Total
10666 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2014-2342 | 1 Trianglemicroworks | 1 Scada Data Gateway | 2014-06-05 | 5.0 MEDIUM | N/A |
| Triangle MicroWorks SCADA Data Gateway before 3.00.0635 allows remote attackers to cause a denial of service (excessive data processing) via a crafted DNP3 packet. | |||||
| CVE-2012-5336 | 1 Owncloud | 1 Owncloud | 2014-06-04 | 4.0 MEDIUM | N/A |
| lib/base.php in ownCloud before 4.0.8 does not properly validate the user_id session variable, which allows remote authenticated users to read arbitrary files via vectors related to WebDAV. | |||||
| CVE-2014-2343 | 1 Trianglemicroworks | 1 Scada Data Gateway | 2014-06-04 | 2.1 LOW | N/A |
| Triangle MicroWorks SCADA Data Gateway before 3.00.0635 allows physically proximate attackers to cause a denial of service (excessive data processing) via a crafted DNP request over a serial line. | |||||
| CVE-2013-4250 | 1 Typo3 | 1 Typo3 | 2014-05-31 | 6.5 MEDIUM | N/A |
| The (1) file upload component and (2) File Abstraction Layer (FAL) in TYPO3 6.0.x before 6.0.8 and 6.1.x before 6.1.3 do not properly check file extensions, which allow remote authenticated editors to execute arbitrary PHP code by uploading a .php file. | |||||
| CVE-2013-2111 | 1 Dovecot | 1 Dovecot | 2014-05-28 | 5.0 MEDIUM | N/A |
| The IMAP functionality in Dovecot before 2.2.2 allows remote attackers to cause a denial of service (infinite loop and CPU consumption) via invalid APPEND parameters. | |||||
| CVE-2014-3739 | 1 Zenoss | 1 Zenoss | 2014-05-21 | 5.8 MEDIUM | N/A |
| Open redirect vulnerability in zport/acl_users/cookieAuthHelper/login_form in Zenoss 4.2.5 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the came_from parameter. | |||||
| CVE-2014-3268 | 1 Cisco | 2 Ios, Unified Border Element | 2014-05-20 | 5.0 MEDIUM | N/A |
| Cisco IOS 15.2(4)M4 on Cisco Unified Border Element (CUBE) devices allows remote attackers to cause a denial of service (input-queue consumption and traffic-processing outage) via crafted RTCP packets, aka Bug ID CSCuj72215. | |||||
| CVE-2014-3269 | 1 Cisco | 1 Ios Xe | 2014-05-20 | 6.8 MEDIUM | N/A |
| The SNMP module in Cisco IOS XE 3.5E allows remote authenticated users to cause a denial of service (device reload) by polling frequently, aka Bug ID CSCug65204. | |||||
| CVE-2014-2194 | 1 Cisco | 1 Unified Web And E-mail Interaction Manager | 2014-05-20 | 6.8 MEDIUM | N/A |
| system/egain/chat/entrypoint in Cisco Unified Web and E-mail Interaction Manager 9.0(2) allows remote attackers to have an unspecified impact by injecting a spoofed XML external entity. | |||||
| CVE-2014-2193 | 1 Cisco | 1 Unified Web And E-mail Interaction Manager | 2014-05-20 | 4.3 MEDIUM | N/A |
| Cisco Unified Web and E-Mail Interaction Manager places session identifiers in GET requests, which allows remote attackers to inject conversation text by obtaining a valid identifier, aka Bug ID CSCuj43084. | |||||
| CVE-2013-4427 | 1 Leon Weber | 1 Pyxtrlock | 2014-05-19 | 2.1 LOW | N/A |
| pyxtrlock before 0.2 does not properly check the return values of the (1) xcb_grab_pointer and (2) xcb_grab_keyboard XCB library functions, which allows physically proximate attackers to gain access to the keyboard or mouse without unlocking the screen via unspecified vectors. | |||||
| CVE-2011-4407 | 1 Canonical | 2 Software-properties, Ubuntu Linux | 2014-05-14 | 4.3 MEDIUM | N/A |
| ppa.py in Software Properties before 0.81.13.3 does not validate the server certificate when downloading PPA GPG key fingerprints, which allows man-in-the-middle (MITM) attackers to spoof GPG keys for a package repository. | |||||
| CVE-2013-6453 | 1 Mediawiki | 1 Mediawiki | 2014-05-13 | 7.5 HIGH | N/A |
| MediaWiki before 1.19.10, 1.2x before 1.21.4, and 1.22.x before 1.22.1 does not properly sanitize SVG files, which allows remote attackers to have unspecified impact via invalid XML. | |||||
| CVE-2014-1991 | 1 Intra-mart | 1 Webplatform\/appframework | 2014-05-09 | 5.8 MEDIUM | N/A |
| Open redirect vulnerability in WebPlatform / AppFramework 6.0 through 7.2 in NTT DATA INTRAMART intra-mart allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vectors. | |||||
| CVE-2014-0684 | 1 Cisco | 5 Nexus 7000, Nexus 7000 10-slot, Nexus 7000 18-slot and 2 more | 2014-05-07 | 4.6 MEDIUM | N/A |
| Cisco NX-OS 6.2(2) on Nexus 7000 switches allows local users to cause a denial of service via crafted sed input, aka Bug ID CSCui56136. | |||||
| CVE-2012-6619 | 1 Mongodb | 1 Mongodb | 2014-05-07 | 6.4 MEDIUM | N/A |
| The default configuration for MongoDB before 2.3.2 does not validate objects, which allows remote authenticated users to cause a denial of service (crash) or read system memory via a crafted BSON object in the column name in an insert command, which triggers a buffer over-read. | |||||
| CVE-2014-1406 | 1 Conceptronic | 2 C54apm, C54apm Firmware | 2014-05-05 | 4.3 MEDIUM | N/A |
| CRLF injection vulnerability in goform/formWlSiteSurvey on the Conceptronic C54APM access point with runtime code 1.26 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via the submit-url parameter in a Refresh action. | |||||
| CVE-2014-2175 | 1 Cisco | 2 Telepresence Tc Software, Telepresence Te Software | 2014-05-02 | 7.8 HIGH | N/A |
| Cisco TelePresence TC Software 4.x and 5.x and TE Software 4.x and 6.0 allow remote attackers to cause a denial of service (memory consumption) via crafted H.225 packets, aka Bug ID CSCtq78849. | |||||
| CVE-2014-2162 | 1 Cisco | 2 Telepresence Tc Software, Telepresence Te Software | 2014-05-02 | 7.8 HIGH | N/A |
| The SIP implementation in Cisco TelePresence TC Software 4.x and 5.x and TE Software 4.x and 6.0 allows remote attackers to cause a denial of service (device reload) via crafted SIP packets, aka Bug ID CSCud29566. | |||||
| CVE-2014-2163 | 1 Cisco | 2 Telepresence Tc Software, Telepresence Te Software | 2014-05-02 | 7.8 HIGH | N/A |
| The SIP implementation in Cisco TelePresence TC Software 4.x and 5.x and TE Software 4.x allows remote attackers to cause a denial of service (device reload) via crafted SIP packets, aka Bug ID CSCua64961. | |||||