|
282211
|
- |
|
mit
|
kerberos_5
|
MIT Kerberos 5 (aka krb5) through 1.13.1 incorrectly expects that a krb5_read_message data field is represented as a string ending with a '\0' character, which allows remote attackers to (1) cause a …
|
NVD-CWE-Other
|
CVE-2014-5355
|
2024-11-21 11:11 |
2015-02-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
282212
|
- |
|
mit
|
kerberos_5
|
The krb5_gss_process_context_token function in lib/gssapi/krb5/process_context_token.c in the libgssapi_krb5 library in MIT Kerberos 5 (aka krb5) through 1.11.5, 1.12.x through 1.12.2, and 1.13.x bef…
|
NVD-CWE-Other
|
CVE-2014-5352
|
2024-11-21 11:11 |
2015-02-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
282213
|
- |
|
tibco
|
activematrix_management_agent
activematrix_policy_agent
activematrix_policy_manager
|
The ActiveMatrix Policy Manager Authentication module in TIBCO ActiveMatrix Policy Agent 3.x before 3.1.2, ActiveMatrix Policy Manager 3.x before 3.1.2, ActiveMatrix Management Agent 1.x before 1.2.1…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2014-5286
|
2024-11-21 11:11 |
2015-02-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
282214
|
- |
|
linux
|
linux_kernel
|
Race condition in NVMap in NVIDIA Tegra Linux Kernel 3.10 allows local users to gain privileges via a crafted NVMAP_IOC_CREATE IOCTL call, which triggers a use-after-free error, as demonstrated by us…
|
CWE-362
Race Condition
|
CVE-2014-5332
|
2024-11-21 11:11 |
2015-02-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
282215
|
- |
|
owncloud
|
owncloud
|
The SFTP external storage driver (files_external) in ownCloud Server before 6.0.5 validates the RSA Host key after login, which allows remote attackers to obtain sensitive information by sniffing the…
|
CWE-200
Information Exposure
|
CVE-2014-5341
|
2024-11-21 11:11 |
2015-02-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
282216
|
- |
|
landesk
|
landesk_management_suite
|
Cross-site scripting (XSS) vulnerability in the admin interface in LANDESK Management Suite before 9.6 SP1 allows remote attackers to inject arbitrary web script or HTML via the AMTVersion parameter …
|
CWE-79
Cross-site Scripting
|
CVE-2014-5360
|
2024-11-21 11:11 |
2015-02-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
282217
|
- |
|
attachmate
|
reflection_ftp_client
|
Stack-based buffer overflow in the Attachmate Reflection FTP Client before 14.1.433 allows remote FTP servers to execute arbitrary code via a large PWD response.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2014-5211
|
2024-11-21 11:11 |
2015-01-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
282218
|
- |
|
siemens
|
simatic_wincc_sm\@rtclient
|
The Siemens SIMATIC WinCC Sm@rtClient app before 1.0.2 for iOS allows physically proximate attackers to discover Sm@rtServer credentials by leveraging an error in the credential-processing mechanism.
|
CWE-200
Information Exposure
|
CVE-2014-5233
|
2024-11-21 11:11 |
2015-01-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
282219
|
- |
|
siemens
|
simatic_wincc_sm\@rtclient
|
The Siemens SIMATIC WinCC Sm@rtClient app before 1.0.2 for iOS allows local users to bypass an intended application-password requirement by leveraging the running of the app in the background state.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2014-5232
|
2024-11-21 11:11 |
2015-01-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
282220
|
- |
|
siemens
|
simatic_wincc_sm\@rtclient
|
The Siemens SIMATIC WinCC Sm@rtClient app before 1.0.2 for iOS allows physically proximate attackers to extract the password from storage via unspecified vectors.
|
CWE-200
Information Exposure
|
CVE-2014-5231
|
2024-11-21 11:11 |
2015-01-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
