|
279901
|
- |
|
mcafee
|
network_security_manager
|
Cross-site request forgery (CSRF) vulnerability in the User Management module in McAfee Network Security Manager (NSM) before 6.1.15.39 7.1.5.x before 7.1.5.15, 7.1.15.x before 7.1.15.7, 7.5.x before…
|
CWE-352
Origin Validation Error
|
CVE-2014-2390
|
2024-11-21 11:06 |
2014-08-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
279902
|
- |
|
arubanetworks
|
clearpass_policy_manager
|
The management console in Aruba Networks ClearPass Policy Manager 6.3.0.60730 allows local users to execute arbitrary commands via shell metacharacters in certain arguments of a valid command, as dem…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2014-2593
|
2024-11-21 11:06 |
2014-08-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
279903
|
- |
|
invensys
|
wonderware_information_server
|
Schneider Electric Wonderware Information Server (WIS) Portal 4.0 SP1 through 5.5 uses weak encryption, which allows local users to obtain sensitive information by reading a credential file.
|
NVD-CWE-Other
|
CVE-2014-2381
|
2024-11-21 11:06 |
2014-08-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
279904
|
- |
|
invensys
|
wonderware_information_server
|
Schneider Electric Wonderware Information Server (WIS) Portal 4.0 SP1 through 5.5 uses weak encryption, which allows remote attackers to obtain sensitive information by reading a credential file.
|
NVD-CWE-Other
|
CVE-2014-2380
|
2024-11-21 11:06 |
2014-08-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
279905
|
- |
|
kdirstat_project
opensuse
|
kdirstat
opensuse
|
kcleanup.cpp in KDirStat 2.7.3 does not properly quote strings when deleting a directory, which allows remote attackers to execute arbitrary commands via a ' (single quote) character in the directory…
|
NVD-CWE-Other
|
CVE-2014-2528
|
2024-11-21 11:06 |
2014-08-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
279906
|
- |
|
kdirstat_project
opensuse
|
kdirstat
opensuse
|
kcleanup.cpp in KDirStat 2.7.0 does not properly quote strings when deleting a directory, which allows remote attackers to execute arbitrary commands via a " (double quote) character in the directory…
|
NVD-CWE-Other
|
CVE-2014-2527
|
2024-11-21 11:06 |
2014-08-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
279907
|
- |
|
hp
|
service_manager
|
Unspecified vulnerability in the server in HP Service Manager (SM) 7.21 and 9.x before 9.34 allows remote attackers to bypass intended access restrictions, and modify data or cause a denial of servic…
|
NVD-CWE-noinfo
|
CVE-2014-2634
|
2024-11-21 11:06 |
2014-08-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
279908
|
- |
|
hp
|
service_manager
|
Cross-site request forgery (CSRF) vulnerability in the server in HP Service Manager (SM) 7.21 and 9.x before 9.34 allows remote attackers to hijack the authentication of unspecified victims via unkno…
|
CWE-352
Origin Validation Error
|
CVE-2014-2633
|
2024-11-21 11:06 |
2014-08-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
279909
|
- |
|
hp
|
service_manager
|
Unspecified vulnerability in the WebTier component in HP Service Manager (SM) 7.21 and 9.x before 9.34 allows remote attackers to execute arbitrary code via unknown vectors.
|
NVD-CWE-noinfo
|
CVE-2014-2632
|
2024-11-21 11:06 |
2014-08-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
279910
|
- |
|
mageia
gnu
opensuse
fedoraproject
|
mageia
readline
opensuse
fedora
|
The _rl_tropen function in util.c in GNU readline before 6.3 patch 3 allows local users to create or overwrite arbitrary files via a symlink attack on a /var/tmp/rltrace.[PID] file.
|
CWE-59
Link Following
|
CVE-2014-2524
|
2024-11-21 11:06 |
2014-08-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
