|
280331
|
- |
|
linux
|
linux_kernel
|
The SCTP implementation in the Linux kernel before 3.17.4 allows remote attackers to cause a denial of service (memory consumption) by triggering a large number of chunks in an association's output q…
|
CWE-399
Resource Management Errors
|
CVE-2014-3688
|
2024-11-21 11:08 |
2014-11-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
280332
|
- |
|
cisco
|
adaptive_security_appliance_software
|
The SSL VPN implementation in Cisco Adaptive Security Appliance (ASA) Software 9.3(.2) and earlier does not properly allocate memory blocks during HTTP packet handling, which allows remote attackers …
|
CWE-400
Uncontrolled Resource Consumption
|
CVE-2014-3407
|
2024-11-21 11:08 |
2014-11-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
280333
|
- |
|
pivotal_software
vmware
|
spring_framework
|
Directory traversal vulnerability in Pivotal Spring Framework 3.0.4 through 3.2.x before 3.2.12, 4.0.x before 4.0.8, and 4.1.x before 4.1.2 allows remote attackers to read arbitrary files via unspeci…
|
CWE-22
Path Traversal
|
CVE-2014-3625
|
2024-11-21 11:08 |
2014-11-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
280334
|
- |
|
haxx
apple
|
curl
libcurl
mac_os_x
|
cURL and libcurl before 7.38.0 allow remote attackers to bypass the Same Origin Policy and set cookies for arbitrary sites by setting a cookie for a top-level domain.
|
CWE-310
Cryptographic Issues
|
CVE-2014-3620
|
2024-11-21 11:08 |
2014-11-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
280335
|
- |
|
haxx
apple
|
curl
libcurl
mac_os_x
|
cURL and libcurl before 7.38.0 does not properly handle IP addresses in cookie domain names, which allows remote attackers to set cookies for or send arbitrary cookies to certain sites, as demonstrat…
|
CWE-310
Cryptographic Issues
|
CVE-2014-3613
|
2024-11-21 11:08 |
2014-11-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
280336
|
- |
|
apache
|
qpid
|
XML external entity (XXE) vulnerability in the XML Exchange module in Apache Qpid 0.30 allows remote attackers to cause outgoing HTTP connections via a crafted message.
|
CWE-19
Data Processing Errors
|
CVE-2014-3629
|
2024-11-21 11:08 |
2014-11-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
280337
|
- |
|
mumble
|
mumble
|
The client in Mumble 1.2.x before 1.2.6 allows remote attackers to force the loading of an external file and cause a denial of service (hang and resource consumption) via a crafted string that is tre…
|
CWE-19
Data Processing Errors
|
CVE-2014-3756
|
2024-11-21 11:08 |
2014-11-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
280338
|
- |
|
mumble
|
mumble
|
The QSvg module in Qt, as used in the Mumble client 1.2.x before 1.2.6, allows remote attackers to cause a denial of service (hang and resource consumption) via a local file reference in an (1) image…
|
CWE-399
Resource Management Errors
|
CVE-2014-3755
|
2024-11-21 11:08 |
2014-11-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
280339
|
- |
|
apache
|
cordova
|
Apache Cordova Android before 3.5.1 allows remote attackers to open and send data to arbitrary applications via a URL with a crafted URI scheme for an Android intent.
|
CWE-200
Information Exposure
|
CVE-2014-3502
|
2024-11-21 11:08 |
2014-11-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
280340
|
- |
|
apache
|
cordova
|
Apache Cordova Android before 3.5.1 allows remote attackers to bypass the HTTP whitelist and connect to arbitrary servers by using JavaScript to open WebSocket connections through WebView.
|
CWE-254
7PK - Security Features
|
CVE-2014-3501
|
2024-11-21 11:08 |
2014-11-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
