|
285151
|
- |
|
cisco
|
ios
ios_xe
|
The IKE implementation in Cisco IOS 15.4(1)T and earlier and IOS XE allows remote attackers to cause a denial of service (security-association drop) via crafted Main Mode packets, aka Bug ID CSCun310…
|
NVD-CWE-noinfo
|
CVE-2014-2143
|
2024-11-21 11:05 |
2014-04-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
285152
|
- |
|
cisco
|
emergency_responder
|
Multiple open redirect vulnerabilities in Cisco Emergency Responder (ER) 8.6 and earlier allow remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via unspecified p…
|
CWE-20
Improper Input Validation
|
CVE-2014-2117
|
2024-11-21 11:05 |
2014-04-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
285153
|
- |
|
cisco
|
emergency_responder
|
Cisco Emergency Responder (ER) 8.6 and earlier allows remote attackers to inject web pages and modify dynamic content via unspecified parameters, aka Bug ID CSCun37882.
|
CWE-20
Improper Input Validation
|
CVE-2014-2116
|
2024-11-21 11:05 |
2014-04-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
285154
|
- |
|
cisco
|
emergency_responder
|
Multiple cross-site request forgery (CSRF) vulnerabilities in CERUserServlet pages in Cisco Emergency Responder (ER) 8.6 and earlier allow remote attackers to hijack the authentication of arbitrary u…
|
CWE-352
Origin Validation Error
|
CVE-2014-2115
|
2024-11-21 11:05 |
2014-04-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
285155
|
- |
|
cisco
|
emergency_responder
|
Cross-site scripting (XSS) vulnerability in UserServlet in Cisco Emergency Responder (ER) 8.6 and earlier allows remote attackers to inject arbitrary web script or HTML via an unspecified parameter, …
|
CWE-79
Cross-site Scripting
|
CVE-2014-2114
|
2024-11-21 11:05 |
2014-04-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
285156
|
- |
|
cisco
|
security_manager
|
CRLF injection vulnerability in the web framework in Cisco Security Manager 4.2 and earlier allows remote attackers to inject arbitrary HTTP headers and conduct redirection attacks via a crafted URL,…
|
CWE-20
Improper Input Validation
|
CVE-2014-2138
|
2024-11-21 11:05 |
2014-04-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
285157
|
- |
|
cisco
|
web_security_appliance
web_security_virtual_appliance
|
CRLF injection vulnerability in the web framework in Cisco Web Security Appliance (WSA) 7.7 and earlier allows remote attackers to inject arbitrary HTTP headers and conduct redirection attacks via a …
|
CWE-20
Improper Input Validation
|
CVE-2014-2137
|
2024-11-21 11:05 |
2014-04-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
285158
|
- |
|
cisco
|
unity_connection
|
Cross-site scripting (XSS) vulnerability in the Web Inbox in Cisco Unity Connection 8.6(2a)SU3 and earlier allows remote attackers to inject arbitrary web script or HTML via an unspecified parameter,…
|
CWE-79
Cross-site Scripting
|
CVE-2014-2125
|
2024-11-21 11:05 |
2014-04-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
285159
|
- |
|
pearson
|
esis_enterprise_student_information_system
|
Cross-site scripting (XSS) vulnerability in aal/loginverification.aspx in Pearson eSIS Enterprise Student Information System allows remote attackers to inject arbitrary web script or HTML via unspeci…
|
CWE-79
Cross-site Scripting
|
CVE-2014-1942
|
2024-11-21 11:05 |
2014-04-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
285160
|
- |
|
posh_project
|
posh
|
The remember me feature in portal/scr_authentif.php in POSH (aka Posh portal or Portaneo) 3.0, 3.2.1, 3.3.0, and earlier stores the username and MD5 digest of the password in cleartext in a cookie, w…
|
CWE-255
Credentials Management
|
CVE-2014-2212
|
2024-11-21 11:05 |
2014-04-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
