|
278571
|
- |
|
mantisbt
|
mantisbt
|
MantisBT before 1.2.19 and 1.3.x before 1.3.0-beta.2 does not properly restrict access to /*/install.php, which allows remote attackers to obtain database credentials via the install parameter with t…
|
CWE-284
Improper Access Control
|
CVE-2014-9572
|
2024-11-21 11:21 |
2015-01-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
278572
|
- |
|
mantisbt
|
mantisbt
|
Cross-site scripting (XSS) vulnerability in admin/install.php in MantisBT before 1.2.19 and 1.3.x before 1.3.0-beta.2 allows remote attackers to inject arbitrary web script or HTML via the (1) admin_…
|
CWE-79
Cross-site Scripting
|
CVE-2014-9571
|
2024-11-21 11:21 |
2015-01-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
278573
|
- |
|
xiph
opensuse
|
vorbis-tools
opensuse
|
oggenc/oggenc.c in vorbis-tools 1.4.0 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted raw file.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2014-9640
|
2024-11-21 11:21 |
2015-01-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
278574
|
- |
|
xiph
fedoraproject
opensuse
|
vorbis-tools
fedora
opensuse
|
Integer overflow in oggenc in vorbis-tools 1.4.0 allows remote attackers to cause a denial of service (crash) via a crafted number of channels in a WAV file, which triggers an out-of-bounds memory ac…
|
NVD-CWE-Other
|
CVE-2014-9639
|
2024-11-21 11:21 |
2015-01-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
278575
|
- |
|
fedoraproject
opensuse
xiph
|
fedora
opensuse
vorbis-tools
|
oggenc in vorbis-tools 1.4.0 allows remote attackers to cause a denial of service (divide-by-zero error and crash) via a WAV file with the number of channels set to zero.
|
NVD-CWE-Other
|
CVE-2014-9638
|
2024-11-21 11:21 |
2015-01-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
278576
|
- |
|
redhat
openstack
|
openstack
image_registry_and_delivery_service_\(glance\)
|
OpenStack Glance 2014.2.x through 2014.2.1, 2014.1.3, and earlier allows remote authenticated users to bypass the storage quota and cause a denial of service (disk consumption) by deleting an image i…
|
CWE-399
Resource Management Errors
|
CVE-2014-9623
|
2024-11-21 11:21 |
2015-01-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
278577
|
- |
|
gentoo
|
xdg-utils
|
Eval injection vulnerability in xdg-utils 1.1.0 RC1, when no supported desktop environment is identified, allows context-dependent attackers to execute arbitrary code via the URL argument to xdg-open.
|
CWE-77
Command Injection
|
CVE-2014-9622
|
2024-11-21 11:21 |
2015-01-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
278578
|
- |
|
file_project
|
file
|
The ELF parser in file 5.16 through 5.21 allows remote attackers to cause a denial of service via a long string.
|
CWE-399
Resource Management Errors
|
CVE-2014-9621
|
2024-11-21 11:21 |
2015-01-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
278579
|
- |
|
file_project
|
file
|
The ELF parser in file 5.08 through 5.21 allows remote attackers to cause a denial of service via a large number of notes.
|
CWE-399
Resource Management Errors
|
CVE-2014-9620
|
2024-11-21 11:21 |
2015-01-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
278580
|
- |
|
videolan
|
vlc_media_player
|
The picture_Release function in misc/picture.c in VideoLAN VLC media player 2.1.5 allows remote attackers to execute arbitrary code or cause a denial of service (write access violation) via a crafted…
|
CWE-20
Improper Input Validation
|
CVE-2014-9598
|
2024-11-21 11:21 |
2015-01-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
