|
280551
|
- |
|
cybozu
|
garoon
|
The CGI component in Cybozu Garoon 3.1.0 through 3.7 SP3 allows remote attackers to execute arbitrary commands via unspecified vectors.
|
CWE-78
OS Command
|
CVE-2014-1987
|
2024-11-21 11:05 |
2014-07-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
280552
|
- |
|
nextapp
|
file_explorer
|
Directory traversal vulnerability in the NextApp File Explorer application before 2.1.0.3 for Android allows remote attackers to overwrite or create arbitrary files via a crafted filename.
|
CWE-22
Path Traversal
|
CVE-2014-1973
|
2024-11-21 11:05 |
2014-07-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
280553
|
- |
|
microsoft
|
windows_server_2008
windows_server_2012
windows_rt
windows_7
windows_8.1
windows_rt_8.1
windows_vista
windows_8
|
Windows Journal in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows remote a…
|
CWE-94
Code Injection
|
CVE-2014-1824
|
2024-11-21 11:05 |
2014-07-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
280554
|
- |
|
cisco
|
unified_communications_domain_manager
unified_cdm_platform_software
|
Cisco Unified Communications Domain Manager (CDM) in Unified CDM Platform Software before 4.4.2 has a hardcoded SSH private key, which makes it easier for remote attackers to obtain access to the sup…
|
CWE-255
Credentials Management
|
CVE-2014-2198
|
2024-11-21 11:05 |
2014-07-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
280555
|
- |
|
cisco
|
unified_communications_domain_manager
unified_cdm_application_software
|
The Administration GUI in the web framework in Cisco Unified Communications Domain Manager (CDM) in Unified CDM Application Software before 8.1.4 does not properly implement access control, which all…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2014-2197
|
2024-11-21 11:05 |
2014-07-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
280556
|
- |
|
intercom
|
web_kyukincho
|
Cross-site scripting (XSS) vulnerability in Intercom Web Kyukincho 3.x before 3.0.030 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
|
CWE-79
Cross-site Scripting
|
CVE-2014-2006
|
2024-11-21 11:05 |
2014-06-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
280557
|
6.8 |
MEDIUM
Physics
|
sophos
|
enterprise_console
|
Sophos Disk Encryption (SDE) 5.x in Sophos Enterprise Console (SEC) 5.x before 5.2.2 does not enforce intended authentication requirements for a resume action from sleep mode, which allows physically…
|
CWE-287
Improper Authentication
|
CVE-2014-2005
|
2024-11-21 11:05 |
2014-06-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
280558
|
- |
|
jreast
|
jr_east_japan
|
The East Japan Railway Company JR East Japan application before 1.2.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to obtain sensitive inf…
|
CWE-310
Cryptographic Issues
|
CVE-2014-2001
|
2024-11-21 11:05 |
2014-06-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
280559
|
- |
|
cisco
|
adaptive_security_appliance_software
|
The WebVPN portal in Cisco Adaptive Security Appliance (ASA) Software 8.4(.7.15) and earlier allows remote authenticated users to obtain sensitive information via a crafted JavaScript file, aka Bug I…
|
NVD-CWE-noinfo
|
CVE-2014-2151
|
2024-11-21 11:05 |
2014-06-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
280560
|
- |
|
ntt
|
050_plus
|
The NTT 050 plus application before 4.2.1 for Android allows attackers to obtain sensitive information by leveraging the ability to read system log files.
|
CWE-200
Information Exposure
|
CVE-2014-2000
|
2024-11-21 11:05 |
2014-06-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
