|
292291
|
- |
|
openssl
mariadb
opensuse
fedoraproject
|
openssl
mariadb
leap
opensuse
fedora
|
The dtls1_reassemble_fragment function in d1_both.c in OpenSSL before 0.9.8za, 1.0.0 before 1.0.0m, and 1.0.1 before 1.0.1h does not properly validate fragment lengths in DTLS ClientHello messages, w…
|
CWE-120
Classic Buffer Overflow
|
CVE-2014-0195
|
2024-11-21 11:01 |
2014-06-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
292292
|
- |
|
redhat
|
openstack
|
OpenStack Heat Templates (heat-templates), as used in Red Hat Enterprise Linux OpenStack Platform 4.0, sets gpgcheck to 0 for certain templates, which disables GPG signature checking on downloaded pa…
|
CWE-310
Cryptographic Issues
|
CVE-2014-0042
|
2024-11-21 11:01 |
2014-06-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
292293
|
- |
|
redhat
|
openstack
|
OpenStack Heat Templates (heat-templates), as used in Red Hat Enterprise Linux OpenStack Platform 4.0, sets sslverify to false for certain Yum repositories, which disables SSL protection and allows m…
|
CWE-310
Cryptographic Issues
|
CVE-2014-0041
|
2024-11-21 11:01 |
2014-06-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
292294
|
- |
|
redhat
|
openstack
|
OpenStack Heat Templates (heat-templates), as used in Red Hat Enterprise Linux OpenStack Platform 4.0, uses an HTTP connection to download (1) packages and (2) signing keys from Yum repositories, whi…
|
NVD-CWE-noinfo
|
CVE-2014-0040
|
2024-11-21 11:01 |
2014-06-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
292295
|
- |
|
php
debian
|
php
debian_linux
|
The cdf_read_property_info function in cdf.c in the Fileinfo component in PHP before 5.4.29 and 5.5.x before 5.5.13 allows remote attackers to cause a denial of service (infinite loop or out-of-bound…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2014-0238
|
2024-11-21 11:01 |
2014-06-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
292296
|
- |
|
php
debian
|
php
debian_linux
|
The cdf_unpack_summary_info function in cdf.c in the Fileinfo component in PHP before 5.4.29 and 5.5.x before 5.5.13 allows remote attackers to cause a denial of service (performance degradation) by …
|
CWE-399
Resource Management Errors
|
CVE-2014-0237
|
2024-11-21 11:01 |
2014-06-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
292297
|
- |
|
apache
|
tomcat
|
Apache Tomcat before 6.0.40, 7.x before 7.0.54, and 8.x before 8.0.6 does not properly constrain the class loader that accesses the XML parser used with an XSLT stylesheet, which allows remote attack…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2014-0119
|
2024-11-21 11:01 |
2014-05-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
292298
|
- |
|
apache
|
tomcat
|
Integer overflow in java/org/apache/tomcat/util/buf/Ascii.java in Apache Tomcat before 6.0.40, 7.x before 7.0.53, and 8.x before 8.0.4, when operated behind a reverse proxy, allows remote attackers t…
|
CWE-189
Numeric Errors
|
CVE-2014-0099
|
2024-11-21 11:01 |
2014-05-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
292299
|
- |
|
apache
|
tomcat
|
java/org/apache/catalina/servlets/DefaultServlet.java in the default servlet in Apache Tomcat before 6.0.40, 7.x before 7.0.53, and 8.x before 8.0.4 does not properly restrict XSLT stylesheets, which…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2014-0096
|
2024-11-21 11:01 |
2014-05-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
292300
|
- |
|
apache
|
tomcat
|
java/org/apache/coyote/ajp/AbstractAjpProcessor.java in Apache Tomcat 8.x before 8.0.4 allows remote attackers to cause a denial of service (thread consumption) by using a "Content-Length: 0" AJP req…
|
CWE-20
Improper Input Validation
|
CVE-2014-0095
|
2024-11-21 11:01 |
2014-05-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
