|
280121
|
9.1 |
CRITICAL
Network
|
redhat
|
cloudforms_management_engine
|
A insecure configuration for certificate verification (http.verify_mode = OpenSSL::SSL::VERIFY_NONE) may lead to verification bypass in Red Hat CloudForms 5.x.
|
CWE-295
Improper Certificate Validation
|
CVE-2014-8164
|
2024-11-21 11:18 |
2022-07-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
280122
|
8.1 |
HIGH
Network
|
google
|
android
|
btif/src/btif_dm.c in Android before 5.1 does not properly enforce the temporary nature of a Bluetooth pairing, which allows user-assisted remote attackers to bypass intended access restrictions via …
|
CWE-863
Incorrect Authorization
|
CVE-2014-7914
|
2024-11-21 11:18 |
2020-02-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
280123
|
4.6 |
MEDIUM
Physics
|
google
|
android
|
Directory traversal vulnerability in the Android debug bridge (aka adb) in Android 4.0.4 allows physically proximate attackers with a direct connection to the target Android device to write to arbitr…
|
CWE-22
Path Traversal
|
CVE-2014-7951
|
2024-11-21 11:18 |
2020-02-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
280124
|
9.8 |
CRITICAL
Network
|
zend
redhat
fedoraproject
|
zend_framework
enterprise_linux
fedora
|
SQL injection vulnerability in Zend Framework before 1.12.9, 2.2.x before 2.2.8, and 2.3.x before 2.3.3, when using the sqlsrv PHP extension, allows remote attackers to execute arbitrary SQL commands…
|
CWE-89
SQL Injection
|
CVE-2014-8089
|
2024-11-21 11:18 |
2020-02-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
280125
|
6.5 |
MEDIUM
Network
|
libtiff
|
libtiff
|
LibTIFF prior to 4.0.4, as used in Apple iOS before 8.4 and OS X before 10.10.4 and other products, allows remote attackers to cause a denial of service (out-of-bounds write) via a crafted TIFF image.
|
CWE-787
Out-of-bounds Write
|
CVE-2014-8128
|
2024-11-21 11:18 |
2020-02-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
280126
|
7.8 |
HIGH
Local
|
claris
|
filemaker_pro
filemaker_pro_advanced
|
An Authentication Bypass vulnerability exists in the MatchPasswordData function in DBEngine.dll in Filemaker Pro 13.03 and Filemaker Pro Advanced 12.04, which could let a malicious user obtain elevat…
|
CWE-287
Improper Authentication
|
CVE-2014-8347
|
2024-11-21 11:18 |
2020-02-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
280127
|
7.5 |
HIGH
Network
|
zohocorp
|
manageengine_it360
manageengine_opmanager
manageengine_applications_manager
|
The FailOverHelperServlet (aka FailServlet) servlet in ZOHO ManageEngine Applications Manager before 11.9 build 11912, OpManager 8 through 11.5 build 11400, and IT360 10.5 and earlier does not proper…
|
CWE-200
Information Exposure
|
CVE-2014-7863
|
2024-11-21 11:18 |
2020-02-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
280128
|
6.8 |
MEDIUM
Physics
|
tianocore
|
edk2
|
Buffer overflow in the Reclaim function in Tianocore EDK2 before SVN 16280 allows physically proximate attackers to gain privileges via a long variable name.
|
CWE-120
Classic Buffer Overflow
|
CVE-2014-8271
|
2024-11-21 11:18 |
2020-02-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
280129
|
5.3 |
MEDIUM
Network
|
dynamic_content_elements_project
|
dynamic_content_elements
|
The default configuration in the Dynamic Content Elements (dce) extension before 0.11.5 for TYPO3 allows remote attackers to obtain sensitive installation environment information by reading the updat…
|
CWE-200
Information Exposure
|
CVE-2014-8328
|
2024-11-21 11:18 |
2020-02-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
280130
|
7.8 |
HIGH
Local
|
unzip_project
redhat
|
unzip
enterprise_linux_desktop
enterprise_linux_workstation
enterprise_linux_server
enterprise_linux_server_eus
enterprise_linux_server_tus
|
Heap-based buffer overflow in the getZip64Data function in Info-ZIP UnZip 6.0 and earlier allows remote attackers to execute arbitrary code via a crafted zip file in the -t command argument to the un…
|
CWE-787
Out-of-bounds Write
|
CVE-2014-8141
|
2024-11-21 11:18 |
2020-02-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
