|
280551
|
- |
|
christos_zoulas
php
debian
|
file
php
debian_linux
|
file before 5.19 does not properly restrict the amount of data read during a regex search, which allows remote attackers to cause a denial of service (CPU consumption) via a crafted file that trigger…
|
CWE-399
Resource Management Errors
|
CVE-2014-3538
|
2024-11-21 11:08 |
2014-07-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
280552
|
- |
|
storesprite
|
storesprite
|
Cross-site scripting (XSS) vulnerability in templates/defaultheader.php in Lamp Design Storesprite before 7 - 19-06-14, when using the currency selection dropdown, allows remote attackers to inject a…
|
CWE-79
Cross-site Scripting
|
CVE-2014-3737
|
2024-11-21 11:08 |
2014-07-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
280553
|
- |
|
freedesktop
d-bus_project
|
dbus
d-bus
|
The dbus-daemon in D-Bus 1.2.x through 1.4.x, 1.6.x before 1.6.20, and 1.8.x before 1.8.4, sends an AccessDenied error to the service instead of a client when the client is prohibited from accessing …
|
NVD-CWE-noinfo
|
CVE-2014-3477
|
2024-11-21 11:08 |
2014-07-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
280554
|
- |
|
opensuse
kde
|
opensuse
kdelibs
|
kio/usernotificationhandler.cpp in the POP3 kioslave in kdelibs 4.10.95 before 4.13.3 does not properly generate warning notifications, which allows man-in-the-middle attackers to obtain sensitive in…
|
CWE-200
Information Exposure
|
CVE-2014-3494
|
2024-11-21 11:08 |
2014-07-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
280555
|
- |
|
theforeman
|
foreman
|
Multiple cross-site scripting (XSS) vulnerabilities in the host YAML view in Foreman before 1.4.5 and 1.5.x before 1.5.1 allow remote attackers to inject arbitrary web script or HTML via a parameter …
|
CWE-79
Cross-site Scripting
|
CVE-2014-3492
|
2024-11-21 11:08 |
2014-07-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
280556
|
- |
|
theforeman
|
foreman
|
Cross-site scripting (XSS) vulnerability in Foreman before 1.4.5 and 1.5.x before 1.5.1 allows remote attackers to inject arbitrary web script or HTML via the Name field to the New Host groups page, …
|
CWE-79
Cross-site Scripting
|
CVE-2014-3491
|
2024-11-21 11:08 |
2014-07-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
280557
|
- |
|
symantec
|
data_insight
|
Cross-site scripting (XSS) vulnerability in the management console in Symantec Data Insight 3.x and 4.x before 4.5 allows remote attackers to inject arbitrary web script or HTML via an unspecified fo…
|
CWE-79
Cross-site Scripting
|
CVE-2014-3433
|
2024-11-21 11:08 |
2014-06-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
280558
|
- |
|
symantec
|
data_insight
|
Cross-site scripting (XSS) vulnerability in the management console in Symantec Data Insight 3.x and 4.x before 4.5 allows remote attackers to inject arbitrary web script or HTML via an unspecified fo…
|
CWE-79
Cross-site Scripting
|
CVE-2014-3432
|
2024-11-21 11:08 |
2014-06-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
280559
|
- |
|
samba
|
samba
|
The push_ascii function in smbd in Samba 3.6.x before 3.6.24, 4.0.x before 4.0.19, and 4.1.x before 4.1.9 allows remote authenticated users to cause a denial of service (memory corruption and daemon …
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2014-3493
|
2024-11-21 11:08 |
2014-06-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
280560
|
- |
|
symantec
|
encryption_desktop
pgp_desktop
|
Symantec PGP Desktop 10.x, and Encryption Desktop Professional 10.3.x before 10.3.2 MP2, on OS X uses world-writable permissions for temporary files, which allows local users to bypass intended restr…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2014-3431
|
2024-11-21 11:08 |
2014-06-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
