|
286231
|
- |
|
redhat
jboss
|
jboss_data_virtualization
teiid
|
Teiid before 8.4.3 and before 8.7 and Red Hat JBoss Data Virtualization 6.0.0 before patch 3 allows remote attackers to read arbitrary files via a crafted request to a REST endpoint, related to an XM…
|
NVD-CWE-Other
|
CVE-2014-0170
|
2024-11-21 11:01 |
2014-09-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
286232
|
- |
|
linux
|
linux_kernel
|
The futex_wait function in kernel/futex.c in the Linux kernel before 2.6.37 does not properly maintain a certain reference count during requeue operations, which allows local users to cause a denial …
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2014-0205
|
2024-11-21 11:01 |
2014-09-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
286233
|
- |
|
fortinet
|
fortios
|
The FortiManager protocol service in Fortinet FortiOS before 4.3.16 and 5.x before 5.0.8 on FortiGate devices does not prevent use of anonymous ciphersuites, which makes it easier for man-in-the-midd…
|
CWE-310
Cryptographic Issues
|
CVE-2014-0351
|
2024-11-21 11:01 |
2014-09-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
286234
|
- |
|
ovirt
|
ovirt
|
The REST API in oVirt 3.4.0 and earlier stores session IDs in HTML5 local storage, which allows remote attackers to obtain sensitive information via a crafted web page.
|
CWE-200
Information Exposure
|
CVE-2014-0153
|
2024-11-21 11:01 |
2014-09-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
286235
|
- |
|
ovirt
redhat
|
ovirt
ovirt-engine
|
Session fixation vulnerability in the web admin interface in oVirt 3.4.0 and earlier allows remote attackers to hijack web sessions via unspecified vectors.
|
NVD-CWE-Other
|
CVE-2014-0152
|
2024-11-21 11:01 |
2014-09-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
286236
|
- |
|
apache
|
ofbiz
|
Multiple cross-site scripting (XSS) vulnerabilities in framework/common/webcommon/includes/messages.ftl in Apache OFBiz 11.04.01 before 11.04.05 and 12.04.01 before 12.04.04 allow remote attackers to…
|
CWE-79
Cross-site Scripting
|
CVE-2014-0232
|
2024-11-21 11:01 |
2014-08-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
286237
|
- |
|
iridium
|
open_port
pilot_below_deck_equipment
|
The Terminal Upgrade Tool in the Pilot Below Deck Equipment (BDE) and OpenPort implementations on Iridium satellite terminals allows remote attackers to execute arbitrary code by uploading new firmwa…
|
NVD-CWE-Other
|
CVE-2014-0327
|
2024-11-21 11:01 |
2014-08-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
286238
|
- |
|
iridium
|
open_port
pilot_below_deck_equipment
|
The Pilot Below Deck Equipment (BDE) and OpenPort implementations on Iridium satellite terminals allow remote attackers to read hardcoded credentials via the web interface.
|
NVD-CWE-Other
|
CVE-2014-0326
|
2024-11-21 11:01 |
2014-08-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
286239
|
- |
|
cobham
|
ailor_6110_mini-c_gmdss
sailor_6006_message_terminal
sailor_6222_vhf
sailor_6300_mf_\/_hf
|
The thraneLINK protocol implementation on Cobham devices does not verify firmware signatures, which allows attackers to execute arbitrary code by leveraging physical access or terminal access to send…
|
NVD-CWE-Other
|
CVE-2014-0328
|
2024-11-21 11:01 |
2014-08-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
286240
|
- |
|
microsoft
|
windows_server_2008
windows_rt
windows_8.1
windows_7
windows_rt_8.1
windows_vista
windows_8
windows_server_2012
windows_server_2003
|
win32k.sys in the kernel-mode drivers in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and …
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2014-0318
|
2024-11-21 11:01 |
2014-08-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
