|
281531
|
- |
|
linux
canonical
|
linux_kernel
ubuntu_linux
|
Use-after-free vulnerability in the nfqnl_zcopy function in net/netfilter/nfnetlink_queue_core.c in the Linux kernel through 3.13.6 allows attackers to obtain sensitive information from kernel memory…
|
CWE-416
Use After Free
|
CVE-2014-2568
|
2024-11-21 11:06 |
2014-03-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
281532
|
- |
|
linux
canonical
|
linux_kernel
ubuntu_linux
|
net/netfilter/nf_conntrack_proto_dccp.c in the Linux kernel through 3.13.6 uses a DCCP header pointer incorrectly, which allows remote attackers to cause a denial of service (system crash) or possibl…
|
CWE-20
Improper Input Validation
|
CVE-2014-2523
|
2024-11-21 11:06 |
2014-03-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
281533
|
- |
|
sonicwall
|
nsa_2400
|
Cross-site scripting (XSS) vulnerability in the Dashboard Backend service (stats/dashboard.jsp) in SonicWall Network Security Appliance (NSA) 2400 allows remote attackers to inject arbitrary web scri…
|
CWE-79
Cross-site Scripting
|
CVE-2014-2589
|
2024-11-21 11:06 |
2014-03-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
281534
|
- |
|
mcafee
|
asset_manager
|
Directory traversal vulnerability in servlet/downloadReport in McAfee Asset Manager 6.6 allows remote authenticated users to read arbitrary files via a .. (dot dot) in the reportFileName parameter.
|
CWE-22
Path Traversal
|
CVE-2014-2588
|
2024-11-21 11:06 |
2014-03-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
281535
|
- |
|
mcafee
|
asset_manager
|
SQL injection vulnerability in jsp/reports/ReportsAudit.jsp in McAfee Asset Manager 6.6 allows remote authenticated users to execute arbitrary SQL commands via the username of an audit report (aka us…
|
CWE-89
SQL Injection
|
CVE-2014-2587
|
2024-11-21 11:06 |
2014-03-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
281536
|
- |
|
mcafee
|
cloud_single_sign_on
|
Cross-site scripting (XSS) vulnerability in the login audit form in McAfee Cloud Single Sign On (SSO) allows remote attackers to inject arbitrary web script or HTML via a crafted password.
|
CWE-79
Cross-site Scripting
|
CVE-2014-2586
|
2024-11-21 11:06 |
2014-03-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
281537
|
- |
|
owncloud
|
owncloud
|
ownCloud before 5.0.15 and 6.x before 6.0.2, when the file_external app is enabled, allows remote authenticated users to mount the local filesystem in the user's ownCloud via the mount configuration.
|
CWE-20
Improper Input Validation
|
CVE-2014-2585
|
2024-11-21 11:06 |
2014-03-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
281538
|
- |
|
moodle
|
moodle
|
mod/assign/externallib.php in Moodle 2.6.x before 2.6.2 does not properly handle assignment web-service parameters, which might allow remote authenticated users to modify grade metadata via unspecifi…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2014-2572
|
2024-11-21 11:06 |
2014-03-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
281539
|
- |
|
moodle
|
moodle
|
Cross-site scripting (XSS) vulnerability in the quiz_question_tostring function in mod/quiz/editlib.php in Moodle through 2.3.11, 2.4.x before 2.4.9, 2.5.x before 2.5.5, and 2.6.x before 2.6.2 allows…
|
CWE-79
Cross-site Scripting
|
CVE-2014-2571
|
2024-11-21 11:06 |
2014-03-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
281540
|
- |
|
php
canonical
suse
redhat
debian
oracle
|
php
ubuntu_linux
linux_enterprise_server
linux_enterprise_software_development_kit
enterprise_linux_desktop
enterprise_linux_workstation
enterprise_linux_server
enterprise_linux_…
|
The gdImageCreateFromXpm function in gdxpm.c in libgd, as used in PHP 5.4.26 and earlier, allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a c…
|
CWE-476
NULL Pointer Dereference
|
CVE-2014-2497
|
2024-11-21 11:06 |
2014-03-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
