|
280201
|
- |
|
igniterealtime
|
openfire
|
nio/XMLLightweightParser.java in Ignite Realtime Openfire before 3.9.2 does not properly restrict the processing of compressed XML elements, which allows remote attackers to cause a denial of service…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2014-2741
|
2024-11-21 11:06 |
2014-04-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
280202
|
- |
|
sap
|
business_object_processing_framework_for_abap
|
SAP Business Object Processing Framework (BOPF) for ABAP has hardcoded credentials, which makes it easier for remote attackers to obtain access via unspecified vectors.
|
CWE-255
Credentials Management
|
CVE-2014-2752
|
2024-11-21 11:06 |
2014-04-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
280203
|
- |
|
sap
|
print_and_output_management
|
SAP Print and Output Management has hardcoded credentials, which makes it easier for remote attackers to obtain access via unspecified vectors.
|
CWE-255
Credentials Management
|
CVE-2014-2751
|
2024-11-21 11:06 |
2014-04-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
280204
|
- |
|
sap
|
hana
|
The HANA ICM process in SAP HANA allows remote attackers to obtain the platform version, host name, instance number, and possibly other sensitive information via a malformed HTTP GET request.
|
CWE-200
Information Exposure
|
CVE-2014-2749
|
2024-11-21 11:06 |
2014-04-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
280205
|
- |
|
sap
|
enhancement_package
|
The Security Audit Log facility in SAP Enhancement Package (EHP) 6 for SAP ERP 6.0 allows remote attackers to modify or delete arbitrary log classes via unspecified vectors. NOTE: some of these deta…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2014-2748
|
2024-11-21 11:06 |
2014-04-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
280206
|
- |
|
cacti
|
cacti
|
Multiple SQL injection vulnerabilities in graph_xport.php in Cacti 0.8.7g, 0.8.8b, and earlier allow remote attackers to execute arbitrary SQL commands via the (1) graph_start, (2) graph_end, (3) gra…
|
CWE-89
SQL Injection
|
CVE-2014-2708
|
2024-11-21 11:06 |
2014-04-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
280207
|
- |
|
linux-pam
|
linux-pam
|
Multiple directory traversal vulnerabilities in pam_timestamp.c in the pam_timestamp module for Linux-PAM (aka pam) 1.1.8 allow local users to create arbitrary files or possibly bypass authentication…
|
CWE-22
Path Traversal
|
CVE-2014-2583
|
2024-11-21 11:06 |
2014-04-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
280208
|
- |
|
tibco
|
web_player
automation_services
spotfire_server
spotfire_professional
analyst
desktop
deployment_kit
|
Unspecified vulnerability in Spotfire Web Player Engine, Spotfire Desktop, and Spotfire Server Authentication Module in TIBCO Spotfire Server 3.3.x before 3.3.4, 4.5.x before 4.5.1, 5.0.x before 5.0.…
|
NVD-CWE-noinfo
|
CVE-2014-2544
|
2024-11-21 11:06 |
2014-04-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
280209
|
- |
|
tibco
|
rendezvous
messaging_appliance
substantiation_es
|
Buffer overflow in the Rendezvous Daemon (rvd), Rendezvous Routing Daemon (rvrd), Rendezvous Secure Daemon (rvsd), and Rendezvous Secure Routing Daemon (rvsrd) in TIBCO Rendezvous before 8.4.2, Messa…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2014-2543
|
2024-11-21 11:06 |
2014-04-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
280210
|
- |
|
tibco
|
rendezvous
messaging_appliance
substantiation_es
|
Cross-site scripting (XSS) vulnerability in the Rendezvous Daemon (rvd), Rendezvous Routing Daemon (rvrd), Rendezvous Secure Daemon (rvsd), and Rendezvous Secure Routing Daemon (rvsrd) in TIBCO Rende…
|
CWE-79
Cross-site Scripting
|
CVE-2014-2542
|
2024-11-21 11:06 |
2014-04-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
