|
280711
|
- |
|
cisco
|
unified_communications_manager
|
SQL injection vulnerability in the administrative web interface in Cisco Unified Communications Manager allows remote authenticated users to execute arbitrary SQL commands via a crafted response, aka…
|
CWE-89
SQL Injection
|
CVE-2014-3366
|
2024-11-21 11:07 |
2014-10-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
280712
|
- |
|
ibm
|
tivoli_composite_application_manager_for_transactions
|
The Internet Service Monitor (ISM) agent in IBM Tivoli Composite Application Manager (ITCAM) for Transactions 7.1 and 7.2 before 7.2.0.3 IF28, 7.3 before 7.3.0.1 IF30, and 7.4 before 7.4.0.0 IF18 doe…
|
CWE-310
Cryptographic Issues
|
CVE-2014-3051
|
2024-11-21 11:07 |
2014-10-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
280713
|
- |
|
cisco
|
ios
asr901
|
Cisco IOS 15.4(3)S0b on ASR901 devices makes incorrect decisions to use the CPU for IPv4 packet processing, which allows remote attackers to cause a denial of service (BGP neighbor flapping) by sendi…
|
CWE-399
Resource Management Errors
|
CVE-2014-3293
|
2024-11-21 11:07 |
2014-10-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
280714
|
- |
|
egroupware
|
egroupware
|
EGroupware Enterprise Line (EPL) before 1.1.20140505, EGroupware Community Edition before 1.8.007.20140506, and EGroupware before 14.1 beta allows remote authenticated administrators to execute arbit…
|
CWE-94
Code Injection
|
CVE-2014-2988
|
2024-11-21 11:07 |
2014-10-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
280715
|
- |
|
egroupware
|
egroupware
|
Multiple cross-site request forgery (CSRF) vulnerabilities in EGroupware Enterprise Line (EPL) before 1.1.20140505, EGroupware Community Edition before 1.8.007.20140506, and EGroupware before 14.1 be…
|
CWE-352
Origin Validation Error
|
CVE-2014-2987
|
2024-11-21 11:07 |
2014-10-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
280716
|
- |
|
bottlepy
|
bottle
|
Bottle 0.10.x before 0.10.12, 0.11.x before 0.11.7, and 0.12.x before 0.12.6 does not properly limit content types, which allows remote attackers to bypass intended access restrictions via an accepte…
|
CWE-20
Improper Input Validation
|
CVE-2014-3137
|
2024-11-21 11:07 |
2014-10-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
280717
|
- |
|
fogproject
|
fog
|
Multiple cross-site scripting (XSS) vulnerabilities in FOG 0.27 through 0.32 allow remote authenticated users to inject arbitrary web script or HTML via the (1) Printer Model field to the Printer Man…
|
CWE-79
Cross-site Scripting
|
CVE-2014-3111
|
2024-11-21 11:07 |
2014-10-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
280718
|
- |
|
cisco
|
asyncos
|
The ZIP inspection engine in Cisco AsyncOS 8.5 and earlier on the Cisco Email Security Appliance (ESA) does not properly analyze ZIP archives, which allows remote attackers to bypass malware filterin…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2014-3381
|
2024-11-21 11:07 |
2014-10-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
280719
|
- |
|
cisco
|
telepresence_video_communication_server_software
expressway_software
|
Cisco TelePresence Video Communication Server (VCS) and Expressway Software before X8.1.1 allow remote attackers to cause a denial of service (device reload) via crafted SIP packets, aka Bug IDs CSCu…
|
CWE-399
Resource Management Errors
|
CVE-2014-3370
|
2024-11-21 11:07 |
2014-10-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
280720
|
- |
|
cisco
|
expressway_software
telepresence_video_communication_server_software
|
The SIP IX implementation in Cisco TelePresence Video Communication Server (VCS) and Expressway Software before X8.1.1 allows remote attackers to cause a denial of service (device reload) via crafted…
|
CWE-399
Resource Management Errors
|
CVE-2014-3369
|
2024-11-21 11:07 |
2014-10-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
