|
280201
|
- |
|
infocus
|
in3128hd_firmware
|
The InFocus IN3128HD projector with firmware 0.26 allows remote attackers to bypass authentication via a direct request to main.html.
|
NVD-CWE-Other
|
CVE-2014-8383
|
2024-11-21 11:18 |
2015-05-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
280202
|
- |
|
redhat
suse
|
network_satellite
manager
|
XML external entity (XXE) in the RPC interface in Spacewalk and Red Hat Network (RHN) Satellite 5.7 and earlier allows remote attackers to read arbitrary files and possibly have other unspecified imp…
|
NVD-CWE-Other
|
CVE-2014-8162
|
2024-11-21 11:18 |
2015-05-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
280203
|
- |
|
redhat
|
jbpm
drools
|
XML external entity (XXE) vulnerability in Drools and jBPM before 6.2.0 allows remote attackers to read arbitrary files or possibly have other unspecified impact via a crafted BPMN2 file.
|
NVD-CWE-Other
|
CVE-2014-8125
|
2024-11-21 11:18 |
2015-04-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
280204
|
- |
|
apache
|
tomcat_connectors
|
Apache Tomcat Connectors (mod_jk) before 1.2.41 ignores JkUnmount rules for subtrees of previous JkMount rules, which allows remote attackers to access otherwise restricted artifacts via unspecified …
|
CWE-200
Information Exposure
|
CVE-2014-8111
|
2024-11-21 11:18 |
2015-04-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
280205
|
- |
|
glpi-project
|
glpi
|
Directory traversal vulnerability in inc/autoload.function.php in GLPI before 0.84.8 allows remote attackers to include and execute arbitrary local files via a .._ (dot dot underscore) in an item typ…
|
CWE-22
Path Traversal
|
CVE-2014-8360
|
2024-11-21 11:18 |
2015-04-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
280206
|
- |
|
hp
|
integrated_lights-out_2_firmware
integrated_lights-out_chassis_management_firmware
integrated_lights-out_4_firmware
|
Unspecified vulnerability in HP Integrated Lights-Out (iLO) firmware 2 before 2.27 and 4 before 2.03 and iLO Chassis Management (CM) firmware before 1.30 allows remote attackers to gain privileges, e…
|
NVD-CWE-noinfo
|
CVE-2014-7876
|
2024-11-21 11:18 |
2015-03-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
280207
|
- |
|
suse
gnu
canonical
|
suse_linux_enterprise_server
suse_linux_enterprise_desktop
glibc
ubuntu_linux
|
DB_LOOKUP in nss_files/files-XXX.c in the Name Service Switch (NSS) in GNU C Library (aka glibc or libc6) 2.21 and earlier does not properly check if a file is open, which allows remote attackers to …
|
CWE-17
Code
|
CVE-2014-8121
|
2024-11-21 11:18 |
2015-03-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
280208
|
- |
|
redhat
automount_project
opensuse
|
enterprise_linux_hpc_node
enterprise_linux_desktop
enterprise_linux_server
enterprise_linux_workstation
automount
opensuse
|
automount 5.0.8, when a program map uses certain interpreted languages, uses the calling user's USER and HOME environment variable values instead of the values for the user used to run the mapped pro…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2014-8169
|
2024-11-21 11:18 |
2015-03-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
280209
|
- |
|
linux
|
linux_kernel
|
The pmd_none_or_trans_huge_or_clear_bad function in include/asm-generic/pgtable.h in the Linux kernel before 3.13 on NUMA systems does not properly determine whether a Page Middle Directory (PMD) ent…
|
NVD-CWE-Other
|
CVE-2014-8173
|
2024-11-21 11:18 |
2015-03-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
280210
|
- |
|
linux
|
linux_kernel
|
The filesystem implementation in the Linux kernel before 3.13 performs certain operations on lists of files with an inappropriate locking approach, which allows local users to cause a denial of servi…
|
CWE-17
Code
|
CVE-2014-8172
|
2024-11-21 11:18 |
2015-03-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
