|
290761
|
- |
|
datumsystems
|
snip
|
Datum Systems SnIP on PSM-500 and PSM-4500 devices does not require authentication for FTP sessions, which allows remote attackers to obtain sensitive information via RETR commands.
|
NVD-CWE-Other
|
CVE-2014-2950
|
2024-11-21 11:07 |
2014-07-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290762
|
- |
|
kaseya
|
virtual_system_administrator
|
kapfa.sys in Kaseya Virtual System Administrator (VSA) 6.5 before 6.5.0.17 and 7.0 before 7.0.0.16 allows local users to cause a denial of service (NULL pointer dereference and application crash) via…
|
NVD-CWE-Other
|
CVE-2014-2926
|
2024-11-21 11:07 |
2014-07-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290763
|
- |
|
cisco
|
unified_communications_manager
|
Directory traversal vulnerability in dna/viewfilecontents.do in the Dialed Number Analyzer (DNA) component in Cisco Unified Communications Manager allows remote authenticated users to read arbitrary …
|
CWE-20
Improper Input Validation
|
CVE-2014-3318
|
2024-11-21 11:07 |
2014-07-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290764
|
- |
|
cisco
|
unified_communications_manager
|
The Multiple Analyzer in the Dialed Number Analyzer (DNA) component in Cisco Unified Communications Manager allows remote authenticated users to bypass intended upload restrictions via a crafted para…
|
CWE-20
Improper Input Validation
|
CVE-2014-3316
|
2024-11-21 11:07 |
2014-07-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290765
|
- |
|
cisco
|
unified_communications_manager
|
Cross-site scripting (XSS) vulnerability in viewfilecontents.do in the Dialed Number Analyzer (DNA) component in Cisco Unified Communications Manager allows remote attackers to inject arbitrary web s…
|
CWE-79
Cross-site Scripting
|
CVE-2014-3315
|
2024-11-21 11:07 |
2014-07-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290766
|
- |
|
cisco
|
webex_meeting_center
webex_meetings_server
|
Heap-based buffer overflow in the file-sharing feature in WebEx Meetings Client in Cisco WebEx Meetings Server and WebEx Meeting Center allows remote attackers to execute arbitrary code via crafted d…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2014-3311
|
2024-11-21 11:07 |
2014-07-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290767
|
- |
|
cisco
|
webex_meeting_center
webex_meetings_server
|
The File Transfer feature in WebEx Meetings Client in Cisco WebEx Meetings Server and WebEx Meeting Center does not verify that a requested file was an offered file, which allows remote attackers to …
|
CWE-20
Improper Input Validation
|
CVE-2014-3310
|
2024-11-21 11:07 |
2014-07-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290768
|
- |
|
liferay
|
liferay_portal
|
Multiple cross-site scripting (XSS) vulnerabilities in group/control_panel/manage in Liferay Portal 6.1.2 CE GA3, 6.1.X EE, and 6.2.X EE allow remote attackers to inject arbitrary web script or HTML …
|
CWE-79
Cross-site Scripting
|
CVE-2014-2963
|
2024-11-21 11:07 |
2014-07-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290769
|
- |
|
cisco
|
ios
ios_xe
|
The NTP implementation in Cisco IOS and IOS XE does not properly support use of the access-group command for a "deny all" configuration, which allows remote attackers to bypass intended restrictions …
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2014-3309
|
2024-11-21 11:07 |
2014-07-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290770
|
- |
|
cisco
|
spa_512g_1-line_ip_phone
spa941_4-line_ip_phone_with_1-port_ethernet
spa_504g_4-line_ip_phone
spa_525g_5-line_ip_phone
spa_301_1_line_ip_phone
spa962_6-line_ip_phone_with_2-port_switch…
|
Cross-site scripting (XSS) vulnerability in the web user interface on Cisco Small Business SPA300 and SPA500 phones allows remote attackers to inject arbitrary web script or HTML via a crafted URL, a…
|
CWE-79
Cross-site Scripting
|
CVE-2014-3313
|
2024-11-21 11:07 |
2014-07-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
