|
288371
|
- |
|
redhat
|
rhevm-dwh
|
The setup script in ovirt-engine-dwh, as used in the Red Hat Enterprise Virtualization Manager data warehouse (rhevm-dwh) package before 3.3.3, stores the history database password in cleartext, whic…
|
CWE-255
Credentials Management
|
CVE-2014-0202
|
2024-11-21 11:01 |
2014-05-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
288372
|
- |
|
sosreport_project
|
sosreport
|
SOSreport stores the md5 hash of the GRUB bootloader password in an archive, which allows local users to obtain sensitive information by reading the archive.
|
CWE-255
Credentials Management
|
CVE-2014-0246
|
2024-11-21 11:01 |
2014-05-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
288373
|
- |
|
redhat
|
rhevm-reports
|
ovirt-engine-reports, as used in the Red Hat Enterprise Virtualization reports package (rhevm-reports) before 3.3.3, uses world-readable permissions on configuration files, which allows local users t…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2014-0201
|
2024-11-21 11:01 |
2014-05-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
288374
|
- |
|
redhat
|
rhevm-reports
|
The Red Hat Enterprise Virtualization Manager reports (rhevm-reports) package before 3.3.3-1 uses world-readable permissions on the datasource configuration file (js-jboss7-ds.xml), which allows loca…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2014-0200
|
2024-11-21 11:01 |
2014-05-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
288375
|
- |
|
redhat
|
rhevm-reports
|
The setup script in ovirt-engine-reports, as used in the Red Hat Enterprise Virtualization reports (rhevm-reports) package before 3.3.3, stores the reports database password in cleartext, which allow…
|
CWE-310
Cryptographic Issues
|
CVE-2014-0199
|
2024-11-21 11:01 |
2014-05-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
288376
|
- |
|
samba
|
samba
|
The internal DNS server in Samba 4.x before 4.0.18 does not check the QR field in the header section of an incoming DNS message before sending a response, which allows remote attackers to cause a den…
|
CWE-20
Improper Input Validation
|
CVE-2014-0239
|
2024-11-21 11:01 |
2014-05-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
288377
|
- |
|
samba
|
samba
|
Samba 3.6.6 through 3.6.23, 4.0.x before 4.0.18, and 4.1.x before 4.1.8, when a certain vfs shadow copy configuration is enabled, does not properly initialize the SRV_SNAPSHOT_ARRAY response field, w…
|
CWE-665
Improper Initialization
|
CVE-2014-0178
|
2024-11-21 11:01 |
2014-05-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
288378
|
- |
|
modwsgi
|
mod_wsgi
|
The mod_wsgi module before 3.5 for Apache, when daemon mode is enabled, does not properly handle error codes returned by setuid when run on certain Linux kernels, which allows local users to gain pri…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2014-0240
|
2024-11-21 11:01 |
2014-05-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
288379
|
- |
|
github
|
hub
|
The am function in lib/hub/commands.rb in hub before 1.12.1 allows local users to overwrite arbitrary files via a symlink attack on a temporary patch file.
|
CWE-310
Cryptographic Issues
|
CVE-2014-0177
|
2024-11-21 11:01 |
2014-05-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
288380
|
- |
|
moodle
|
moodle
|
Cross-site scripting (XSS) vulnerability in the URL downloader repository in repository/url/lib.php in Moodle through 2.3.11, 2.4.x before 2.4.10, 2.5.x before 2.5.6, and 2.6.x before 2.6.3 allows re…
|
CWE-79
Cross-site Scripting
|
CVE-2014-0218
|
2024-11-21 11:01 |
2014-05-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
