|
287061
|
- |
|
microsoft
|
project_server
sharepoint_foundation
web_applications
sharepoint_server
sharepoint_designer
office_web_apps_server
sharepoint_services
sharepoint_server_client_components_sdk
|
Microsoft Windows SharePoint Services 3.0 SP3; SharePoint Server 2007 SP3, 2010 SP1 and SP2, and 2013 Gold and SP1; SharePoint Foundation 2010 SP1 and SP2 and 2013 Gold and SP1; Project Server 2010 S…
|
CWE-94
Code Injection
|
CVE-2014-0251
|
2024-11-21 11:01 |
2014-05-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
287062
|
- |
|
theforeman
|
foreman
|
Foreman 1.4.0 before 1.5.0 does not properly restrict access to provisioning template previews, which allows remote attackers to obtain sensitive information via the hostname parameter, related to "s…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2014-0192
|
2024-11-21 11:01 |
2014-05-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
287063
|
- |
|
qt
fedoraproject
opensuse
canonical
|
qt
fedora
opensuse
ubuntu_linux
|
The GIF decoder in QtGui in Qt before 5.3 allows remote attackers to cause a denial of service (NULL pointer dereference) via invalid width and height values in a GIF image.
|
CWE-476
NULL Pointer Dereference
|
CVE-2014-0190
|
2024-11-21 11:01 |
2014-05-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
287064
|
- |
|
theforeman
|
kafo
|
Kafo before 0.3.17 and 0.4.x before 0.5.2, as used by Foreman, uses world-readable permissions for default_values.yaml, which allows local users to obtain passwords and other sensitive information by…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2014-0135
|
2024-11-21 11:01 |
2014-05-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
287065
|
- |
|
openstack
|
compute
|
The instance rescue mode in OpenStack Compute (Nova) 2013.2 before 2013.2.3 and Icehouse before 2014.1, when using libvirt to spawn images and use_cow_images is set to false, allows remote authentica…
|
CWE-200
Information Exposure
|
CVE-2014-0134
|
2024-11-21 11:01 |
2014-05-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
287066
|
- |
|
apache
|
cxf
|
Apache CXF before 2.6.14 and 2.7.x before 2.7.11 allows remote attackers to cause a denial of service (/tmp disk consumption) via a large invalid SOAP message.
|
CWE-399
Resource Management Errors
|
CVE-2014-0110
|
2024-11-21 11:01 |
2014-05-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
287067
|
- |
|
apache
|
cxf
|
Apache CXF before 2.6.14 and 2.7.x before 2.7.11 allows remote attackers to cause a denial of service (memory consumption) via a large request with the Content-Type set to text/html to a SOAP endpoin…
|
CWE-399
Resource Management Errors
|
CVE-2014-0109
|
2024-11-21 11:01 |
2014-05-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
287068
|
- |
|
theforeman
|
foreman
|
Session fixation vulnerability in Foreman before 1.4.2 allows remote attackers to hijack web sessions via the session id cookie.
|
CWE-287
Improper Authentication
|
CVE-2014-0090
|
2024-11-21 11:01 |
2014-05-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
287069
|
- |
|
openstack
canonical
|
neutron
ubuntu_linux
|
The l3-agent in OpenStack Neutron 2012.2 before 2013.2.3 does not check the tenant id when creating ports, which allows remote authenticated users to plug ports into the routers of arbitrary tenants …
|
CWE-287
Improper Authentication
|
CVE-2014-0056
|
2024-11-21 11:01 |
2014-05-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
287070
|
- |
|
google
|
search_appliance_software
|
Cross-site scripting (XSS) vulnerability on Google Search Appliance (GSA) devices before 7.0.14.G.216 and 7.2 before 7.2.0.G.114, when dynamic navigation is configured, allows remote attackers to inj…
|
CWE-79
Cross-site Scripting
|
CVE-2014-0362
|
2024-11-21 11:01 |
2014-05-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
