|
278961
|
- |
|
ffmpeg
|
ffmpeg
|
libavcodec/xface.h in FFmpeg before 2.5.2 establishes certain digits and words array dimensions that do not satisfy a required mathematical relationship, which allows remote attackers to cause a deni…
|
CWE-189
Numeric Errors
|
CVE-2014-9602
|
2024-11-21 11:21 |
2015-01-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
278962
|
- |
|
python
oracle
fedoraproject
opensuse
|
pillow
solaris
fedora
opensuse
|
Pillow before 2.7.0 allows remote attackers to cause a denial of service via a compressed text chunk in a PNG image that has a large size when it is decompressed.
|
CWE-20
Improper Input Validation
|
CVE-2014-9601
|
2024-11-21 11:21 |
2015-01-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
278963
|
- |
|
libsndfile_project
opensuse
debian
canonical
oracle
|
libsndfile
opensuse
debian_linux
ubuntu_linux
solaris
|
The sd2_parse_rsrc_fork function in sd2.c in libsndfile allows attackers to have unspecified impact via vectors related to a (1) map offset or (2) rsrc marker, which triggers an out-of-bounds read.
|
NVD-CWE-noinfo
|
CVE-2014-9496
|
2024-11-21 11:21 |
2015-01-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
278964
|
- |
|
macroplant
|
iexplorer
|
Untrusted search path vulnerability in Macroplant iExplorer 3.6.3.0 allows local users to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse itunesmobiledevice.dll.
|
NVD-CWE-Other
|
CVE-2014-9600
|
2024-11-21 11:21 |
2015-01-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
278965
|
- |
|
b2evolution
|
b2evolution
|
Cross-site scripting (XSS) vulnerability in the filemanager in b2evolution before 5.2.1 allows remote attackers to inject arbitrary web script or HTML via the fm_filter parameter to blogs/admin.php.
|
CWE-79
Cross-site Scripting
|
CVE-2014-9599
|
2024-11-21 11:21 |
2015-01-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
278966
|
- |
|
panasonic
|
arbitrator_back-end_server_mk_3.0_vpu_firmware
arbitrator_back-end_server_mk_3.0_vpu
arbitrator_back-end_server_mk_2.0_vpu_firmware
arbitrator_back-end_server_mk_2.0_vpu
|
Panasonic Arbitrator Back-End Server (BES) MK 2.0 VPU before 9.3.1 build 4.08.003.0, when USB Wi-Fi or Direct LAN is enabled, and MK 3.0 VPU before 9.3.1 build 5.06.000.0, when Embedded Wi-Fi or Dire…
|
CWE-310
Cryptographic Issues
|
CVE-2014-9596
|
2024-11-21 11:21 |
2015-01-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
278967
|
- |
|
sap
|
sap_kernel
|
Buffer overflow in the SAP NetWeaver Dispatcher in SAP Kernel 7.00 32-bit and 7.40 64-bit allows remote authenticated users to cause a denial of service or possibly execute arbitrary code via unspeci…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2014-9595
|
2024-11-21 11:21 |
2015-01-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
278968
|
- |
|
sap
|
sap_kernel
|
Buffer overflow in the SAP NetWeaver Dispatcher in SAP Kernel 7.00 32-bit and 7.40 64-bit allows remote authenticated users to cause a denial of service or possibly execute arbitrary code via unspeci…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2014-9594
|
2024-11-21 11:21 |
2015-01-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
278969
|
- |
|
apache
|
cloudstack
|
Apache CloudStack before 4.3.2 and 4.4.x before 4.4.2 allows remote attackers to obtain private keys via a listSslCerts API call.
|
CWE-200
Information Exposure
|
CVE-2014-9593
|
2024-11-21 11:21 |
2015-01-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
278970
|
- |
|
roundcube
|
webmail
|
Multiple cross-site request forgery (CSRF) vulnerabilities in Roundcube Webmail before 1.0.4 allow remote attackers to hijack the authentication of unspecified victims via unknown vectors, related to…
|
CWE-352
Origin Validation Error
|
CVE-2014-9587
|
2024-11-21 11:21 |
2015-01-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
