|
258041
|
- |
|
progea
|
movicon
|
The TCPUploader module in Progea Movicon 11.4 before 11.4.1150 allows remote attackers to obtain potentially sensitive version information via network traffic to TCP port 10651.
|
CWE-200
Information Exposure
|
CVE-2014-0778
|
2014-04-22 03:50 |
2014-04-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258042
|
- |
|
remote-rac
|
rac_server
|
PCNetSoftware RAC Server 4.0.4 and 4.0.5 allows local users to cause a denial of service (disabled keyboard or crash) via a large input buffer to unspecified IOCTL requests in RACDriver.sys, which tr…
|
CWE-20
Improper Input Validation
|
CVE-2014-2597
|
2014-04-22 03:15 |
2014-04-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258043
|
- |
|
digium
|
asterisk
|
The PJSIP channel driver in Asterisk Open Source 12.x before 12.1.1, when qualify_frequency "is enabled on an AOR and the remote SIP server challenges for authentication of the resulting OPTIONS requ…
|
CWE-20
Improper Input Validation
|
CVE-2014-2288
|
2014-04-22 02:50 |
2014-04-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258044
|
- |
|
digium
|
asterisk
|
res/res_pjsip_exten_state.c in the PJSIP channel driver in Asterisk Open Source 12.x before 12.1.0 allows remote authenticated users to cause a denial of service (crash) via a SUBSCRIBE request witho…
|
CWE-20
Improper Input Validation
|
CVE-2014-2289
|
2014-04-22 02:50 |
2014-04-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258045
|
- |
|
digium
fedoraproject
|
certified_asterisk
asterisk
fedora
|
channels/chan_sip.c in Asterisk Open Source 1.8.x before 1.8.26.1, 11.8.x before 11.8.1, and 12.1.x before 12.1.1, and Certified Asterisk 1.8.15 before 1.8.15-cert5 and 11.6 before 11.6-cert2, when c…
|
CWE-20
Improper Input Validation
|
CVE-2014-2287
|
2014-04-22 02:37 |
2014-04-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258046
|
- |
|
digium
fedoraproject
|
asterisk
fedora
certified_asterisk
|
main/http.c in Asterisk Open Source 1.8.x before 1.8.26.1, 11.8.x before 11.8.1, and 12.1.x before 12.1.1, and Certified Asterisk 1.8.x before 1.8.15-cert5 and 11.6 before 11.6-cert2, allows remote a…
|
CWE-20
Improper Input Validation
|
CVE-2014-2286
|
2014-04-22 02:20 |
2014-04-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258047
|
- |
|
f-secure
|
secure_messaging_secure_gateway
|
Cross-site scripting (XSS) vulnerability in F-Secure Messaging Secure Gateway 7.5.0 before Patch 1862 allows remote authenticated administrators to inject arbitrary web script or HTML via the new par…
|
CWE-79
Cross-site Scripting
|
CVE-2014-2844
|
2014-04-22 00:08 |
2014-04-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258048
|
- |
|
f-secure
|
anti-virus
email_and_server_security
server_security
|
SQL injection vulnerability in an unspecified DLL in the FSDBCom ActiveX control in F-Secure Anti-Virus for Microsoft Exchange Server before HF02, Anti-Virus for Windows Servers 9.00 before HF09, Ant…
|
CWE-89
SQL Injection
|
CVE-2013-7369
|
2014-04-21 23:49 |
2014-04-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258049
|
- |
|
kokuyo
|
camiapp
|
The Content Provider in the KOKUYO CamiApp application 1.21.1 and earlier for Android allows attackers to bypass intended access restrictions and read database information via a crafted application.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2014-1986
|
2014-04-19 13:48 |
2014-04-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258050
|
- |
|
lightwitch
prosody
|
metronome
prosody
|
plugins/mod_compression.lua in (1) Prosody before 0.9.4 and (2) Lightwitch Metronome through 3.4 negotiates stream compression while a session is unauthenticated, which allows remote attackers to cau…
|
CWE-20
Improper Input Validation
|
CVE-2014-2744
|
2014-04-19 13:48 |
2014-04-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
