|
257701
|
- |
|
realnetworks
|
realplayer
|
The GetGUID function in codecs/dmp4.dll in RealNetworks RealPlayer 16.0.3.51 and earlier allows remote attackers to execute arbitrary code or cause a denial of service (write access violation and app…
|
CWE-94
Code Injection
|
CVE-2014-3444
|
2014-05-21 04:35 |
2014-05-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257702
|
- |
|
cisco
|
ios
unified_border_element
|
Cisco IOS 15.2(4)M4 on Cisco Unified Border Element (CUBE) devices allows remote attackers to cause a denial of service (input-queue consumption and traffic-processing outage) via crafted RTCP packet…
|
CWE-20
Improper Input Validation
|
CVE-2014-3268
|
2014-05-21 03:50 |
2014-05-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257703
|
- |
|
cisco
|
ios_xe
|
The SNMP module in Cisco IOS XE 3.5E allows remote authenticated users to cause a denial of service (device reload) by polling frequently, aka Bug ID CSCug65204.
|
CWE-20
Improper Input Validation
|
CVE-2014-3269
|
2014-05-21 03:46 |
2014-05-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257704
|
- |
|
cisco
|
unified_web_and_e-mail_interaction_manager
|
system/egain/chat/entrypoint in Cisco Unified Web and E-mail Interaction Manager 9.0(2) allows remote attackers to have an unspecified impact by injecting a spoofed XML external entity.
|
CWE-20
Improper Input Validation
|
CVE-2014-2194
|
2014-05-20 22:57 |
2014-05-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257705
|
- |
|
cisco
|
unified_web_and_e-mail_interaction_manager
|
Cisco Unified Web and E-Mail Interaction Manager places session identifiers in GET requests, which allows remote attackers to inject conversation text by obtaining a valid identifier, aka Bug ID CSCu…
|
CWE-20
Improper Input Validation
|
CVE-2014-2193
|
2014-05-20 22:56 |
2014-05-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257706
|
- |
|
sap
|
netweaver
|
SAP NetWeaver 7.20 and earlier allows remote attackers to read arbitrary SAP Central User Administration (SAP CUA) tables via unspecified vectors.
|
CWE-200
Information Exposure
|
CVE-2014-3787
|
2014-05-20 21:43 |
2014-05-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257707
|
- |
|
livezilla
|
livezilla
|
LiveZilla 5.1.2.1 and earlier includes the MD5 hash of the operator password in plaintext in Javascript code that is generated by lz/mobile/chat.php, which allows remote attackers to obtain sensitive…
|
CWE-310
Cryptographic Issues
|
CVE-2013-7385
|
2014-05-20 21:08 |
2014-05-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257708
|
- |
|
livezilla
|
livezilla
|
LiveZilla before 5.1.2.1 includes the operator password in plaintext in Javascript code that is generated by lz/mobile/chat.php, which might allow remote attackers to obtain sensitive information and…
|
CWE-310
Cryptographic Issues
|
CVE-2013-7033
|
2014-05-20 21:03 |
2014-05-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257709
|
- |
|
openvas
|
openvas_administrator
|
OpenVAS Administrator 1.2 before 1.2.2 and 1.3 before 1.3.2 allows remote attackers to bypass the OAP authentication restrictions and execute OAP commands via a crafted OAP request for version inform…
|
CWE-287
Improper Authentication
|
CVE-2013-6766
|
2014-05-20 20:37 |
2014-05-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257710
|
- |
|
vicidial
|
vicidial
|
Multiple SQL injection vulnerabilities in the agent interface (agc/) in VICIDIAL dialer (aka Asterisk GUI client) 2.8-403a, 2.7, 2.7RC1, and earlier allow (1) remote attackers to execute arbitrary SQ…
|
CWE-89
SQL Injection
|
CVE-2013-4467
|
2014-05-20 13:06 |
2014-03-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
