|
280371
|
- |
|
adaptivecomputing
|
torque_resource_manager
|
The tm_adopt function in lib/Libifl/tm.c in Terascale Open-Source Resource and Queue Manager (aka TORQUE Resource Manager) 5.0.x, 4.5.x, 4.2.x, and earlier does not validate that the owner of the pro…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2014-3684
|
2024-11-21 11:08 |
2014-10-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
280372
|
- |
|
apache
|
wss4j
cxf
|
Apache WSS4J before 1.6.17 and 2.x before 2.0.2, as used in Apache CXF 2.7.x before 2.7.13 and 3.0.x before 3.0.2, when using TransportBinding, does not properly enforce the SAML SubjectConfirmation …
|
CWE-287
Improper Authentication
|
CVE-2014-3623
|
2024-11-21 11:08 |
2014-10-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
280373
|
- |
|
apache
|
cxf
|
The SamlHeaderInHandler in Apache CXF before 2.6.11, 2.7.x before 2.7.8, and 3.0.x before 3.0.1 allows remote attackers to cause a denial of service (infinite loop) via a crafted SAML token in the au…
|
CWE-399
Resource Management Errors
|
CVE-2014-3584
|
2024-11-21 11:08 |
2014-10-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
280374
|
- |
|
bss
|
continuity_cms
|
SQL injection vulnerability in wcm/system/pages/admin/getnode.aspx in BSS Continuity CMS 4.2.22640.0 allows remote attackers to execute arbitrary SQL commands via the nodeid parameter.
|
CWE-89
SQL Injection
|
CVE-2014-3446
|
2024-11-21 11:08 |
2014-10-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
280375
|
- |
|
pidgin
|
pidgin
|
The jabber_idn_validate function in jutil.c in the Jabber protocol plugin in libpurple in Pidgin before 2.10.10 allows remote attackers to obtain sensitive information from process memory via a craft…
|
CWE-200
Information Exposure
|
CVE-2014-3698
|
2024-11-21 11:08 |
2014-10-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
280376
|
- |
|
pidgin
|
pidgin
|
Absolute path traversal vulnerability in the untar_block function in win32/untar.c in Pidgin before 2.10.10 on Windows allows remote attackers to write to arbitrary files via a drive name in a tar ar…
|
CWE-22
Path Traversal
|
CVE-2014-3697
|
2024-11-21 11:08 |
2014-10-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
280377
|
- |
|
pidgin
|
pidgin
|
nmevent.c in the Novell GroupWise protocol plugin in libpurple in Pidgin before 2.10.10 allows remote servers to cause a denial of service (application crash) via a crafted server message that trigge…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2014-3696
|
2024-11-21 11:08 |
2014-10-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
280378
|
- |
|
pidgin
|
pidgin
|
markup.c in the MXit protocol plugin in libpurple in Pidgin before 2.10.10 allows remote servers to cause a denial of service (application crash) via a large length value in an emoticon response.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2014-3695
|
2024-11-21 11:08 |
2014-10-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
280379
|
- |
|
opensuse
canonical
debian
pidgin
|
opensuse
ubuntu_linux
debian_linux
pidgin
|
The (1) bundled GnuTLS SSL/TLS plugin and the (2) bundled OpenSSL SSL/TLS plugin in libpurple in Pidgin before 2.10.10 do not properly consider the Basic Constraints extension during verification of …
|
CWE-310
Cryptographic Issues
|
CVE-2014-3694
|
2024-11-21 11:08 |
2014-10-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
280380
|
- |
|
php
|
php
|
The exif_ifd_make_value function in exif.c in the EXIF extension in PHP before 5.4.34, 5.5.x before 5.5.18, and 5.6.x before 5.6.2 operates on floating-point arrays incorrectly, which allows remote a…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2014-3670
|
2024-11-21 11:08 |
2014-10-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
