|
292471
|
- |
|
ibm
|
content_navigator
|
Cross-site scripting (XSS) vulnerability in IBM Content Navigator 2.x before 2.0.2.2-ICN-FP002 allows remote authenticated users to inject arbitrary web script or HTML via an unspecified parameter.
|
CWE-79
Cross-site Scripting
|
CVE-2014-0874
|
2024-11-21 11:02 |
2014-02-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
292472
|
- |
|
schneider-electric
|
ofs_test_client_tlxcdlfofs33
ofs_test_client_tlxcdsuofs33
ofs_test_client_tlxcdltofs33
ofs_test_client_tlxcdstofs33
ofs_test_client_tlxcdluofs33
opc_factory_server
|
Stack-based buffer overflow in the C++ sample client in Schneider Electric OPC Factory Server (OFS) TLXCDSUOFS33 - 3.35, TLXCDSTOFS33 - 3.35, TLXCDLUOFS33 - 3.35, TLXCDLTOFS33 - 3.35, and TLXCDLFOFS3…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2014-0774
|
2024-11-21 11:02 |
2014-02-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
292473
|
- |
|
schneider-electric
|
floating_license_manager
|
Unquoted Windows search path vulnerability in Schneider Electric Floating License Manager 1.0.0 through 1.4.0 allows local users to gain privileges via a Trojan horse application with a name composed…
|
NVD-CWE-Other
|
CVE-2014-0759
|
2024-11-21 11:02 |
2014-02-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
292474
|
- |
|
ibm
|
content_navigator
|
IBM Content Navigator 2.x before 2.0.2.2-ICN-FP002 allows remote authenticated users to bypass intended access restrictions and conduct deleteAction attacks via a modified URL.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2014-0858
|
2024-11-21 11:02 |
2014-02-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
292475
|
- |
|
cisco
|
prime_infrastructure
|
Cisco Prime Infrastructure 1.2 and 1.3 before 1.3.0.20-2, 1.4 before 1.4.0.45-2, and 2.0 before 2.0.0.0.294-2 allows remote authenticated users to execute arbitrary commands with root privileges via …
|
CWE-20
Improper Input Validation
|
CVE-2014-0679
|
2024-11-21 11:02 |
2014-02-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
292476
|
- |
|
cybozu
|
garoon
|
SQL injection vulnerability in the download feature in Cybozu Garoon 2.x through 2.5.4 and 3.x through 3.7 SP3 allows remote authenticated users to execute arbitrary SQL commands via unspecified vect…
|
CWE-89
SQL Injection
|
CVE-2014-0821
|
2024-11-21 11:02 |
2014-02-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
292477
|
- |
|
cybozu
|
garoon
|
Directory traversal vulnerability in the download feature in Cybozu Garoon 2.x through 2.5.4 and 3.x through 3.7 SP3 allows remote authenticated users to read arbitrary files via unspecified vectors.
|
CWE-22
Path Traversal
|
CVE-2014-0820
|
2024-11-21 11:02 |
2014-02-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
292478
|
- |
|
cybozu
|
garoon
|
Cybozu Garoon 2.x through 2.5.4 and 3.x through 3.7 SP3 does not properly manage sessions, which allows remote authenticated users to impersonate arbitrary users via unspecified vectors.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2014-0817
|
2024-11-21 11:02 |
2014-02-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
292479
|
- |
|
norman
|
security_suite
|
Unspecified vulnerability in Norman Security Suite 10.1 and earlier allows local users to gain privileges via unknown vectors.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2014-0816
|
2024-11-21 11:02 |
2014-02-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
292480
|
- |
|
cisco
|
unified_communications_manager
|
The Certificate Authority Proxy Function (CAPF) CLI implementation in Cisco Unified Communications Manager (Unified CM) 10.0(1) and earlier allows local users to inject commands via unspecified CAPF …
|
CWE-20
Improper Input Validation
|
CVE-2014-0747
|
2024-11-21 11:02 |
2014-02-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
