|
292521
|
- |
|
ovirt
|
ovirt
|
The REST API in oVirt 3.4.0 and earlier stores session IDs in HTML5 local storage, which allows remote attackers to obtain sensitive information via a crafted web page.
|
CWE-200
Information Exposure
|
CVE-2014-0153
|
2024-11-21 11:01 |
2014-09-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
292522
|
- |
|
ovirt
redhat
|
ovirt
ovirt-engine
|
Session fixation vulnerability in the web admin interface in oVirt 3.4.0 and earlier allows remote attackers to hijack web sessions via unspecified vectors.
|
NVD-CWE-Other
|
CVE-2014-0152
|
2024-11-21 11:01 |
2014-09-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
292523
|
- |
|
apache
|
ofbiz
|
Multiple cross-site scripting (XSS) vulnerabilities in framework/common/webcommon/includes/messages.ftl in Apache OFBiz 11.04.01 before 11.04.05 and 12.04.01 before 12.04.04 allow remote attackers to…
|
CWE-79
Cross-site Scripting
|
CVE-2014-0232
|
2024-11-21 11:01 |
2014-08-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
292524
|
- |
|
iridium
|
open_port
pilot_below_deck_equipment
|
The Terminal Upgrade Tool in the Pilot Below Deck Equipment (BDE) and OpenPort implementations on Iridium satellite terminals allows remote attackers to execute arbitrary code by uploading new firmwa…
|
NVD-CWE-Other
|
CVE-2014-0327
|
2024-11-21 11:01 |
2014-08-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
292525
|
- |
|
iridium
|
open_port
pilot_below_deck_equipment
|
The Pilot Below Deck Equipment (BDE) and OpenPort implementations on Iridium satellite terminals allow remote attackers to read hardcoded credentials via the web interface.
|
NVD-CWE-Other
|
CVE-2014-0326
|
2024-11-21 11:01 |
2014-08-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
292526
|
- |
|
cobham
|
ailor_6110_mini-c_gmdss
sailor_6006_message_terminal
sailor_6222_vhf
sailor_6300_mf_\/_hf
|
The thraneLINK protocol implementation on Cobham devices does not verify firmware signatures, which allows attackers to execute arbitrary code by leveraging physical access or terminal access to send…
|
NVD-CWE-Other
|
CVE-2014-0328
|
2024-11-21 11:01 |
2014-08-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
292527
|
- |
|
microsoft
|
windows_server_2008
windows_rt
windows_8.1
windows_7
windows_rt_8.1
windows_vista
windows_8
windows_server_2012
windows_server_2003
|
win32k.sys in the kernel-mode drivers in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and …
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2014-0318
|
2024-11-21 11:01 |
2014-08-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
292528
|
- |
|
microsoft
|
windows_server_2008
windows_server_2012
windows_rt
windows_8.1
windows_7
windows_rt_8.1
windows_8
|
Memory leak in the Local RPC (LRPC) server implementation in Microsoft Windows 7 SP1, Windows Server 2008 R2 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 …
|
CWE-399
Resource Management Errors
|
CVE-2014-0316
|
2024-11-21 11:01 |
2014-08-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
292529
|
- |
|
redhat
opensuse
|
libvirt
enterprise_linux
opensuse
enterprise_virtualization
|
libvirt 0.7.5 through 1.2.x before 1.2.5 allows local users to cause a denial of service (read block and hang) via a crafted XML document containing an XML external entity declaration in conjunction …
|
CWE-20
Improper Input Validation
|
CVE-2014-0179
|
2024-11-21 11:01 |
2014-08-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
292530
|
- |
|
zarafa
fedoraproject
|
zarafa
webapp
fedora
|
WebAccess in Zarafa before 7.1.10 and WebApp before 1.6 stores credentials in cleartext, which allows local Apache users to obtain sensitive information by reading the PHP session files.
|
CWE-310
Cryptographic Issues
|
CVE-2014-0103
|
2024-11-21 11:01 |
2014-07-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
