Show filters
490 Total Results
Displaying 311-320 of 490
Sort by:
Attacker Value
Unknown

CVE-2014-1398

Disclosure Date: April 10, 2018 (last updated November 26, 2024)
The entity wrapper access API in the Entity API module 7.x-1.x before 7.x-1.3 for Drupal might allow remote authenticated users to bypass intended access restrictions on comment, user and node statistics properties via unspecified vectors.
0
0
Attacker Value
Unknown

CVE-2014-1399

Disclosure Date: April 10, 2018 (last updated November 26, 2024)
The entity wrapper access API in the Entity API module 7.x-1.x before 7.x-1.3 for Drupal might allow remote authenticated users to bypass intended access restrictions on referenced entities via unspecified vectors.
0
0
Attacker Value
Unknown

CVE-2014-7272

Disclosure Date: March 08, 2018 (last updated November 26, 2024)
Simple Desktop Display Manager (SDDM) before 0.10.0 allows local users to gain root privileges because code running as root performs write operations within a user home directory, and this user may have created links in advance (exploitation requires the user to win a race condition in the ~/.Xauthority chown case, but not other cases).
0
0
Attacker Value
Unknown

CVE-2014-7271

Disclosure Date: March 08, 2018 (last updated November 26, 2024)
Simple Desktop Display Manager (SDDM) before 0.10.0 allows local users to log in as user "sddm" without authentication.
0
0
Attacker Value
Unknown

CVE-2014-3005

Disclosure Date: February 01, 2018 (last updated November 26, 2024)
XML external entity (XXE) vulnerability in Zabbix 1.8.x before 1.8.21rc1, 2.0.x before 2.0.13rc1, 2.2.x before 2.2.5rc1, and 2.3.x before 2.3.2 allows remote attackers to read arbitrary files or potentially execute arbitrary code via a crafted DTD in an XML request.
0
0
Attacker Value
Unknown

CVE-2014-1859

Disclosure Date: January 08, 2018 (last updated November 26, 2024)
(1) core/tests/test_memmap.py, (2) core/tests/test_multiarray.py, (3) f2py/f2py2e.py, and (4) lib/tests/test_io.py in NumPy before 1.8.1 allow local users to write to arbitrary files via a symlink attack on a temporary file.
0
0
Attacker Value
Unknown

CVE-2014-8119

Disclosure Date: December 29, 2017 (last updated November 26, 2024)
The find_ifcfg_path function in netcf before 0.2.7 might allow attackers to cause a denial of service (application crash) via vectors involving augeas path expressions.
0
0
Attacker Value
Unknown

CVE-2014-9092

Disclosure Date: October 10, 2017 (last updated November 26, 2024)
libjpeg-turbo before 1.3.1 allows remote attackers to cause a denial of service (crash) via a crafted JPEG file, related to the Exif marker.
0
0
Attacker Value
Unknown

CVE-2015-3420

Disclosure Date: September 19, 2017 (last updated November 26, 2024)
The ssl-proxy-openssl.c function in Dovecot before 2.2.17, when SSLv3 is disabled, allow remote attackers to cause a denial of service (login process crash) via vectors related to handshake failures.
0
0
Attacker Value
Unknown

CVE-2014-9637

Disclosure Date: August 25, 2017 (last updated November 26, 2024)
GNU patch 2.7.2 and earlier allows remote attackers to cause a denial of service (memory consumption and segmentation fault) via a crafted diff file.
0
0
View More Topics  < Previous  Next >