|
279571
|
- |
|
cisco
|
prime_security_manager
|
Multiple cross-site scripting (XSS) vulnerabilities in the web framework in Cisco Prime Security Manager (aka PRSM) 9.2.1-2 and earlier allow remote attackers to inject arbitrary web script or HTML v…
|
CWE-79
Cross-site Scripting
|
CVE-2014-3364
|
2024-11-21 11:07 |
2014-12-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
279572
|
- |
|
ibm
|
websphere_datapower_xc10_appliance_firmware
|
Cross-site request forgery (CSRF) vulnerability on the IBM WebSphere DataPower XC10 appliance 2.1 and 2.5 before FP4 allows remote authenticated users to hijack the authentication of arbitrary users …
|
CWE-352
Origin Validation Error
|
CVE-2014-3058
|
2024-11-21 11:07 |
2014-12-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
279573
|
- |
|
ibm
|
systems_director
|
Unspecified vulnerability in the Security component in IBM Systems Director 6.3.0 through 6.3.5 allows local users to obtain sensitive information via unknown vectors.
|
NVD-CWE-noinfo
|
CVE-2014-3099
|
2024-11-21 11:07 |
2014-12-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
279574
|
- |
|
ibm
|
java
|
IBM Java Runtime Environment (JRE) 7 R1 before SR1 FP1 (7.1.1.1), 7 before SR7 FP1 (7.0.7.1), 6 R1 before SR8 FP1 (6.1.8.1), 6 before SR16 FP1 (6.0.16.1), and before 5.0 SR16 FP7 (5.0.16.7) allows at…
|
CWE-255
Credentials Management
|
CVE-2014-3068
|
2024-11-21 11:07 |
2014-12-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
279575
|
- |
|
ibm
|
java
|
Unspecified vulnerability in IBM Java Runtime Environment (JRE) 7 R1 before SR2 (7.1.2.0), 7 before SR8 (7.0.8.0), 6 R1 before SR8 FP2 (6.1.8.2), 6 before SR16 FP2 (6.0.16.2), and before SR16 FP8 (5.…
|
CWE-94
Code Injection
|
CVE-2014-3065
|
2024-11-21 11:07 |
2014-12-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
279576
|
- |
|
puppet
puppetlabs
|
facter
marionette_collective
hiera
puppet_enterprise
puppet
|
Untrusted search path vulnerability in Puppet Enterprise 2.8 before 2.8.7, Puppet before 2.7.26 and 3.x before 3.6.2, Facter 1.6.x and 2.x before 2.0.2, Hiera before 1.3.4, and Mcollective before 2.5…
|
CWE-17
Code
|
CVE-2014-3248
|
2024-11-21 11:07 |
2014-11-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
279577
|
- |
|
nlnetlabs
|
ldns
|
The ldns-keygen tool in ldns 1.6.x uses the current umask to set the privileges of the private key, which might allow local users to obtain the private key by reading the file.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2014-3209
|
2024-11-21 11:07 |
2014-11-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
279578
|
- |
|
point-to-point_protocol_project
|
point-to-point_protocol
|
Integer overflow in the getword function in options.c in pppd in Paul's PPP Package (ppp) before 2.4.7 allows attackers to "access privileged options" via a long word in an options file, which trigge…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2014-3158
|
2024-11-21 11:07 |
2014-11-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
279579
|
- |
|
cisco
|
unified_communications_manager
|
Multiple cross-site scripting (XSS) vulnerabilities in the CCM Service interface in the Server in Cisco Unified Communications Manager allow remote attackers to inject arbitrary web script or HTML vi…
|
CWE-79
Cross-site Scripting
|
CVE-2014-3375
|
2024-11-21 11:07 |
2014-10-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
279580
|
- |
|
cisco
|
unified_communications_manager
|
Multiple cross-site scripting (XSS) vulnerabilities in the CCM admin interface in the Server in Cisco Unified Communications Manager allow remote attackers to inject arbitrary web script or HTML via …
|
CWE-79
Cross-site Scripting
|
CVE-2014-3374
|
2024-11-21 11:07 |
2014-10-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
