|
280141
|
7.8 |
HIGH
Local
|
linux
|
linux_kernel
|
kernel/trace/trace_syscalls.c in the Linux kernel through 3.17.2 does not properly handle private syscall numbers during use of the perf subsystem, which allows local users to cause a denial of servi…
|
CWE-125
Out-of-bounds Read
|
CVE-2014-7825
|
2024-11-21 11:18 |
2014-11-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
280142
|
7.8 |
HIGH
Local
|
linux
debian
opensuse
suse
|
linux_kernel
debian_linux
evergreen
linux_enterprise_real_time_extension
suse_linux_enterprise_server
|
The kvm_iommu_map_pages function in virt/kvm/iommu.c in the Linux kernel through 3.17.2 miscalculates the number of pages during the handling of a mapping failure, which allows guest OS users to caus…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2014-8369
|
2024-11-21 11:18 |
2014-11-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
280143
|
- |
|
sprockets_project
|
sprockets
|
Multiple directory traversal vulnerabilities in server.rb in Sprockets before 2.0.5, 2.1.x before 2.1.4, 2.2.x before 2.2.3, 2.3.x before 2.3.3, 2.4.x before 2.4.6, 2.5.x before 2.5.1, 2.6.x and 2.7.…
|
CWE-22
Path Traversal
|
CVE-2014-7819
|
2024-11-21 11:18 |
2014-11-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
280144
|
- |
|
rubyonrails
opensuse
|
ruby_on_rails
rails
opensuse
|
Directory traversal vulnerability in actionpack/lib/action_dispatch/middleware/static.rb in Action Pack in Ruby on Rails 3.x before 3.2.20, 4.0.x before 4.0.11, 4.1.x before 4.1.7, and 4.2.x before 4…
|
CWE-22
Path Traversal
|
CVE-2014-7818
|
2024-11-21 11:18 |
2014-11-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
280145
|
- |
|
cisco
|
ios_xe
air-ct5760
ws-c3850
ws-c3860
|
Cisco IOS XE 3.5E and earlier on WS-C3850, WS-C3860, and AIR-CT5760 devices does not properly parse the "request system shell" challenge response, which allows local users to obtain Linux root access…
|
CWE-20
Improper Input Validation
|
CVE-2014-7990
|
2024-11-21 11:18 |
2014-11-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
280146
|
- |
|
cisco
|
b460_m4
b420_m3
b260_m4
b200_m3
b200_m4
b22_m3
b230_m2
b440_m2
|
Cisco Unified Computing System on B-Series blade servers allows local users to gain shell privileges via a crafted (1) ping6 or (2) traceroute6 command, aka Bug ID CSCuq38176.
|
CWE-20
Improper Input Validation
|
CVE-2014-7989
|
2024-11-21 11:18 |
2014-11-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
280147
|
- |
|
cisco
|
unity_connection
|
The Unified Messaging Service (UMS) in Cisco Unity Connection 10.5 and earlier allows remote authenticated users to obtain sensitive information by reading log files, aka Bug ID CSCur06493.
|
CWE-200
Information Exposure
|
CVE-2014-7988
|
2024-11-21 11:18 |
2014-11-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
280148
|
- |
|
french_national_commission_on_informatics_and_liberty
|
cookieviz
|
Cross-site scripting (XSS) vulnerability in json.php in French National Commission on Informatics and Liberty (aka CNIL) CookieViz allows remote we servers to inject arbitrary web script or HTML via …
|
CWE-79
Cross-site Scripting
|
CVE-2014-8352
|
2024-11-21 11:18 |
2014-11-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
280149
|
- |
|
french_national_commission_on_informatics_and_liberty
|
cookieviz
|
SQL injection vulnerability in info.php in French National Commission on Informatics and Liberty (aka CNIL) CookieViz before 1.0.1 allows remote web servers to execute arbitrary SQL commands via the …
|
CWE-89
SQL Injection
|
CVE-2014-8351
|
2024-11-21 11:18 |
2014-11-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
280150
|
- |
|
ait-pro
|
bulletproof_security
|
SQL injection vulnerability in admin/htaccess/bpsunlock.php in the BulletProof Security plugin before .51.1 for WordPress allows remote authenticated users to execute arbitrary SQL commands via the t…
|
CWE-89
SQL Injection
|
CVE-2014-7959
|
2024-11-21 11:18 |
2014-11-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
