Total
210374 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2013-7363 | 1 Sap | 1 Solution Manager | 2014-04-11 | 7.5 HIGH | N/A |
| Unspecified vulnerability in the Diagnostics (SMD) agent in SAP Solution Manager allows remote attackers to obtain sensitive information, modify the configuration of applications, and install or remove applications via vectors involving the P4 protocol. | |||||
| CVE-2013-7362 | 1 Sap | 1 Ccms Agent | 2014-04-11 | 7.5 HIGH | N/A |
| An unspecified RFC function in SAP CCMS Agent allows remote attackers to execute arbitrary commands via unknown vectors. | |||||
| CVE-2013-7361 | 1 Sap | 2 Cm Services, Cms Services | 2014-04-11 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in SAP CMS and CM Services allows attackers to upload arbitrary files via unspecified vectors. | |||||
| CVE-2013-7360 | 1 Sap | 1 Adminadapter | 2014-04-11 | 7.5 HIGH | N/A |
| Unspecified vulnerability in SAP adminadapter allows remote attackers to read or write to arbitrary files via unknown vectors. | |||||
| CVE-2013-7359 | 1 Sap | 1 Mobile Infrastructure | 2014-04-11 | 5.0 MEDIUM | N/A |
| Unspecified vulnerability in SAP Mobile Infrastructure allows remote attackers to obtain sensitive port information via unknown vectors, related to an "internal port scanning" issue. | |||||
| CVE-2013-7358 | 1 Sap | 1 Guided Procedures Archive Monitor | 2014-04-11 | 5.0 MEDIUM | N/A |
| Unspecified vulnerability in SAP Guided Procedures Archive Monitor allows remote attackers to obtain usernames, roles, profiles, and possibly other identity information via unknown vectors. | |||||
| CVE-2013-7357 | 1 Sap | 1 J2ee Engine | 2014-04-11 | 5.0 MEDIUM | N/A |
| Unspecified vulnerability in the configuration service in SAP J2EE Engine allows remote attackers to obtain credential information via unknown vectors. | |||||
| CVE-2013-7356 | 1 Sap | 1 Ccms \/ Database Monitor | 2014-04-11 | 5.0 MEDIUM | N/A |
| Unspecified vulnerability in the SAP CCMS / Database Monitors for Oracle allows attackers to obtain the database password via unknown vectors. | |||||
| CVE-2013-7355 | 1 Sap | 1 Bi Universal Data Integration | 2014-04-11 | 7.5 HIGH | N/A |
| SQL injection vulnerability in SAP BI Universal Data Integration allows remote attackers to execute arbitrary SQL commands via unspecified vectors, related to the J2EE schema. | |||||
| CVE-2013-0740 | 1 Dell | 1 Openmanage Server Administrator | 2014-04-11 | 5.8 MEDIUM | N/A |
| Open redirect vulnerability in Dell OpenManage Server Administrator (OMSA) before 7.3.0 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the file parameter to HelpViewer. | |||||
| CVE-2013-6468 | 1 Redhat | 3 Jboss Bpm Suite, Jboss Drools, Jboss Enterprise Brms Platform | 2014-04-11 | 6.5 MEDIUM | N/A |
| JBoss Drools, Red Hat JBoss BRMS before 6.0.1, and Red Hat JBoss BPM Suite before 6.0.1 allows remote authenticated users to execute arbitrary Java code via a (1) MVFLEX Expression Language (MVEL) or (2) Drools expression. | |||||
| CVE-2013-3252 | 1 Lesterchan | 1 Wp-postviews | 2014-04-11 | 6.8 MEDIUM | N/A |
| Cross-site request forgery (CSRF) vulnerability in the options admin page in the WP-PostViews plugin before 1.63 for WordPress allows remote attackers to hijack the authentication of administrators for requests that change plugin settings via unspecified vectors. | |||||
| CVE-2013-3251 | 1 Qianqin | 1 Qtranslate | 2014-04-11 | 6.8 MEDIUM | N/A |
| Cross-site request forgery (CSRF) vulnerability in the qTranslate plugin 2.5.34 and earlier for WordPress allows remote attackers to hijack the authentication of administrators for requests that change plugin settings via unspecified vectors. | |||||
| CVE-2013-2693 | 1 Wp-plugins | 1 Wp-print | 2014-04-11 | 6.8 MEDIUM | N/A |
| Cross-site request forgery (CSRF) vulnerability in the Options in the WP-Print plugin before 2.52 for WordPress allows remote attackers to hijack the authentication of administrators for requests that manipulate plugin settings via unspecified vectors. | |||||
| CVE-2012-4921 | 1 Dvs Custom Notification Project | 1 Dvs Custom Notification | 2014-04-11 | 6.8 MEDIUM | N/A |
| Multiple cross-site request forgery (CSRF) vulnerabilities in the DVS Custom Notification plugin 1.0.1 and earlier for WordPress allow remote attackers to hijack the authentication of administrators for requests that (1) change application settings or (2) conduct cross-site scripting (XSS) attacks. | |||||
| CVE-2014-2141 | 1 Cisco | 2 Cisco Ons 15454 System Software, Ons 15454 | 2014-04-10 | 4.0 MEDIUM | N/A |
| The session-termination functionality on Cisco ONS 15454 controller cards with software 9.6 and earlier does not initialize an unspecified pointer, which allows remote authenticated users to cause a denial of service (card reset) via crafted session-close actions, aka Bug ID CSCug97416. | |||||
| CVE-2014-2129 | 1 Cisco | 1 Adaptive Security Appliance Software | 2014-04-10 | 7.1 HIGH | N/A |
| The SIP inspection engine in Cisco Adaptive Security Appliance (ASA) Software 8.2 before 8.2(5.48), 8.4 before 8.4(6.5), 9.0 before 9.0(3.1), and 9.1 before 9.1(2.5) allows remote attackers to cause a denial of service (memory consumption or device reload) via crafted SIP packets, aka Bug ID CSCuh44052. | |||||
| CVE-2014-2128 | 1 Cisco | 1 Adaptive Security Appliance Software | 2014-04-10 | 5.0 MEDIUM | N/A |
| The SSL VPN implementation in Cisco Adaptive Security Appliance (ASA) Software 8.2 before 8.2(5.47, 8.3 before 8.3(2.40), 8.4 before 8.4(7.3), 8.6 before 8.6(1.13), 9.0 before 9.0(3.8), and 9.1 before 9.1(3.2) allows remote attackers to bypass authentication via (1) a crafted cookie value within modified HTTP POST data or (2) a crafted URL, aka Bug ID CSCua85555. | |||||
| CVE-2014-2127 | 1 Cisco | 1 Adaptive Security Appliance Software | 2014-04-10 | 8.5 HIGH | N/A |
| Cisco Adaptive Security Appliance (ASA) Software 8.x before 8.2(5.48), 8.3 before 8.3(2.40), 8.4 before 8.4(7.9), 8.6 before 8.6(1.13), 9.0 before 9.0(4.1), and 9.1 before 9.1(4.3) does not properly process management-session information during privilege validation for SSL VPN portal connections, which allows remote authenticated users to gain privileges by establishing a Clientless SSL VPN session and entering crafted URLs, aka Bug ID CSCul70099. | |||||
| CVE-2014-2126 | 1 Cisco | 1 Adaptive Security Appliance Software | 2014-04-10 | 8.5 HIGH | N/A |
| Cisco Adaptive Security Appliance (ASA) Software 8.2 before 8.2(5.47), 8.4 before 8.4(7.5), 8.7 before 8.7(1.11), 9.0 before 9.0(3.10), and 9.1 before 9.1(3.4) allows remote authenticated users to gain privileges by leveraging level-0 ASDM access, aka Bug ID CSCuj33496. | |||||