|
282411
|
- |
|
microfocus
|
access_manager
|
Multiple cross-site scripting (XSS) vulnerabilities in NetIQ Access Manager (NAM) 4.x before 4.0.1 HF3 allow remote attackers to inject arbitrary web script or HTML via (1) the location parameter in …
|
CWE-79
Cross-site Scripting
|
CVE-2014-5216
|
2024-11-21 11:11 |
2014-12-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
282412
|
- |
|
microfocus
|
access_manager
|
NetIQ Access Manager (NAM) 4.x before 4.0.1 HF3 allows remote authenticated administrators to discover service-account passwords via a request to (1) roma/jsp/volsc/monitoring/dev_services.jsp or (2)…
|
CWE-200
Information Exposure
|
CVE-2014-5215
|
2024-11-21 11:11 |
2014-12-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
282413
|
- |
|
microfocus
|
access_manager
|
nps/servlet/webacc in iManager in the Administration Console server in NetIQ Access Manager (NAM) 4.x before 4.0.1 HF3 allows remote authenticated novlwww users to read arbitrary files via a query pa…
|
NVD-CWE-Other
|
CVE-2014-5214
|
2024-11-21 11:11 |
2014-12-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
282414
|
- |
|
yokogawa
|
exaopc
centum_cs_3000
centum_vp
|
BKBCopyD.exe in the Batch Management Packages in Yokogawa CENTUM CS 3000 through R3.09.50 and CENTUM VP through R4.03.00 and R5.x through R5.04.00, and Exaopc through R3.72.10, does not require authe…
|
CWE-284
Improper Access Control
|
CVE-2014-5208
|
2024-11-21 11:11 |
2014-12-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
282415
|
- |
|
novell
|
edirectory
|
nds/files/opt/novell/eDirectory/lib64/ndsimon/public/images in iMonitor in Novell eDirectory before 8.8 SP8 Patch 4 allows remote authenticated users to obtain sensitive information from process memo…
|
CWE-200
Information Exposure
|
CVE-2014-5213
|
2024-11-21 11:11 |
2014-12-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
282416
|
- |
|
novell
|
edirectory
|
Cross-site scripting (XSS) vulnerability in nds/search/data in iMonitor in Novell eDirectory before 8.8 SP8 Patch 4 allows remote attackers to inject arbitrary web script or HTML via the rdn paramete…
|
CWE-79
Cross-site Scripting
|
CVE-2014-5212
|
2024-11-21 11:11 |
2014-12-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
282417
|
- |
|
mit
|
kerberos
kerberos_5
|
plugins/kdb/ldap/libkdb_ldap/ldap_principal2.c in MIT Kerberos 5 (aka krb5) 1.12.x and 1.13.x before 1.13.1, when the KDC uses LDAP, allows remote authenticated users to cause a denial of service (NU…
|
NVD-CWE-Other
|
CVE-2014-5354
|
2024-11-21 11:11 |
2014-12-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
282418
|
- |
|
mit
redhat
fedoraproject
debian
canonical
oracle
opensuse
|
kerberos_5
enterprise_linux_server
enterprise_linux_server_aus
enterprise_linux_desktop
enterprise_linux_workstation
enterprise_linux_eus
enterprise_linux_server_tus
fedora
de…
|
The krb5_ldap_get_password_policy_from_dn function in plugins/kdb/ldap/libkdb_ldap/ldap_pwd_policy.c in MIT Kerberos 5 (aka krb5) before 1.13.1, when the KDC uses LDAP, allows remote authenticated us…
|
CWE-476
NULL Pointer Dereference
|
CVE-2014-5353
|
2024-11-21 11:11 |
2014-12-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
282419
|
- |
|
safenet-inc
|
safenet_authentication_service_outlook_web_access_agent
|
Directory traversal vulnerability in SafeNet Authentication Service (SAS) Outlook Web Access Agent (formerly CRYPTOCard) before 1.03.30109 allows remote attackers to read arbitrary files via a .. (do…
|
CWE-22
Path Traversal
|
CVE-2014-5359
|
2024-11-21 11:11 |
2014-12-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
282420
|
- |
|
malwarebytes
|
malwarebytes_anti-exploit
malwarebytes_anti-malware
|
The upgrade functionality in Malwarebytes Anti-Malware (MBAM) consumer before 2.0.3 and Malwarebytes Anti-Exploit (MBAE) consumer 1.04.1.1012 and earlier allow man-in-the-middle attackers to execute …
|
CWE-345
Insufficient Verification of Data Authenticity
|
CVE-2014-4936
|
2024-11-21 11:11 |
2014-12-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
