|
258001
|
- |
|
toshibatec
|
e-studio-232
e-studio-233
e-studio-282
e-studio-283
|
Cross-site request forgery (CSRF) vulnerability in TopAccess (aka the web-based management utility) on TOSHIBA TEC e-Studio 232, 233, 282, and 283 devices allows remote attackers to hijack the authen…
|
CWE-352
Origin Validation Error
|
CVE-2014-1990
|
2014-04-22 04:23 |
2014-04-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258002
|
- |
|
progea
|
movicon
|
The TCPUploader module in Progea Movicon 11.4 before 11.4.1150 allows remote attackers to obtain potentially sensitive version information via network traffic to TCP port 10651.
|
CWE-200
Information Exposure
|
CVE-2014-0778
|
2014-04-22 03:50 |
2014-04-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258003
|
- |
|
remote-rac
|
rac_server
|
PCNetSoftware RAC Server 4.0.4 and 4.0.5 allows local users to cause a denial of service (disabled keyboard or crash) via a large input buffer to unspecified IOCTL requests in RACDriver.sys, which tr…
|
CWE-20
Improper Input Validation
|
CVE-2014-2597
|
2014-04-22 03:15 |
2014-04-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258004
|
- |
|
digium
|
asterisk
|
The PJSIP channel driver in Asterisk Open Source 12.x before 12.1.1, when qualify_frequency "is enabled on an AOR and the remote SIP server challenges for authentication of the resulting OPTIONS requ…
|
CWE-20
Improper Input Validation
|
CVE-2014-2288
|
2014-04-22 02:50 |
2014-04-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258005
|
- |
|
digium
|
asterisk
|
res/res_pjsip_exten_state.c in the PJSIP channel driver in Asterisk Open Source 12.x before 12.1.0 allows remote authenticated users to cause a denial of service (crash) via a SUBSCRIBE request witho…
|
CWE-20
Improper Input Validation
|
CVE-2014-2289
|
2014-04-22 02:50 |
2014-04-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258006
|
- |
|
digium
fedoraproject
|
certified_asterisk
asterisk
fedora
|
channels/chan_sip.c in Asterisk Open Source 1.8.x before 1.8.26.1, 11.8.x before 11.8.1, and 12.1.x before 12.1.1, and Certified Asterisk 1.8.15 before 1.8.15-cert5 and 11.6 before 11.6-cert2, when c…
|
CWE-20
Improper Input Validation
|
CVE-2014-2287
|
2014-04-22 02:37 |
2014-04-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258007
|
- |
|
digium
fedoraproject
|
asterisk
fedora
certified_asterisk
|
main/http.c in Asterisk Open Source 1.8.x before 1.8.26.1, 11.8.x before 11.8.1, and 12.1.x before 12.1.1, and Certified Asterisk 1.8.x before 1.8.15-cert5 and 11.6 before 11.6-cert2, allows remote a…
|
CWE-20
Improper Input Validation
|
CVE-2014-2286
|
2014-04-22 02:20 |
2014-04-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258008
|
- |
|
f-secure
|
secure_messaging_secure_gateway
|
Cross-site scripting (XSS) vulnerability in F-Secure Messaging Secure Gateway 7.5.0 before Patch 1862 allows remote authenticated administrators to inject arbitrary web script or HTML via the new par…
|
CWE-79
Cross-site Scripting
|
CVE-2014-2844
|
2014-04-22 00:08 |
2014-04-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258009
|
- |
|
f-secure
|
anti-virus
email_and_server_security
server_security
|
SQL injection vulnerability in an unspecified DLL in the FSDBCom ActiveX control in F-Secure Anti-Virus for Microsoft Exchange Server before HF02, Anti-Virus for Windows Servers 9.00 before HF09, Ant…
|
CWE-89
SQL Injection
|
CVE-2013-7369
|
2014-04-21 23:49 |
2014-04-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258010
|
- |
|
kokuyo
|
camiapp
|
The Content Provider in the KOKUYO CamiApp application 1.21.1 and earlier for Android allows attackers to bypass intended access restrictions and read database information via a crafted application.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2014-1986
|
2014-04-19 13:48 |
2014-04-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
