|
278001
|
- |
|
microsoft
|
internet_explorer
|
Microsoft Internet Explorer 8 through 11 allows remote attackers to bypass the XSS filter via a crafted attribute of an element in an HTML document, aka "Internet Explorer XSS Filter Bypass Vulnerabi…
|
CWE-20
Improper Input Validation
|
CVE-2014-6328
|
2024-11-21 11:14 |
2014-12-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
278002
|
- |
|
microsoft
|
internet_explorer
|
Microsoft Internet Explorer 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vuln…
|
CWE-20
Improper Input Validation
|
CVE-2014-6327
|
2024-11-21 11:14 |
2014-12-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
278003
|
- |
|
microsoft
|
exchange_server
|
Cross-site scripting (XSS) vulnerability in Microsoft Exchange Server 2013 SP1 and Cumulative Update 6 allows remote attackers to inject arbitrary web script or HTML via a crafted URL, aka "OWA XSS V…
|
CWE-79
Cross-site Scripting
|
CVE-2014-6326
|
2024-11-21 11:14 |
2014-12-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
278004
|
- |
|
microsoft
|
exchange_server
|
Cross-site scripting (XSS) vulnerability in Microsoft Exchange Server 2013 SP1 and Cumulative Update 6 allows remote attackers to inject arbitrary web script or HTML via a crafted URL, aka "OWA XSS V…
|
CWE-79
Cross-site Scripting
|
CVE-2014-6325
|
2024-11-21 11:14 |
2014-12-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
278005
|
- |
|
microsoft
|
exchange_server
|
Outlook Web App (OWA) in Microsoft Exchange Server 2007 SP3, 2010 SP3, and 2013 SP1 and Cumulative Update 6 does not properly validate tokens in requests, which allows remote attackers to spoof the o…
|
CWE-284
Improper Access Control
|
CVE-2014-6319
|
2024-11-21 11:14 |
2014-12-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
278006
|
- |
|
digium
|
certified_asterisk
asterisk
|
Asterisk Open Source 11.x before 11.12.1 and 12.x before 12.5.1 and Certified Asterisk 11.6 before 11.6-cert6, when using the res_fax_spandsp module, allows remote authenticated users to cause a deni…
|
CWE-19
Data Processing Errors
|
CVE-2014-6610
|
2024-11-21 11:14 |
2014-11-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
278007
|
- |
|
digium
|
asterisk
|
The res_pjsip_pubsub module in Asterisk Open Source 12.x before 12.5.1 allows remote authenticated users to cause a denial of service (crash) via crafted headers in a SIP SUBSCRIBE request for an eve…
|
CWE-20
Improper Input Validation
|
CVE-2014-6609
|
2024-11-21 11:14 |
2014-11-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
278008
|
- |
|
oracle
|
database_server
|
Unspecified vulnerability in the JPublisher component in Oracle Database Server 11.1.0.7, 11.2.0.3, 11.2.0.4, 12.1.0.1, and 12.1.0.2 allows remote authenticated users to affect confidentiality via un…
|
CWE-200
Information Exposure
|
CVE-2014-6477
|
2024-11-21 11:14 |
2014-11-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
278009
|
- |
|
arubanetworks
|
clearpass
|
Aruba Networks ClearPass before 6.3.5 and 6.4.x before 6.4.1 allows remote attackers to execute arbitrary commands via unspecified vectors, a different vulnerability than CVE-2014-5342.
|
CWE-284
Improper Access Control
|
CVE-2014-6627
|
2024-11-21 11:14 |
2014-11-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
278010
|
- |
|
arubanetworks
|
clearpass
|
Aruba Networks ClearPass before 6.3.6 and 6.4.x before 6.4.1 does not properly restrict access to unspecified administrative functions, which allows remote attackers to bypass authentication and exec…
|
CWE-284
Improper Access Control
|
CVE-2014-6626
|
2024-11-21 11:14 |
2014-11-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
