|
290381
|
- |
|
nextapp
|
file_explorer
|
Directory traversal vulnerability in the NextApp File Explorer application before 2.1.0.3 for Android allows remote attackers to overwrite or create arbitrary files via a crafted filename.
|
CWE-22
Path Traversal
|
CVE-2014-1973
|
2024-11-21 11:05 |
2014-07-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290382
|
- |
|
microsoft
|
windows_server_2008
windows_server_2012
windows_rt
windows_7
windows_8.1
windows_rt_8.1
windows_vista
windows_8
|
Windows Journal in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows remote a…
|
CWE-94
Code Injection
|
CVE-2014-1824
|
2024-11-21 11:05 |
2014-07-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290383
|
- |
|
cisco
|
unified_communications_domain_manager
unified_cdm_platform_software
|
Cisco Unified Communications Domain Manager (CDM) in Unified CDM Platform Software before 4.4.2 has a hardcoded SSH private key, which makes it easier for remote attackers to obtain access to the sup…
|
CWE-255
Credentials Management
|
CVE-2014-2198
|
2024-11-21 11:05 |
2014-07-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290384
|
- |
|
cisco
|
unified_communications_domain_manager
unified_cdm_application_software
|
The Administration GUI in the web framework in Cisco Unified Communications Domain Manager (CDM) in Unified CDM Application Software before 8.1.4 does not properly implement access control, which all…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2014-2197
|
2024-11-21 11:05 |
2014-07-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290385
|
- |
|
intercom
|
web_kyukincho
|
Cross-site scripting (XSS) vulnerability in Intercom Web Kyukincho 3.x before 3.0.030 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
|
CWE-79
Cross-site Scripting
|
CVE-2014-2006
|
2024-11-21 11:05 |
2014-06-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290386
|
6.8 |
MEDIUM
Physics
|
sophos
|
enterprise_console
|
Sophos Disk Encryption (SDE) 5.x in Sophos Enterprise Console (SEC) 5.x before 5.2.2 does not enforce intended authentication requirements for a resume action from sleep mode, which allows physically…
|
CWE-287
Improper Authentication
|
CVE-2014-2005
|
2024-11-21 11:05 |
2014-06-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290387
|
- |
|
jreast
|
jr_east_japan
|
The East Japan Railway Company JR East Japan application before 1.2.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to obtain sensitive inf…
|
CWE-310
Cryptographic Issues
|
CVE-2014-2001
|
2024-11-21 11:05 |
2014-06-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290388
|
- |
|
cisco
|
adaptive_security_appliance_software
|
The WebVPN portal in Cisco Adaptive Security Appliance (ASA) Software 8.4(.7.15) and earlier allows remote authenticated users to obtain sensitive information via a crafted JavaScript file, aka Bug I…
|
NVD-CWE-noinfo
|
CVE-2014-2151
|
2024-11-21 11:05 |
2014-06-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290389
|
- |
|
ntt
|
050_plus
|
The NTT 050 plus application before 4.2.1 for Android allows attackers to obtain sensitive information by leveraging the ability to read system log files.
|
CWE-200
Information Exposure
|
CVE-2014-2000
|
2024-11-21 11:05 |
2014-06-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290390
|
- |
|
iij
|
seil\%2fturbo_firmware
seil\/turbo
seil\%2fneu_2fe_plus_firmware
seil\/neu_2fe_plus
seil\%2fx86_firmware
seil\/x86
seil\%2fx2_firmware
seil\/x2
seil\%2fx1_firmware
seil\/x1…
|
The PPP Access Concentrator (PPPAC) on SEIL SEIL/x86 routers 1.00 through 3.10, SEIL/X1 routers 1.00 through 4.50, SEIL/X2 routers 1.00 through 4.50, SEIL/B1 routers 1.00 through 4.50, SEIL/Turbo rou…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2014-2004
|
2024-11-21 11:05 |
2014-06-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
