|
279581
|
- |
|
cisco
|
unified_communications_manager
|
Multiple cross-site scripting (XSS) vulnerabilities in the CCM Dialed Number Analyzer interface in the Server in Cisco Unified Communications Manager allow remote attackers to inject arbitrary web sc…
|
CWE-79
Cross-site Scripting
|
CVE-2014-3373
|
2024-11-21 11:07 |
2014-10-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
279582
|
- |
|
cisco
|
unified_communications_manager
|
Multiple cross-site scripting (XSS) vulnerabilities in the CCM reports interface in the Server in Cisco Unified Communications Manager allow remote attackers to inject arbitrary web script or HTML vi…
|
CWE-79
Cross-site Scripting
|
CVE-2014-3372
|
2024-11-21 11:07 |
2014-10-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
279583
|
- |
|
cisco
|
unified_communications_manager
|
SQL injection vulnerability in the administrative web interface in Cisco Unified Communications Manager allows remote authenticated users to execute arbitrary SQL commands via a crafted response, aka…
|
CWE-89
SQL Injection
|
CVE-2014-3366
|
2024-11-21 11:07 |
2014-10-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
279584
|
- |
|
ibm
|
tivoli_composite_application_manager_for_transactions
|
The Internet Service Monitor (ISM) agent in IBM Tivoli Composite Application Manager (ITCAM) for Transactions 7.1 and 7.2 before 7.2.0.3 IF28, 7.3 before 7.3.0.1 IF30, and 7.4 before 7.4.0.0 IF18 doe…
|
CWE-310
Cryptographic Issues
|
CVE-2014-3051
|
2024-11-21 11:07 |
2014-10-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
279585
|
- |
|
cisco
|
ios
asr901
|
Cisco IOS 15.4(3)S0b on ASR901 devices makes incorrect decisions to use the CPU for IPv4 packet processing, which allows remote attackers to cause a denial of service (BGP neighbor flapping) by sendi…
|
CWE-399
Resource Management Errors
|
CVE-2014-3293
|
2024-11-21 11:07 |
2014-10-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
279586
|
- |
|
egroupware
|
egroupware
|
EGroupware Enterprise Line (EPL) before 1.1.20140505, EGroupware Community Edition before 1.8.007.20140506, and EGroupware before 14.1 beta allows remote authenticated administrators to execute arbit…
|
CWE-94
Code Injection
|
CVE-2014-2988
|
2024-11-21 11:07 |
2014-10-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
279587
|
- |
|
egroupware
|
egroupware
|
Multiple cross-site request forgery (CSRF) vulnerabilities in EGroupware Enterprise Line (EPL) before 1.1.20140505, EGroupware Community Edition before 1.8.007.20140506, and EGroupware before 14.1 be…
|
CWE-352
Origin Validation Error
|
CVE-2014-2987
|
2024-11-21 11:07 |
2014-10-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
279588
|
- |
|
bottlepy
|
bottle
|
Bottle 0.10.x before 0.10.12, 0.11.x before 0.11.7, and 0.12.x before 0.12.6 does not properly limit content types, which allows remote attackers to bypass intended access restrictions via an accepte…
|
CWE-20
Improper Input Validation
|
CVE-2014-3137
|
2024-11-21 11:07 |
2014-10-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
279589
|
- |
|
fogproject
|
fog
|
Multiple cross-site scripting (XSS) vulnerabilities in FOG 0.27 through 0.32 allow remote authenticated users to inject arbitrary web script or HTML via the (1) Printer Model field to the Printer Man…
|
CWE-79
Cross-site Scripting
|
CVE-2014-3111
|
2024-11-21 11:07 |
2014-10-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
279590
|
- |
|
cisco
|
asyncos
|
The ZIP inspection engine in Cisco AsyncOS 8.5 and earlier on the Cisco Email Security Appliance (ESA) does not properly analyze ZIP archives, which allows remote attackers to bypass malware filterin…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2014-3381
|
2024-11-21 11:07 |
2014-10-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
