|
280381
|
- |
|
cybozu
|
garoon
|
The Portlets subsystem in Cybozu Garoon 2.x and 3.x before 3.7 SP4 allows remote authenticated users to bypass intended access restrictions via unspecified vectors.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2014-1993
|
2024-11-21 11:05 |
2014-07-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
280382
|
- |
|
cybozu
|
garoon
|
Cross-site scripting (XSS) vulnerability in the Messages functionality in Cybozu Garoon 3.1.x, 3.5.x, and 3.7.x before 3.7 SP4 allows remote authenticated users to inject arbitrary web script or HTML…
|
CWE-79
Cross-site Scripting
|
CVE-2014-1992
|
2024-11-21 11:05 |
2014-07-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
280383
|
- |
|
cybozu
|
garoon
|
The CGI component in Cybozu Garoon 3.1.0 through 3.7 SP3 allows remote attackers to execute arbitrary commands via unspecified vectors.
|
CWE-78
OS Command
|
CVE-2014-1987
|
2024-11-21 11:05 |
2014-07-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
280384
|
- |
|
nextapp
|
file_explorer
|
Directory traversal vulnerability in the NextApp File Explorer application before 2.1.0.3 for Android allows remote attackers to overwrite or create arbitrary files via a crafted filename.
|
CWE-22
Path Traversal
|
CVE-2014-1973
|
2024-11-21 11:05 |
2014-07-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
280385
|
- |
|
microsoft
|
windows_server_2008
windows_server_2012
windows_rt
windows_7
windows_8.1
windows_rt_8.1
windows_vista
windows_8
|
Windows Journal in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows remote a…
|
CWE-94
Code Injection
|
CVE-2014-1824
|
2024-11-21 11:05 |
2014-07-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
280386
|
- |
|
cisco
|
unified_communications_domain_manager
unified_cdm_platform_software
|
Cisco Unified Communications Domain Manager (CDM) in Unified CDM Platform Software before 4.4.2 has a hardcoded SSH private key, which makes it easier for remote attackers to obtain access to the sup…
|
CWE-255
Credentials Management
|
CVE-2014-2198
|
2024-11-21 11:05 |
2014-07-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
280387
|
- |
|
cisco
|
unified_communications_domain_manager
unified_cdm_application_software
|
The Administration GUI in the web framework in Cisco Unified Communications Domain Manager (CDM) in Unified CDM Application Software before 8.1.4 does not properly implement access control, which all…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2014-2197
|
2024-11-21 11:05 |
2014-07-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
280388
|
- |
|
intercom
|
web_kyukincho
|
Cross-site scripting (XSS) vulnerability in Intercom Web Kyukincho 3.x before 3.0.030 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
|
CWE-79
Cross-site Scripting
|
CVE-2014-2006
|
2024-11-21 11:05 |
2014-06-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
280389
|
6.8 |
MEDIUM
Physics
|
sophos
|
enterprise_console
|
Sophos Disk Encryption (SDE) 5.x in Sophos Enterprise Console (SEC) 5.x before 5.2.2 does not enforce intended authentication requirements for a resume action from sleep mode, which allows physically…
|
CWE-287
Improper Authentication
|
CVE-2014-2005
|
2024-11-21 11:05 |
2014-06-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
280390
|
- |
|
jreast
|
jr_east_japan
|
The East Japan Railway Company JR East Japan application before 1.2.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to obtain sensitive inf…
|
CWE-310
Cryptographic Issues
|
CVE-2014-2001
|
2024-11-21 11:05 |
2014-06-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
