|
277001
|
- |
|
mageia
debian
gnupg
canonical
|
mageia
debian_linux
libksba
ubuntu_linux
gnupg
|
Integer underflow in the ksba_oid_to_str function in Libksba before 1.3.2, as used in GnuPG, allows remote attackers to cause a denial of service (crash) via a crafted OID in a (1) S/MIME message or …
|
CWE-191
Integer Underflow (Wrap or Wraparound)
|
CVE-2014-9087
|
2024-11-21 11:20 |
2014-12-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
277002
|
- |
|
clamav
|
clamav
|
Heap-based buffer overflow in the cli_scanpe function in libclamav/pe.c in ClamAV before 0.98.5 allows remote attackers to cause a denial of service (crash) via a crafted y0da Crypter PE file.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2014-9050
|
2024-11-21 11:20 |
2014-12-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
277003
|
- |
|
phpmyadmin
opensuse
|
phpmyadmin
opensuse
|
Directory traversal vulnerability in libraries/error_report.lib.php in the error-reporting feature in phpMyAdmin 4.1.x before 4.1.14.7 and 4.2.x before 4.2.12 allows remote authenticated users to obt…
|
CWE-22
Path Traversal
|
CVE-2014-8961
|
2024-11-21 11:20 |
2014-11-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
277004
|
- |
|
phpmyadmin
|
phpmyadmin
|
Cross-site scripting (XSS) vulnerability in libraries/error_report.lib.php in the error-reporting feature in phpMyAdmin 4.1.x before 4.1.14.7 and 4.2.x before 4.2.12 allows remote authenticated users…
|
CWE-79
Cross-site Scripting
|
CVE-2014-8960
|
2024-11-21 11:20 |
2014-11-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
277005
|
- |
|
opensuse
phpmyadmin
|
opensuse
phpmyadmin
|
Directory traversal vulnerability in libraries/gis/GIS_Factory.class.php in the GIS editor in phpMyAdmin 4.0.x before 4.0.10.6, 4.1.x before 4.1.14.7, and 4.2.x before 4.2.12 allows remote authentica…
|
CWE-22
Path Traversal
|
CVE-2014-8959
|
2024-11-21 11:20 |
2014-11-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
277006
|
- |
|
phpmyadmin
|
phpmyadmin
|
Multiple cross-site scripting (XSS) vulnerabilities in phpMyAdmin 4.0.x before 4.0.10.6, 4.1.x before 4.1.14.7, and 4.2.x before 4.2.12 allow remote authenticated users to inject arbitrary web script…
|
CWE-79
Cross-site Scripting
|
CVE-2014-8958
|
2024-11-21 11:20 |
2014-11-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
277007
|
- |
|
adobe
|
acrobat_reader
acrobat
|
Race condition in the MoveFileEx call hook feature in Adobe Reader and Acrobat 11.x before 11.0.09 on Windows allows attackers to bypass a sandbox protection mechanism, and consequently write to file…
|
CWE-362
Race Condition
|
CVE-2014-9150
|
2024-11-21 11:20 |
2014-11-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
277008
|
- |
|
linux
|
linux_kernel
|
The do_double_fault function in arch/x86/kernel/traps.c in the Linux kernel through 3.17.4 does not properly handle faults associated with the Stack Segment (SS) segment register, which allows local …
|
CWE-17
Code
|
CVE-2014-9090
|
2024-11-21 11:20 |
2014-11-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
277009
|
- |
|
linux
|
linux_kernel
|
The Linux kernel through 3.17.4 does not properly restrict dropping of supplemental group memberships in certain namespace scenarios, which allows local users to bypass intended file permissions by l…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2014-8989
|
2024-11-21 11:20 |
2014-11-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
277010
|
- |
|
debian
mantisbt
|
debian_linux
mantisbt
|
Multiple SQL injection vulnerabilities in view_all_bug_page.php in MantisBT before 1.2.18 allow remote attackers to execute arbitrary SQL commands via the (1) sort or (2) dir parameter to view_all_se…
|
CWE-89
SQL Injection
|
CVE-2014-9089
|
2024-11-21 11:20 |
2014-11-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
