| Page(s) : 1 2 [3] 4 5 6 7 8 9 10 11 12 13 ... | Result(s) : 21179 |
Alerts
| Date | Name | Categories | Detail | |
|---|---|---|---|---|
| 8.5 | 2014-04-11 | CVE-2014-2850 | cve | The network interface configuration page (netinterface) in Sophos Web Appliance before 3.8.2 allows remote administrators to execute arbitrary commands via shell metacharacters ... |
| 8.5 | 2014-04-11 | CVE-2014-2849 | cve | The Change Password dialog box (change_password) in Sophos Web Appliance before 3.8.2 allows remote authenticated users to change the admin user password via a crafted request. |
| 7.5 | 2014-04-11 | CVE-2014-2847 | cve | SQL injection vulnerability in default.asp in CIS Manager CMS allows remote attackers to execute arbitrary SQL commands via the TroncoID parameter. |
| 7.5 | 2014-04-11 | CVE-2014-2540 | cve | SQL injection vulnerability in OrbitScripts Orbit Open Ad Server before 1.1.1 allows remote attackers to execute arbitrary SQL commands via the site_directory_sort_field paramet... |
| 7.8 | 2014-04-11 | CVE-2014-0777 | cve | The Modbus slave/outstation driver in the OPC Drivers 1.0.20 and earlier in IOServer OPC Server allows remote attackers to cause a denial of service (out-of-bounds read and daem... |
| 7.9 | 2014-04-11 | VU#939260 | VU-CERT | ZyXEL Wireless N300 NetUSB Router NBG-419N devices contain multiple vulnerabilities |
| 7.8 | 2014-04-10 | CVE-2014-2829 | cve | Erlang Solutions MongooseIM through 1.3.1 rev. 2 does not properly restrict the processing of compressed XML elements, which allows remote attackers to cause a denial of service... |
| 7.5 | 2014-04-10 | CVE-2014-2752 | cve | SAP Business Object Processing Framework (BOPF) for ABAP has hardcoded credentials, which makes it easier for remote attackers to obtain access via unspecified vectors. |
| 7.5 | 2014-04-10 | CVE-2014-2751 | cve | SAP Print and Output Management has hardcoded credentials, which makes it easier for remote attackers to obtain access via unspecified vectors. |
| 7.5 | 2014-04-10 | CVE-2014-2748 | cve | The Security Audit Log facility in SAP Enhancement Package (EHP) 6 for SAP ERP 6.0 allows remote attackers to modify or delete arbitrary log classes via unspecified vectors. NO... |
| 7.8 | 2014-04-10 | CVE-2014-2746 | cve | net/IOService.java in Tigase before 5.2.1 does not properly restrict the processing of compressed XML elements, which allows remote attackers to cause a denial of service (resou... |
| 7.8 | 2014-04-10 | CVE-2014-2745 | cve | Prosody before 0.9.4 does not properly restrict the processing of compressed XML elements, which allows remote attackers to cause a denial of service (resource consumption) via ... |
| 7.8 | 2014-04-10 | CVE-2014-2744 | cve | plugins/mod_compression.lua in (1) Prosody before 0.9.4 and (2) Lightwitch Metronome through 3.4 negotiates stream compression while a session is unauthenticated, which allows r... |
| 7.8 | 2014-04-10 | CVE-2014-2743 | cve | plugins/mod_compression.lua in Lightwitch Metronome through 3.4 does not properly restrict the processing of compressed XML elements, which allows remote attackers to cause a de... |
| 7.8 | 2014-04-10 | CVE-2014-2742 | cve | Isode M-Link before 16.0v7 does not properly restrict the processing of compressed XML elements, which allows remote attackers to cause a denial of service (resource consumption... |
| 7.8 | 2014-04-10 | CVE-2014-2741 | cve | Ignite Realtime Openfire before 3.9.2 does not properly restrict the processing of compressed XML elements, which allows remote attackers to cause a denial of service (resource ... |
| 7.5 | 2014-04-10 | CVE-2014-2708 | cve | SQL injection vulnerability in graph_xport.php in Cacti 0.8.8b allows remote attackers to execute arbitrary SQL commands via unspecified vectors. |
| 7.5 | 2014-04-10 | CVE-2014-1455 | cve | SQL injection vulnerability in the password reset functionality in Pearson eSIS Enterprise Student Information System, possibly 3.3.0.13 and earlier, allows remote attackers to ... |
| 7.5 | 2014-04-10 | CVE-2013-7367 | cve | SAP Enterprise Portal does not properly restrict access to the Federation configuration pages, which allows remote attackers to gain privileges via unspecified vectors. |
| 7.5 | 2014-04-10 | CVE-2013-7364 | cve | An unspecified J2EE core service in the J2EE Engine in SAP NetWeaver does not properly restrict access, which allows remote attackers to read and write to arbitrary files via un... |
| Page(s) : 1 2 [3] 4 5 6 7 8 9 10 11 12 13 ... | Result(s) : 21179 |
