|
279711
|
- |
|
openssl
|
openssl
|
The dtls1_clear_queues function in ssl/d1_lib.c in OpenSSL before 0.9.8za, 1.0.0 before 1.0.0m, and 1.0.1 before 1.0.1h frees data structures without considering that application data can arrive betw…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2014-8176
|
2024-11-21 11:18 |
2015-06-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
279712
|
- |
|
comodo
|
geekbuddy
|
Comodo GeekBuddy before 4.18.121 does not restrict access to the VNC server, which allows local users to gain privileges by connecting to the server.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2014-7872
|
2024-11-21 11:18 |
2015-06-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
279713
|
- |
|
debian
apache
|
debian_linux
tomcat
|
The Expression Language (EL) implementation in Apache Tomcat 6.x before 6.0.44, 7.x before 7.0.58, and 8.x before 8.0.16 does not properly consider the possibility of an accessible interface implemen…
|
CWE-284
Improper Access Control
|
CVE-2014-7810
|
2024-11-21 11:18 |
2015-06-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
279714
|
- |
|
apple
icu-project
|
watchos
mac_os_x
international_components_for_unicode
|
The resolveImplicitLevels function in common/ubidi.c in the Unicode Bidirectional Algorithm implementation in ICU4C in International Components for Unicode (ICU) before 55.1 uses an integer data type…
|
CWE-189
Numeric Errors
|
CVE-2014-8147
|
2024-11-21 11:18 |
2015-05-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
279715
|
- |
|
apple
icu-project
|
watchos
iphone_os
itunes
mac_os_x
international_components_for_unicode
|
The resolveImplicitLevels function in common/ubidi.c in the Unicode Bidirectional Algorithm implementation in ICU4C in International Components for Unicode (ICU) before 55.1 does not properly track d…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2014-8146
|
2024-11-21 11:18 |
2015-05-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
279716
|
- |
|
infocus
|
in3128hd_firmware
|
The InFocus IN3128HD projector with firmware 0.26 does not restrict access to cgi-bin/webctrl.cgi.elf, which allows remote attackers to modify the DHCP server and device IP configuration, reboot the …
|
NVD-CWE-Other
|
CVE-2014-8384
|
2024-11-21 11:18 |
2015-05-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
279717
|
- |
|
infocus
|
in3128hd_firmware
|
The InFocus IN3128HD projector with firmware 0.26 allows remote attackers to bypass authentication via a direct request to main.html.
|
NVD-CWE-Other
|
CVE-2014-8383
|
2024-11-21 11:18 |
2015-05-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
279718
|
- |
|
redhat
suse
|
network_satellite
manager
|
XML external entity (XXE) in the RPC interface in Spacewalk and Red Hat Network (RHN) Satellite 5.7 and earlier allows remote attackers to read arbitrary files and possibly have other unspecified imp…
|
NVD-CWE-Other
|
CVE-2014-8162
|
2024-11-21 11:18 |
2015-05-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
279719
|
- |
|
redhat
|
jbpm
drools
|
XML external entity (XXE) vulnerability in Drools and jBPM before 6.2.0 allows remote attackers to read arbitrary files or possibly have other unspecified impact via a crafted BPMN2 file.
|
NVD-CWE-Other
|
CVE-2014-8125
|
2024-11-21 11:18 |
2015-04-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
279720
|
- |
|
apache
|
tomcat_connectors
|
Apache Tomcat Connectors (mod_jk) before 1.2.41 ignores JkUnmount rules for subtrees of previous JkMount rules, which allows remote attackers to access otherwise restricted artifacts via unspecified …
|
CWE-200
Information Exposure
|
CVE-2014-8111
|
2024-11-21 11:18 |
2015-04-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
