Vulnerabilities > Critical
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2014-03-11 | CVE-2013-6941 | Unspecified vulnerability in Citrix Netscaler Application Delivery Controller Firmware Unspecified vulnerability in Citrix NetScaler Application Delivery Controller (ADC) 9.3.x before 9.3-64.4, 10.0 before 10.0-77.5, and 10.1 before 10.1-118.7 allows users to "breakout" of the shell via unknown vectors. | 10.0 |
| 2014-03-06 | CVE-2014-0703 | Race Condition vulnerability in Cisco products Cisco Wireless LAN Controller (WLC) devices 7.4 before 7.4.110.0 distribute Aironet IOS software with a race condition in the status of the administrative HTTP server, which allows remote attackers to bypass intended access restrictions by connecting to an Aironet access point on which this server had been disabled ineffectively, aka Bug ID CSCuf66202. | 10.0 |
| 2014-03-06 | CVE-2014-0683 | Credentials Management vulnerability in Cisco products The web management interface on the Cisco RV110W firewall with firmware 1.2.0.9 and earlier, RV215W router with firmware 1.1.0.5 and earlier, and CVR100W router with firmware 1.0.1.19 and earlier does not prevent replaying of modified authentication requests, which allows remote attackers to obtain administrative access by leveraging the ability to intercept requests, aka Bug IDs CSCul94527, CSCum86264, and CSCum86275. | 10.0 |
| 2014-03-05 | CVE-2014-2206 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Getgosoft Getgo Download Manager Stack-based buffer overflow in GetGo Download Manager 4.9.0.1982, 4.8.2.1346, 4.4.5.502, and earlier allows remote attackers to cause a denial of service (crash) and execute arbitrary code via a long HTTP Response Header. | 10.0 |
| 2014-03-03 | CVE-2013-4981 | Buffer Errors vulnerability in Avtech Avn801 DVR and Avn801 DVR Firmware Buffer overflow in cgi-bin/user/Config.cgi in AVTECH AVN801 DVR with firmware 1017-1003-1009-1003 and earlier, and possibly other devices, allows remote attackers to cause a denial of service (device crash) and possibly execute arbitrary code via a long string in the Network.SMTP.Receivers parameter. | 9.0 |
| 2014-03-03 | CVE-2013-4980 | Buffer Errors vulnerability in Avtech Avn801 DVR and Avn801 DVR Firmware Buffer overflow in the RTSP Packet Handler in AVTECH AVN801 DVR with firmware 1017-1003-1009-1003 and earlier, and possibly other devices, allows remote attackers to cause a denial of service (device crash) and possibly execute arbitrary code via a long string in the URI in an RTSP SETUP request. | 9.0 |
| 2014-03-03 | CVE-2013-4977 | Buffer Errors vulnerability in Hikvision Ds-2Cd7153-E and Ds-2Cd7153-E Firmware Buffer overflow in the RTSP Packet Handler in Hikvision DS-2CD7153-E IP camera with firmware 4.1.0 b130111 (Jan 2013), and possibly other devices, allows remote attackers to cause a denial of service (device crash and reboot) and possibly execute arbitrary code via a long string in the Range header field in an RTSP transaction. | 10.0 |
| 2014-03-03 | CVE-2013-4710 | Improper Input Validation vulnerability in Google Android Android 3.0 through 4.1.x on Disney Mobile, eAccess, KDDI, NTT DOCOMO, SoftBank, and other devices does not properly implement the WebView class, which allows remote attackers to execute arbitrary methods of Java objects or cause a denial of service (reboot) via a crafted web page, as demonstrated by use of the WebView.addJavascriptInterface method, a related issue to CVE-2012-6636. | 9.3 |
| 2014-03-02 | CVE-2014-0862 | Unspecified vulnerability in IBM Rational Collaborative Lifecycle Management Unspecified vulnerability in Jazz Team Server in IBM Rational Collaborative Lifecycle Management (CLM) 3.x before 3.0.1.6 iFix 2 and 4.x before 4.0.6 allows remote attackers to execute arbitrary code via unknown vectors. | 10.0 |
| 2014-03-01 | CVE-2014-2262 | Buffer Errors vulnerability in SAS Base SAS 9.2/9.3/9.4 Buffer overflow in the client application in Base SAS 9.2 TS2M3, SAS 9.3 TS1M1 and TS1M2, and SAS 9.4 TS1M0 allows user-assisted remote attackers to execute arbitrary code via a crafted SAS program. | 9.3 |