|
285091
|
- |
|
oracle
|
fusion_middleware
|
The xmlParserHandlePEReference function in parser.c in libxml2 before 2.9.2, as used in Web Listener in Oracle HTTP Server in Oracle Fusion Middleware 11.1.1.7.0, 12.1.2.0, and 12.1.3.0 and other pro…
|
NVD-CWE-noinfo
|
CVE-2014-0191
|
2024-11-21 11:01 |
2015-01-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
285092
|
- |
|
redhat
odata4j_project
|
jboss_data_virtualization
odata4j
|
XML external entity (XXE) vulnerability in StaxXMLFactoryProvider2 in Odata4j, as used in Red Hat JBoss Data Virtualization before 6.0.0 patch 4, allows remote attackers to read arbitrary files via a…
|
NVD-CWE-Other
|
CVE-2014-0171
|
2024-11-21 11:01 |
2015-01-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
285093
|
- |
|
redhat
|
jboss_enterprise_application_platform
|
JBoss SX and PicketBox, as used in Red Hat JBoss Enterprise Application Platform (EAP) before 6.2.3, use world-readable permissions on audit.log, which allows local users to obtain sensitive informat…
|
CWE-200
Information Exposure
|
CVE-2014-0059
|
2024-11-21 11:01 |
2014-11-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
285094
|
- |
|
freerdp
opensuse
|
freerdp
opensuse
|
Multiple integer overflows in client/X11/xf_graphics.c in FreeRDP allow remote attackers to have an unspecified impact via the width and height to the (1) xf_Pointer_New or (2) xf_Bitmap_Decompress f…
|
CWE-189
Numeric Errors
|
CVE-2014-0250
|
2024-11-21 11:01 |
2014-11-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
285095
|
- |
|
apache
|
hive
|
Apache Hive before 0.13.1, when in SQL standards based authorization mode, does not properly check the file permissions for (1) import and (2) export statements, which allows remote authenticated use…
|
CWE-284
Improper Access Control
|
CVE-2014-0228
|
2024-11-21 11:01 |
2014-11-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
285096
|
- |
|
redhat
|
openshift
|
Red Hat OpenShift Enterprise 2.0 and 2.1 and OpenShift Origin allow remote authenticated users to execute arbitrary commands via shell metacharacters in a directory name that is referenced by a cartr…
|
CWE-94
Code Injection
|
CVE-2014-0233
|
2024-11-21 11:01 |
2014-11-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
285097
|
- |
|
suse
qemu
|
linux_enterprise_server
qemu
|
Integer overflow in the qcow_open function in block/qcow.c in QEMU before 1.7.2 allows local users to cause a denial of service (crash) and possibly execute arbitrary code via a large image size, whi…
|
CWE-189
Numeric Errors
|
CVE-2014-0223
|
2024-11-21 11:01 |
2014-11-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
285098
|
- |
|
suse
qemu
|
linux_enterprise_server
qemu
|
Integer overflow in the qcow_open function in block/qcow.c in QEMU before 1.7.2 allows remote attackers to cause a denial of service (crash) via a large L2 table in a QCOW version 1 image.
|
CWE-189
Numeric Errors
|
CVE-2014-0222
|
2024-11-21 11:01 |
2014-11-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
285099
|
- |
|
qemu
|
qemu
|
Heap-based buffer overflow in the virtio_load function in hw/virtio/virtio.c in QEMU before 1.7.2 might allow remote attackers to execute arbitrary code via a crafted config length in a savevm image.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2014-0182
|
2024-11-21 11:01 |
2014-11-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
285100
|
- |
|
openstack
|
keystone
|
OpenStack Identity (Keystone) before 2014.1.1 does not properly handle when a role is assigned to a group that has the same ID as a user, which allows remote authenticated users to gain privileges th…
|
CWE-269
Improper Privilege Management
|
CVE-2014-0204
|
2024-11-21 11:01 |
2014-11-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
