Search Results (Refine Search)
- CPE Product Version: cpe:/o:fedoraproject:fedora:21
Vuln ID | Summary | CVSS Severity |
---|---|---|
CVE-2014-6394 |
visionmedia send before 0.8.4 for Node.js uses a partial comparison for verifying whether a directory is within the document root, which allows remote attackers to access restricted directories, as demonstrated using "public-restricted" under a "public" directory. Published: October 08, 2014; 1:55:05 PM -0400 |
V3.x:(not available) V2.0: 7.5 HIGH |
CVE-2014-6055 |
Multiple stack-based buffer overflows in the File Transfer feature in rfbserver.c in LibVNCServer 0.9.9 and earlier allow remote authenticated users to cause a denial of service (crash) and possibly execute arbitrary code via a (1) long file or (2) directory name or the (3) FileTime attribute in a rfbFileTransferOffer message. Published: September 30, 2014; 12:55:07 PM -0400 |
V3.x:(not available) V2.0: 6.5 MEDIUM |
CVE-2014-6051 |
Integer overflow in the MallocFrameBuffer function in vncviewer.c in LibVNCServer 0.9.9 and earlier allows remote VNC servers to cause a denial of service (crash) and possibly execute arbitrary code via an advertisement for a large screen size, which triggers a heap-based buffer overflow. Published: September 30, 2014; 12:55:07 PM -0400 |
V3.x:(not available) V2.0: 7.5 HIGH |
CVE-2014-4668 |
The cherokee_validator_ldap_check function in validator_ldap.c in Cherokee 1.2.103 and earlier, when LDAP is used, does not properly consider unauthenticated-bind semantics, which allows remote attackers to bypass authentication via an empty password. Published: July 02, 2014; 12:14:17 AM -0400 |
V3.x:(not available) V2.0: 6.8 MEDIUM |
CVE-2014-3152 |
Integer underflow in the LCodeGen::PrepareKeyedOperand function in arm/lithium-codegen-arm.cc in Google V8 before 3.25.28.16, as used in Google Chrome before 35.0.1916.114, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors that trigger a negative key value. Published: May 21, 2014; 7:14:09 AM -0400 |
V3.x:(not available) V2.0: 7.5 HIGH |