|
290531
|
- |
|
schneider-electric
|
opc_factory_server_tlxcdlfofs
opc_factory_server_tlxcdstofs
opc_factory_server_tlxcdsuofs
opc_factory_server_tlxcdltofs
opc_factory_server_tlxcdluofs
|
Multiple buffer overflows in the OPC Automation 2.0 Server Object ActiveX control in Schneider Electric OPC Factory Server (OFS) TLXCDSUOFS33 3.5 and earlier, TLXCDSTOFS33 3.5 and earlier, TLXCDLUOFS…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2014-0789
|
2024-11-21 11:02 |
2014-04-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290532
|
- |
|
emc
|
rsa_adaptive_authentication_on-premise
|
Cross-site scripting (XSS) vulnerability in RSA Adaptive Authentication (On-Premise) 6.x and 7.x before 7.1 SP0 P2 allows remote attackers to inject arbitrary web script or HTML via vectors involving…
|
CWE-79
Cross-site Scripting
|
CVE-2014-0638
|
2024-11-21 11:02 |
2014-04-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290533
|
- |
|
emc
|
rsa_adaptive_authentication_on-premise
|
Cross-site scripting (XSS) vulnerability in the back-office case-management application in RSA Adaptive Authentication (On-Premise) 6.x and 7.x before 7.1 SP0 P2 allows remote authenticated users to …
|
CWE-79
Cross-site Scripting
|
CVE-2014-0637
|
2024-11-21 11:02 |
2014-04-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290534
|
- |
|
crowbar
novell
|
barclamp
suse_cloud
|
Barclamp (aka barclamp-network) 1.7 for the Crowbar Framework, as used in SUSE Cloud 3, does not enable netfilter on bridges when creating new instances, which allows remote attackers to bypass secur…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2014-0592
|
2024-11-21 11:02 |
2014-04-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290535
|
- |
|
gnu
|
a2ps
|
The fixps script in a2ps 4.14 does not use the -dSAFER option when executing gs, which allows context-dependent attackers to delete arbitrary files or execute arbitrary commands via a crafted PostScr…
|
NVD-CWE-noinfo
|
CVE-2014-0466
|
2024-11-21 11:02 |
2014-04-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290536
|
- |
|
ibm
|
websphere_portal
|
Cross-site scripting (XSS) vulnerability in the WCM (Web Content Manager) UI in IBM WebSphere Portal 6.1.0.x through 6.1.0.6 CF27, 6.1.5.x through 6.1.5.3 CF27, 7.0.0.x through 7.0.0.2 CF27, and 8.0.…
|
CWE-79
Cross-site Scripting
|
CVE-2014-0828
|
2024-11-21 11:02 |
2014-04-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290537
|
- |
|
emc
|
vplex_geosynchrony
|
Session fixation vulnerability in EMC VPLEX GeoSynchrony 4.x and 5.x before 5.3 allows remote attackers to hijack web sessions via unspecified vectors.
|
CWE-287
Improper Authentication
|
CVE-2014-0635
|
2024-11-21 11:02 |
2014-04-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290538
|
- |
|
emc
|
vplex_geosynchrony
|
EMC VPLEX GeoSynchrony 4.x and 5.x before 5.3 does not include the HTTPOnly flag in a Set-Cookie header for an unspecified cookie, which makes it easier for remote attackers to obtain potentially sen…
|
CWE-20
Improper Input Validation
|
CVE-2014-0634
|
2024-11-21 11:02 |
2014-04-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290539
|
- |
|
emc
|
vplex_geosynchrony
|
The GUI in EMC VPLEX GeoSynchrony 4.x and 5.x before 5.3 does not properly validate session-timeout values, which might make it easier for remote attackers to execute arbitrary code by leveraging an …
|
CWE-20
Improper Input Validation
|
CVE-2014-0633
|
2024-11-21 11:02 |
2014-04-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290540
|
- |
|
emc
|
vplex_geosynchrony
|
Directory traversal vulnerability in EMC VPLEX GeoSynchrony 4.x and 5.x before 5.3 allows remote authenticated users to execute arbitrary code via unspecified vectors.
|
CWE-22
Path Traversal
|
CVE-2014-0632
|
2024-11-21 11:02 |
2014-04-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
