|
278641
|
7.8 |
HIGH
Local
|
videolan
|
vlc_media_player
|
The rtp_packetize_xiph_config function in modules/stream_out/rtpfmt.c in VideoLAN VLC media player before 2.1.6 uses a stack-allocation approach with a size determined by arbitrary input data, which …
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2014-9630
|
2024-11-21 11:21 |
2020-01-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
278642
|
7.8 |
HIGH
Local
|
videolan
|
vlc_media_player
|
Integer overflow in the Encode function in modules/codec/schroedinger.c in VideoLAN VLC media player before 2.1.6 and 2.2.x before 2.2.1 allows remote attackers to conduct buffer overflow attacks and…
|
CWE-120
Classic Buffer Overflow
|
CVE-2014-9629
|
2024-11-21 11:21 |
2020-01-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
278643
|
7.8 |
HIGH
Local
|
videolan
|
vlc_media_player
|
The MP4_ReadBox_String function in modules/demux/mp4/libmp4.c in VideoLAN VLC media player before 2.1.6 allows remote attackers to trigger an unintended zero-size malloc and conduct buffer overflow a…
|
CWE-120
Classic Buffer Overflow
|
CVE-2014-9628
|
2024-11-21 11:21 |
2020-01-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
278644
|
7.8 |
HIGH
Local
|
videolan
|
vlc_media_player
|
The MP4_ReadBox_String function in modules/demux/mp4/libmp4.c in VideoLAN VLC media player before 2.1.6 performs an incorrect cast operation from a 64-bit integer to a 32-bit integer, which allows re…
|
CWE-704
Incorrect Type Conversion or Cast
|
CVE-2014-9627
|
2024-11-21 11:21 |
2020-01-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
278645
|
7.8 |
HIGH
Local
|
videolan
|
vlc_media_player
|
Integer underflow in the MP4_ReadBox_String function in modules/demux/mp4/libmp4.c in VideoLAN VLC media player before 2.1.6 allows remote attackers to cause a denial of service or possibly have unsp…
|
CWE-191
Integer Underflow (Wrap or Wraparound)
|
CVE-2014-9626
|
2024-11-21 11:21 |
2020-01-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
278646
|
7.8 |
HIGH
Local
|
videolan
|
vlc_media_player
|
The GetUpdateFile function in misc/update.c in the Updater in VideoLAN VLC media player before 2.1.6 performs an incorrect cast operation from a 64-bit integer to a 32-bit integer, which allows remot…
|
CWE-120
Classic Buffer Overflow
|
CVE-2014-9625
|
2024-11-21 11:21 |
2020-01-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
278647
|
6.5 |
MEDIUM
Network
|
tornadoweb
|
tornado
|
Tornado before 3.2.2 sends arbitrary responses that contain a fixed CSRF token and may be sent with HTTP compression, which makes it easier for remote attackers to conduct a BREACH attack and determi…
|
CWE-203
Information Exposure Through Discrepancy
|
CVE-2014-9720
|
2024-11-21 11:21 |
2020-01-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
278648
|
6.5 |
MEDIUM
Adjacent
|
google
|
android
|
A Denial of Service vulnerability exists in Google Android 4.4.4, 5.0.2, and 5.1.1, which allows malicious users to block Bluetooh access (Android Bug ID A-28672558).
|
NVD-CWE-noinfo
|
CVE-2014-9908
|
2024-11-21 11:21 |
2020-01-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
278649
|
7.5 |
HIGH
Network
|
makerbot
|
replicator_5th_generation_firmware
|
The MakerBot Replicator 5G printer runs an Apache HTTP Server with directory indexing enabled. Apache logs, system logs, design files (i.e., a history of print files), and more are exposed to unauthe…
|
CWE-200
Information Exposure
|
CVE-2014-9699
|
2024-11-21 11:21 |
2019-06-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
278650
|
6.1 |
MEDIUM
Network
|
bilboplanet
|
bilboplanet
|
An issue was discovered in Bilboplanet 2.0. Stored XSS exists in the fullname parameter to signup.php.
|
CWE-79
Cross-site Scripting
|
CVE-2014-9919
|
2024-11-21 11:21 |
2019-05-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
