|
277941
|
- |
|
glpi-project
|
glpi
|
GLPI before 0.84.7 does not properly restrict access to cost information, which allows remote attackers to obtain sensitive information via the cost criteria in the search bar.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2014-5032
|
2024-11-21 11:11 |
2015-04-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
277942
|
- |
|
hospira
|
mednet
|
Hospira MedNet before 6.1 uses a hardcoded cleartext password to control SQL database authorization, which allows remote authenticated users to bypass intended access restrictions by leveraging knowl…
|
CWE-200
Information Exposure
|
CVE-2014-5405
|
2024-11-21 11:11 |
2015-04-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
277943
|
- |
|
hospira
|
mednet
|
Hospira MedNet before 6.1 uses hardcoded cryptographic keys for protection of data transmission from infusion pumps, which allows remote attackers to obtain sensitive information by sniffing the netw…
|
CWE-310
Cryptographic Issues
|
CVE-2014-5403
|
2024-11-21 11:11 |
2015-04-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
277944
|
- |
|
hospira
|
mednet
|
The installation component in Hospira MedNet before 6.1 places cleartext credentials in configuration files, which allows local users to obtain sensitive information by reading a file.
|
CWE-200
Information Exposure
|
CVE-2014-5400
|
2024-11-21 11:11 |
2015-04-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
277945
|
- |
|
ge
|
hydran_m2
|
The 17046 Ethernet card before 94450214LFMT100SEM-L.R3-CL for the GE Digital Energy Hydran M2 does not properly generate random values for TCP Initial Sequence Numbers (ISNs), which makes it easier f…
|
NVD-CWE-Other
|
CVE-2014-5409
|
2024-11-21 11:11 |
2015-03-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
277946
|
- |
|
mit
|
kerberos_5
|
MIT Kerberos 5 (aka krb5) through 1.13.1 incorrectly expects that a krb5_read_message data field is represented as a string ending with a '\0' character, which allows remote attackers to (1) cause a …
|
NVD-CWE-Other
|
CVE-2014-5355
|
2024-11-21 11:11 |
2015-02-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
277947
|
- |
|
mit
|
kerberos_5
|
The krb5_gss_process_context_token function in lib/gssapi/krb5/process_context_token.c in the libgssapi_krb5 library in MIT Kerberos 5 (aka krb5) through 1.11.5, 1.12.x through 1.12.2, and 1.13.x bef…
|
NVD-CWE-Other
|
CVE-2014-5352
|
2024-11-21 11:11 |
2015-02-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
277948
|
- |
|
tibco
|
activematrix_management_agent
activematrix_policy_agent
activematrix_policy_manager
|
The ActiveMatrix Policy Manager Authentication module in TIBCO ActiveMatrix Policy Agent 3.x before 3.1.2, ActiveMatrix Policy Manager 3.x before 3.1.2, ActiveMatrix Management Agent 1.x before 1.2.1…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2014-5286
|
2024-11-21 11:11 |
2015-02-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
277949
|
- |
|
linux
|
linux_kernel
|
Race condition in NVMap in NVIDIA Tegra Linux Kernel 3.10 allows local users to gain privileges via a crafted NVMAP_IOC_CREATE IOCTL call, which triggers a use-after-free error, as demonstrated by us…
|
CWE-362
Race Condition
|
CVE-2014-5332
|
2024-11-21 11:11 |
2015-02-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
277950
|
- |
|
owncloud
|
owncloud
|
The SFTP external storage driver (files_external) in ownCloud Server before 6.0.5 validates the RSA Host key after login, which allows remote attackers to obtain sensitive information by sniffing the…
|
CWE-200
Information Exposure
|
CVE-2014-5341
|
2024-11-21 11:11 |
2015-02-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
