|
285551
|
- |
|
cisco
|
video_surveillance_indoor_fixed_dome_ip_hd_camera
|
Multiple cross-site scripting (XSS) vulnerabilities in the web interface on Cisco Video Surveillance 5000 HD IP Dome cameras allow remote attackers to inject arbitrary web script or HTML via a crafte…
|
CWE-79
Cross-site Scripting
|
CVE-2014-0673
|
2024-11-21 11:02 |
2014-01-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
285552
|
- |
|
gapless_player
|
simzip
|
Directory traversal vulnerability in the Gapless Player SimZip (aka Simple Zip Viewer) application before 1.2.1 for Android allows remote attackers to overwrite or create arbitrary files via a crafte…
|
CWE-22
Path Traversal
|
CVE-2014-0809
|
2024-11-21 11:02 |
2014-01-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
285553
|
- |
|
cisco
|
video_surveillance_operations_manager
|
Cisco Video Surveillance Operations Manager (VSOM) does not require authentication for MySQL database connections, which allows remote attackers to obtain sensitive information, modify data, or cause…
|
CWE-287
Improper Authentication
|
CVE-2014-0674
|
2024-11-21 11:02 |
2014-01-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
285554
|
- |
|
adobe
|
digital_editions
|
Adobe Digital Editions 2.0.1 allows attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via unspecified vectors.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2014-0494
|
2024-11-21 11:02 |
2014-01-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
285555
|
- |
|
cisco
|
telepresence_video_communication_server
|
The Expressway component in Cisco TelePresence Video Communication Server (VCS) uses the same default X.509 certificate across different customers' installations, which makes it easier for remote att…
|
CWE-255
Credentials Management
|
CVE-2014-0675
|
2024-11-21 11:02 |
2014-01-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
285556
|
- |
|
lockon
|
ec-cube
|
Authorization bypass through user-controlled key issue exists in EC-CUBE 2.11.0 through 2.12.2 and EC-Orange systems deployed before June 29th, 2015. If this vulnerability is exploited, a user of the…
|
NVD-CWE-noinfo
|
CVE-2014-0808
|
2024-11-21 11:02 |
2014-01-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
285557
|
- |
|
lockon
|
ec-cube
|
data/class/pages/shopping/LC_Page_Shopping_Deliv.php in LOCKON EC-CUBE 2.4.4 and earlier, and 2.11.0 through 2.12.2, allows remote attackers to modify data via unspecified vectors.
|
NVD-CWE-noinfo
|
CVE-2014-0807
|
2024-11-21 11:02 |
2014-01-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
285558
|
- |
|
fenrir-inc
|
sleipnir_mobile
|
The Sleipnir Mobile application 2.12.1 and earlier and Sleipnir Mobile Black Edition application 2.12.1 and earlier for Android provide Geolocation API data without verifying user consent, which allo…
|
CWE-200
Information Exposure
|
CVE-2014-0806
|
2024-11-21 11:02 |
2014-01-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
285559
|
- |
|
cisco
|
nx-os
|
The Label Distribution Protocol (LDP) functionality in Cisco NX-OS allows remote attackers to cause a denial of service (temporary LDP session outage) via LDP discovery traffic containing malformed H…
|
CWE-20
Improper Input Validation
|
CVE-2014-0677
|
2024-11-21 11:02 |
2014-01-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
285560
|
- |
|
cisco
|
nx-os
|
Cisco NX-OS allows local users to bypass intended TACACS+ command restrictions via a series of multiple commands, aka Bug ID CSCum47367.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2014-0676
|
2024-11-21 11:02 |
2014-01-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
