) via a large number of crafted requests, which trigger an e…
|
NVD-CWE-noinfo
|
CVE-2014-3968
|
2024-11-21 11:09 |
2014-06-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
280203
|
- |
|
xen
opensuse
|
xen
opensuse
|
The HVMOP_inject_msi function in Xen 4.2.x, 4.3.x, and 4.4.x does not properly check the return value from the IRQ setup check, which allows local HVM guest administrators to cause a denial of servic…
|
NVD-CWE-Other
|
CVE-2014-3967
|
2024-11-21 11:09 |
2014-06-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
280204
|
- |
|
a10networks
|
advanced_core_operating_system
|
Buffer overflow in A10 Networks Advanced Core Operating System (ACOS) before 2.7.0-p6 and 2.7.1 before 2.7.1-P1_55 allows remote attackers to cause a denial of service (crash) and possibly execute ar…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2014-3976
|
2024-11-21 11:09 |
2014-06-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
280205
|
- |
|
auracms
|
auracms
|
Absolute path traversal vulnerability in filemanager.php in AuraCMS 3.0 allows remote attackers to list a directory via a full pathname in the viewdir parameter.
|
CWE-22
Path Traversal
|
CVE-2014-3975
|
2024-11-21 11:09 |
2014-06-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
280206
|
- |
|
auracms
|
auracms
|
Cross-site scripting (XSS) vulnerability in filemanager.php in AuraCMS 3.0 and earlier allows remote attackers to inject arbitrary web script or HTML via the viewdir parameter.
|
CWE-79
Cross-site Scripting
|
CVE-2014-3974
|
2024-11-21 11:09 |
2014-06-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
280207
|
- |
|
frontaccounting
|
frontaccounting
|
Multiple SQL injection vulnerabilities in FrontAccounting (FA) before 2.3.21 allow remote attackers to execute arbitrary SQL commands via unspecified vectors.
|
CWE-89
SQL Injection
|
CVE-2014-3973
|
2024-11-21 11:09 |
2014-06-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
280208
|
- |
|
redhat
linux
|
enterprise_linux
enterprise_mrg
linux_kernel
|
The Linux kernel through 3.14.5 does not properly consider the presence of hugetlb entries, which allows local users to cause a denial of service (memory corruption or system crash) by accessing cert…
|
CWE-362
Race Condition
|
CVE-2014-3940
|
2024-11-21 11:09 |
2014-06-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
280209
|
- |
|
suse
redhat
linux
|
linux_enterprise_desktop
enterprise_linux
enterprise_mrg
linux_kernel
|
kernel/auditsc.c in the Linux kernel through 3.14.5, when CONFIG_AUDITSYSCALL is enabled with certain syscall rules, allows local users to obtain potentially sensitive single-bit values from kernel m…
|
CWE-200
Information Exposure
|
CVE-2014-3917
|
2024-11-21 11:09 |
2014-06-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
280210
|
- |
|
samsung
|
ipolis_device_manager
|
Stack-based buffer overflow in the FindConfigChildeKeyList method in the XNSSDKDEVICE.XnsSdkDeviceCtrlForIpInstaller.1 ActiveX control in Samsung iPOLiS Device Manager before 1.8.7 allows remote atta…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2014-3912
|
2024-11-21 11:09 |
2014-06-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
