|
258411
|
- |
|
hsgroup
|
forzearmate
|
The ForzeArmate application for Android, when Adobe PhoneGap 2.9.0 or earlier is used, allows remote attackers to execute arbitrary JavaScript code, and consequently obtain write access to external-s…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2014-1885
|
2014-03-8 05:01 |
2014-03-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258412
|
- |
|
cisco
|
wireless_lan_controller_software
|
Cisco Wireless LAN Controller (WLC) devices 7.0 before 7.0.250.0, 7.2, 7.3, and 7.4 before 7.4.110.0 do not properly deallocate memory, which allows remote attackers to cause a denial of service (reb…
|
CWE-399
Resource Management Errors
|
CVE-2014-0701
|
2014-03-8 04:50 |
2014-03-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258413
|
- |
|
cmsmadesimple
|
cms_made_simple
|
SQL injection vulnerability in the News module in CMS Made Simple (CMSMS) before 1.11.10 allows remote authenticated users with the "Modify News" permission to execute arbitrary SQL commands via the …
|
CWE-89
SQL Injection
|
CVE-2014-2245
|
2014-03-8 04:43 |
2014-03-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258414
|
- |
|
serena
|
dimensions_cm
|
Multiple cross-site scripting (XSS) vulnerabilities in the web client in Serena Dimensions CM 12.2 build 7.199.0 allow remote attackers to inject arbitrary web script or HTML via the (1) DB_CONN, (2)…
|
CWE-79
Cross-site Scripting
|
CVE-2014-0335
|
2014-03-8 04:19 |
2014-03-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258415
|
- |
|
serena
|
dimensions_cm
|
Cross-site request forgery (CSRF) vulnerability in the web client in Serena Dimensions CM 12.2 build 7.199.0 allows remote attackers to hijack the authentication of administrators for requests that u…
|
CWE-352
Origin Validation Error
|
CVE-2014-0336
|
2014-03-8 04:19 |
2014-03-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258416
|
- |
|
emc
|
rsa_data_loss_prevention
|
EMC RSA Data Loss Prevention (DLP) 9.x before 9.6-SP2 does not properly manage sessions, which allows remote authenticated users to gain privileges and bypass intended content-reading restrictions vi…
|
NVD-CWE-noinfo
|
CVE-2014-0624
|
2014-03-8 04:17 |
2014-03-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258417
|
- |
|
emc
|
documentum_taskspace
|
EMC Documentum TaskSpace (TSP) 6.7SP1 before P25 and 6.7SP2 before P11 does not properly handle the interaction between the dm_world group and the dm_superusers_dynamic group, which allows remote aut…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2014-0629
|
2014-03-8 04:16 |
2014-03-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258418
|
- |
|
emc
|
documentum_taskspace
|
EMC Documentum TaskSpace (TSP) 6.7SP1 before P25 and 6.7SP2 before P11 allows remote authenticated users to read arbitrary files via a modified imaging-service URL.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2014-0630
|
2014-03-8 04:14 |
2014-03-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258419
|
- |
|
cisco
|
wireless_lan_controller_software
wireless_lan_controller
|
Cisco Wireless LAN Controller (WLC) devices 7.4 before 7.4.110.0 distribute Aironet IOS software with a race condition in the status of the administrative HTTP server, which allows remote attackers t…
|
CWE-362
Race Condition
|
CVE-2014-0703
|
2014-03-8 04:12 |
2014-03-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258420
|
- |
|
cisco
|
wireless_lan_controller_software
wireless_lan_controller
|
The IGMP implementation on Cisco Wireless LAN Controller (WLC) devices 4.x, 5.x, 6.x, 7.0 before 7.0.250.0, 7.1, 7.2, and 7.3, when IGMPv3 Snooping is enabled, allows remote attackers to cause a deni…
|
CWE-399
Resource Management Errors
|
CVE-2014-0704
|
2014-03-8 04:12 |
2014-03-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
