|
279381
|
7.8 |
HIGH
Local
|
redhat
debian
bsd_mailx_project
|
enterprise_linux_desktop
enterprise_linux_workstation
enterprise_linux_server
enterprise_linux_server_aus
enterprise_linux_server_eus
enterprise_linux_server_tus
debian_linux
bsd…
|
BSD mailx 8.1.2 and earlier allows remote attackers to execute arbitrary commands via a crafted email address.
|
CWE-74
Injection
|
CVE-2014-7844
|
2024-11-21 11:18 |
2020-01-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
279382
|
9.8 |
CRITICAL
Network
|
helpdezk
|
helpdezk
|
Unrestricted file upload vulnerability in includes/classes/uploadify-v2.1.4/uploadify.php in HelpDEZk 1.0.1 and earlier allows remote attackers to execute arbitrary code by uploading a file with an e…
|
CWE-434
Unrestricted Upload of File with Dangerous Type
|
CVE-2014-8337
|
2024-11-21 11:18 |
2020-01-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
279383
|
7.5 |
HIGH
Network
|
openldap
debian
|
openldap
debian_linux
|
An off-by-one error leading to a crash was discovered in openldap 2.4 when processing DNS SRV messages. If slapd was configured to use the dnssrv backend, an attacker could crash the service with cra…
|
CWE-193
Off-by-one Error
|
CVE-2014-8182
|
2024-11-21 11:18 |
2020-01-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
279384
|
7.5 |
HIGH
Network
|
docker
opensuse
|
cs_engine
docker
opensuse
|
Docker Engine before 1.8.3 and CS Docker Engine before 1.6.2-CS7 does not properly validate and extract the manifest object from its JSON representation during a pull, which allows attackers to injec…
|
CWE-20
Improper Input Validation
|
CVE-2014-8179
|
2024-11-21 11:18 |
2019-12-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
279385
|
5.5 |
MEDIUM
Local
|
docker
opensuse
|
cs_engine
docker
opensuse
|
Docker Engine before 1.8.3 and CS Docker Engine before 1.6.2-CS7 do not use a globally unique identifier to store image layers, which makes it easier for attackers to poison the image cache via a cra…
|
CWE-20
Improper Input Validation
|
CVE-2014-8178
|
2024-11-21 11:18 |
2019-12-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
279386
|
8.8 |
HIGH
Network
|
dasanzhone
|
znid_2426a_firmware
|
The web administrative portal in Zhone zNID 2426A before S3.0.501 allows remote authenticated users to bypass intended access restrictions via a modified server response, related to an insecure direc…
|
CWE-639
Authorization Bypass Through User-Controlled Key
|
CVE-2014-8356
|
2024-11-21 11:18 |
2019-11-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
279387
|
5.9 |
MEDIUM
Network
|
redhat
|
enterprise_virtualization
vdsclient
virtual_desktop_server_manager
|
vdsm and vdsclient does not validate certficate hostname from another vdsm which could facilitate a man-in-the-middle attack
|
CWE-295
Improper Certificate Validation
|
CVE-2014-8167
|
2024-11-21 11:18 |
2019-11-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
279388
|
5.5 |
MEDIUM
Local
|
redhat
|
enterprise_linux
enterprise_mrg
|
The kernel in Red Hat Enterprise Linux 7 and MRG-2 does not clear garbage data for SG_IO buffer, which may leaking sensitive information to userspace.
|
CWE-665
Improper Initialization
|
CVE-2014-8181
|
2024-11-21 11:18 |
2019-11-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
279389
|
7.8 |
HIGH
Local
|
liblouis
|
liblouis
|
A vulnerability was found in liblouis, versions 2.5.x before 2.5.4. A stack-based buffer overflow was found in findTable() in liblouis. An attacker could create a malicious file that would cause appl…
|
-
|
CVE-2014-8184
|
2024-11-21 11:18 |
2019-08-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
279390
|
7.4 |
HIGH
Network
|
theforeman
redhat
|
foreman
satellite
|
It was found that foreman, versions 1.x.x before 1.15.6, in Satellite 6 did not properly enforce access controls on certain resources. An attacker with access to the API and knowledge of the resource…
|
-
|
CVE-2014-8183
|
2024-11-21 11:18 |
2019-08-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
