|
289241
|
- |
|
php
debian
|
php
debian_linux
|
The SPL component in PHP before 5.4.30 and 5.5.x before 5.5.14 incorrectly anticipates that certain data structures will have the array data type after unserialization, which allows remote attackers …
|
NVD-CWE-noinfo
|
CVE-2014-3515
|
2024-11-21 11:08 |
2014-07-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
289242
|
- |
|
php
file_project
debian
opensuse
oracle
|
php
file
debian_linux
opensuse
linux
|
The cdf_read_property_info function in file before 5.19, as used in the Fileinfo component in PHP before 5.4.30 and 5.5.x before 5.5.14, does not properly validate a stream offset, which allows remot…
|
CWE-20
Improper Input Validation
|
CVE-2014-3487
|
2024-11-21 11:08 |
2014-07-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
289243
|
- |
|
php
file_project
debian
opensuse
oracle
|
php
file
debian_linux
opensuse
linux
|
The cdf_count_chain function in cdf.c in file before 5.19, as used in the Fileinfo component in PHP before 5.4.30 and 5.5.x before 5.5.14, does not properly validate sector-count data, which allows r…
|
NVD-CWE-noinfo
|
CVE-2014-3480
|
2024-11-21 11:08 |
2014-07-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
289244
|
- |
|
php
file_project
debian
opensuse
oracle
|
php
file
debian_linux
opensuse
linux
|
The cdf_check_stream_offset function in cdf.c in file before 5.19, as used in the Fileinfo component in PHP before 5.4.30 and 5.5.x before 5.5.14, relies on incorrect sector-size data, which allows r…
|
NVD-CWE-noinfo
|
CVE-2014-3479
|
2024-11-21 11:08 |
2014-07-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
289245
|
- |
|
christos_zoulas
php
|
file
php
|
Buffer overflow in the mconvert function in softmagic.c in file before 5.19, as used in the Fileinfo component in PHP before 5.4.30 and 5.5.x before 5.5.14, allows remote attackers to cause a denial …
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2014-3478
|
2024-11-21 11:08 |
2014-07-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
289246
|
- |
|
redhat
|
cloudforms_3.0_management_engine
|
lib/util/miq-password.rb in Red Hat CloudForms 3.0 Management Engine (CFME) before 5.2.4.2 uses a hard-coded salt, which makes it easier for remote attackers to guess passwords via a brute force atta…
|
CWE-255
Credentials Management
|
CVE-2014-3489
|
2024-11-21 11:08 |
2014-07-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
289247
|
- |
|
redhat
|
cloudforms_3.0_management_engine
|
The (1) shell_exec function in lib/util/MiqSshUtilV1.rb and (2) temp_cmd_file function in lib/util/MiqSshUtilV2.rb in Red Hat CloudForms 3.0 Management Engine (CFME) before 5.2.4.2 allow local users …
|
CWE-59
Link Following
|
CVE-2014-3486
|
2024-11-21 11:08 |
2014-07-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
289248
|
- |
|
redhat
|
jboss_enterprise_application_platform
|
org.jboss.as.jaxrs.deployment.JaxrsIntegrationProcessor in Red Hat JBoss Enterprise Application Platform (JEAP) before 6.2.4 enables entity expansion, which allows remote attackers to read arbitrary …
|
CWE-200
Information Exposure
|
CVE-2014-3481
|
2024-11-21 11:08 |
2014-07-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
289249
|
- |
|
rubyonrails
|
rails
|
SQL injection vulnerability in activerecord/lib/active_record/connection_adapters/postgresql/quoting.rb in the PostgreSQL adapter for Active Record in Ruby on Rails 4.x before 4.0.7 and 4.1.x before …
|
CWE-89
SQL Injection
|
CVE-2014-3483
|
2024-11-21 11:08 |
2014-07-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
289250
|
- |
|
rubyonrails
|
ruby_on_rails
rails
|
SQL injection vulnerability in activerecord/lib/active_record/connection_adapters/postgresql_adapter.rb in the PostgreSQL adapter for Active Record in Ruby on Rails 2.x and 3.x before 3.2.19 allows r…
|
CWE-89
SQL Injection
|
CVE-2014-3482
|
2024-11-21 11:08 |
2014-07-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
