|
258341
|
- |
|
xen
|
xen
|
Xen 4.2.x and 4.1.x does not properly restrict access to IRQs, which allows local stub domain clients to gain access to IRQs and cause a denial of service via vectors related to "passed-through IRQs …
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2013-1919
|
2014-04-19 13:34 |
2013-05-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258342
|
- |
|
xen
|
xen
|
Xen 4.2.x, 4.1.x, and 4.0, when using Intel VT-d for PCI passthrough, does not properly configure VT-d when supporting a device that is behind a legacy PCI Bridge, which allows local guests to cause …
|
CWE-16
Configuration
|
CVE-2012-5634
|
2014-04-19 13:28 |
2013-02-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258343
|
- |
|
net-snmp
|
net-snmp
|
The AgentX subagent in Net-SNMP before 5.4.4 allows remote attackers to cause a denial of service (hang) by sending a multi-object request with an Object ID (OID) containing more subids than previous…
|
CWE-20
Improper Input Validation
|
CVE-2014-2310
|
2014-04-19 00:52 |
2014-04-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258344
|
- |
|
amos_benari
|
rbovirt
|
The rbovirt gem before 0.0.24 for Ruby uses the rest-client gem with SSL verification disabled, which allows remote attackers to conduct man-in-the-middle attacks via unspecified vectors.
|
CWE-310
Cryptographic Issues
|
CVE-2014-0036
|
2014-04-18 22:48 |
2014-04-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258345
|
- |
|
redhat
|
openstack
|
PackStack in Red Hat OpenStack 4.0 does not enforce the default security groups when deployed to Neutron, which allows remote attackers to bypass intended access restrictions and make unauthorized co…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2014-0071
|
2014-04-18 01:00 |
2014-04-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258346
|
- |
|
emc
|
cloud_tiering_appliance_software
cloud_tiering_appliance
file_management_appliance_software
file_management_appliance
|
EMC Cloud Tiering Appliance (CTA) 9.x through 10 SP1 and File Management Appliance (FMA) 7.x store DES password hashes for the root, super, and admin accounts, which makes it easier for context-depen…
|
CWE-255
Credentials Management
|
CVE-2014-0645
|
2014-04-18 00:10 |
2014-04-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258347
|
- |
|
emc
|
cloud_tiering_appliance_software
cloud_tiering_appliance
|
EMC Cloud Tiering Appliance (CTA) 10 through SP1 allows remote attackers to read arbitrary files via an api/login request containing an XML external entity declaration in conjunction with an entity r…
|
CWE-200
Information Exposure
|
CVE-2014-0644
|
2014-04-18 00:06 |
2014-04-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258348
|
- |
|
canonical
|
accountsservice
ubuntu_linux
|
The Ubuntu AccountsService package before 0.6.14-1git1ubuntu1.1 does not properly drop privileges when changing language settings, which allows local users to modify arbitrary files via unspecified v…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2011-4406
|
2014-04-17 23:33 |
2014-04-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258349
|
- |
|
packagekit_project
|
packagekit
|
The Zypper (aka zypp) backend in PackageKit before 0.8.8 allows local users to downgrade packages via the "install updates" method.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2013-1764
|
2014-04-17 23:30 |
2014-04-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258350
|
- |
|
suse
|
kiwi
studio_extension_for_system_z
studio_onsite
|
kiwi before 4.98.05, as used in SUSE Studio Onsite 1.2 before 1.2.1 and SUSE Studio Extension for System z 1.2 before 1.2.1, allows attackers to execute arbitrary commands via shell metacharacters in…
|
NVD-CWE-Other
|
CVE-2011-4195
|
2014-04-17 23:20 |
2014-04-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
