|
291521
|
- |
|
cybozu
|
garoon
|
Cybozu Garoon 3.7 before SP4 allows remote authenticated users to bypass intended access restrictions, and execute arbitrary code or cause a denial of service, via an API call.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2014-1996
|
2024-11-21 11:05 |
2014-07-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291522
|
- |
|
cybozu
|
garoon
|
Cross-site scripting (XSS) vulnerability in the Map search functionality in Cybozu Garoon 2.x and 3.x before 3.7 SP4 allows remote authenticated users to inject arbitrary web script or HTML via unspe…
|
CWE-79
Cross-site Scripting
|
CVE-2014-1995
|
2024-11-21 11:05 |
2014-07-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291523
|
- |
|
cybozu
|
garoon
|
Cross-site scripting (XSS) vulnerability in the Notices portlet in Cybozu Garoon 2.x and 3.x before 3.7 SP4 allows remote authenticated users to inject arbitrary web script or HTML via unspecified ve…
|
CWE-79
Cross-site Scripting
|
CVE-2014-1994
|
2024-11-21 11:05 |
2014-07-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291524
|
- |
|
cybozu
|
garoon
|
The Portlets subsystem in Cybozu Garoon 2.x and 3.x before 3.7 SP4 allows remote authenticated users to bypass intended access restrictions via unspecified vectors.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2014-1993
|
2024-11-21 11:05 |
2014-07-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291525
|
- |
|
cybozu
|
garoon
|
Cross-site scripting (XSS) vulnerability in the Messages functionality in Cybozu Garoon 3.1.x, 3.5.x, and 3.7.x before 3.7 SP4 allows remote authenticated users to inject arbitrary web script or HTML…
|
CWE-79
Cross-site Scripting
|
CVE-2014-1992
|
2024-11-21 11:05 |
2014-07-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291526
|
- |
|
cybozu
|
garoon
|
The CGI component in Cybozu Garoon 3.1.0 through 3.7 SP3 allows remote attackers to execute arbitrary commands via unspecified vectors.
|
CWE-78
OS Command
|
CVE-2014-1987
|
2024-11-21 11:05 |
2014-07-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291527
|
- |
|
nextapp
|
file_explorer
|
Directory traversal vulnerability in the NextApp File Explorer application before 2.1.0.3 for Android allows remote attackers to overwrite or create arbitrary files via a crafted filename.
|
CWE-22
Path Traversal
|
CVE-2014-1973
|
2024-11-21 11:05 |
2014-07-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291528
|
- |
|
microsoft
|
windows_server_2008
windows_server_2012
windows_rt
windows_7
windows_8.1
windows_rt_8.1
windows_vista
windows_8
|
Windows Journal in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows remote a…
|
CWE-94
Code Injection
|
CVE-2014-1824
|
2024-11-21 11:05 |
2014-07-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291529
|
- |
|
cisco
|
unified_communications_domain_manager
unified_cdm_platform_software
|
Cisco Unified Communications Domain Manager (CDM) in Unified CDM Platform Software before 4.4.2 has a hardcoded SSH private key, which makes it easier for remote attackers to obtain access to the sup…
|
CWE-255
Credentials Management
|
CVE-2014-2198
|
2024-11-21 11:05 |
2014-07-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291530
|
- |
|
cisco
|
unified_communications_domain_manager
unified_cdm_application_software
|
The Administration GUI in the web framework in Cisco Unified Communications Domain Manager (CDM) in Unified CDM Application Software before 8.1.4 does not properly implement access control, which all…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2014-2197
|
2024-11-21 11:05 |
2014-07-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
