|
279061
|
9.8 |
CRITICAL
Network
|
snoopy
redhat
debian
|
snoopy
openstack
debian_linux
|
Snoopy allows remote attackers to execute arbitrary commands.
|
CWE-77
Command Injection
|
CVE-2014-5008
|
2024-11-21 11:11 |
2017-04-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
279062
|
6.8 |
MEDIUM
Network
|
eucalyptus
|
eucalyptus
|
HP Helion Eucalyptus 4.1.x before 4.1.2 and HPE Helion Eucalyptus 4.2.x before 4.2.1 allow remote authenticated users to bypass intended access restrictions and modify arbitrary (1) access key creden…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2014-5040
|
2024-11-21 11:11 |
2016-01-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
279063
|
3.7 |
LOW
Network
|
toshiba
|
4690_operating_system
|
Toshiba 4690 Operating System 6 Release 3, when the ADXSITCF logical name is not properly restricted, allows remote attackers to read potentially sensitive system environment variables via a crafted …
|
CWE-200
Information Exposure
|
CVE-2014-4876
|
2024-11-21 11:11 |
2015-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
279064
|
- |
|
hospira
|
lifecare_pcainfusion_firmware
|
The Hospira LifeCare PCA Infusion System before 7.0 does not validate network traffic associated with sending a (1) drug library, (2) software update, or (3) configuration change, which allows remote…
|
CWE-345
Insufficient Verification of Data Authenticity
|
CVE-2014-5406
|
2024-11-21 11:11 |
2015-07-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
279065
|
- |
|
toshiba
|
chec
|
CreateBossCredentials.jar in Toshiba CHEC before 6.6 build 4014 and 6.7 before build 4329 contains a hardcoded AES key, which allows attackers to discover Back Office System Server (BOSS) DB2 databas…
|
CWE-255
CWE-200
Credentials Management
Information Exposure
|
CVE-2014-4875
|
2024-11-21 11:11 |
2015-06-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
279066
|
- |
|
aptexx
|
resident_anywhere
|
Aptexx Resident Anywhere does not require authentication, which allows remote attackers to obtain sensitive information or modify data via a direct request.
|
CWE-287
Improper Authentication
|
CVE-2014-4882
|
2024-11-21 11:11 |
2015-06-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
279067
|
- |
|
new_atlanta
|
bluedragon
|
Directory traversal vulnerability in the CFChart servlet (com.naryx.tagfusion.cfm.cfchartServlet) in New Atlanta BlueDragon before 7.1.1.18527 allows remote attackers to read or possibly delete arbit…
|
CWE-22
Path Traversal
|
CVE-2014-5370
|
2024-11-21 11:11 |
2015-04-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
279068
|
- |
|
landesk
|
landesk_management_suite
|
Multiple cross-site request forgery (CSRF) vulnerabilities in Landesk Management Suite 9.6 and earlier allow remote attackers to hijack the authentication of administrators for requests that (1) star…
|
CWE-352
Origin Validation Error
|
CVE-2014-5361
|
2024-11-21 11:11 |
2015-04-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
279069
|
- |
|
glpi-project
|
glpi
|
GLPI before 0.84.7 does not properly restrict access to cost information, which allows remote attackers to obtain sensitive information via the cost criteria in the search bar.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2014-5032
|
2024-11-21 11:11 |
2015-04-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
279070
|
- |
|
hospira
|
mednet
|
Hospira MedNet before 6.1 uses a hardcoded cleartext password to control SQL database authorization, which allows remote authenticated users to bypass intended access restrictions by leveraging knowl…
|
CWE-200
Information Exposure
|
CVE-2014-5405
|
2024-11-21 11:11 |
2015-04-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
