|
280111
|
- |
|
sophos
|
anti-virus
|
Multiple cross-site scripting (XSS) vulnerabilities in the web UI in Sophos Anti-Virus for Linux before 9.6.1 allow local users to inject arbitrary web script or HTML via the (1) newListList:ExcludeF…
|
CWE-79
Cross-site Scripting
|
CVE-2014-2385
|
2024-11-21 11:06 |
2014-07-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
280112
|
- |
|
emc
|
recoverpoint_appliance
|
The default configuration of EMC RecoverPoint Appliance (RPA) 4.1 before 4.1.0.1 does not enable a firewall, which allows remote attackers to obtain potentially sensitive information about open ports…
|
CWE-200
Information Exposure
|
CVE-2014-2519
|
2024-11-21 11:06 |
2014-07-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
280113
|
- |
|
advantech
|
advantech_webaccess
|
The BrowseFolder method in the bwocxrun ActiveX control in Advantech WebAccess before 7.2 allows remote attackers to read arbitrary files via a crafted call.
|
CWE-200
Information Exposure
|
CVE-2014-2368
|
2024-11-21 11:06 |
2014-07-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
280114
|
- |
|
advantech
|
advantech_webaccess
|
The ChkCookie subroutine in an ActiveX control in broadweb/include/gChkCook.asp in Advantech WebAccess before 7.2 allows remote attackers to read arbitrary files via a crafted call.
|
CWE-200
Information Exposure
|
CVE-2014-2367
|
2024-11-21 11:06 |
2014-07-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
280115
|
- |
|
advantech
|
advantech_webaccess
|
upAdminPg.asp in Advantech WebAccess before 7.2 allows remote authenticated users to discover credentials by reading HTML source code.
|
CWE-200
Information Exposure
|
CVE-2014-2366
|
2024-11-21 11:06 |
2014-07-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
280116
|
- |
|
advantech
|
advantech_webaccess
|
Unspecified vulnerability in Advantech WebAccess before 7.2 allows remote authenticated users to create or delete arbitrary files via unknown vectors.
|
NVD-CWE-noinfo
|
CVE-2014-2365
|
2024-11-21 11:06 |
2014-07-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
280117
|
- |
|
advantech
|
advantech_webaccess
|
Multiple stack-based buffer overflows in Advantech WebAccess before 7.2 allow remote attackers to execute arbitrary code via a long string in the (1) ProjectName, (2) SetParameter, (3) NodeName, (4) …
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2014-2364
|
2024-11-21 11:06 |
2014-07-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
280118
|
- |
|
hp
|
storage_data_protector
|
Unspecified vulnerability in HP Storage Data Protector 8.x allows remote attackers to execute arbitrary code via unknown vectors.
|
NVD-CWE-noinfo
|
CVE-2014-2623
|
2024-11-21 11:06 |
2014-07-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
280119
|
- |
|
oracle
|
peoplesoft_products
|
Unspecified vulnerability in the PeopleSoft Enterprise PT PeopleTools component in Oracle PeopleSoft Products 8.52 and 8.53 allows remote authenticated users to affect confidentiality and integrity v…
|
NVD-CWE-noinfo
|
CVE-2014-2496
|
2024-11-21 11:06 |
2014-07-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
280120
|
- |
|
oracle
|
peoplesoft_products
|
Unspecified vulnerability in the PeopleSoft Enterprise SCM Purchasing component in Oracle PeopleSoft Products 9.1 and 9.2 allows remote authenticated users to affect confidentiality via unknown vecto…
|
NVD-CWE-noinfo
|
CVE-2014-2495
|
2024-11-21 11:06 |
2014-07-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
