|
278701
|
- |
|
gnu
canonical
opensuse
|
glibc
ubuntu_linux
opensuse
|
The nss_dns implementation of getnetbyname in GNU C Library (aka glibc) before 2.21, when the DNS backend in the Name Service Switch configuration is enabled, allows remote attackers to cause a denia…
|
CWE-399
Resource Management Errors
|
CVE-2014-9402
|
2024-11-21 11:20 |
2015-02-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
278702
|
- |
|
instantasp
|
instantforum
|
Multiple cross-site scripting (XSS) vulnerabilities in InstantASP InstantForum.NET 4.1.3, 4.1.2, 4.1.1, 4.0.0, 4.1.0, and 3.4.0 allow remote attackers to inject arbitrary web script or HTML via the S…
|
CWE-79
Cross-site Scripting
|
CVE-2014-9468
|
2024-11-21 11:20 |
2015-02-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
278703
|
- |
|
fedoraproject
zarafa
|
fedora
zarafa_collaboration_platform
webapp
|
senddocument.php in Zarafa WebApp before 2.0 beta 3 and WebAccess in Zarafa Collaboration Platform (ZCP) 7.x before 7.1.12 beta 1 and 7.2.x before 7.2.0 beta 1 allows remote attackers to cause a deni…
|
CWE-399
Resource Management Errors
|
CVE-2014-9465
|
2024-11-21 11:20 |
2015-02-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
278704
|
- |
|
mit
|
kerberos_5
|
The svcauth_gss_accept_sec_context function in lib/rpc/svc_auth_gss.c in MIT Kerberos 5 (aka krb5) 1.11.x through 1.11.5, 1.12.x through 1.12.2, and 1.13.x before 1.13.1 transmits uninitialized inter…
|
CWE-200
Information Exposure
|
CVE-2014-9423
|
2024-11-21 11:20 |
2015-02-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
278705
|
- |
|
mit
|
kerberos_5
|
The check_rpcsec_auth function in kadmin/server/kadm_rpc_svc.c in kadmind in MIT Kerberos 5 (aka krb5) through 1.11.5, 1.12.x through 1.12.2, and 1.13.x before 1.13.1 allows remote authenticated user…
|
CWE-284
Improper Access Control
|
CVE-2014-9422
|
2024-11-21 11:20 |
2015-02-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
278706
|
- |
|
mit
|
kerberos_5
|
The auth_gssapi_unwrap_data function in lib/rpc/auth_gssapi_misc.c in MIT Kerberos 5 (aka krb5) through 1.11.5, 1.12.x through 1.12.2, and 1.13.x before 1.13.1 does not properly handle partial XDR de…
|
NVD-CWE-Other
|
CVE-2014-9421
|
2024-11-21 11:20 |
2015-02-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
278707
|
- |
|
open-xchange
|
open-xchange_appsuite
|
Open-Xchange (OX) AppSuite and Server before 7.4.2-rev42, 7.6.0 before 7.6.0-rev36, and 7.6.1 before 7.6.1-rev14 does not properly handle directory permissions, which allows remote authenticated user…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2014-9466
|
2024-11-21 11:20 |
2015-02-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
278708
|
- |
|
lexmark
|
markvision_enterprise
|
Directory traversal vulnerability in the LibraryFileUploadServlet servlet in Lexmark Markvision Enterprise allows remote authenticated users to write to and execute arbitrary files via a .. (dot dot)…
|
CWE-22
Path Traversal
|
CVE-2014-9375
|
2024-11-21 11:20 |
2015-02-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
278709
|
- |
|
ge
mactek
|
svi_ii_ap_positioner_device_type_manager
12400_level_transmitter_device_type_manager
vector_device_type_manager
bullet_device_type_manager
|
Buffer overflow in the Field Device Tool (FDT) Frame application in the HART Device Type Manager (DTM) library, as used in MACTek Bullet DTM 1.00.0, GE Vector DTM 1.00.0, GE SVi1000 Positioner DTM 1.…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2014-9203
|
2024-11-21 11:20 |
2015-02-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
278710
|
- |
|
netapp
|
oncommand_balance
|
NetApp OnCommand Balance before 4.2P3 allows local users to obtain sensitive information via unspecified vectors related to cleartext storage.
|
CWE-200
Information Exposure
|
CVE-2014-9354
|
2024-11-21 11:20 |
2015-02-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
