|
279521
|
- |
|
gnu
|
gnutls
|
GnuTLS before 2.9.10 does not verify the activation and expiration dates of CA certificates, which allows man-in-the-middle attackers to spoof servers via a certificate issued by a CA certificate tha…
|
CWE-17
Code
|
CVE-2014-8155
|
2024-11-21 11:18 |
2015-08-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
279522
|
- |
|
dhcpcd_project
|
dhcpcd
|
The print_option function in dhcp-common.c in dhcpcd through 6.9.1, as used in dhcp.c in dhcpcd 5.x in Android before 5.1 and other products, misinterprets the return value of the snprintf function, …
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2014-7913
|
2024-11-21 11:18 |
2015-07-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
279523
|
- |
|
dhcpcd_project
|
dhcpcd
|
The get_option function in dhcp.c in dhcpcd before 6.2.0, as used in dhcpcd 5.x in Android before 5.1 and other products, does not validate the relationship between length fields and the amount of da…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2014-7912
|
2024-11-21 11:18 |
2015-07-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
279524
|
- |
|
redhat
|
jboss_fuse
|
Red Hat JBoss Fuse before 6.2.0 allows remote authenticated users to bypass intended restrictions and access the HawtIO console by leveraging an account defined in the users.properties file.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2014-8175
|
2024-11-21 11:18 |
2015-07-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
279525
|
- |
|
openssl
|
openssl
|
The dtls1_clear_queues function in ssl/d1_lib.c in OpenSSL before 0.9.8za, 1.0.0 before 1.0.0m, and 1.0.1 before 1.0.1h frees data structures without considering that application data can arrive betw…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2014-8176
|
2024-11-21 11:18 |
2015-06-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
279526
|
- |
|
comodo
|
geekbuddy
|
Comodo GeekBuddy before 4.18.121 does not restrict access to the VNC server, which allows local users to gain privileges by connecting to the server.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2014-7872
|
2024-11-21 11:18 |
2015-06-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
279527
|
- |
|
debian
apache
|
debian_linux
tomcat
|
The Expression Language (EL) implementation in Apache Tomcat 6.x before 6.0.44, 7.x before 7.0.58, and 8.x before 8.0.16 does not properly consider the possibility of an accessible interface implemen…
|
CWE-284
Improper Access Control
|
CVE-2014-7810
|
2024-11-21 11:18 |
2015-06-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
279528
|
- |
|
apple
icu-project
|
watchos
mac_os_x
international_components_for_unicode
|
The resolveImplicitLevels function in common/ubidi.c in the Unicode Bidirectional Algorithm implementation in ICU4C in International Components for Unicode (ICU) before 55.1 uses an integer data type…
|
CWE-189
Numeric Errors
|
CVE-2014-8147
|
2024-11-21 11:18 |
2015-05-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
279529
|
- |
|
apple
icu-project
|
watchos
iphone_os
itunes
mac_os_x
international_components_for_unicode
|
The resolveImplicitLevels function in common/ubidi.c in the Unicode Bidirectional Algorithm implementation in ICU4C in International Components for Unicode (ICU) before 55.1 does not properly track d…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2014-8146
|
2024-11-21 11:18 |
2015-05-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
279530
|
- |
|
infocus
|
in3128hd_firmware
|
The InFocus IN3128HD projector with firmware 0.26 does not restrict access to cgi-bin/webctrl.cgi.elf, which allows remote attackers to modify the DHCP server and device IP configuration, reboot the …
|
NVD-CWE-Other
|
CVE-2014-8384
|
2024-11-21 11:18 |
2015-05-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
