|
277691
|
- |
|
linux
|
linux_kernel
|
arch/x86/kernel/tls.c in the Thread Local Storage (TLS) implementation in the Linux kernel through 3.18.1 allows local users to bypass the espfix protection mechanism, and consequently makes it easie…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2014-8133
|
2024-11-21 11:18 |
2014-12-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
277692
|
- |
|
cisco
|
isb8320-e_high-definition_ip-only_dvr
|
The Disaster Recovery (DRA) feature on the Cisco ISB8320-E High-Definition IP-Only DVR allows remote attackers to bypass authentication by establishing a TELNET session during a recovery boot, aka Bu…
|
CWE-287
Improper Authentication
|
CVE-2014-8006
|
2024-11-21 11:18 |
2014-12-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
277693
|
- |
|
broadcom
|
release_automation
|
SQL injection vulnerability in CA Release Automation (formerly iTKO LISA Release Automation) before 4.7.1 b448 allows remote authenticated users to execute arbitrary SQL commands via a crafted query.
|
CWE-89
SQL Injection
|
CVE-2014-8248
|
2024-11-21 11:18 |
2014-12-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
277694
|
- |
|
broadcom
|
release_automation
|
Cross-site scripting (XSS) vulnerability in CA Release Automation (formerly iTKO LISA Release Automation) before 4.7.1 b448 allows remote attackers to inject arbitrary web script or HTML via unspecif…
|
CWE-79
Cross-site Scripting
|
CVE-2014-8247
|
2024-11-21 11:18 |
2014-12-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
277695
|
- |
|
broadcom
|
release_automation
|
Cross-site request forgery (CSRF) vulnerability in CA Release Automation (formerly iTKO LISA Release Automation) before 4.7.1 b448 allows remote attackers to hijack the authentication of unspecified …
|
CWE-352
Origin Validation Error
|
CVE-2014-8246
|
2024-11-21 11:18 |
2014-12-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
277696
|
- |
|
zoneo-soft
|
phptraffica
|
SQL injection vulnerability in Php/Functions/log_function.php in phpTrafficA 2.3 and earlier allows remote attackers to execute arbitrary SQL commands via a User-Agent HTTP header.
|
CWE-89
SQL Injection
|
CVE-2014-8340
|
2024-11-21 11:18 |
2014-12-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
277697
|
- |
|
rpm
|
rpm
|
Integer overflow in RPM 4.12 and earlier allows remote attackers to execute arbitrary code via a crafted CPIO header in the payload section of an RPM file, which triggers a stack-based buffer overflo…
|
CWE-189
Numeric Errors
|
CVE-2014-8118
|
2024-11-21 11:18 |
2014-12-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
277698
|
- |
|
google
|
android
|
luni/src/main/java/java/io/ObjectInputStream.java in the java.io.ObjectInputStream implementation in Android before 5.0.0 does not verify that deserialization will result in an object that met the re…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2014-7911
|
2024-11-21 11:18 |
2014-12-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
277699
|
- |
|
honeywell
|
opos_suite
|
Multiple stack-based buffer overflows in (1) HWOPOSScale.ocx and (2) HWOPOSSCANNER.ocx in Honeywell OPOS Suite before 1.13.4.15 allow remote attackers to execute arbitrary code via a crafted file tha…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2014-8269
|
2024-11-21 11:18 |
2014-12-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
277700
|
3.3 |
LOW
Local
|
linux
canonical
opensuse
suse
oracle
|
linux_kernel
ubuntu_linux
evergreen
opensuse
suse_linux_enterprise_server
linux
|
The paravirt_ops_setup function in arch/x86/kernel/kvm.c in the Linux kernel through 3.18 uses an improper paravirt_enabled setting for KVM guest kernels, which makes it easier for guest OS users to …
|
NVD-CWE-noinfo
|
CVE-2014-8134
|
2024-11-21 11:18 |
2014-12-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
