| Max CVSS | 6.5 | Min CVSS | 4.0 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2014-0137 | 6.5 |
SQL injection vulnerability in the saved_report_delete action in the ReportController in Red Hat CloudForms Management Engine (CFME) before 5.2.3.2 allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors, related t
|
13-02-2023 - 00:32 | 14-05-2014 - 19:55 | |
| CVE-2014-0064 | 6.5 |
Multiple integer overflows in the path_in and other unspecified functions in PostgreSQL before 8.4.20, 9.0.x before 9.0.16, 9.1.x before 9.1.12, 9.2.x before 9.2.7, and 9.3.x before 9.3.3 allow remote authenticated users to have unspecified impact an
|
13-02-2023 - 00:31 | 31-03-2014 - 14:58 | |
| CVE-2014-0066 | 4.0 |
The chkpass extension in PostgreSQL before 8.4.20, 9.0.x before 9.0.16, 9.1.x before 9.1.12, 9.2.x before 9.2.7, and 9.3.x before 9.3.3 does not properly check the return value of the crypt library function, which allows remote authenticated users to
|
13-02-2023 - 00:31 | 31-03-2014 - 14:58 | |
| CVE-2014-0063 | 6.5 |
Multiple stack-based buffer overflows in PostgreSQL before 8.4.20, 9.0.x before 9.0.16, 9.1.x before 9.1.12, 9.2.x before 9.2.7, and 9.3.x before 9.3.3 allow remote authenticated users to cause a denial of service (crash) or possibly execute arbitrar
|
13-02-2023 - 00:31 | 31-03-2014 - 14:58 | |
| CVE-2014-0078 | 4.0 |
The CatalogController in Red Hat CloudForms Management Engine (CFME) before 5.2.3.2 allows remote authenticated users to delete arbitrary catalogs via vectors involving guessing the catalog ID.
|
13-02-2023 - 00:31 | 14-05-2014 - 19:55 | |
| CVE-2013-6417 | 6.4 |
actionpack/lib/action_dispatch/http/request.rb in Ruby on Rails before 3.2.16 and 4.x before 4.0.2 does not properly consider differences in parameter handling between the Active Record component and the JSON implementation, which allows remote attac
|
08-08-2019 - 15:42 | 07-12-2013 - 00:55 | |
| CVE-2014-2669 | 6.5 |
Multiple integer overflows in contrib/hstore/hstore_io.c in PostgreSQL 9.0.x before 9.0.16, 9.1.x before 9.1.12, 9.2.x before 9.2.7, and 9.3.x before 9.3.3 allow remote authenticated users to have unspecified impact via vectors related to the (1) hst
|
16-12-2017 - 02:29 | 31-03-2014 - 14:58 | |
| CVE-2014-0060 | 4.0 |
PostgreSQL before 8.4.20, 9.0.x before 9.0.16, 9.1.x before 9.1.12, 9.2.x before 9.2.7, and 9.3.x before 9.3.3 does not properly enforce the ADMIN OPTION restriction, which allows remote authenticated members of a role to add or remove arbitrary user
|
16-12-2017 - 02:29 | 31-03-2014 - 14:58 | |
| CVE-2014-0065 | 6.5 |
Multiple buffer overflows in PostgreSQL before 8.4.20, 9.0.x before 9.0.16, 9.1.x before 9.1.12, 9.2.x before 9.2.7, and 9.3.x before 9.3.3 allow remote authenticated users to have unspecified impact and attack vectors, a different vulnerability than
|
16-12-2017 - 02:29 | 31-03-2014 - 14:58 | |
| CVE-2014-0062 | 4.9 |
Race condition in the (1) CREATE INDEX and (2) unspecified ALTER TABLE commands in PostgreSQL before 8.4.20, 9.0.x before 9.0.16, 9.1.x before 9.1.12, 9.2.x before 9.2.7, and 9.3.x before 9.3.3 allows remote authenticated users to create an unauthori
|
16-12-2017 - 02:29 | 31-03-2014 - 14:58 | |
| CVE-2014-0061 | 6.5 |
The validator functions for the procedural languages (PLs) in PostgreSQL before 8.4.20, 9.0.x before 9.0.16, 9.1.x before 9.1.12, 9.2.x before 9.2.7, and 9.3.x before 9.3.3 allow remote authenticated users to gain privileges via a function that is (1
|
16-12-2017 - 02:29 | 31-03-2014 - 14:58 |