|
276671
|
- |
|
redhat
suse
|
spacewalk
network_satellite
manager
|
Multiple cross-site scripting (XSS) vulnerabilities in Spacewalk and Red Hat Network (RHN) Satellite before 5.7.0 allow remote authenticated users to inject arbitrary web script or HTML via crafted X…
|
CWE-79
Cross-site Scripting
|
CVE-2014-7811
|
2024-11-21 11:18 |
2015-01-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
276672
|
- |
|
cisco
|
webex_meetings_server
|
The outlookpa component in Cisco WebEx Meetings Server does not properly validate API input, which allows remote attackers to modify a meeting's invite list via a crafted URL, aka Bug ID CSCuj40254.
|
CWE-20
Improper Input Validation
|
CVE-2014-8036
|
2024-11-21 11:18 |
2015-01-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
276673
|
- |
|
cisco
|
webex_meetings_server
|
The web framework in Cisco WebEx Meetings Server produces different returned messages for URL requests depending on whether a username exists, which allows remote attackers to enumerate user accounts…
|
CWE-200
Information Exposure
|
CVE-2014-8035
|
2024-11-21 11:18 |
2015-01-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
276674
|
- |
|
cisco
|
unified_communications_domain_manager
|
Cisco Unified Communication Domain Manager Platform Software allows remote attackers to cause a denial of service (CPU consumption, and performance degradation or service outage) via a flood of malfo…
|
CWE-399
Resource Management Errors
|
CVE-2014-8020
|
2024-11-21 11:18 |
2015-01-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
276675
|
- |
|
openssl
|
openssl
|
OpenSSL before 0.9.8zd, 1.0.0 before 1.0.0p, and 1.0.1 before 1.0.1k does not enforce certain constraints on certificate data, which allows remote attackers to defeat a fingerprint-based certificate-…
|
CWE-310
Cryptographic Issues
|
CVE-2014-8275
|
2024-11-21 11:18 |
2015-01-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
276676
|
- |
|
cisco
|
webex_meetings_server
|
The play/modules component in Cisco WebEx Meetings Server allows remote attackers to obtain administrator access via crafted API requests, aka Bug ID CSCuj40421.
|
CWE-287
Improper Authentication
|
CVE-2014-8033
|
2024-11-21 11:18 |
2015-01-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
276677
|
- |
|
cisco
|
webex_meetings_server
|
The OutlookAction LI in Cisco WebEx Meetings Server allows remote authenticated users to obtain sensitive encrypted-password information via unspecified vectors, aka Bug IDs CSCuj40453 and CSCuj40449.
|
CWE-200
Information Exposure
|
CVE-2014-8032
|
2024-11-21 11:18 |
2015-01-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
276678
|
- |
|
cisco
|
webex_meetings_server
|
Cross-site request forgery (CSRF) vulnerability in Cisco WebEx Meetings Server allows remote attackers to hijack the authentication of arbitrary users, aka Bug ID CSCuj40456.
|
CWE-352
Origin Validation Error
|
CVE-2014-8031
|
2024-11-21 11:18 |
2015-01-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
276679
|
- |
|
cisco
|
webex_meetings_server
|
Cross-site scripting (XSS) vulnerability in sendPwMail.do in Cisco WebEx Meetings Server allows remote attackers to inject arbitrary web script or HTML via the email parameter, aka Bug ID CSCuj40381.
|
CWE-79
Cross-site Scripting
|
CVE-2014-8030
|
2024-11-21 11:18 |
2015-01-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
276680
|
- |
|
cisco
|
secure_access_control_system
|
Open redirect vulnerability in the web interface in Cisco Secure Access Control System (ACS) allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via an unspe…
|
NVD-CWE-Other
|
CVE-2014-8029
|
2024-11-21 11:18 |
2015-01-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
