|
291051
|
- |
|
hp
|
service_manager
|
Cross-site request forgery (CSRF) vulnerability in the server in HP Service Manager (SM) 7.21 and 9.x before 9.34 allows remote attackers to hijack the authentication of unspecified victims via unkno…
|
CWE-352
Origin Validation Error
|
CVE-2014-2633
|
2024-11-21 11:06 |
2014-08-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291052
|
- |
|
hp
|
service_manager
|
Unspecified vulnerability in the WebTier component in HP Service Manager (SM) 7.21 and 9.x before 9.34 allows remote attackers to execute arbitrary code via unknown vectors.
|
NVD-CWE-noinfo
|
CVE-2014-2632
|
2024-11-21 11:06 |
2014-08-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291053
|
- |
|
mageia
gnu
opensuse
fedoraproject
|
mageia
readline
opensuse
fedora
|
The _rl_tropen function in util.c in GNU readline before 6.3 patch 3 allows local users to create or overwrite arbitrary files via a symlink attack on a /var/tmp/rltrace.[PID] file.
|
CWE-59
Link Following
|
CVE-2014-2524
|
2024-11-21 11:06 |
2014-08-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291054
|
- |
|
emc
|
documentum_content_server
|
EMC Documentum Content Server before 6.7 SP2 P16 and 7.x before 7.1 P07 allows remote authenticated users to read sensitive object metadata via an RPC command.
|
CWE-200
Information Exposure
|
CVE-2014-2521
|
2024-11-21 11:06 |
2014-08-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291055
|
- |
|
emc
|
documentum_content_server
|
EMC Documentum Content Server before 6.7 SP2 P16 and 7.x before 7.1 P07, when Oracle Database is used, does not properly restrict DQL hints, which allows remote authenticated users to conduct DQL inj…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2014-2520
|
2024-11-21 11:06 |
2014-08-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291056
|
- |
|
emc
|
documentum_webtop
documentum_administrator
web_publishers
documentum_capital_projects
documentum_records_manager
documentum_wdk
digital_assets_manager
engineering_plant_facilitie…
|
Multiple cross-site request forgery (CSRF) vulnerabilities in EMC Documentum WDK before 6.7SP1 P28 and 6.7SP2 before P15 allow remote attackers to hijack the authentication of arbitrary users.
|
CWE-352
Origin Validation Error
|
CVE-2014-2518
|
2024-11-21 11:06 |
2014-08-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291057
|
- |
|
emc
|
rsa_archer_egrc
|
Unspecified vulnerability in EMC RSA Archer GRC Platform 5.x before 5.5 SP1 allows remote authenticated users to gain privileges via unknown vectors.
|
NVD-CWE-noinfo
|
CVE-2014-2517
|
2024-11-21 11:06 |
2014-08-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291058
|
- |
|
emc
|
documentum_d2
|
EMC Documentum D2 3.1 before P24, 3.1SP1 before P02, 4.0 before P11, 4.1 before P16, and 4.2 before P05 does not properly restrict tickets provided by D2GetAdminTicketMethod and D2RefreshCacheMethod,…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2014-2515
|
2024-11-21 11:06 |
2014-08-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291059
|
- |
|
emc
|
documentum_webtop
records_client
documentum_administrator
web_publishers
documentum_capital_projects
task_space
digital_assets_manager
engineering_plant_facilities_management_sol…
|
Multiple cross-site scripting (XSS) vulnerabilities in EMC Documentum WebTop before 6.7 SP1 P28 and 6.7 SP2 before P14 allow remote attackers to inject arbitrary web script or HTML via the (1) starta…
|
CWE-79
Cross-site Scripting
|
CVE-2014-2511
|
2024-11-21 11:06 |
2014-08-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291060
|
- |
|
emc
|
rsa_archer_egrc
|
EMC RSA Archer GRC Platform 5.x before 5.5 SP1 allows remote attackers to trigger the download of arbitrary code, and consequently change the product's functionality, via unspecified vectors.
|
NVD-CWE-noinfo
|
CVE-2014-2505
|
2024-11-21 11:06 |
2014-08-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
