|
279751
|
- |
|
ibm
|
websphere_portal
websphere_portal_unified_task_list_portlet
|
Multiple open redirect vulnerabilities in the Unified Task List (UTL) Portlet for IBM WebSphere Portal 7.x and 8.x through 8.0.0.1 CF12 allow remote attackers to redirect users to arbitrary web sites…
|
NVD-CWE-Other
|
CVE-2014-3054
|
2024-11-21 11:07 |
2014-07-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
279752
|
- |
|
ibm
|
rational_team_concert
|
IBM Rational Team Concert (RTC) 3.x before 3.0.1.6 IF3 and 4.x before 4.0.7 does not properly integrate with build engines, which allows remote authenticated users to discover credentials via unspeci…
|
CWE-200
Information Exposure
|
CVE-2014-3050
|
2024-11-21 11:07 |
2014-07-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
279753
|
- |
|
ibm
|
maximo_asset_management
maximo_asset_management_essentials
smartcloud_control_desk
maximo_industry_solutions
|
CRLF injection vulnerability in IBM Maximo Asset Management 7.5 through 7.5.0.6, and 7.5 through 7.5.0.3 and 7.5.1 through 7.5.1.2 for SmartCloud Control Desk, allows remote authenticated users to in…
|
NVD-CWE-Other
|
CVE-2014-3026
|
2024-11-21 11:07 |
2014-07-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
279754
|
- |
|
ibm
|
embedded_websphere_application_server
tivoli_integrated_portal
|
install.sh in the Embedded WebSphere Application Server (eWAS) 7.0 before FP33 in IBM Tivoli Integrated Portal (TIP) 2.1 and 2.2 sets world-writable permissions for the installRoot directory tree, wh…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2014-3020
|
2024-11-21 11:07 |
2014-07-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
279755
|
- |
|
cisco
|
webex_meetings_server
|
The OutlookAction Class in Cisco WebEx Meetings Server allows remote attackers to enumerate user accounts by entering crafted URLs and examining the returned messages, aka Bug ID CSCuj81722.
|
CWE-200
Information Exposure
|
CVE-2014-3304
|
2024-11-21 11:07 |
2014-07-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
279756
|
- |
|
cisco
|
webex_meetings_server
|
The web framework in Cisco WebEx Meetings Server does not properly restrict the content of query strings, which allows remote attackers to obtain sensitive information by reading (1) web-server acces…
|
CWE-200
Information Exposure
|
CVE-2014-3303
|
2024-11-21 11:07 |
2014-07-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
279757
|
- |
|
silver-peak
|
vx
|
Cross-site scripting (XSS) vulnerability in php/user_account.php in Silver Peak VX before 6.2.4 allows remote attackers to inject arbitrary web script or HTML via the user_id parameter.
|
CWE-79
Cross-site Scripting
|
CVE-2014-2975
|
2024-11-21 11:07 |
2014-07-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
279758
|
- |
|
silver-peak
|
vx
|
Cross-site request forgery (CSRF) vulnerability in php/user_account.php in Silver Peak VX through 6.2.4 allows remote attackers to hijack the authentication of administrators for requests that create…
|
CWE-352
Origin Validation Error
|
CVE-2014-2974
|
2024-11-21 11:07 |
2014-07-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
279759
|
- |
|
caucho
|
resin
|
The ISO-8859-1 encoder in Resin Pro before 4.0.40 does not properly perform Unicode transformations, which allows remote attackers to bypass intended text restrictions via crafted characters, as demo…
|
CWE-264
CWE-20
Permissions, Privileges, and Access Controls
Improper Input Validation
|
CVE-2014-2966
|
2024-11-21 11:07 |
2014-07-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
279760
|
- |
|
cisco
|
unified_presence_server
|
The Intercluster Sync Agent Service in Cisco Unified Presence Server allows remote attackers to cause a denial of service via a TCP SYN flood, aka Bug ID CSCun34125.
|
CWE-400
Uncontrolled Resource Consumption
|
CVE-2014-3328
|
2024-11-21 11:07 |
2014-07-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
