Vulnerabilities > Critical
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2014-07-17 | CVE-2014-4216 | Unspecified vulnerability in Oracle JDK and JRE Unspecified vulnerability in Oracle Java SE 5.0u65, 6u75, 7u60, and 8u5 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Hotspot. | 9.3 |
| 2014-07-17 | CVE-2014-2490 | Unspecified vulnerability in the Java SE component in Oracle Java SE 7u60 and SE 8u5 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Hotspot. | 9.3 |
| 2014-07-17 | CVE-2014-2483 | Unspecified vulnerability in the Java SE component in Oracle Java SE Java SE 7u60 and OpenJDK 7 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Libraries, a different vulnerability than CVE-2014-4223. | 9.3 |
| 2014-07-16 | CVE-2013-5755 | Credentials Management vulnerability in Yealink Sip-T38G config/.htpasswd in Yealink IP Phone SIP-T38G has a hardcoded password of (1) user (s7C9Cx.rLsWFA) for the user account, (2) admin (uoCbM.VEiKQto) for the admin account, and (3) var (jhl3iZAe./qXM) for the var account, which makes it easier for remote attackers to obtain access via unspecified vectors. | 10.0 |
| 2014-07-16 | CVE-2014-2606 | Privilege Escalation vulnerability in HP StoreVirtual 4000 Storage and StoreVirtual VSA Unspecified vulnerability in HP StoreVirtual 4000 Storage and StoreVirtual VSA 9.5 through 11.0 allows remote authenticated users to gain privileges via unknown vectors. | 9.0 |
| 2014-07-15 | CVE-2014-3418 | OS Command Injection vulnerability in Infoblox Netmri config/userAdmin/login.tdf in Infoblox NetMRI before 6.8.5 allows remote attackers to execute arbitrary commands via shell metacharacters in the skipjackUsername parameter. | 10.0 |
| 2014-07-14 | CVE-2014-2955 | Improper Authentication vulnerability in Raritan Dpxr20A-16 and PX Raritan PX before 1.5.11 on DPXR20A-16 devices allows remote attackers to bypass authentication and execute arbitrary IPMI commands by using cipher suite 0 (aka cipher zero) and an arbitrary password. | 10.0 |
| 2014-07-14 | CVE-2014-2951 | Unspecified vulnerability in Datumsystems Snip Datum Systems SnIP on PSM-500 and PSM-4500 devices has a hardcoded password of admin for the admin account, which makes it easier for remote attackers to obtain access via unspecified vectors. | 10.0 |
| 2014-07-11 | CVE-2014-3816 | Permissions, Privileges, and Access Controls vulnerability in Juniper Junos Juniper Junos 11.4 before 11.4R12, 12.1 before 12.1R11, 12.1X44 before 12.1X44-D35, 12.1X45 before 12.1X45-D30, 12.1X46 before 12.1X46-D20, 12.1X47 before 12.1X47-D10, 12.2 before 12.2R8-S2, 12.3 before 12.3R7, 13.1 before 13.1R4-S2, 13.2 before 13.2R5, 13.3 before 13.3R2-S2, and 14.1 before 14.1R1 allows remote authenticated users to gain privileges via unspecified combinations of CLI commands and arguments. | 9.0 |
| 2014-07-09 | CVE-2012-4988 | Buffer Errors vulnerability in Xnview 1.99/1.99.1 Heap-based buffer overflow in the xjpegls.dll (aka JLS, JPEG-LS, or JPEG lossless) format plugin in XnView 1.99 and 1.99.1 allows remote attackers to execute arbitrary code via a crafted JLS image file. | 9.3 |