|
293001
|
- |
|
cisco
|
telepresence_system_software
telepresence_system_1000
telepresence_system_1300-65
telepresence_system_3000
telepresence_system_3010
telepresence_system_3200
telepresence_system_3210…
|
The System Status Collection Daemon (SSCD) in Cisco TelePresence System 500-37, 1000, 1300-65, and 3xxx before 1.10.2(42), and 500-32, 1300-47, TX1310 65, and TX9xxx before 6.0.4(11), allows remote a…
|
CWE-94
Code Injection
|
CVE-2014-0661
|
2024-11-21 11:02 |
2014-01-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
293002
|
- |
|
cisco
|
telepresence_isdn_gateway_software
|
Cisco TelePresence ISDN Gateway with software before 2.2(1.92) allows remote attackers to cause a denial of service (D-channel call outage) via a crafted Q.931 STATUS message, aka Bug ID CSCui50360.
|
CWE-20
Improper Input Validation
|
CVE-2014-0660
|
2024-11-21 11:02 |
2014-01-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
293003
|
- |
|
cisco
|
mediasense
|
The Search and Play interface in Cisco MediaSense does not properly enforce authorization requirements, which allows remote authenticated users to download arbitrary recordings via a request to this …
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2014-0672
|
2024-11-21 11:02 |
2014-01-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
293004
|
- |
|
cisco
|
mediasense
|
Open redirect vulnerability in Cisco MediaSense allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via an unspecified parameter, aka Bug ID CSCum16749.
|
CWE-20
Improper Input Validation
|
CVE-2014-0671
|
2024-11-21 11:02 |
2014-01-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
293005
|
- |
|
cisco
|
mediasense
|
Cross-site scripting (XSS) vulnerability in the Search and Play interface in Cisco MediaSense allows remote attackers to inject arbitrary web script or HTML via an unspecified parameter, aka Bug ID C…
|
CWE-79
Cross-site Scripting
|
CVE-2014-0670
|
2024-11-21 11:02 |
2014-01-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
293006
|
- |
|
cisco
|
asr_5000_series_software
|
The Wireless Session Protocol (WSP) feature in the Gateway GPRS Support Node (GGSN) component on Cisco ASR 5000 series devices allows remote attackers to bypass intended Top-Up payment restrictions v…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2014-0669
|
2024-11-21 11:02 |
2014-01-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
293007
|
- |
|
ecava
|
integraxor
|
Stack-based buffer overflow in the SCADA server in Ecava IntegraXor before 4.1.4390 allows remote attackers to cause a denial of service (system crash) by triggering access to DLL code located in the…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2014-0753
|
2024-11-21 11:02 |
2014-01-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
293008
|
- |
|
cisco
|
secure_access_control_system
|
Cross-site scripting (XSS) vulnerability in the portal in Cisco Secure Access Control System (ACS) allows remote attackers to inject arbitrary web script or HTML via an unspecified parameter, aka Bug…
|
CWE-79
Cross-site Scripting
|
CVE-2014-0668
|
2024-11-21 11:02 |
2014-01-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
293009
|
- |
|
sonatype
|
nexus
|
Sonatype Nexus 1.x and 2.x before 2.7.1 allows remote attackers to create arbitrary objects and execute arbitrary code via unspecified vectors related to unmarshalling of unintended Object types.
|
CWE-94
Code Injection
|
CVE-2014-0792
|
2024-11-21 11:02 |
2014-01-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
293010
|
- |
|
cisco
|
secure_access_control_system
|
The RMI interface in Cisco Secure Access Control System (ACS) does not properly enforce authorization requirements, which allows remote authenticated users to read arbitrary files via a request to th…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2014-0667
|
2024-11-21 11:02 |
2014-01-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
