|
286631
|
- |
|
emc
|
vplex_geosynchrony
|
Session fixation vulnerability in EMC VPLEX GeoSynchrony 4.x and 5.x before 5.3 allows remote attackers to hijack web sessions via unspecified vectors.
|
CWE-287
Improper Authentication
|
CVE-2014-0635
|
2024-11-21 11:02 |
2014-04-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
286632
|
- |
|
emc
|
vplex_geosynchrony
|
EMC VPLEX GeoSynchrony 4.x and 5.x before 5.3 does not include the HTTPOnly flag in a Set-Cookie header for an unspecified cookie, which makes it easier for remote attackers to obtain potentially sen…
|
CWE-20
Improper Input Validation
|
CVE-2014-0634
|
2024-11-21 11:02 |
2014-04-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
286633
|
- |
|
emc
|
vplex_geosynchrony
|
The GUI in EMC VPLEX GeoSynchrony 4.x and 5.x before 5.3 does not properly validate session-timeout values, which might make it easier for remote attackers to execute arbitrary code by leveraging an …
|
CWE-20
Improper Input Validation
|
CVE-2014-0633
|
2024-11-21 11:02 |
2014-04-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
286634
|
- |
|
emc
|
vplex_geosynchrony
|
Directory traversal vulnerability in EMC VPLEX GeoSynchrony 4.x and 5.x before 5.3 allows remote authenticated users to execute arbitrary code via unspecified vectors.
|
CWE-22
Path Traversal
|
CVE-2014-0632
|
2024-11-21 11:02 |
2014-04-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
286635
|
- |
|
ibm
|
storwize_v7000_software
storwize_v7000
flex_system_v7000_software
flex_system_v7000
storwize_v3700_software
storwize_v3700
storwize_v3500_software
storwize_v3500
san_volume_co…
|
IBM SAN Volume Controller; Storwize V3500, V3700, V5000, and V7000; and Flex System V7000 with software 6.3 and 6.4 before 6.4.1.8, and 7.1 and 7.2 before 7.2.0.3, allow remote attackers to obtain CL…
|
NVD-CWE-noinfo
|
CVE-2014-0880
|
2024-11-21 11:02 |
2014-03-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
286636
|
- |
|
emc
|
rsa_authentication_manager
|
Cross-site scripting (XSS) vulnerability in the Self-Service Console in EMC RSA Authentication Manager 7.1 before SP4 P32 allows remote attackers to inject arbitrary web script or HTML via unspecifie…
|
CWE-79
Cross-site Scripting
|
CVE-2014-0623
|
2024-11-21 11:02 |
2014-03-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
286637
|
- |
|
adobe
|
acrobat_reader
|
Adobe Reader 11.0.06 allows attackers to bypass a PDF sandbox protection mechanism via unspecified vectors, as demonstrated by VUPEN during a Pwn2Own competition at CanSecWest 2014.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2014-0512
|
2024-11-21 11:02 |
2014-03-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
286638
|
- |
|
adobe
|
acrobat_reader
|
Heap-based buffer overflow in Adobe Reader 11.0.06 allows remote attackers to execute arbitrary code via unspecified vectors, as demonstrated by VUPEN during a Pwn2Own competition at CanSecWest 2014.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2014-0511
|
2024-11-21 11:02 |
2014-03-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
286639
|
- |
|
adobe
|
flash_player
|
Heap-based buffer overflow in Adobe Flash Player 12.0.0.77 allows remote attackers to execute arbitrary code and bypass a sandbox protection mechanism via unspecified vectors, as demonstrated by Zegu…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2014-0510
|
2024-11-21 11:02 |
2014-03-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
286640
|
- |
|
adobe
|
flash_player
|
Use-after-free vulnerability in Adobe Flash Player before 11.7.700.275 and 11.8.x through 13.0.x before 13.0.0.182 on Windows and OS X and before 11.2.202.350 on Linux, Adobe AIR before 13.0.0.83 on …
|
CWE-399
Resource Management Errors
|
CVE-2014-0506
|
2024-11-21 11:02 |
2014-03-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
