|
278331
|
- |
|
emc
|
documentum_wdk
|
EMC Documentum Web Development Kit (WDK) before 6.8 does not properly generate random numbers for a certain parameter related to Webtop components, which makes it easier for remote attackers to condu…
|
CWE-189
Numeric Errors
|
CVE-2014-4639
|
2024-11-21 11:10 |
2015-01-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
278332
|
- |
|
emc
|
documentum_wdk
|
EMC Documentum Web Development Kit (WDK) before 6.8 allows remote attackers to conduct frame-injection attacks and obtain sensitive information via unspecified vectors.
|
CWE-200
Information Exposure
|
CVE-2014-4638
|
2024-11-21 11:10 |
2015-01-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
278333
|
- |
|
emc
|
documentum_wdk
|
Open redirect vulnerability in EMC Documentum Web Development Kit (WDK) before 6.8 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via an unspecified par…
|
NVD-CWE-Other
|
CVE-2014-4637
|
2024-11-21 11:10 |
2015-01-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
278334
|
- |
|
emc
|
documentum_wdk
|
Cross-site request forgery (CSRF) vulnerability in EMC Documentum Web Development Kit (WDK) before 6.8 allows remote attackers to hijack the authentication of arbitrary users for requests that perfor…
|
CWE-352
Origin Validation Error
|
CVE-2014-4636
|
2024-11-21 11:10 |
2015-01-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
278335
|
- |
|
emc
|
documentum_wdk
|
Multiple cross-site scripting (XSS) vulnerabilities in EMC Documentum Web Development Kit (WDK) before 6.8 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors.
|
CWE-79
Cross-site Scripting
|
CVE-2014-4635
|
2024-11-21 11:10 |
2015-01-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
278336
|
- |
|
emc
|
appsync
replication_manager
|
Unquoted Windows search path vulnerability in EMC Replication Manager through 5.5.2 and AppSync before 2.1.0 allows local users to gain privileges via a Trojan horse application with a name composed …
|
NVD-CWE-Other
|
CVE-2014-4634
|
2024-11-21 11:10 |
2014-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
278337
|
- |
|
dell
|
bsafe_micro-edition-suite
bsafe_ssl-j
|
EMC RSA BSAFE Micro Edition Suite (MES) 4.0.x before 4.0.6 and RSA BSAFE SSL-J before 6.1.4 do not ensure that a server's X.509 certificate is the same during renegotiation as it was before renegotia…
|
CWE-310
Cryptographic Issues
|
CVE-2014-4630
|
2024-11-21 11:10 |
2014-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
278338
|
- |
|
ibm
|
rational_quality_manager
|
Cross-site scripting (XSS) vulnerability in IBM Rational Quality Manager 2.x through 2.0.1.1, 3.x before 3.0.1.6 iFix 4, 4.x before 4.0.7 iFix 2, and 5.x before 5.0.1 allows remote authenticated user…
|
CWE-79
Cross-site Scripting
|
CVE-2014-4801
|
2024-11-21 11:10 |
2014-12-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
278339
|
- |
|
emc
|
documentum_content_server
|
EMC Documentum Content Server before 6.7 SP1 P29, 6.7 SP2 before P18, 7.0 before P16, and 7.1 before P09 allows remote authenticated users to gain privileges by (1) placing a command in a dm_job obje…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2014-4626
|
2024-11-21 11:10 |
2014-12-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
278340
|
- |
|
ibm
|
business_process_manager
|
The import/export functionality in IBM Business Process Manager (BPM) 7.5.x through 7.5.1.2, 8.0.x through 8.0.1.3, and 8.5.x through 8.5.5 allows remote authenticated users to bypass intended access…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2014-4844
|
2024-11-21 11:10 |
2014-12-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
