|
290161
|
- |
|
livetecs
|
timeline
|
Unrestricted file upload vulnerability in the Manage Project functionality in Livetecs Timelive before 6.5.1 allows remote authenticated users to execute arbitrary code by uploading a file with an ex…
|
NVD-CWE-Other
|
CVE-2014-2042
|
2024-11-21 11:05 |
2014-04-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290162
|
- |
|
cisco
|
adaptive_security_appliance_software
|
Memory leak in the SIP inspection engine in Cisco Adaptive Security Appliance (ASA) Software allows remote attackers to cause a denial of service (memory consumption and instability) via crafted SIP …
|
CWE-399
Resource Management Errors
|
CVE-2014-2154
|
2024-11-21 11:05 |
2014-04-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290163
|
- |
|
vtiger
|
vtiger_crm
|
modules/Users/ForgotPassword.php in vTiger 6.0 before Security Patch 2 allows remote attackers to reset the password for arbitrary users via a request containing the username, password, and confirmPa…
|
CWE-20
Improper Input Validation
|
CVE-2014-2269
|
2024-11-21 11:05 |
2014-04-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290164
|
- |
|
cisco
|
cns_network_registrar
|
The DHCPv6 server module in Cisco CNS Network Registrar 7.1 allows remote attackers to cause a denial of service (daemon reload) via a malformed DHCPv6 packet, aka Bug ID CSCuo07437.
|
CWE-20
Improper Input Validation
|
CVE-2014-2155
|
2024-11-21 11:05 |
2014-04-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290165
|
- |
|
toshibatec
|
e-studio-282
e-studio-283
e-studio-232
e-studio-233
|
Cross-site request forgery (CSRF) vulnerability in TopAccess (aka the web-based management utility) on TOSHIBA TEC e-Studio 232, 233, 282, and 283 devices allows remote attackers to hijack the authen…
|
CWE-352
Origin Validation Error
|
CVE-2014-1990
|
2024-11-21 11:05 |
2014-04-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290166
|
- |
|
cybozu
|
remote_service_manager
|
Session fixation vulnerability in the management screen in Cybozu Remote Service Manager through 2.3.0 and 3.x before 3.1.1 allows remote attackers to hijack web sessions via unspecified vectors.
|
CWE-287
Improper Authentication
|
CVE-2014-1984
|
2024-11-21 11:05 |
2014-04-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290167
|
- |
|
cybozu
|
remote_service_manager
|
Unspecified vulnerability in Cybozu Remote Service Manager through 2.3.0 and 3.x before 3.1.1 allows remote attackers to cause a denial of service (CPU consumption) via unknown vectors.
|
NVD-CWE-noinfo
|
CVE-2014-1983
|
2024-11-21 11:05 |
2014-04-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290168
|
- |
|
lyesoft
|
andexplorer
|
Directory traversal vulnerability in the LYSESOFT AndExplorer application before 20140403 and AndExplorerPro application before 20140405 for Android allows attackers to overwrite or create arbitrary …
|
CWE-22
Path Traversal
|
CVE-2014-1974
|
2024-11-21 11:05 |
2014-04-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290169
|
- |
|
imapsync_project
|
imapsync
|
imapsync before 1.584, when running with the --tls option, attempts a cleartext login when a certificate verification failure occurs, which allows remote attackers to obtain credentials by sniffing t…
|
CWE-255
Credentials Management
|
CVE-2014-2014
|
2024-11-21 11:05 |
2014-04-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290170
|
- |
|
python
pythonware
|
pillow
python_imaging_library
|
The (1) JpegImagePlugin.py and (2) EpsImagePlugin.py scripts in Python Image Library (PIL) 1.1.7 and earlier and Pillow before 2.3.1 uses the names of temporary files on the command line, which makes…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2014-1933
|
2024-11-21 11:05 |
2014-04-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
