|
281021
|
- |
|
cisco
|
ios
|
The DLSw implementation in Cisco IOS does not initialize packet buffers, which allows remote attackers to obtain sensitive credential information from process memory via a session on TCP port 2067, a…
|
CWE-200
Information Exposure
|
CVE-2014-7992
|
2024-11-21 11:18 |
2014-11-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
281022
|
- |
|
cisco
|
ios
|
Cisco IOS on Aironet access points, when "dot11 aaa authenticator" debugging is enabled, allows remote attackers to cause a denial of service via a malformed EAP packet, aka Bug ID CSCul15509.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2014-7998
|
2024-11-21 11:18 |
2014-11-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
281023
|
- |
|
cisco
|
ios
|
The DHCP implementation in Cisco IOS on Aironet access points does not properly handle error conditions with short leases and unsuccessful lease-renewal attempts, which allows remote attackers to cau…
|
CWE-399
Resource Management Errors
|
CVE-2014-7997
|
2024-11-21 11:18 |
2014-11-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
281024
|
- |
|
qemu
debian
redhat
canonical
suse
|
qemu
debian_linux
enterprise_linux_desktop
enterprise_linux_workstation
enterprise_linux_server
enterprise_linux_server_aus
enterprise_linux_eus
virtualization
ubuntu_linux
The set_pixel_format function in ui/vnc.c in QEMU allows remote attackers to cause a denial of service (crash) via a small bytes_per_pixel value.
|
CWE-20
Improper Input Validation
|
CVE-2014-7815
|
2024-11-21 11:18 |
2014-11-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
|
281025
|
- |
|
cisco
|
unified_communications_manager
|
The Remote Mobile Access Subsystem in Cisco Unified Communications Manager (CM) 10.0(1) and earlier does not properly validate the Subject Alternative Name (SAN) field of an X.509 certificate, which …
|
CWE-310
Cryptographic Issues
|
CVE-2014-7991
|
2024-11-21 11:18 |
2014-11-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
281026
|
- |
|
hp
|
helion_cloud_development_platform
|
The Application Lifecycle Service (ALS) in HP Helion Cloud Development Platform 1.0, when a virtual machine is derived from the Seed Node image, uses the same security keys across different customers…
|
CWE-310
Cryptographic Issues
|
CVE-2014-7878
|
2024-11-21 11:18 |
2014-11-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
281027
|
- |
|
huawei
|
mobile_partner_firmware
ec156
ec176
ec177
|
Untrusted search path vulnerability in Huawei Mobile Partner for Windows 23.009.05.03.1014 allows local users to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse wintab32.d…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2014-8359
|
2024-11-21 11:18 |
2014-11-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
281028
|
- |
|
redhat
|
libvirt
|
The virDomainGetXMLDesc API in Libvirt before 1.2.11 allows remote read-only users to obtain the VNC password by using the VIR_DOMAIN_XML_MIGRATABLE flag, which triggers the use of the VIR_DOMAIN_XML…
|
CWE-255
Credentials Management
|
CVE-2014-7823
|
2024-11-21 11:18 |
2014-11-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
281029
|
7.8 |
HIGH
Local
|
linux
opensuse
suse
|
linux_kernel
evergreen
suse_linux_enterprise_server
|
kernel/trace/trace_syscalls.c in the Linux kernel through 3.17.2 does not properly handle private syscall numbers during use of the ftrace subsystem, which allows local users to gain privileges or ca…
|
CWE-476
NULL Pointer Dereference
|
CVE-2014-7826
|
2024-11-21 11:18 |
2014-11-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
281030
|
7.8 |
HIGH
Local
|
linux
|
linux_kernel
|
kernel/trace/trace_syscalls.c in the Linux kernel through 3.17.2 does not properly handle private syscall numbers during use of the perf subsystem, which allows local users to cause a denial of servi…
|
CWE-125
Out-of-bounds Read
|
CVE-2014-7825
|
2024-11-21 11:18 |
2014-11-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
