|
279021
|
- |
|
hp
|
universal_configuration_management_database
|
HP Universal CMDB (UCMDB) Probe 9.05, 10.01, and 10.11 enables the HTTP TRACE method, which allows remote attackers to obtain sensitive information by reading the headers of a response.
|
CWE-200
Information Exposure
|
CVE-2014-7883
|
2024-11-21 11:18 |
2015-02-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
279022
|
- |
|
redhat
|
jboss_weld
|
Race condition in JBoss Weld before 2.2.8 and 3.x before 3.0.0 Alpha3 allows remote attackers to obtain information from a previous conversation via vectors related to a stale thread state.
|
CWE-362
Race Condition
|
CVE-2014-8122
|
2024-11-21 11:18 |
2015-02-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
279023
|
- |
|
redhat
|
jboss_operations_network
jboss_enterprise_application_platform
|
The JBoss Application Server (WildFly) JacORB subsystem in Red Hat JBoss Enterprise Application Platform (EAP) before 6.3.3 does not properly assign socket-binding-ref sensitivity classification to t…
|
CWE-200
Information Exposure
|
CVE-2014-7853
|
2024-11-21 11:18 |
2015-02-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
279024
|
- |
|
redhat
|
jboss_enterprise_application_platform
|
The Role Based Access Control (RBAC) implementation in JBoss Enterprise Application Platform (EAP) 6.2.0 through 6.3.2 does not properly verify authorization conditions, which allows remote authentic…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2014-7849
|
2024-11-21 11:18 |
2015-02-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
279025
|
- |
|
redhat
|
jboss_enterprise_application_platform
|
The org.jboss.security.plugins.mapping.JBossMappingManager implementation in JBoss Security in Red Hat JBoss Enterprise Application Platform (EAP) before 6.3.3 uses the default security domain when a…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2014-7827
|
2024-11-21 11:18 |
2015-02-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
279026
|
- |
|
advantech
|
eki-1200_gateway_series_firmware
|
Buffer overflow on Advantech EKI-1200 gateways with firmware before 1.63 allows remote attackers to execute arbitrary code via unspecified vectors.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2014-8385
|
2024-11-21 11:18 |
2015-02-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
279027
|
- |
|
apache
|
activemq
|
Multiple cross-site scripting (XSS) vulnerabilities in the web based administration console in Apache ActiveMQ 5.x before 5.10.1 allow remote attackers to inject arbitrary web script or HTML via unsp…
|
CWE-79
Cross-site Scripting
|
CVE-2014-8110
|
2024-11-21 11:18 |
2015-02-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
279028
|
- |
|
zohocorp
|
manageengine_opmanager
|
Multiple SQL injection vulnerabilities in the FailOverHelperServlet (aka FailServlet) servlet in ZOHO ManageEngine OpManager 8 through 11.5 build 11400 and IT360 10.5 and earlier allow remote attacke…
|
CWE-89
SQL Injection
|
CVE-2014-7864
|
2024-11-21 11:18 |
2015-02-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
279029
|
- |
|
cisco
|
hostscan_engine
anyconnect_secure_mobility_client
|
Cross-site scripting (XSS) vulnerability in Cisco AnyConnect Secure Mobility Client 3.1(.02043) and earlier and Cisco HostScan Engine 3.1(.05183) and earlier allows remote attackers to inject arbitra…
|
CWE-79
Cross-site Scripting
|
CVE-2014-8021
|
2024-11-21 11:18 |
2015-02-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
279030
|
- |
|
cisco
|
nx-os
|
The TACACS+ command-authorization implementation in Cisco NX-OS allows local users to cause a denial of service (device reload) via a long CLI command, aka Bug ID CSCur54182.
|
CWE-20
Improper Input Validation
|
CVE-2014-8013
|
2024-11-21 11:18 |
2015-02-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
