|
283451
|
- |
|
fishshell
|
fish
|
fish (aka fish-shell) 1.16.0 before 2.1.1 does not properly check the credentials, which allows local users to gain privileges via the universal variable socket, related to /tmp/fishd.socket.user per…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2014-2905
|
2024-11-21 11:07 |
2014-05-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
283452
|
- |
|
unitrends
|
enterprise_backup
|
recoveryconsole/bpl/snmpd.php in Unitrends Enterprise Backup 7.3.0 allows remote attackers to bypass authentication by setting the auth parameter to a certain string.
|
CWE-287
Improper Authentication
|
CVE-2014-3139
|
2024-11-21 11:07 |
2014-05-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
283453
|
- |
|
xerox
|
docushare
|
SQL injection vulnerability in Xerox DocuShare before 6.53 Patch 6 Hotfix 2, 6.6.1 Update 1 before Hotfix 24, and 6.6.1 Update 2 before Hotfix 3 allows remote authenticated users to execute arbitrary…
|
CWE-89
SQL Injection
|
CVE-2014-3138
|
2024-11-21 11:07 |
2014-05-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
283454
|
- |
|
citrix
|
netscaler_access_gateway_firmware
netscaler_application_delivery_controller_firmware
netscaler_access_gateway
netscaler_application_delivery_controller
|
Unspecified vulnerability in the management GUI in Citrix NetScaler Application Delivery Controller (ADC) and NetScaler Gateway before 9.3-66.5 and 10.x before 10.1-122.17 has unspecified impact and …
|
NVD-CWE-noinfo
|
CVE-2014-2882
|
2024-11-21 11:07 |
2014-05-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
283455
|
- |
|
citrix
|
netscaler_access_gateway_firmware
netscaler_application_delivery_controller_firmware
netscaler_application_delivery_controller
netscaler_access_gateway
|
Unspecified vulnerability in the Diffie-Hellman key agreement implementation in the management GUI Java applet in Citrix NetScaler Application Delivery Controller (ADC) and NetScaler Gateway before 9…
|
NVD-CWE-noinfo
|
CVE-2014-2881
|
2024-11-21 11:07 |
2014-05-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
283456
|
- |
|
vbulletin
|
vbulletin
|
Multiple cross-site scripting (XSS) vulnerabilities in vBulletin 5.1.1 Alpha 9 allow remote attackers to inject arbitrary web script or HTML via (1) the PATH_INFO to privatemessage/new/, (2) the fold…
|
CWE-79
Cross-site Scripting
|
CVE-2014-3135
|
2024-11-21 11:07 |
2014-04-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
283457
|
- |
|
sap
|
businessobjects
|
Cross-site scripting (XSS) vulnerability in the InfoView application in SAP BusinessObjects allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
|
CWE-79
Cross-site Scripting
|
CVE-2014-3134
|
2024-11-21 11:07 |
2014-04-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
283458
|
- |
|
sap
|
netweaver_java_application_server
|
SAP Netweaver Java Application Server does not properly restrict access, which allows remote attackers to obtain the list of SAP systems registered on an SLD via an unspecified webdynpro, related to …
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2014-3133
|
2024-11-21 11:07 |
2014-04-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
283459
|
- |
|
sap
|
background_processing
|
SAP Background Processing does not properly restrict access, which allows remote authenticated users to obtain sensitive information via an unspecified RFC function, related to SAP Solution Manager 7…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2014-3132
|
2024-11-21 11:07 |
2014-04-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
283460
|
- |
|
sap
|
profile_maintenance
|
SAP Profile Maintenance does not properly restrict access, which allows remote authenticated users to obtain sensitive information via an unspecified RFC function, related to SAP Solution Manager 7.1.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2014-3131
|
2024-11-21 11:07 |
2014-04-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
