|
258901
|
- |
|
digium
|
asterisk
|
The PJSIP channel driver in Asterisk Open Source 12.x before 12.1.1, when qualify_frequency "is enabled on an AOR and the remote SIP server challenges for authentication of the resulting OPTIONS requ…
|
CWE-20
Improper Input Validation
|
CVE-2014-2288
|
2014-04-22 02:50 |
2014-04-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258902
|
- |
|
digium
|
asterisk
|
res/res_pjsip_exten_state.c in the PJSIP channel driver in Asterisk Open Source 12.x before 12.1.0 allows remote authenticated users to cause a denial of service (crash) via a SUBSCRIBE request witho…
|
CWE-20
Improper Input Validation
|
CVE-2014-2289
|
2014-04-22 02:50 |
2014-04-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258903
|
- |
|
digium
fedoraproject
|
certified_asterisk
asterisk
fedora
|
channels/chan_sip.c in Asterisk Open Source 1.8.x before 1.8.26.1, 11.8.x before 11.8.1, and 12.1.x before 12.1.1, and Certified Asterisk 1.8.15 before 1.8.15-cert5 and 11.6 before 11.6-cert2, when c…
|
CWE-20
Improper Input Validation
|
CVE-2014-2287
|
2014-04-22 02:37 |
2014-04-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258904
|
- |
|
digium
fedoraproject
|
asterisk
fedora
certified_asterisk
|
main/http.c in Asterisk Open Source 1.8.x before 1.8.26.1, 11.8.x before 11.8.1, and 12.1.x before 12.1.1, and Certified Asterisk 1.8.x before 1.8.15-cert5 and 11.6 before 11.6-cert2, allows remote a…
|
CWE-20
Improper Input Validation
|
CVE-2014-2286
|
2014-04-22 02:20 |
2014-04-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258905
|
- |
|
f-secure
|
secure_messaging_secure_gateway
|
Cross-site scripting (XSS) vulnerability in F-Secure Messaging Secure Gateway 7.5.0 before Patch 1862 allows remote authenticated administrators to inject arbitrary web script or HTML via the new par…
|
CWE-79
Cross-site Scripting
|
CVE-2014-2844
|
2014-04-22 00:08 |
2014-04-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258906
|
- |
|
f-secure
|
anti-virus
email_and_server_security
server_security
|
SQL injection vulnerability in an unspecified DLL in the FSDBCom ActiveX control in F-Secure Anti-Virus for Microsoft Exchange Server before HF02, Anti-Virus for Windows Servers 9.00 before HF09, Ant…
|
CWE-89
SQL Injection
|
CVE-2013-7369
|
2014-04-21 23:49 |
2014-04-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258907
|
- |
|
kokuyo
|
camiapp
|
The Content Provider in the KOKUYO CamiApp application 1.21.1 and earlier for Android allows attackers to bypass intended access restrictions and read database information via a crafted application.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2014-1986
|
2014-04-19 13:48 |
2014-04-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258908
|
- |
|
lightwitch
prosody
|
metronome
prosody
|
plugins/mod_compression.lua in (1) Prosody before 0.9.4 and (2) Lightwitch Metronome through 3.4 negotiates stream compression while a session is unauthenticated, which allows remote attackers to cau…
|
CWE-20
Improper Input Validation
|
CVE-2014-2744
|
2014-04-19 13:48 |
2014-04-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258909
|
- |
|
prosody
|
prosody
|
Prosody before 0.9.4 does not properly restrict the processing of compressed XML elements, which allows remote attackers to cause a denial of service (resource consumption) via a crafted XMPP stream,…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2014-2745
|
2014-04-19 13:48 |
2014-04-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258910
|
- |
|
juniper
|
junos
srx100
srx110
srx210
srx220
srx240
srx550
srx650
|
Unspecified vulnerability in Juniper Junos before 11.4R10-S1, before 11.4R11, 12.1X44 before 12.1X44-D26, 12.1X44 before 12.1X44-D30, 12.1X45 before 12.1X45-D20, and 12.1X46 before 12.1X46-D10, when …
|
NVD-CWE-noinfo
|
CVE-2014-0612
|
2014-04-19 13:46 |
2014-04-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
