|
289271
|
7.8 |
HIGH
Local
|
gpgtools
|
libmacgpg
|
The installPackage function in the installerHelper subcomponent in Libmacgpg in GPG Suite before 2015.06 allows local users to execute arbitrary commands with root privileges via shell metacharacters…
|
CWE-77
Command Injection
|
CVE-2014-4677
|
2024-11-21 11:10 |
2017-02-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
289272
|
- |
|
ibm
|
uefi
|
IBM Unified Extensible Firmware Interface (UEFI) on Flex System x880 X6, System x3850 X6, and System x3950 X6 devices allows remote authenticated users to cause an unspecified temporary denial of ser…
|
NVD-CWE-noinfo
|
CVE-2014-4768
|
2024-11-21 11:10 |
2015-06-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
289273
|
- |
|
ibm
|
endpoint_manager_family
license_metric_tool
|
IBM License Metric Tool 9 before 9.1.0.2 and Endpoint Manager for Software Use Analysis 9 before 9.1.0.2 do not send an X-Frame-Options HTTP header in response to requests for the login page, which a…
|
CWE-20
Improper Input Validation
|
CVE-2014-4778
|
2024-11-21 11:10 |
2015-05-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
289274
|
- |
|
ibm
|
endpoint_manager_family
license_metric_tool
|
Cross-site request forgery (CSRF) vulnerability in the login page in IBM License Metric Tool 9 before 9.1.0.2 and Endpoint Manager for Software Use Analysis 9 before 9.1.0.2 allows remote attackers t…
|
CWE-352
Origin Validation Error
|
CVE-2014-4774
|
2024-11-21 11:10 |
2015-05-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
289275
|
- |
|
ibm
|
license_metric_tool
|
IBM License Metric Tool 9 before 9.1.0.2 does not have an off autocomplete attribute for authentication fields, which makes it easier for remote attackers to obtain access by leveraging an unattended…
|
CWE-200
Information Exposure
|
CVE-2014-4776
|
2024-11-21 11:10 |
2015-05-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
289276
|
- |
|
ibm
|
tivoli_storage_manager
|
dsmtca in the client in IBM Tivoli Storage Manager (TSM) 5.4.x, 5.5.x, 6.x before 6.4.3, and 7.1.x before 7.1.2 allows local users to discover the backup/restore encryption-key password via unspecifi…
|
CWE-200
Information Exposure
|
CVE-2014-4818
|
2024-11-21 11:10 |
2015-02-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
289277
|
- |
|
ibm
|
curam_social_program_management
|
Curam Universal Access in IBM Curam Social Program Management 5.2 before SP6 EP6, 6.0 SP2 before EP26, 6.0.4.5 before iFix007, 6.0.5.4 before iFix005, and 6.0.5.5 before iFix003, when SPI inclusion i…
|
CWE-200
Information Exposure
|
CVE-2014-4804
|
2024-11-21 11:10 |
2015-02-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
289278
|
- |
|
ibm
|
tivoli_storage_manager
|
Race condition in the client in IBM Tivoli Storage Manager (TSM) 5.4.0.0 through 5.4.3.6, 5.5.0.0 through 5.5.4.3, 6.1.0.0 through 6.1.5.6, 6.2 before 6.2.5.4, 6.3 before 6.3.2.3, 6.4 before 6.4.2.1,…
|
CWE-362
Race Condition
|
CVE-2014-4813
|
2024-11-21 11:10 |
2015-02-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
289279
|
- |
|
ibm
|
curam_social_program_management
|
CRLF injection vulnerability in the Universal Access implementation in IBM Curam Social Program Management 6.0 SP2 before EP26, 6.0.4 before 6.0.4.5 iFix007, and 6.0.5 before 6.0.5.5 iFix003, when We…
|
NVD-CWE-Other
|
CVE-2014-4803
|
2024-11-21 11:10 |
2015-02-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
289280
|
- |
|
ibm
|
infosphere_biginsights
|
The alert module in IBM InfoSphere BigInsights 2.1.2 and 3.x before 3.0.0.2 allows remote attackers to obtain sensitive Alert management-services API information via a network-tracing attack.
|
CWE-200
Information Exposure
|
CVE-2014-4781
|
2024-11-21 11:10 |
2015-02-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
