|
286181
|
- |
|
arris
|
vap2500_firmware
|
ARRIS VAP2500 before FW08.41 does not properly validate passwords, which allows remote attackers to bypass authentication.
|
CWE-287
Improper Authentication
|
CVE-2014-8424
|
2024-11-21 11:19 |
2014-11-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
286182
|
- |
|
arris
|
vap2500_firmware
|
Unspecified vulnerability in the management portal in ARRIS VAP2500 before FW08.41 allows remote attackers to execute arbitrary commands via unknown vectors.
|
CWE-74
Injection
|
CVE-2014-8423
|
2024-11-21 11:19 |
2014-11-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
286183
|
- |
|
wibu
|
codemeter_runtime
|
Wibu-Systems CodeMeter Runtime before 5.20 uses weak permissions (read and write access for all users) for codemeter.exe, which allows local users to gain privileges via a Trojan horse file.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2014-8419
|
2024-11-21 11:19 |
2014-11-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
286184
|
- |
|
siemens
|
simatic_tiaportal
simatic_wincc
simatic_pcs7
simatic_pcs_7
|
The WinCC server in Siemens SIMATIC WinCC 7.0 through SP3, 7.2 before Update 9, and 7.3 before Update 2; SIMATIC PCS 7 7.1 through SP4, 8.0 through SP2, and 8.1; and TIA Portal 13 before Update 6 all…
|
CWE-200
Information Exposure
|
CVE-2014-8552
|
2024-11-21 11:19 |
2014-11-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
286185
|
- |
|
siemens
|
simatic_tiaportal
simatic_wincc
simatic_pcs7
simatic_pcs_7
|
The WinCC server in Siemens SIMATIC WinCC 7.0 through SP3, 7.2 before Update 9, and 7.3 before Update 2; SIMATIC PCS 7 7.1 through SP4, 8.0 through SP2, and 8.1; and TIA Portal 13 before Update 6 all…
|
CWE-94
Code Injection
|
CVE-2014-8551
|
2024-11-21 11:19 |
2014-11-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
286186
|
- |
|
manageengine
|
oputils
|
The ConfigSaveServlet servlet in ManageEngine OpUtils before build 71024 allows remote attackers to "disclose" files via a crafted filename, related to "saveFile."
|
CWE-200
Information Exposure
|
CVE-2014-8678
|
2024-11-21 11:19 |
2014-11-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
286187
|
- |
|
jexperts
|
channel_platform
|
JExperts Channel Platform 5.0.33_CCB allows remote authenticated users to bypass access restrictions via crafted action and key parameters.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2014-8558
|
2024-11-21 11:19 |
2014-11-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
286188
|
- |
|
sonicwall
|
analyzer
global_management_system
uma_em5000
|
The ViewPoint web application in Dell SonicWALL Global Management System (GMS) before 7.2 SP2, SonicWALL Analyzer before 7.2 SP2, and SonicWALL UMA before 7.2 SP2 allows remote authenticated users to…
|
CWE-20
Improper Input Validation
|
CVE-2014-8420
|
2024-11-21 11:19 |
2014-11-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
286189
|
- |
|
polarssl
|
polarssl
|
PolarSSL 1.3.8 does not properly negotiate the signature algorithm to use, which allows remote attackers to conduct downgrade attacks via unspecified vectors.
|
CWE-310
Cryptographic Issues
|
CVE-2014-8627
|
2024-11-21 11:19 |
2014-11-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
286190
|
- |
|
digium
|
certified_asterisk
asterisk
|
The DB dialplan function in Asterisk Open Source 1.8.x before 1.8.32, 11.x before 11.1.4.1, 12.x before 12.7.1, and 13.x before 13.0.1 and Certified Asterisk 1.8 before 1.8.28-cert8 and 11.6 before 1…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2014-8418
|
2024-11-21 11:19 |
2014-11-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
