|
288931
|
- |
|
meditech
emc
|
meditech
networker
|
The EMC NetWorker Module for MEDITECH (aka NMMEDI) 3.0 build 87 through 90, when EMC RecoverPoint and Plink are used, stores cleartext RecoverPoint Appliance credentials in nsrmedisv.raw log files, w…
|
CWE-200
Information Exposure
|
CVE-2014-4620
|
2024-11-21 11:10 |
2014-10-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
288932
|
- |
|
ibm
|
classic_meeting_server
|
IBM Sametime Classic Meeting Server 8.0.x and 8.5.x allows remote attackers to obtain sensitive information by reading an exported Record and Playback (RAP) file.
|
CWE-200
Information Exposure
|
CVE-2014-4766
|
2024-11-21 11:10 |
2014-10-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
288933
|
- |
|
apple
|
iphone_os
|
The QuickType feature in the Keyboards subsystem in Apple iOS before 8.1 collects typing-prediction data from fields with an off autocomplete attribute, which makes it easier for attackers to discove…
|
CWE-255
Credentials Management
|
CVE-2014-4450
|
2024-11-21 11:10 |
2014-10-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
288934
|
- |
|
apple
|
iphone_os
|
iCloud Data Access in Apple iOS before 8.1 does not verify X.509 certificates from TLS servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafte…
|
CWE-310
Cryptographic Issues
|
CVE-2014-4449
|
2024-11-21 11:10 |
2014-10-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
288935
|
- |
|
apple
|
iphone_os
|
House Arrest in Apple iOS before 8.1 relies on the hardware UID for its encryption key, which makes it easier for physically proximate attackers to obtain sensitive information from a Documents direc…
|
CWE-310
Cryptographic Issues
|
CVE-2014-4448
|
2024-11-21 11:10 |
2014-10-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
288936
|
- |
|
websupporter
|
wp_amasin_-_the_amazon_affiliate_shop
|
Absolute path traversal vulnerability in reviews.php in the WP AmASIN - The Amazon Affiliate Shop plugin 0.9.6 and earlier for WordPress allows remote attackers to read arbitrary files via a full pat…
|
CWE-22
Path Traversal
|
CVE-2014-4577
|
2024-11-21 11:10 |
2014-10-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
288937
|
- |
|
cbi_referral_manager_project
|
cbi_referral_manager
|
Cross-site scripting (XSS) vulnerability in getNetworkSites.php in the CBI Referral Manager plugin 1.2.1 and earlier for WordPress allows remote attackers to inject arbitrary web script or HTML via t…
|
CWE-79
Cross-site Scripting
|
CVE-2014-4517
|
2024-11-21 11:10 |
2014-10-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
288938
|
- |
|
alipay_project
|
alipay
|
Cross-site scripting (XSS) vulnerability in includes/api_tenpay/inc.tenpay_notify.php in the Alipay plugin 3.6.0 and earlier for WordPress allows remote attackers to inject arbitrary web script or HT…
|
CWE-79
Cross-site Scripting
|
CVE-2014-4514
|
2024-11-21 11:10 |
2014-10-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
288939
|
- |
|
ibm
|
tririga_application_platform
|
IBM TRIRIGA Application Platform 3.2 and 3.3 before 3.3.0.2, 3.3.1 before 3.3.1.3, 3.3.2 before 3.3.2.2, and 3.4 before 3.4.0.1 allows remote attackers to execute arbitrary code via a crafted URL.
|
CWE-20
Improper Input Validation
|
CVE-2014-4840
|
2024-11-21 11:10 |
2014-10-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
288940
|
- |
|
ibm
|
tririga_application_platform
|
Cross-site scripting (XSS) vulnerability in GanttProjectSchedulerPopup.jsp in IBM TRIRIGA Application Platform 3.2 and 3.3 before 3.3.0.2, 3.3.1 before 3.3.1.3, 3.3.2 before 3.3.2.2, and 3.4 before 3…
|
CWE-79
Cross-site Scripting
|
CVE-2014-4838
|
2024-11-21 11:10 |
2014-10-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
