|
277961
|
- |
|
yokogawa
|
exaopc
centum_cs_3000
centum_vp
|
BKBCopyD.exe in the Batch Management Packages in Yokogawa CENTUM CS 3000 through R3.09.50 and CENTUM VP through R4.03.00 and R5.x through R5.04.00, and Exaopc through R3.72.10, does not require authe…
|
CWE-284
Improper Access Control
|
CVE-2014-5208
|
2024-11-21 11:11 |
2014-12-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
277962
|
- |
|
novell
|
edirectory
|
nds/files/opt/novell/eDirectory/lib64/ndsimon/public/images in iMonitor in Novell eDirectory before 8.8 SP8 Patch 4 allows remote authenticated users to obtain sensitive information from process memo…
|
CWE-200
Information Exposure
|
CVE-2014-5213
|
2024-11-21 11:11 |
2014-12-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
277963
|
- |
|
novell
|
edirectory
|
Cross-site scripting (XSS) vulnerability in nds/search/data in iMonitor in Novell eDirectory before 8.8 SP8 Patch 4 allows remote attackers to inject arbitrary web script or HTML via the rdn paramete…
|
CWE-79
Cross-site Scripting
|
CVE-2014-5212
|
2024-11-21 11:11 |
2014-12-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
277964
|
- |
|
mit
|
kerberos
kerberos_5
|
plugins/kdb/ldap/libkdb_ldap/ldap_principal2.c in MIT Kerberos 5 (aka krb5) 1.12.x and 1.13.x before 1.13.1, when the KDC uses LDAP, allows remote authenticated users to cause a denial of service (NU…
|
NVD-CWE-Other
|
CVE-2014-5354
|
2024-11-21 11:11 |
2014-12-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
277965
|
- |
|
mit
redhat
fedoraproject
debian
canonical
oracle
opensuse
|
kerberos_5
enterprise_linux_server
enterprise_linux_server_aus
enterprise_linux_desktop
enterprise_linux_workstation
enterprise_linux_eus
enterprise_linux_server_tus
fedora
de…
|
The krb5_ldap_get_password_policy_from_dn function in plugins/kdb/ldap/libkdb_ldap/ldap_pwd_policy.c in MIT Kerberos 5 (aka krb5) before 1.13.1, when the KDC uses LDAP, allows remote authenticated us…
|
CWE-476
NULL Pointer Dereference
|
CVE-2014-5353
|
2024-11-21 11:11 |
2014-12-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
277966
|
- |
|
safenet-inc
|
safenet_authentication_service_outlook_web_access_agent
|
Directory traversal vulnerability in SafeNet Authentication Service (SAS) Outlook Web Access Agent (formerly CRYPTOCard) before 1.03.30109 allows remote attackers to read arbitrary files via a .. (do…
|
CWE-22
Path Traversal
|
CVE-2014-5359
|
2024-11-21 11:11 |
2014-12-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
277967
|
- |
|
malwarebytes
|
malwarebytes_anti-exploit
malwarebytes_anti-malware
|
The upgrade functionality in Malwarebytes Anti-Malware (MBAM) consumer before 2.0.3 and Malwarebytes Anti-Exploit (MBAE) consumer 1.04.1.1012 and earlier allow man-in-the-middle attackers to execute …
|
CWE-345
Insufficient Verification of Data Authenticity
|
CVE-2014-4936
|
2024-11-21 11:11 |
2014-12-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
277968
|
- |
|
hikvision
|
dvr_ds-7204_firmware
|
Buffer overflow in Hikvision DVR DS-7204 Firmware 2.2.10 build 131009, and other models and versions, allows remote attackers to execute arbitrary code via an RTSP PLAY request with a long Authorizat…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2014-4880
|
2024-11-21 11:11 |
2014-12-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
277969
|
- |
|
ossec
|
ossec
|
host-deny.sh in OSSEC before 2.8.1 writes to temporary files with predictable filenames without verifying ownership, which allows local users to modify access restrictions in hosts.deny and gain root…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2014-5284
|
2024-11-21 11:11 |
2014-12-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
277970
|
- |
|
fasttoggle_project
|
fasttoggle
|
The Fasttoggle module 7.x-1.3 and 7.x-1.4 for Drupal allows remote attackers to block or unblock an account via a crafted user status link.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2014-5268
|
2024-11-21 11:11 |
2014-12-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
