|
291041
|
- |
|
sensysnetworks
|
trafficdot
vsn240-f
vsn240-t
vds
|
Sensys Networks VSN240-F and VSN240-T sensors VDS before 2.10.1 and TrafficDOT before 2.10.3 do not use encryption, which allows remote attackers to interfere with traffic control by replaying transm…
|
CWE-310
Cryptographic Issues
|
CVE-2014-2379
|
2024-11-21 11:06 |
2014-09-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291042
|
- |
|
sensysnetworks
|
trafficdot
vsn240-f
vsn240-t
vds
|
Sensys Networks VSN240-F and VSN240-T sensors VDS before 2.10.1 and TrafficDOT before 2.10.3 do not verify the integrity of downloaded updates, which allows remote attackers to execute arbitrary code…
|
CWE-94
Code Injection
|
CVE-2014-2378
|
2024-11-21 11:06 |
2014-09-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291043
|
- |
|
zend
|
zend_framework
zendopenid
|
The GenericConsumer class in the Consumer component in ZendOpenId before 2.0.2 and the Zend_OpenId_Consumer class in Zend Framework 1 before 1.12.4 violate the OpenID 2.0 protocol by ensuring only th…
|
CWE-287
Improper Authentication
|
CVE-2014-2685
|
2024-11-21 11:06 |
2014-09-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291044
|
- |
|
mcafee
|
network_security_manager
|
Cross-site request forgery (CSRF) vulnerability in the User Management module in McAfee Network Security Manager (NSM) before 6.1.15.39 7.1.5.x before 7.1.5.15, 7.1.15.x before 7.1.15.7, 7.5.x before…
|
CWE-352
Origin Validation Error
|
CVE-2014-2390
|
2024-11-21 11:06 |
2014-08-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291045
|
- |
|
arubanetworks
|
clearpass_policy_manager
|
The management console in Aruba Networks ClearPass Policy Manager 6.3.0.60730 allows local users to execute arbitrary commands via shell metacharacters in certain arguments of a valid command, as dem…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2014-2593
|
2024-11-21 11:06 |
2014-08-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291046
|
- |
|
invensys
|
wonderware_information_server
|
Schneider Electric Wonderware Information Server (WIS) Portal 4.0 SP1 through 5.5 uses weak encryption, which allows local users to obtain sensitive information by reading a credential file.
|
NVD-CWE-Other
|
CVE-2014-2381
|
2024-11-21 11:06 |
2014-08-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291047
|
- |
|
invensys
|
wonderware_information_server
|
Schneider Electric Wonderware Information Server (WIS) Portal 4.0 SP1 through 5.5 uses weak encryption, which allows remote attackers to obtain sensitive information by reading a credential file.
|
NVD-CWE-Other
|
CVE-2014-2380
|
2024-11-21 11:06 |
2014-08-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291048
|
- |
|
kdirstat_project
opensuse
|
kdirstat
opensuse
|
kcleanup.cpp in KDirStat 2.7.3 does not properly quote strings when deleting a directory, which allows remote attackers to execute arbitrary commands via a ' (single quote) character in the directory…
|
NVD-CWE-Other
|
CVE-2014-2528
|
2024-11-21 11:06 |
2014-08-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291049
|
- |
|
kdirstat_project
opensuse
|
kdirstat
opensuse
|
kcleanup.cpp in KDirStat 2.7.0 does not properly quote strings when deleting a directory, which allows remote attackers to execute arbitrary commands via a " (double quote) character in the directory…
|
NVD-CWE-Other
|
CVE-2014-2527
|
2024-11-21 11:06 |
2014-08-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291050
|
- |
|
hp
|
service_manager
|
Unspecified vulnerability in the server in HP Service Manager (SM) 7.21 and 9.x before 9.34 allows remote attackers to bypass intended access restrictions, and modify data or cause a denial of servic…
|
NVD-CWE-noinfo
|
CVE-2014-2634
|
2024-11-21 11:06 |
2014-08-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
