|
282061
|
- |
|
cisco
|
adaptive_security_appliance_software
|
The syslog-management subsystem in Cisco Adaptive Security Appliance (ASA) Software allows remote attackers to obtain an administrator password by waiting for an administrator to copy a file, and the…
|
CWE-200
Information Exposure
|
CVE-2014-3410
|
2024-11-21 11:08 |
2014-12-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
282062
|
- |
|
redhat
apache
debian
apple
|
enterprise_linux_desktop
enterprise_linux_workstation
enterprise_linux_server_eus
enterprise_linux_server
enterprise_linux_hpc_node
subversion
debian_linux
xcode
|
The mod_dav_svn Apache HTTPD server module in Apache Subversion 1.x before 1.7.19 and 1.8.x before 1.8.11 allows remote attackers to cause a denial of service (NULL pointer dereference and server cra…
|
NVD-CWE-Other
|
CVE-2014-3580
|
2024-11-21 11:08 |
2014-12-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
282063
|
- |
|
apple
apache
canonical
|
mac_os_x
os_x_server
http_server
ubuntu_linux
|
The handle_headers function in mod_proxy_fcgi.c in the mod_proxy_fcgi module in the Apache HTTP Server 2.4.10 allows remote FastCGI servers to cause a denial of service (buffer over-read and daemon c…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2014-3583
|
2024-11-21 11:08 |
2014-12-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
282064
|
- |
|
vmware
|
vcenter_server_appliance
|
Cross-site scripting (XSS) vulnerability in VMware vCenter Server Appliance (vCSA) 5.1 before Update 3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
|
CWE-79
Cross-site Scripting
|
CVE-2014-3797
|
2024-11-21 11:08 |
2014-12-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
282065
|
- |
|
f5
debian
|
nginx
debian_linux
|
nginx 0.5.6 through 1.7.4, when using the same shared ssl_session_cache or ssl_session_ticket_key for multiple servers, can reuse a cached SSL session for an unrelated context, which allows remote at…
|
CWE-613
Insufficient Session Expiration
|
CVE-2014-3616
|
2024-11-21 11:08 |
2014-12-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
282066
|
- |
|
apache
|
hadoop
|
The YARN NodeManager daemon in Apache Hadoop 0.23.0 through 0.23.11 and 2.x before 2.5.2, when using Kerberos authentication, allows remote cluster users to change the permissions of certain files to…
|
CWE-59
Link Following
|
CVE-2014-3627
|
2024-11-21 11:08 |
2014-12-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
282067
|
- |
|
redhat
|
enterprise_virtualization
|
The rhevm-log-collector package in Red Hat Enterprise Virtualization 3.4 uses the PostgreSQL database password on the command line when calling sosreport, which allows local users to obtain sensitive…
|
CWE-200
Information Exposure
|
CVE-2014-3561
|
2024-11-21 11:08 |
2014-12-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
282068
|
- |
|
redhat
|
packstack
|
OpenStack PackStack 2012.2.1, when the Open vSwitch (OVS) monolithic plug-in is not used, does not properly set the libvirt_vif_driver configuration option when generating the nova.conf configuration…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2014-3703
|
2024-11-21 11:08 |
2014-12-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
282069
|
- |
|
linux
|
linux_kernel
|
The SCTP implementation in the Linux kernel before 3.17.4 allows remote attackers to cause a denial of service (memory consumption) by triggering a large number of chunks in an association's output q…
|
CWE-399
Resource Management Errors
|
CVE-2014-3688
|
2024-11-21 11:08 |
2014-11-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
282070
|
- |
|
cisco
|
adaptive_security_appliance_software
|
The SSL VPN implementation in Cisco Adaptive Security Appliance (ASA) Software 9.3(.2) and earlier does not properly allocate memory blocks during HTTP packet handling, which allows remote attackers …
|
CWE-400
Uncontrolled Resource Consumption
|
CVE-2014-3407
|
2024-11-21 11:08 |
2014-11-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
