|
283361
|
- |
|
teampass
|
teampass
|
TeamPass before 2.1.20 allows remote attackers to bypass access restrictions via the language file path in a (1) request to index.php or (2) "change_user_language" request to sources/main.queries.php.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2014-3771
|
2024-11-21 11:08 |
2014-08-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
283362
|
- |
|
openstack
|
nova
|
api/metadata/handler.py in OpenStack Compute (Nova) before 2013.2.4, 2014.x before 2014.1.2, and Juno before Juno-2, when proxying metadata requests through Neutron, makes it easier for remote attack…
|
CWE-200
Information Exposure
|
CVE-2014-3517
|
2024-11-21 11:08 |
2014-08-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
283363
|
- |
|
solarwinds
|
network_configuration_manager
|
Heap-based buffer overflow in SolarWinds Network Configuration Manager (NCM) before 7.3 allows remote attackers to execute arbitrary code via the PEstrarg1 property.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2014-3459
|
2024-11-21 11:08 |
2014-08-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
283364
|
- |
|
opensuse
ipython
mageia
|
opensuse
ipython_notebook
mageia
|
IPython Notebook 0.12 through 1.x before 1.2 does not validate the origin of websocket requests, which allows remote attackers to execute arbitrary code by leveraging knowledge of the kernel id and a…
|
CWE-94
Code Injection
|
CVE-2014-3429
|
2024-11-21 11:08 |
2014-08-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
283365
|
- |
|
redhat
|
enterprise_virtualization
|
The oVirt storage backend in Red Hat Enterprise Virtualization 3.4 does not wipe memory snapshots when deleting a VM, even when wipe-after-delete (WAD) is configured for the VM's disk, which allows r…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2014-3559
|
2024-11-21 11:08 |
2014-08-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
283366
|
- |
|
symantec
|
endpoint_protection
|
Buffer overflow in the sysplant driver in Symantec Endpoint Protection (SEP) Client 11.x and 12.x before 12.1 RU4 MP1b, and Small Business Edition before SEP 12.1, allows local users to execute arbit…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2014-3434
|
2024-11-21 11:08 |
2014-08-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
283367
|
- |
|
redhat
canonical
samba
|
enterprise_linux
ubuntu_linux
samba
|
NetBIOS name services daemon (nmbd) in Samba 4.0.x before 4.0.21 and 4.1.x before 4.1.11 allows remote attackers to execute arbitrary code via unspecified vectors that modify heap memory, involving a…
|
CWE-94
Code Injection
|
CVE-2014-3560
|
2024-11-21 11:08 |
2014-08-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
283368
|
- |
|
linux
debian
|
linux_kernel
debian_linux
|
arch/s390/kernel/ptrace.c in the Linux kernel before 3.15.8 on the s390 platform does not properly restrict address-space control operations in PTRACE_POKEUSR_AREA requests, which allows local users …
|
CWE-269
Improper Privilege Management
|
CVE-2014-3534
|
2024-11-21 11:08 |
2014-08-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
283369
|
- |
|
libndp
|
libndp
|
Buffer overflow in the ndp_msg_opt_dnssl_domain function in libndp allows remote routers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted DNS Search List (DNSSL)…
|
CWE-120
Classic Buffer Overflow
|
CVE-2014-3554
|
2024-11-21 11:08 |
2014-07-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
283370
|
- |
|
netty
|
netty
|
The SslHandler in Netty before 3.9.2 allows remote attackers to cause a denial of service (infinite loop and CPU consumption) via a crafted SSLv2Hello message.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2014-3488
|
2024-11-21 11:08 |
2014-07-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
