|
285391
|
- |
|
corel
|
corelcad
|
Multiple untrusted search path vulnerabilities in Corel CAD 2014 allow local users to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse (1) FxManagedCommands_3.08_9.tx or (2…
|
NVD-CWE-Other
|
CVE-2014-8394
|
2024-11-21 11:19 |
2015-01-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
285392
|
- |
|
opensuse
mozilla
|
opensuse
firefox
|
Mozilla Firefox before 35.0 on Windows allows remote attackers to bypass the Gecko Media Plugin (GMP) sandbox protection mechanism by leveraging access to the GMP process, as demonstrated by the Open…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2014-8643
|
2024-11-21 11:19 |
2015-01-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
285393
|
- |
|
mozilla
opensuse
|
seamonkey
opensuse
firefox
|
Mozilla Firefox before 35.0 and SeaMonkey before 2.32 do not consider the id-pkix-ocsp-nocheck extension in deciding whether to trust an OCSP responder, which makes it easier for remote attackers to …
|
CWE-310
Cryptographic Issues
|
CVE-2014-8642
|
2024-11-21 11:19 |
2015-01-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
285394
|
- |
|
mozilla
|
seamonkey
firefox
firefox_esr
|
Use-after-free vulnerability in the WebRTC implementation in Mozilla Firefox before 35.0, Firefox ESR 31.x before 31.4, and SeaMonkey before 2.32 allows remote attackers to execute arbitrary code via…
|
NVD-CWE-Other
|
CVE-2014-8641
|
2024-11-21 11:19 |
2015-01-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
285395
|
- |
|
mozilla
opensuse
|
firefox
opensuse
seamonkey
|
The mozilla::dom::AudioParamTimeline::AudioNodeInputValue function in the Web Audio API implementation in Mozilla Firefox before 35.0 and SeaMonkey before 2.32 does not properly restrict timeline ope…
|
CWE-362
Race Condition
|
CVE-2014-8640
|
2024-11-21 11:19 |
2015-01-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
285396
|
- |
|
mozilla
|
seamonkey
firefox
firefox_esr
thunderbird
|
Mozilla Firefox before 35.0, Firefox ESR 31.x before 31.4, Thunderbird before 31.4, and SeaMonkey before 2.32 do not properly interpret Set-Cookie headers within responses that have a 407 (aka Proxy …
|
NVD-CWE-Other
|
CVE-2014-8639
|
2024-11-21 11:19 |
2015-01-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
285397
|
- |
|
mozilla
|
firefox
firefox_esr
thunderbird
seamonkey
|
The navigator.sendBeacon implementation in Mozilla Firefox before 35.0, Firefox ESR 31.x before 31.4, Thunderbird before 31.4, and SeaMonkey before 2.32 omits the CORS Origin header, which allows rem…
|
CWE-352
Origin Validation Error
|
CVE-2014-8638
|
2024-11-21 11:19 |
2015-01-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
285398
|
- |
|
mozilla
|
seamonkey
firefox
|
Mozilla Firefox before 35.0 and SeaMonkey before 2.32 do not properly initialize memory for BMP images, which allows remote attackers to obtain sensitive information from process memory via a crafted…
|
CWE-200
Information Exposure
|
CVE-2014-8637
|
2024-11-21 11:19 |
2015-01-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
285399
|
- |
|
mozilla
|
firefox
seamonkey
|
The XrayWrapper implementation in Mozilla Firefox before 35.0 and SeaMonkey before 2.32 does not properly interact with a DOM object that has a named getter, which might allow remote attackers to exe…
|
CWE-94
Code Injection
|
CVE-2014-8636
|
2024-11-21 11:19 |
2015-01-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
285400
|
- |
|
mozilla
|
seamonkey
firefox
|
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 35.0 and SeaMonkey before 2.32 allow remote attackers to cause a denial of service (memory corruption and applicat…
|
NVD-CWE-noinfo
|
CVE-2014-8635
|
2024-11-21 11:19 |
2015-01-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
