|
258321
|
- |
|
siemens
|
sinema_server
|
Siemens SINEMA Server before 12 SP1 allows remote attackers to cause a denial of service (web-interface outage) via crafted HTTP requests to port (1) 4999 or (2) 80.
|
CWE-20
Improper Input Validation
|
CVE-2014-2733
|
2014-04-22 04:31 |
2014-04-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258322
|
- |
|
siemens
|
sinema_server
|
Multiple unspecified vulnerabilities in the integrated web server in Siemens SINEMA Server before 12 SP1 allow remote attackers to execute arbitrary code via HTTP traffic to port (1) 4999 or (2) 80.
|
NVD-CWE-noinfo
|
CVE-2014-2731
|
2014-04-22 04:28 |
2014-04-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258323
|
- |
|
toshibatec
|
e-studio-232
e-studio-233
e-studio-282
e-studio-283
|
Cross-site request forgery (CSRF) vulnerability in TopAccess (aka the web-based management utility) on TOSHIBA TEC e-Studio 232, 233, 282, and 283 devices allows remote attackers to hijack the authen…
|
CWE-352
Origin Validation Error
|
CVE-2014-1990
|
2014-04-22 04:23 |
2014-04-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258324
|
- |
|
progea
|
movicon
|
The TCPUploader module in Progea Movicon 11.4 before 11.4.1150 allows remote attackers to obtain potentially sensitive version information via network traffic to TCP port 10651.
|
CWE-200
Information Exposure
|
CVE-2014-0778
|
2014-04-22 03:50 |
2014-04-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258325
|
- |
|
remote-rac
|
rac_server
|
PCNetSoftware RAC Server 4.0.4 and 4.0.5 allows local users to cause a denial of service (disabled keyboard or crash) via a large input buffer to unspecified IOCTL requests in RACDriver.sys, which tr…
|
CWE-20
Improper Input Validation
|
CVE-2014-2597
|
2014-04-22 03:15 |
2014-04-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258326
|
- |
|
digium
|
asterisk
|
The PJSIP channel driver in Asterisk Open Source 12.x before 12.1.1, when qualify_frequency "is enabled on an AOR and the remote SIP server challenges for authentication of the resulting OPTIONS requ…
|
CWE-20
Improper Input Validation
|
CVE-2014-2288
|
2014-04-22 02:50 |
2014-04-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258327
|
- |
|
digium
|
asterisk
|
res/res_pjsip_exten_state.c in the PJSIP channel driver in Asterisk Open Source 12.x before 12.1.0 allows remote authenticated users to cause a denial of service (crash) via a SUBSCRIBE request witho…
|
CWE-20
Improper Input Validation
|
CVE-2014-2289
|
2014-04-22 02:50 |
2014-04-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258328
|
- |
|
digium
fedoraproject
|
certified_asterisk
asterisk
fedora
|
channels/chan_sip.c in Asterisk Open Source 1.8.x before 1.8.26.1, 11.8.x before 11.8.1, and 12.1.x before 12.1.1, and Certified Asterisk 1.8.15 before 1.8.15-cert5 and 11.6 before 11.6-cert2, when c…
|
CWE-20
Improper Input Validation
|
CVE-2014-2287
|
2014-04-22 02:37 |
2014-04-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258329
|
- |
|
digium
fedoraproject
|
asterisk
fedora
certified_asterisk
|
main/http.c in Asterisk Open Source 1.8.x before 1.8.26.1, 11.8.x before 11.8.1, and 12.1.x before 12.1.1, and Certified Asterisk 1.8.x before 1.8.15-cert5 and 11.6 before 11.6-cert2, allows remote a…
|
CWE-20
Improper Input Validation
|
CVE-2014-2286
|
2014-04-22 02:20 |
2014-04-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258330
|
- |
|
f-secure
|
secure_messaging_secure_gateway
|
Cross-site scripting (XSS) vulnerability in F-Secure Messaging Secure Gateway 7.5.0 before Patch 1862 allows remote authenticated administrators to inject arbitrary web script or HTML via the new par…
|
CWE-79
Cross-site Scripting
|
CVE-2014-2844
|
2014-04-22 00:08 |
2014-04-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
