|
281551
|
- |
|
omron
|
ns_series_system_program_firmware
ns10_hmi_terminal
ns12_hmi_terminal
ns15_hmi_terminal
ns5_hmi_terminal
ns8_hmi_terminal
|
Cross-site scripting (XSS) vulnerability in the web application on Omron NS5, NS8, NS10, NS12, and NS15 HMI terminals 8.1xx through 8.68x allows remote authenticated users to inject arbitrary web scr…
|
CWE-79
Cross-site Scripting
|
CVE-2014-2370
|
2024-11-21 11:06 |
2014-07-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
281552
|
- |
|
omron
|
ns_series_system_program_firmware
ns10_hmi_terminal
ns12_hmi_terminal
ns15_hmi_terminal
ns5_hmi_terminal
ns8_hmi_terminal
|
Cross-site request forgery (CSRF) vulnerability in the web application on Omron NS5, NS8, NS10, NS12, and NS15 HMI terminals 8.1xx through 8.68x allows remote authenticated users to hijack the authen…
|
CWE-352
Origin Validation Error
|
CVE-2014-2369
|
2024-11-21 11:06 |
2014-07-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
281553
|
- |
|
oleumtech
|
wio_dh2_wireless_gateway
sensor_wireless_i\/o_module
|
OleumTech WIO DH2 Wireless Gateway and Sensor Wireless I/O Modules rely exclusively on a time value for entropy in key generation, which makes it easier for remote attackers to defeat cryptographic p…
|
NVD-CWE-Other
|
CVE-2014-2362
|
2024-11-21 11:06 |
2014-07-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
281554
|
- |
|
oleumtech
|
wio_dh2_wireless_gateway
sensor_wireless_i\/o_module
|
OleumTech WIO DH2 Wireless Gateway and Sensor Wireless I/O Modules, when BreeZ is used, do not require authentication for reading the site security key, which allows physically proximate attackers to…
|
NVD-CWE-Other
|
CVE-2014-2361
|
2024-11-21 11:06 |
2014-07-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
281555
|
- |
|
oleumtech
|
wio_dh2_wireless_gateway
sensor_wireless_i\/o_module
|
OleumTech WIO DH2 Wireless Gateway and Sensor Wireless I/O Modules allow remote attackers to execute arbitrary code via packets that report a high battery voltage.
|
CWE-20
Improper Input Validation
|
CVE-2014-2360
|
2024-11-21 11:06 |
2014-07-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
281556
|
- |
|
sophos
|
anti-virus
|
Multiple cross-site scripting (XSS) vulnerabilities in the web UI in Sophos Anti-Virus for Linux before 9.6.1 allow local users to inject arbitrary web script or HTML via the (1) newListList:ExcludeF…
|
CWE-79
Cross-site Scripting
|
CVE-2014-2385
|
2024-11-21 11:06 |
2014-07-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
281557
|
- |
|
emc
|
recoverpoint_appliance
|
The default configuration of EMC RecoverPoint Appliance (RPA) 4.1 before 4.1.0.1 does not enable a firewall, which allows remote attackers to obtain potentially sensitive information about open ports…
|
CWE-200
Information Exposure
|
CVE-2014-2519
|
2024-11-21 11:06 |
2014-07-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
281558
|
- |
|
advantech
|
advantech_webaccess
|
The BrowseFolder method in the bwocxrun ActiveX control in Advantech WebAccess before 7.2 allows remote attackers to read arbitrary files via a crafted call.
|
CWE-200
Information Exposure
|
CVE-2014-2368
|
2024-11-21 11:06 |
2014-07-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
281559
|
- |
|
advantech
|
advantech_webaccess
|
The ChkCookie subroutine in an ActiveX control in broadweb/include/gChkCook.asp in Advantech WebAccess before 7.2 allows remote attackers to read arbitrary files via a crafted call.
|
CWE-200
Information Exposure
|
CVE-2014-2367
|
2024-11-21 11:06 |
2014-07-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
281560
|
- |
|
advantech
|
advantech_webaccess
|
upAdminPg.asp in Advantech WebAccess before 7.2 allows remote authenticated users to discover credentials by reading HTML source code.
|
CWE-200
Information Exposure
|
CVE-2014-2366
|
2024-11-21 11:06 |
2014-07-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
