|
290881
|
- |
|
pocoproject
|
poco_c\+\+_libraries
|
The Poco::Net::X509Certificate::verify method in the NetSSL library in POCO C++ Libraries before 1.4.6p4 allows man-in-the-middle attackers to spoof SSL servers via crafted DNS PTR records that are r…
|
CWE-310
Cryptographic Issues
|
CVE-2014-0350
|
2024-11-21 11:01 |
2014-04-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290882
|
- |
|
redhat
|
openshift
|
The openshift-origin-broker in Red Hat OpenShift Enterprise 2.0.5, 1.2.7, and earlier does not properly handle authentication requests from the remote-user auth plugin, which allows remote attackers …
|
CWE-287
Improper Authentication
|
CVE-2014-0188
|
2024-11-21 11:01 |
2014-04-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290883
|
- |
|
automattic
|
jetpack
|
The Jetpack plugin before 1.9 before 1.9.4, 2.0.x before 2.0.9, 2.1.x before 2.1.4, 2.2.x before 2.2.7, 2.3.x before 2.3.7, 2.4.x before 2.4.4, 2.5.x before 2.5.2, 2.6.x before 2.6.3, 2.7.x before 2.…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2014-0173
|
2024-11-21 11:01 |
2014-04-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290884
|
- |
|
toshibacommerce
|
4690_point_of_sale_operating_system
|
The default configuration of IBM 4690 OS, as used in Toshiba Global Commerce Solutions 4690 POS and other products, hashes passwords with the ADXCRYPT algorithm, which makes it easier for context-dep…
|
CWE-310
Cryptographic Issues
|
CVE-2014-0361
|
2024-11-21 11:01 |
2014-04-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290885
|
- |
|
qemu
redhat
|
qemu
enterprise_linux
|
Integer overflow in the virtio_net_handle_mac function in hw/net/virtio-net.c in QEMU 2.0 and earlier allows local guest users to execute arbitrary code via a MAC addresses table update request, whic…
|
CWE-189
Numeric Errors
|
CVE-2014-0150
|
2024-11-21 11:01 |
2014-04-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290886
|
- |
|
apache
|
syncope
|
Apache Syncope 1.0.0 before 1.0.9 and 1.1.0 before 1.1.7 allows remote administrators to execute arbitrary Java code via vectors related to Apache Commons JEXL expressions, "derived schema definition…
|
CWE-94
Code Injection
|
CVE-2014-0111
|
2024-11-21 11:01 |
2014-04-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290887
|
- |
|
redhat
|
jboss_a-mq
jboss_fuse
|
JBoss Fuse did not enable encrypted passwords by default in its usage of Apache Zookeeper. This permitted sensitive information disclosure via logging to local users. Note: this description has been …
|
CWE-255
Credentials Management
|
CVE-2014-0085
|
2024-11-21 11:01 |
2014-04-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290888
|
- |
|
redhat
|
openstack
|
PackStack in Red Hat OpenStack 4.0 does not enforce the default security groups when deployed to Neutron, which allows remote attackers to bypass intended access restrictions and make unauthorized co…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2014-0071
|
2024-11-21 11:01 |
2014-04-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290889
|
- |
|
springsource
vmware
|
spring_framework
|
The Jaxb2RootElementHttpMessageConverter in Spring MVC in Spring Framework before 3.2.8 and 4.0.0 before 4.0.2 does not disable external entity resolution, which allows remote attackers to read arbit…
|
CWE-352
Origin Validation Error
|
CVE-2014-0054
|
2024-11-21 11:01 |
2014-04-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290890
|
- |
|
amos_benari
|
rbovirt
|
The rbovirt gem before 0.0.24 for Ruby uses the rest-client gem with SSL verification disabled, which allows remote attackers to conduct man-in-the-middle attacks via unspecified vectors.
|
CWE-310
Cryptographic Issues
|
CVE-2014-0036
|
2024-11-21 11:01 |
2014-04-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
