|
281031
|
- |
|
xen
|
xen
|
The HVMOP_set_mem_type control in Xen 4.1 through 4.4.x allows local guest HVM administrators to cause a denial of service (hypervisor crash) or possibly execute arbitrary code by leveraging a separa…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2014-3124
|
2024-11-21 11:07 |
2014-05-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
281032
|
- |
|
opensuse
nagios
|
opensuse
remote_plugin_executor
|
Incomplete blacklist vulnerability in nrpe.c in Nagios Remote Plugin Executor (NRPE) 2.15 and earlier allows remote attackers to execute arbitrary commands via a newline character in the -a option to…
|
NVD-CWE-Other
|
CVE-2014-2913
|
2024-11-21 11:07 |
2014-05-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
281033
|
- |
|
debian
strongswan
|
strongswan
|
strongSwan before 5.1.2 allows remote attackers to cause a denial of service (NULL pointer dereference and IKE daemon crash) via a crafted ID_DER_ASN1_DN ID payload.
|
NVD-CWE-Other
|
CVE-2014-2891
|
2024-11-21 11:07 |
2014-05-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
281034
|
- |
|
ayatana_project
canonical
|
unity
ubuntu_linux
|
Unity before 7.2.1, as used in Ubuntu 14.04, does not properly handle keyboard shortcuts, which allows physically proximate attackers to bypass the lock screen and execute arbitrary commands, as demo…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2014-3204
|
2024-11-21 11:07 |
2014-05-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
281035
|
- |
|
ayatana_project
canonical
|
unity
ubuntu_linux
|
Unity before 7.2.1, as used in Ubuntu 14.04, does not properly restrict access to the Dash when the lock screen is active, which allows physically proximate attackers to bypass the lock screen and ex…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2014-3203
|
2024-11-21 11:07 |
2014-05-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
281036
|
- |
|
ayatana_project
|
unity
|
Unity before 7.2.1 does not properly handle entry activation, which allows physically proximate attackers to bypass the lock screen by holding the ENTER key, which triggers the process to crash.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2014-3202
|
2024-11-21 11:07 |
2014-05-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
281037
|
- |
|
f5
|
big-iq
|
F5 BIG-IQ Cloud and Security 4.0.0 through 4.1.0 allows remote authenticated users to change the password of arbitrary users via the name parameter in a request to the user's page in mgmt/shared/auth…
|
CWE-255
Credentials Management
|
CVE-2014-3220
|
2024-11-21 11:07 |
2014-05-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
281038
|
- |
|
phplist
|
phplist
|
Cross-site request forgery (CSRF) vulnerability in the subscription page editor (spageedit) in phpList before 3.0.6 allows remote attackers to hijack the authentication of administrators via a reques…
|
CWE-352
Origin Validation Error
|
CVE-2014-2916
|
2024-11-21 11:07 |
2014-05-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
281039
|
- |
|
xen
|
xen
|
Xen 4.4.x, when running on an ARM system, does not properly context switch the CNTKCTL_EL1 register, which allows local guest users to modify the hardware timers and cause a denial of service (crash)…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2014-3125
|
2024-11-21 11:07 |
2014-05-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
281040
|
- |
|
sitepark
|
information_enterprise_server
|
Sitepark Information Enterprise Server (IES) 2.9 before 2.9.6, when upgraded from an earlier version, does not properly restrict access, which allows remote attackers to change the manager account pa…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2014-3006
|
2024-11-21 11:07 |
2014-05-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
