|
279281
|
- |
|
open-xchange
|
open-xchange_appsuite
|
Open-Xchange (OX) AppSuite and Server before 7.4.2-rev42, 7.6.0 before 7.6.0-rev36, and 7.6.1 before 7.6.1-rev14 does not properly handle directory permissions, which allows remote authenticated user…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2014-9466
|
2024-11-21 11:20 |
2015-02-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
279282
|
- |
|
lexmark
|
markvision_enterprise
|
Directory traversal vulnerability in the LibraryFileUploadServlet servlet in Lexmark Markvision Enterprise allows remote authenticated users to write to and execute arbitrary files via a .. (dot dot)…
|
CWE-22
Path Traversal
|
CVE-2014-9375
|
2024-11-21 11:20 |
2015-02-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
279283
|
- |
|
ge
mactek
|
svi_ii_ap_positioner_device_type_manager
12400_level_transmitter_device_type_manager
vector_device_type_manager
bullet_device_type_manager
|
Buffer overflow in the Field Device Tool (FDT) Frame application in the HART Device Type Manager (DTM) library, as used in MACTek Bullet DTM 1.00.0, GE Vector DTM 1.00.0, GE SVi1000 Positioner DTM 1.…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2014-9203
|
2024-11-21 11:20 |
2015-02-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
279284
|
- |
|
netapp
|
oncommand_balance
|
NetApp OnCommand Balance before 4.2P3 allows local users to obtain sensitive information via unspecified vectors related to cleartext storage.
|
CWE-200
Information Exposure
|
CVE-2014-9354
|
2024-11-21 11:20 |
2015-02-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
279285
|
- |
|
netapp
|
oncommand_balance
|
NetApp OnCommand Balance before 4.2P2 contains a "default privileged account," which allows remote attackers to gain privileges via unspecified vectors.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2014-9353
|
2024-11-21 11:20 |
2015-02-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
279286
|
- |
|
owncloud
|
owncloud
|
The documents application in ownCloud Server 6.x before 6.0.6 and 7.x before 7.0.3 allows remote authenticated users to obtain all valid session IDs via an unspecified API method.
|
CWE-200
Information Exposure
|
CVE-2014-9049
|
2024-11-21 11:20 |
2015-02-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
279287
|
- |
|
owncloud
|
owncloud
|
The documents application in ownCloud Server 6.x before 6.0.6 and 7.x before 7.0.3 allows remote attackers to bypass the password-protection for shared files via the API.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2014-9048
|
2024-11-21 11:20 |
2015-02-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
279288
|
- |
|
owncloud
|
owncloud
|
Multiple unspecified vulnerabilities in the preview system in ownCloud 6.x before 6.0.6 and 7.x before 7.0.3 allow remote attackers to read arbitrary files via unknown vectors.
|
NVD-CWE-noinfo
|
CVE-2014-9047
|
2024-11-21 11:20 |
2015-02-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
279289
|
- |
|
owncloud
|
owncloud
|
The OC_Util::getUrlContent function in ownCloud Server before 5.0.18, 6.x before 6.0.6, and 7.x before 7.0.3 allows remote attackers to read arbitrary files via a file:// protocol.
|
CWE-200
Information Exposure
|
CVE-2014-9046
|
2024-11-21 11:20 |
2015-02-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
279290
|
- |
|
owncloud
|
owncloud
|
The FTP backend in user_external in ownCloud Server before 5.0.18 and 6.x before 6.0.6 allows remote attackers to bypass intended authentication requirements via a crafted password.
|
CWE-287
Improper Authentication
|
CVE-2014-9045
|
2024-11-21 11:20 |
2015-02-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
