|
278941
|
- |
|
google
|
chrome
|
components/navigation_interception/intercept_navigation_resource_throttle.cc in Google Chrome before 40.0.2214.91 on Android does not properly restrict use of intent: URLs to open an application afte…
|
CWE-284
Improper Access Control
|
CVE-2014-9648
|
2024-11-21 11:21 |
2015-01-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
278942
|
- |
|
google
|
chrome
|
Use-after-free vulnerability in PDFium, as used in Google Chrome before 40.0.2214.91, allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted PDF …
|
NVD-CWE-Other
|
CVE-2014-9647
|
2024-11-21 11:21 |
2015-01-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
278943
|
- |
|
google
|
chrome
|
Unquoted Windows search path vulnerability in the GoogleChromeDistribution::DoPostUninstallOperations function in installer/util/google_chrome_distribution.cc in the uninstall-survey feature in Googl…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2014-9646
|
2024-11-21 11:21 |
2015-01-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
278944
|
- |
|
mantisbt
|
mantisbt
|
SQL injection vulnerability in manage_user_page.php in MantisBT before 1.2.19 and 1.3.x before 1.3.0-beta.2 allows remote administrators with FILE privileges to execute arbitrary SQL commands via the…
|
CWE-89
SQL Injection
|
CVE-2014-9573
|
2024-11-21 11:21 |
2015-01-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
278945
|
- |
|
mantisbt
|
mantisbt
|
MantisBT before 1.2.19 and 1.3.x before 1.3.0-beta.2 does not properly restrict access to /*/install.php, which allows remote attackers to obtain database credentials via the install parameter with t…
|
CWE-284
Improper Access Control
|
CVE-2014-9572
|
2024-11-21 11:21 |
2015-01-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
278946
|
- |
|
mantisbt
|
mantisbt
|
Cross-site scripting (XSS) vulnerability in admin/install.php in MantisBT before 1.2.19 and 1.3.x before 1.3.0-beta.2 allows remote attackers to inject arbitrary web script or HTML via the (1) admin_…
|
CWE-79
Cross-site Scripting
|
CVE-2014-9571
|
2024-11-21 11:21 |
2015-01-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
278947
|
- |
|
xiph
opensuse
|
vorbis-tools
opensuse
|
oggenc/oggenc.c in vorbis-tools 1.4.0 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted raw file.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2014-9640
|
2024-11-21 11:21 |
2015-01-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
278948
|
- |
|
xiph
fedoraproject
opensuse
|
vorbis-tools
fedora
opensuse
|
Integer overflow in oggenc in vorbis-tools 1.4.0 allows remote attackers to cause a denial of service (crash) via a crafted number of channels in a WAV file, which triggers an out-of-bounds memory ac…
|
NVD-CWE-Other
|
CVE-2014-9639
|
2024-11-21 11:21 |
2015-01-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
278949
|
- |
|
fedoraproject
opensuse
xiph
|
fedora
opensuse
vorbis-tools
|
oggenc in vorbis-tools 1.4.0 allows remote attackers to cause a denial of service (divide-by-zero error and crash) via a WAV file with the number of channels set to zero.
|
NVD-CWE-Other
|
CVE-2014-9638
|
2024-11-21 11:21 |
2015-01-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
278950
|
- |
|
redhat
openstack
|
openstack
image_registry_and_delivery_service_\(glance\)
|
OpenStack Glance 2014.2.x through 2014.2.1, 2014.1.3, and earlier allows remote authenticated users to bypass the storage quota and cause a denial of service (disk consumption) by deleting an image i…
|
CWE-399
Resource Management Errors
|
CVE-2014-9623
|
2024-11-21 11:21 |
2015-01-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
