|
283751
|
- |
|
caucho
|
resin
|
The ISO-8859-1 encoder in Resin Pro before 4.0.40 does not properly perform Unicode transformations, which allows remote attackers to bypass intended text restrictions via crafted characters, as demo…
|
CWE-264
CWE-20
Permissions, Privileges, and Access Controls
Improper Input Validation
|
CVE-2014-2966
|
2024-11-21 11:07 |
2014-07-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
283752
|
- |
|
cisco
|
unified_presence_server
|
The Intercluster Sync Agent Service in Cisco Unified Presence Server allows remote attackers to cause a denial of service via a TCP SYN flood, aka Bug ID CSCun34125.
|
CWE-400
Uncontrolled Resource Consumption
|
CVE-2014-3328
|
2024-11-21 11:07 |
2014-07-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
283753
|
- |
|
cisco
|
security_manager
|
SQL injection vulnerability in the web framework in Cisco Security Manager 4.5 and 4.6 allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors, aka Bug ID CSCup269…
|
CWE-89
SQL Injection
|
CVE-2014-3326
|
2024-11-21 11:07 |
2014-07-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
283754
|
- |
|
cisco
|
telepresence_server_software
|
Multiple cross-site scripting (XSS) vulnerabilities in the login page in the administrative web interface in Cisco TelePresence Server Software 4.0(2.8) allow remote attackers to inject arbitrary web…
|
CWE-79
Cross-site Scripting
|
CVE-2014-3324
|
2024-11-21 11:07 |
2014-07-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
283755
|
- |
|
cisco
|
webex_meetings_server
|
Cross-site request forgery (CSRF) vulnerability in the web framework in Cisco WebEx Meetings Server 1.5(.1.131) and earlier allows remote attackers to hijack the authentication of unspecified victims…
|
CWE-352
Origin Validation Error
|
CVE-2014-3305
|
2024-11-21 11:07 |
2014-07-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
283756
|
- |
|
cisco
|
webex_meetings_server
|
The ProfileAction controller in Cisco WebEx Meetings Server (CWMS) 1.5(.1.131) and earlier allows remote attackers to obtain sensitive information by reading stack traces in returned messages, aka Bu…
|
CWE-200
Information Exposure
|
CVE-2014-3301
|
2024-11-21 11:07 |
2014-07-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
283757
|
- |
|
ibm
|
infosphere_information_server
|
Cross-site scripting (XSS) vulnerability in the Data Quality Console in IBM InfoSphere Information Server 11.3 allows remote attackers to inject arbitrary web script or HTML via a crafted URL for add…
|
CWE-79
Cross-site Scripting
|
CVE-2014-3071
|
2024-11-21 11:07 |
2014-07-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
283758
|
- |
|
cisco
|
ios_xr
asr_9000_rsp440_router
asr_9001
asr_9006
asr_9010
asr_9904
asr_9912
asr_9922
|
Cisco IOS XR 4.3(.2) and earlier on ASR 9000 devices does not properly perform NetFlow sampling of IP packets, which allows remote attackers to cause a denial of service (chip and card hangs) via mal…
|
CWE-20
Improper Input Validation
|
CVE-2014-3322
|
2024-11-21 11:07 |
2014-07-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
283759
|
- |
|
honeywell
|
falcon_xlweb_linux_controller
falcon_xlweb_xlwebexe
|
Multiple cross-site scripting (XSS) vulnerabilities on Honeywell FALCON XLWeb Linux controller devices 2.04.01 and earlier and FALCON XLWeb XLWebExe controller devices 2.02.11 and earlier allow remot…
|
CWE-79
Cross-site Scripting
|
CVE-2014-3110
|
2024-11-21 11:07 |
2014-07-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
283760
|
- |
|
micropact
|
icomplaints
|
Cross-site scripting (XSS) vulnerability in AddStdLetter.jsp in MicroPact iComplaints before 8.0.2.1.8.8014 allows remote authenticated users to inject arbitrary web script or HTML via the descriptio…
|
CWE-79
Cross-site Scripting
|
CVE-2014-2971
|
2024-11-21 11:07 |
2014-07-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
