|
281051
|
- |
|
sap
|
background_processing
|
SAP Background Processing does not properly restrict access, which allows remote authenticated users to obtain sensitive information via an unspecified RFC function, related to SAP Solution Manager 7…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2014-3132
|
2024-11-21 11:07 |
2014-04-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
281052
|
- |
|
sap
|
profile_maintenance
|
SAP Profile Maintenance does not properly restrict access, which allows remote authenticated users to obtain sensitive information via an unspecified RFC function, related to SAP Solution Manager 7.1.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2014-3131
|
2024-11-21 11:07 |
2014-04-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
281053
|
- |
|
sap
|
netweaver_abap_application_server
|
The ABAP Help documentation and translation tools (BC-DOC-HLP) in Basis in SAP Netweaver ABAP Application Server does not properly restrict access, which allows local users to gain privileges and exe…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2014-3130
|
2024-11-21 11:07 |
2014-04-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
281054
|
- |
|
sap
|
netweaver_software_lifecycle_manager
|
The Java Server Pages in the Software Lifecycle Manager (SLM) in SAP NetWeaver allows remote attackers to obtain sensitive information via a crafted request, related to SAP Solution Manager 7.1.
|
CWE-200
Information Exposure
|
CVE-2014-3129
|
2024-11-21 11:07 |
2014-04-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
281055
|
- |
|
mediawiki
|
mediawiki
|
Cross-site scripting (XSS) vulnerability in includes/actions/InfoAction.php in MediaWiki before 1.21.9 and 1.22.x before 1.22.6 allows remote attackers to inject arbitrary web script or HTML via the …
|
CWE-79
Cross-site Scripting
|
CVE-2014-2853
|
2024-11-21 11:07 |
2014-04-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
281056
|
- |
|
unitrends
|
enterprise_backup
|
Unitrends Enterprise Backup 7.3.0 allows remote authenticated users to execute arbitrary commands via shell metacharacters in the comm parameter to recoveryconsole/bpl/snmpd.php.
|
CWE-78
OS Command
|
CVE-2014-3008
|
2024-11-21 11:07 |
2014-04-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
281057
|
- |
|
xen
|
xen
|
The vgic_distr_mmio_write function in the virtual guest interrupt controller (GIC) distributor (arch/arm/vgic.c) in Xen 4.4.x, when running on an ARM system, allows local guest users to cause a denia…
|
CWE-20
Improper Input Validation
|
CVE-2014-2986
|
2024-11-21 11:07 |
2014-04-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
281058
|
- |
|
gnustep
|
base
|
Tools/gdomap.c in gdomap in GNUstep Base 1.24.6 and earlier, when run in daemon mode, does not properly handle the file descriptor for the logger, which allows remote attackers to cause a denial of s…
|
CWE-20
Improper Input Validation
|
CVE-2014-2980
|
2024-11-21 11:07 |
2014-04-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
281059
|
- |
|
westerndigital
|
arkeia_virtual_appliance_firmware
|
Directory traversal vulnerability in opt/arkeia/wui/htdocs/index.php in the WD Arkeia virtual appliance (AVA) with firmware before 10.2.9 allows remote attackers to read arbitrary files and execute a…
|
CWE-22
Path Traversal
|
CVE-2014-2846
|
2024-11-21 11:07 |
2014-04-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
281060
|
- |
|
pythonware
python
|
python_imaging_library
pillow
|
Python Image Library (PIL) 1.1.7 and earlier and Pillow 2.3 might allow remote attackers to execute arbitrary commands via shell metacharacters in unspecified vectors related to CVE-2014-1932, possib…
|
CWE-78
OS Command
|
CVE-2014-3007
|
2024-11-21 11:07 |
2014-04-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
