Vulnerabilities (CVE)

Filtered by CWE-264
Total 5271 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2014-0719 1 Cisco 1 Ips Sensor Software 2026-06-17 7.8 HIGH N/A
The control-plane access-list implementation in Cisco IPS Software before 7.1(8p2)E4 and 7.2 before 7.2(2)E4 allows remote attackers to cause a denial of service (MainApp process outage) via crafted packets to TCP port 7000, aka Bug ID CSCui67394.
CVE-2014-0686 1 Cisco 1 Unified Communications Manager 2026-06-17 6.0 MEDIUM N/A
Cisco Unified Communications Manager (aka Unified CM) 9.1 (2.10000.28) and earlier allows local users to gain privileges by leveraging incorrect file permissions, aka Bug IDs CSCul24917 and CSCul24908.
CVE-2014-0685 1 Cisco 1 Cisco Nexus 1000v Intercloud 2026-06-17 5.0 MEDIUM N/A
Cisco Nexus 1000V InterCloud 5.2(1)IC1(1.2) and earlier for VMware allows remote attackers to bypass ACL deny statements via crafted (1) IGMPv2 or (2) IGMPv3 packets, aka Bug ID CSCug61691.
CVE-2014-0682 1 Cisco 1 Webex Meetings Server 2026-06-17 4.9 MEDIUM N/A
Cisco WebEx Meetings Server allows remote authenticated users to bypass authorization checks and (1) join arbitrary meetings, or (2) terminate a meeting without having a host role, via a crafted URL, aka Bug ID CSCuj42346.
CVE-2014-0678 1 Cisco 1 Secure Access Control System 2026-06-17 5.5 MEDIUM N/A
The portal interface in Cisco Secure Access Control System (ACS) does not properly manage sessions, which allows remote authenticated users to hijack sessions and gain privileges via unspecified vectors, aka Bug ID CSCue65951.
CVE-2014-0676 1 Cisco 1 Nx-os 2026-06-17 6.8 MEDIUM N/A
Cisco NX-OS allows local users to bypass intended TACACS+ command restrictions via a series of multiple commands, aka Bug ID CSCum47367.
CVE-2014-0672 1 Cisco 1 Mediasense 2026-06-17 4.0 MEDIUM N/A
The Search and Play interface in Cisco MediaSense does not properly enforce authorization requirements, which allows remote authenticated users to download arbitrary recordings via a request to this interface.
CVE-2014-0669 1 Cisco 1 Asr 5000 Series Software 2026-06-17 5.0 MEDIUM N/A
The Wireless Session Protocol (WSP) feature in the Gateway GPRS Support Node (GGSN) component on Cisco ASR 5000 series devices allows remote attackers to bypass intended Top-Up payment restrictions via unspecified WSP packets, aka Bug ID CSCuh28371.
CVE-2014-0667 1 Cisco 1 Secure Access Control System 2026-06-17 6.3 MEDIUM N/A
The RMI interface in Cisco Secure Access Control System (ACS) does not properly enforce authorization requirements, which allows remote authenticated users to read arbitrary files via a request to this interface, aka Bug ID CSCud75169.
CVE-2014-0665 1 Cisco 1 Identity Services Engine Software 2026-06-17 4.0 MEDIUM N/A
The RBAC implementation in Cisco Identity Services Engine (ISE) Software does not properly verify privileges for support-bundle downloads, which allows remote authenticated users to obtain sensitive information via a download action, as demonstrated by obtaining read access to the user database, aka Bug ID CSCul83904.
CVE-2014-0657 1 Cisco 1 Unified Communications Manager 2026-06-17 4.0 MEDIUM N/A
The administration portal in Cisco Unified Communications Manager (Unified CM) 9.1(1) and earlier does not properly handle role restrictions, which allows remote authenticated users to bypass role-based access control via multiple visits to a forbidden portal URL, aka Bug ID CSCuj83540.
CVE-2014-0651 1 Cisco 1 Context Directory Agent 2026-06-17 4.9 MEDIUM N/A
The administrative interface in Cisco Context Directory Agent (CDA) does not properly enforce authorization requirements, which allows remote authenticated users to obtain administrative access by hijacking a session, aka Bug ID CSCuj45347.
CVE-2014-0649 1 Cisco 1 Secure Access Control System 2026-06-17 9.0 HIGH N/A
The RMI interface in Cisco Secure Access Control System (ACS) 5.x before 5.5 does not properly enforce authorization requirements, which allows remote authenticated users to obtain superadmin access via a request to this interface, aka Bug ID CSCud75180.
CVE-2014-0648 1 Cisco 1 Secure Access Control System 2026-06-17 10.0 HIGH N/A
The RMI interface in Cisco Secure Access Control System (ACS) 5.x before 5.5 does not properly enforce authentication and authorization requirements, which allows remote attackers to obtain administrative access via a request to this interface, aka Bug ID CSCud75187.
CVE-2014-0642 1 Emc 1 Documentum Content Server 2026-06-17 5.5 MEDIUM N/A
EMC Documentum Content Server before 6.7 SP1 P26, 6.7 SP2 before P13, 7.0 before P13, and 7.1 before P02 allows remote authenticated users to bypass intended access restrictions and read metadata from certain folders via unspecified vectors.
CVE-2014-0640 1 Emc 1 Rsa Archer Egrc 2026-06-17 4.0 MEDIUM N/A
EMC RSA Archer GRC Platform 5.x before 5.5 SP1 allows remote authenticated users to bypass intended restrictions on resource access via unspecified vectors.
CVE-2014-0630 1 Emc 1 Documentum Taskspace 2026-06-17 4.0 MEDIUM N/A
EMC Documentum TaskSpace (TSP) 6.7SP1 before P25 and 6.7SP2 before P11 allows remote authenticated users to read arbitrary files via a modified imaging-service URL.
CVE-2014-0629 1 Emc 1 Documentum Taskspace 2026-06-17 8.5 HIGH N/A
EMC Documentum TaskSpace (TSP) 6.7SP1 before P25 and 6.7SP2 before P11 does not properly handle the interaction between the dm_world group and the dm_superusers_dynamic group, which allows remote authenticated users to obtain sensitive information and gain privileges in opportunistic circumstances by leveraging an incorrect group-addition implementation.
CVE-2014-0622 1 Emc 1 Documentum Foundation Services 2026-06-17 9.0 HIGH N/A
The web service in EMC Documentum Foundation Services (DFS) 6.5 through 6.7 before 6.7 SP1 P22, 6.7 SP2 before P08, 7.0 before P12, and 7.1 before P01 does not properly implement content uploading, which allows remote authenticated users to bypass intended content access restrictions via unspecified vectors.
CVE-2014-0615 1 Juniper 1 Junos 2026-06-17 7.2 HIGH N/A
Juniper Junos 10.4 before 10.4R16, 11.4 before 11.4R10, 12.1R before 12.1R8-S2, 12.1X44 before 12.1X44-D30, 12.1X45 before 12.1X45-D20, 12.1X46 before 12.1X46-D10, 12.2 before 12.2R7, 12.3 before 12.3R5, 13.1 before 13.1R3-S1, 13.2 before 13.2R2, and 13.3 before 13.3R1 allows local users to gain privileges via vectors related to "certain combinations of Junos OS CLI commands and arguments."