|
279201
|
- |
|
siemens
|
simatic_tiaportal
simatic_wincc
simatic_pcs7
simatic_pcs_7
|
The WinCC server in Siemens SIMATIC WinCC 7.0 through SP3, 7.2 before Update 9, and 7.3 before Update 2; SIMATIC PCS 7 7.1 through SP4, 8.0 through SP2, and 8.1; and TIA Portal 13 before Update 6 all…
|
CWE-200
Information Exposure
|
CVE-2014-8552
|
2024-11-21 11:19 |
2014-11-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
279202
|
- |
|
siemens
|
simatic_tiaportal
simatic_wincc
simatic_pcs7
simatic_pcs_7
|
The WinCC server in Siemens SIMATIC WinCC 7.0 through SP3, 7.2 before Update 9, and 7.3 before Update 2; SIMATIC PCS 7 7.1 through SP4, 8.0 through SP2, and 8.1; and TIA Portal 13 before Update 6 all…
|
CWE-94
Code Injection
|
CVE-2014-8551
|
2024-11-21 11:19 |
2014-11-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
279203
|
- |
|
manageengine
|
oputils
|
The ConfigSaveServlet servlet in ManageEngine OpUtils before build 71024 allows remote attackers to "disclose" files via a crafted filename, related to "saveFile."
|
CWE-200
Information Exposure
|
CVE-2014-8678
|
2024-11-21 11:19 |
2014-11-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
279204
|
- |
|
jexperts
|
channel_platform
|
JExperts Channel Platform 5.0.33_CCB allows remote authenticated users to bypass access restrictions via crafted action and key parameters.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2014-8558
|
2024-11-21 11:19 |
2014-11-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
279205
|
- |
|
sonicwall
|
analyzer
global_management_system
uma_em5000
|
The ViewPoint web application in Dell SonicWALL Global Management System (GMS) before 7.2 SP2, SonicWALL Analyzer before 7.2 SP2, and SonicWALL UMA before 7.2 SP2 allows remote authenticated users to…
|
CWE-20
Improper Input Validation
|
CVE-2014-8420
|
2024-11-21 11:19 |
2014-11-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
279206
|
- |
|
polarssl
|
polarssl
|
PolarSSL 1.3.8 does not properly negotiate the signature algorithm to use, which allows remote attackers to conduct downgrade attacks via unspecified vectors.
|
CWE-310
Cryptographic Issues
|
CVE-2014-8627
|
2024-11-21 11:19 |
2014-11-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
279207
|
- |
|
digium
|
certified_asterisk
asterisk
|
The DB dialplan function in Asterisk Open Source 1.8.x before 1.8.32, 11.x before 11.1.4.1, 12.x before 12.7.1, and 13.x before 13.0.1 and Certified Asterisk 1.8 before 1.8.28-cert8 and 11.6 before 1…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2014-8418
|
2024-11-21 11:19 |
2014-11-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
279208
|
- |
|
digium
|
asterisk
certified_asterisk
|
ConfBridge in Asterisk 11.x before 11.14.1, 12.x before 12.7.1, and 13.x before 13.0.1 and Certified Asterisk 11.6 before 11.6-cert8 allows remote authenticated users to (1) gain privileges via vecto…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2014-8417
|
2024-11-21 11:19 |
2014-11-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
279209
|
- |
|
digium
|
asterisk
|
Use-after-free vulnerability in the PJSIP channel driver in Asterisk Open Source 12.x before 12.7.1 and 13.x before 13.0.1, when using the res_pjsip_refer module, allows remote attackers to cause a d…
|
CWE-20
Improper Input Validation
|
CVE-2014-8416
|
2024-11-21 11:19 |
2014-11-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
279210
|
- |
|
digium
|
asterisk
|
Race condition in the chan_pjsip channel driver in Asterisk Open Source 12.x before 12.7.1 and 13.x before 13.0.1 allows remote attackers to cause a denial of service (assertion failure and crash) vi…
|
CWE-20
Improper Input Validation
|
CVE-2014-8415
|
2024-11-21 11:19 |
2014-11-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
