|
279221
|
- |
|
huawei
|
mobile_partner_firmware
ec156
ec176
ec177
|
Untrusted search path vulnerability in Huawei Mobile Partner for Windows 23.009.05.03.1014 allows local users to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse wintab32.d…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2014-8359
|
2024-11-21 11:18 |
2014-11-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
279222
|
- |
|
redhat
|
libvirt
|
The virDomainGetXMLDesc API in Libvirt before 1.2.11 allows remote read-only users to obtain the VNC password by using the VIR_DOMAIN_XML_MIGRATABLE flag, which triggers the use of the VIR_DOMAIN_XML…
|
CWE-255
Credentials Management
|
CVE-2014-7823
|
2024-11-21 11:18 |
2014-11-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
279223
|
7.8 |
HIGH
Local
|
linux
opensuse
suse
|
linux_kernel
evergreen
suse_linux_enterprise_server
|
kernel/trace/trace_syscalls.c in the Linux kernel through 3.17.2 does not properly handle private syscall numbers during use of the ftrace subsystem, which allows local users to gain privileges or ca…
|
CWE-476
NULL Pointer Dereference
|
CVE-2014-7826
|
2024-11-21 11:18 |
2014-11-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
279224
|
7.8 |
HIGH
Local
|
linux
|
linux_kernel
|
kernel/trace/trace_syscalls.c in the Linux kernel through 3.17.2 does not properly handle private syscall numbers during use of the perf subsystem, which allows local users to cause a denial of servi…
|
CWE-125
Out-of-bounds Read
|
CVE-2014-7825
|
2024-11-21 11:18 |
2014-11-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
279225
|
7.8 |
HIGH
Local
|
linux
debian
opensuse
suse
|
linux_kernel
debian_linux
evergreen
linux_enterprise_real_time_extension
suse_linux_enterprise_server
|
The kvm_iommu_map_pages function in virt/kvm/iommu.c in the Linux kernel through 3.17.2 miscalculates the number of pages during the handling of a mapping failure, which allows guest OS users to caus…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2014-8369
|
2024-11-21 11:18 |
2014-11-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
279226
|
- |
|
sprockets_project
|
sprockets
|
Multiple directory traversal vulnerabilities in server.rb in Sprockets before 2.0.5, 2.1.x before 2.1.4, 2.2.x before 2.2.3, 2.3.x before 2.3.3, 2.4.x before 2.4.6, 2.5.x before 2.5.1, 2.6.x and 2.7.…
|
CWE-22
Path Traversal
|
CVE-2014-7819
|
2024-11-21 11:18 |
2014-11-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
279227
|
- |
|
rubyonrails
opensuse
|
ruby_on_rails
rails
opensuse
|
Directory traversal vulnerability in actionpack/lib/action_dispatch/middleware/static.rb in Action Pack in Ruby on Rails 3.x before 3.2.20, 4.0.x before 4.0.11, 4.1.x before 4.1.7, and 4.2.x before 4…
|
CWE-22
Path Traversal
|
CVE-2014-7818
|
2024-11-21 11:18 |
2014-11-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
279228
|
- |
|
cisco
|
ios_xe
air-ct5760
ws-c3850
ws-c3860
|
Cisco IOS XE 3.5E and earlier on WS-C3850, WS-C3860, and AIR-CT5760 devices does not properly parse the "request system shell" challenge response, which allows local users to obtain Linux root access…
|
CWE-20
Improper Input Validation
|
CVE-2014-7990
|
2024-11-21 11:18 |
2014-11-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
279229
|
- |
|
cisco
|
b460_m4
b420_m3
b260_m4
b200_m3
b200_m4
b22_m3
b230_m2
b440_m2
|
Cisco Unified Computing System on B-Series blade servers allows local users to gain shell privileges via a crafted (1) ping6 or (2) traceroute6 command, aka Bug ID CSCuq38176.
|
CWE-20
Improper Input Validation
|
CVE-2014-7989
|
2024-11-21 11:18 |
2014-11-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
279230
|
- |
|
cisco
|
unity_connection
|
The Unified Messaging Service (UMS) in Cisco Unity Connection 10.5 and earlier allows remote authenticated users to obtain sensitive information by reading log files, aka Bug ID CSCur06493.
|
CWE-200
Information Exposure
|
CVE-2014-7988
|
2024-11-21 11:18 |
2014-11-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
