Page(s) : [1] | Result(s) : 12 |
Alerts
DATE | NAME | CATEGORIES | DETAIL | |
---|---|---|---|---|
4.3 | 2014-04-24 | CVE-2014-2391 | cve | The password recovery service in Open-Xchange AppSuite before 7.2.2-rev20, 7.4.1 before 7.4.1-rev11, and 7.4.2 before 7.4.2-rev13 makes an improper decision about the sensitivit... |
4.3 | 2014-04-24 | CVE-2014-2392 | cve | The E-Mail autoconfiguration feature in Open-Xchange AppSuite before 7.2.2-rev20, 7.4.1 before 7.4.1-rev11, and 7.4.2 before 7.4.2-rev13 places a password in a GET request, whic... |
4.3 | 2014-04-24 | CVE-2014-2393 | cve | Cross-site scripting (XSS) vulnerability in Open-Xchange AppSuite 7.4.1 before 7.4.1-rev11 and 7.4.2 before 7.4.2-rev13 allows remote attackers to inject arbitrary web script or... |
4.3 | 2014-04-24 | CVE-2013-6738 | cve | Cross-site scripting (XSS) vulnerability in IBM SmartCloud Analytics Log Analysis 1.1 and 1.2 before 1.2.0.0-CSI-SCALA-IF0003 allows remote attackers to inject arbitrary web scr... |
4.3 | 2014-04-24 | CVE-2014-2907 | cve | The srtp_add_address function in epan/dissectors/packet-rtp.c in the RTP dissector in Wireshark 1.10.x before 1.10.7 does not properly update SRTP conversation data, which allow... |
5 | 2014-04-24 | CVE-2012-3946 | cve | Cisco IOS before 15.3(2)S allows remote attackers to bypass interface ACL restrictions in opportunistic circumstances by sending IPv6 packets in an unspecified scenario in which... |
5.5 | 2014-04-24 | CVE-2014-2915 | cve | Xen 4.4.x, when running on ARM systems, does not properly restrict access to hardware features, which allows local guest users to cause a denial of service (host or guest crash)... |
5.8 | 2014-04-24 | CVE-2014-2734 | cve | The openssl extension in Ruby 2.x does not properly maintain the state of process memory after a file is reopened, which allows remote attackers to spoof signatures within the c... |
6.1 | 2014-04-24 | CVE-2012-5723 | cve | Cisco ASR 1000 devices with software before 3.8S, when BDI routing is enabled, allow remote attackers to cause a denial of service (device reload) via crafted (1) broadcast or (... |
7.5 | 2014-04-24 | CVE-2014-0188 | cve | The openshift-origin-broker in Red Hat OpenShift Enterprise 2.0.5, 1.2.7, and earlier does not properly handle authentication requests from the remote-user auth plugin, which al... |
7.5 | 2014-04-24 | CVE-2014-2736 | cve | Multiple SQL injection vulnerabilities in MODX Revolution before 2.2.14 allow remote attackers to execute arbitrary SQL commands via the (1) session ID (PHPSESSID) to index.php ... |
7.8 | 2014-04-24 | CVE-2014-2601 | cve | The server in HP Integrated Lights-Out 2 (aka iLO 2) 2.23 and earlier allows remote attackers to cause a denial of service via crafted HTTPS traffic, as demonstrated by traffic ... |
Page(s) : [1] | Result(s) : 12 |