|
282181
|
- |
|
emc
|
documentum_content_server
|
EMC Documentum Content Server before 6.7 SP2 P16 and 7.x before 7.1 P07 allows remote authenticated users to read sensitive object metadata via an RPC command.
|
CWE-200
Information Exposure
|
CVE-2014-2521
|
2024-11-21 11:06 |
2014-08-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
282182
|
- |
|
emc
|
documentum_content_server
|
EMC Documentum Content Server before 6.7 SP2 P16 and 7.x before 7.1 P07, when Oracle Database is used, does not properly restrict DQL hints, which allows remote authenticated users to conduct DQL inj…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2014-2520
|
2024-11-21 11:06 |
2014-08-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
282183
|
- |
|
emc
|
documentum_webtop
documentum_administrator
web_publishers
documentum_capital_projects
documentum_records_manager
documentum_wdk
digital_assets_manager
engineering_plant_facilitie…
|
Multiple cross-site request forgery (CSRF) vulnerabilities in EMC Documentum WDK before 6.7SP1 P28 and 6.7SP2 before P15 allow remote attackers to hijack the authentication of arbitrary users.
|
CWE-352
Origin Validation Error
|
CVE-2014-2518
|
2024-11-21 11:06 |
2014-08-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
282184
|
- |
|
emc
|
rsa_archer_egrc
|
Unspecified vulnerability in EMC RSA Archer GRC Platform 5.x before 5.5 SP1 allows remote authenticated users to gain privileges via unknown vectors.
|
NVD-CWE-noinfo
|
CVE-2014-2517
|
2024-11-21 11:06 |
2014-08-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
282185
|
- |
|
emc
|
documentum_d2
|
EMC Documentum D2 3.1 before P24, 3.1SP1 before P02, 4.0 before P11, 4.1 before P16, and 4.2 before P05 does not properly restrict tickets provided by D2GetAdminTicketMethod and D2RefreshCacheMethod,…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2014-2515
|
2024-11-21 11:06 |
2014-08-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
282186
|
- |
|
emc
|
documentum_webtop
records_client
documentum_administrator
web_publishers
documentum_capital_projects
task_space
digital_assets_manager
engineering_plant_facilities_management_sol…
|
Multiple cross-site scripting (XSS) vulnerabilities in EMC Documentum WebTop before 6.7 SP1 P28 and 6.7 SP2 before P14 allow remote attackers to inject arbitrary web script or HTML via the (1) starta…
|
CWE-79
Cross-site Scripting
|
CVE-2014-2511
|
2024-11-21 11:06 |
2014-08-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
282187
|
- |
|
emc
|
rsa_archer_egrc
|
EMC RSA Archer GRC Platform 5.x before 5.5 SP1 allows remote attackers to trigger the download of arbitrary code, and consequently change the product's functionality, via unspecified vectors.
|
NVD-CWE-noinfo
|
CVE-2014-2505
|
2024-11-21 11:06 |
2014-08-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
282188
|
- |
|
blackberry
|
blackberry_os
q10
q5
z10
z30
|
The Storage and Access service in BlackBerry OS 10.x before 10.2.1.1925 on Q5, Q10, Z10, and Z30 devices does not enforce the password requirement for SMB filesystem access, which allows context-depe…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2014-2388
|
2024-11-21 11:06 |
2014-08-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
282189
|
- |
|
microsoft
|
sharepoint_foundation
sharepoint_server
|
Microsoft SharePoint Server 2013 Gold and SP1 and SharePoint Foundation 2013 Gold and SP1 allow remote authenticated users to gain privileges via a Trojan horse app that executes a custom action in t…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2014-2816
|
2024-11-21 11:06 |
2014-08-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
282190
|
8.8 |
HIGH
Network
|
microsoft
|
onenote
|
Microsoft OneNote 2007 SP3 allows remote attackers to execute arbitrary code via a crafted OneNote file that triggers creation of an executable file in a startup folder, aka "OneNote Remote Code Exec…
|
NVD-CWE-noinfo
|
CVE-2014-2815
|
2024-11-21 11:06 |
2014-08-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
