|
282821
|
- |
|
adobe
|
flash_player
air_sdk
air
air_sdk_\&_compiler
|
Use-after-free vulnerability in Adobe Flash Player before 13.0.0.252 and 14.x and 15.x before 15.0.0.223 on Windows and OS X and before 11.2.202.418 on Linux, Adobe AIR before 15.0.0.356, Adobe AIR S…
|
NVD-CWE-Other
|
CVE-2014-0573
|
2024-11-21 11:02 |
2014-11-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
282822
|
- |
|
debian
|
advanced_package_tool
|
The apt-get download command in APT before 1.0.9 does not properly validate signatures for packages, which allows remote attackers to execute arbitrary code via a crafted package.
|
CWE-20
Improper Input Validation
|
CVE-2014-0490
|
2024-11-21 11:02 |
2014-11-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
282823
|
- |
|
debian
|
advanced_package_tool
|
APT before 1.0.9, when the Acquire::GzipIndexes option is enabled, does not validate checksums, which allows remote attackers to execute arbitrary code via a crafted package.
|
CWE-20
Improper Input Validation
|
CVE-2014-0489
|
2024-11-21 11:02 |
2014-11-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
282824
|
- |
|
debian
|
advanced_package_tool
|
APT before 1.0.9 does not "invalidate repository data" when moving from an unauthenticated to authenticated state, which allows remote attackers to have unspecified impact via crafted repository data.
|
CWE-20
Improper Input Validation
|
CVE-2014-0488
|
2024-11-21 11:02 |
2014-11-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
282825
|
- |
|
debian
|
advanced_package_tool
|
APT before 1.0.9 does not verify downloaded files if they have been modified as indicated using the If-Modified-Since header, which has unspecified impact and attack vectors.
|
NVD-CWE-noinfo
|
CVE-2014-0487
|
2024-11-21 11:02 |
2014-11-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
282826
|
- |
|
canonical
chkrootkit
|
ubuntu_linux
chkrootkit
|
The slapper function in chkrootkit before 0.50 does not properly quote file paths, which allows local users to execute arbitrary code via a Trojan horse executable. NOTE: this is only a vulnerabilit…
|
CWE-20
Improper Input Validation
|
CVE-2014-0476
|
2024-11-21 11:02 |
2014-10-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
282827
|
- |
|
hamstersoft
|
hamster_free_zip_archiver
|
Untrusted search path vulnerability in Hamster Free ZIP Archiver 2.0.1.7 allows local users to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse dwmapi.dll that is located i…
|
NVD-CWE-Other
|
CVE-2014-0619
|
2024-11-21 11:02 |
2014-10-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
282828
|
- |
|
adobe
|
coldfusion
|
Adobe ColdFusion 9.0 before Update 13, 9.0.1 before Update 12, 9.0.2 before Update 7, 10 before Update 14, and 11 before Update 2 allows local users to bypass intended IP-based access restrictions vi…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2014-0572
|
2024-11-21 11:02 |
2014-10-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
282829
|
- |
|
adobe
|
coldfusion
|
Cross-site scripting (XSS) vulnerability in Adobe ColdFusion 9.0 before Update 13, 9.0.1 before Update 12, 9.0.2 before Update 7, 10 before Update 14, and 11 before Update 2 allows remote attackers t…
|
CWE-79
Cross-site Scripting
|
CVE-2014-0571
|
2024-11-21 11:02 |
2014-10-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
282830
|
- |
|
adobe
|
coldfusion
|
Cross-site request forgery (CSRF) vulnerability in Adobe ColdFusion 9.0 before Update 13, 9.0.1 before Update 12, 9.0.2 before Update 7, 10 before Update 14, and 11 before Update 2 allows remote atta…
|
CWE-352
Origin Validation Error
|
CVE-2014-0570
|
2024-11-21 11:02 |
2014-10-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
