|
257511
|
- |
|
freebsd
|
freebsd
|
The ktrace utility in the FreeBSD kernel 8.4 before p11, 9.1 before p14, 9.2 before p7, and 9.3-BETA1 before p1 uses an incorrect page fault kernel trace entry size, which allows local users to obtai…
|
CWE-20
Improper Input Validation
|
CVE-2014-3873
|
2014-06-24 23:41 |
2014-06-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257512
|
- |
|
webmin
|
usermin
|
Usermin before 1.600 allows remote attackers to execute arbitrary operating-system commands via unspecified vectors related to a user action.
|
CWE-78
OS Command
|
CVE-2014-3883
|
2014-06-24 02:19 |
2014-06-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257513
|
- |
|
theforeman
|
foreman
|
Directory traversal vulnerability in Smart-Proxy in Foreman before 1.4.5 and 1.5.x before 1.5.1 allows remote attackers to overwrite arbitrary files via a .. (dot dot) in the dst parameter to tftp/fe…
|
CWE-22
Path Traversal
|
CVE-2014-4507
|
2014-06-24 00:05 |
2014-06-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257514
|
- |
|
openfiler
|
openfiler
|
Multiple cross-site scripting (XSS) vulnerabilities in Openfiler 2.99 allow remote attackers to inject arbitrary web script or HTML via the (1) TinkerAjax parameter to uptime.html, or remote authenti…
|
CWE-79
Cross-site Scripting
|
CVE-2014-4309
|
2014-06-21 13:42 |
2014-06-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257515
|
- |
|
freebsd
|
freebsd
|
The TCP reassembly function in the inet module in FreeBSD 8.3 before p16, 8.4 before p9, 9.1 before p12, 9.2 before p5, and 10.0 before p2 allows remote attackers to cause a denial of service (undefi…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2014-3000
|
2014-06-21 13:41 |
2014-05-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257516
|
- |
|
vmware
|
vcenter_server_appliance
|
Ruby vSphere Console (RVC) in VMware vCenter Server Appliance allows remote authenticated users to execute arbitrary commands as root by escaping from a chroot jail.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2014-3790
|
2014-06-21 13:41 |
2014-06-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257517
|
- |
|
freebsd
|
freebsd
|
The (1) execve and (2) fexecve system calls in the FreeBSD kernel 8.4 before p11, 9.1 before p14, 9.2 before p7, and 10.0 before p4 destroys the virtual memory address space and mappings for a proces…
|
CWE-20
Improper Input Validation
|
CVE-2014-3880
|
2014-06-21 13:41 |
2014-06-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257518
|
- |
|
sap
|
netweaver_business_client
|
Multiple cross-site scripting (XSS) vulnerabilities in the testcanvas node in SAP NetWeaver Business Client (NWBC) allow remote attackers to inject arbitrary web script or HTML via the (1) title or (…
|
CWE-79
Cross-site Scripting
|
CVE-2014-4160
|
2014-06-21 13:41 |
2014-06-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257519
|
- |
|
oracle
|
fusion_middleware
|
Unspecified vulnerability in the Oracle Access Manager component in Oracle Fusion Middleware 10.1.4.3, 11.1.1.3.0, 11.1.1.5.0, 11.1.1.7.0, 11.1.2.0.0, 11.1.2.1.0, and 11.1.2.2.0 allows remote authent…
|
NVD-CWE-noinfo
|
CVE-2014-2404
|
2014-06-21 13:40 |
2014-04-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257520
|
- |
|
oracle
|
fusion_middleware
|
Per: http://www.oracle.com/technetwork/topics/security/cpuapr2014-1972952.html
"Please refer to My Oracle Support Note 1643382.1 for instructions on how to address this issue."
|
NVD-CWE-noinfo
|
CVE-2014-2404
|
2014-06-21 13:40 |
2014-04-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
