|
280301
|
- |
|
jasper_project
redhat
|
jasper
enterprise_linux
|
Double free vulnerability in the jas_iccattrval_destroy function in JasPer 1.900.1 and earlier allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a cr…
|
NVD-CWE-Other
|
CVE-2014-8137
|
2024-11-21 11:18 |
2014-12-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
280302
|
- |
|
cisco
|
meraki_mr_firmware
meraki_mr
meraki_ms_firmware
meraki_ms
meraki_mx_firmware
meraki_mx
|
Cisco-Meraki MS, MR, and MX devices with firmware before 2014-09-24 allow remote authenticated users to install arbitrary firmware by leveraging unspecified HTTP handler access on the local network, …
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2014-7999
|
2024-11-21 11:18 |
2014-12-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
280303
|
- |
|
cisco
|
meraki_mx_firmware
meraki_mx
meraki_ms_firmware
meraki_ms
meraki_mr_firmware
meraki_mr
|
Cisco-Meraki MS, MR, and MX devices with firmware before 2014-09-24 allow physically proximate attackers to obtain shell access by opening a device's case and connecting a cable to a serial port, aka…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2014-7995
|
2024-11-21 11:18 |
2014-12-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
280304
|
- |
|
cisco
|
meraki_mr_firmware
meraki_mr
meraki_mx_firmware
meraki_mx
meraki_ms_firmware
meraki_ms
|
Cisco-Meraki MS, MR, and MX devices with firmware before 2014-09-24 allow remote attackers to execute arbitrary commands by leveraging knowledge of a cross-device secret and a per-device secret, and …
|
CWE-20
Improper Input Validation
|
CVE-2014-7994
|
2024-11-21 11:18 |
2014-12-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
280305
|
- |
|
cisco
|
meraki_mx_firmware
meraki_mr_firmware
meraki_ms_firmware
|
Cisco-Meraki MS, MR, and MX devices with firmware before 2014-09-24 allow remote attackers to obtain sensitive credential information by leveraging unspecified HTTP handler access on the local networ…
|
CWE-200
Information Exposure
|
CVE-2014-7993
|
2024-11-21 11:18 |
2014-12-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
280306
|
- |
|
cisco
|
jabber_guest
|
Cross-site scripting (XSS) vulnerability in the Guest Server in Cisco Jabber allows remote attackers to inject arbitrary web script or HTML via a (1) GET or (2) POST parameter, aka Bug ID CSCus08074.
|
CWE-79
Cross-site Scripting
|
CVE-2014-8026
|
2024-11-21 11:18 |
2014-12-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
280307
|
- |
|
cisco
|
jabber_guest
|
The API in the Guest Server in Cisco Jabber, when HTML5 is used, allows remote attackers to obtain sensitive information by sniffing the network during an HTTP (1) GET or (2) POST response, aka Bug I…
|
CWE-200
Information Exposure
|
CVE-2014-8025
|
2024-11-21 11:18 |
2014-12-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
280308
|
- |
|
cisco
|
jabber_guest
|
The API in the Guest Server in Cisco Jabber, when the HTML5 CORS feature is used, allows remote attackers to obtain sensitive information by sniffing the network during an HTTP (1) GET or (2) POST re…
|
CWE-200
Information Exposure
|
CVE-2014-8024
|
2024-11-21 11:18 |
2014-12-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
280309
|
- |
|
cisco
|
unified_communications_domain_manager
|
Multiple cross-site scripting (XSS) vulnerabilities in Business Voice Services Manager (BVSM) pages in the Application Software in Cisco Unified Communications Domain Manager 8 allow remote attackers…
|
CWE-79
Cross-site Scripting
|
CVE-2014-8018
|
2024-11-21 11:18 |
2014-12-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
280310
|
- |
|
cisco
|
identity_services_engine_software
|
The periodic-backup feature in Cisco Identity Services Engine (ISE) allows remote attackers to discover backup-encryption passwords via a crafted request that triggers inclusion of a password in a re…
|
CWE-200
Information Exposure
|
CVE-2014-8017
|
2024-11-21 11:18 |
2014-12-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
