Lucene search
+L

6 matches found

NVD
NVD
added 2014/12/15 6:59 p.m.19 views

CVE-2014-9245

Zenoss Core through 5 Beta 3 allows remote attackers to obtain sensitive information by attempting a product-rename action with an invalid new name and then reading a stack trace, as demonstrated by internal URL information, aka ZEN-15382...

5CVSS6.2AI score0.01407EPSS
Exploits0References2
Prion
Prion
added 2014/12/15 6:59 p.m.27 views

Cross site scripting

Zenoss Core through 5 Beta 3 does not properly detect recursion during entity expansion, which allows remote attackers to cause a denial of service memory and CPU consumption via a crafted XML document containing a large number of nested entity references, aka ZEN-15414, a similar issue to...

5CVSS6.5AI score0.01619EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2014/12/15 5:27 p.m.23 views

CVE-2014-6261

Zenoss Core through 5 Beta 3 does not properly implement the Check For Updates feature, which allows remote attackers to execute arbitrary code by 1 spoofing the callhome server or 2 deploying a crafted web site that is visited during a login session, aka ZEN-12657...

7.8AI score0.19683EPSS
Exploits0References2
Cvelist
Cvelist
added 2014/12/15 5:27 p.m.23 views

CVE-2014-6258

An unspecified endpoint in Zenoss Core through 5 Beta 3 allows remote attackers to cause a denial of service CPU consumption by triggering an arbitrary regular-expression match attempt, aka ZEN-15411...

7.5AI score0.01461EPSS
Exploits0References2
Cvelist
Cvelist
added 2014/12/15 5:27 p.m.29 views

CVE-2014-9245

Zenoss Core through 5 Beta 3 allows remote attackers to obtain sensitive information by attempting a product-rename action with an invalid new name and then reading a stack trace, as demonstrated by internal URL information, aka ZEN-15382...

7.4AI score0.01407EPSS
Exploits0References2
Cvelist
Cvelist
added 2014/12/15 5:27 p.m.33 views

CVE-2014-6259

Zenoss Core through 5 Beta 3 does not properly detect recursion during entity expansion, which allows remote attackers to cause a denial of service memory and CPU consumption via a crafted XML document containing a large number of nested entity references, aka ZEN-15414, a similar issue to...

7AI score0.01594EPSS
Exploits0References2
Rows per page
Query Builder