NVD - Results

Sort results by:

Search Results (Refine Search)

Search Parameters:

Results Type: Overview
Keyword (text search): cpe:2.3:a:cogentdatahub:cogent_datahub:7.3.0:*:*:*:*:*:*:*
CPE Name Search: true

There are 6 matching records.

Displaying matches 1 through 6.

Vuln ID	Summary	CVSS Severity
CVE-2016-2288	Cogent DataHub before 7.3.10 allows local users to gain privileges by leveraging the user or guest role to modify a file. Published: March 29, 2016; 11:59:01 AM -0400	V4.0:(not available) V3.0: 7.8 HIGH V2.0: 7.2 HIGH
CVE-2014-2354	Cogent DataHub before 7.3.5 does not use a salt during password hashing, which makes it easier for context-dependent attackers to obtain cleartext passwords via a brute-force attack. Published: May 30, 2014; 7:55:02 PM -0400	V4.0:(not available) V3.x:(not available) V2.0: 5.0 MEDIUM
CVE-2014-2353	Cross-site scripting (XSS) vulnerability in Cogent DataHub before 7.3.5 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. Published: May 30, 2014; 7:55:02 PM -0400	V4.0:(not available) V3.x:(not available) V2.0: 4.3 MEDIUM
CVE-2014-2352	Directory traversal vulnerability in Cogent DataHub before 7.3.5 allows remote attackers to read arbitrary files of unspecified types, or cause a web-server denial of service, via a crafted pathname. Published: May 30, 2014; 7:55:02 PM -0400	V4.0:(not available) V3.x:(not available) V2.0: 6.4 MEDIUM
CVE-2014-3789	GetPermissions.asp in Cogent Real-Time Systems Cogent DataHub before 7.3.5 allows remote attackers to execute arbitrary commands via unspecified vectors. Published: May 22, 2014; 7:55:03 PM -0400	V4.0:(not available) V3.x:(not available) V2.0: 7.5 HIGH
CVE-2014-3788	Heap-based buffer overflow in the Web Server in Cogent Real-Time Systems Cogent DataHub before 7.3.5 allows remote attackers to execute arbitrary code via a negative value in the Content-Length field in a request. Published: May 22, 2014; 7:55:03 PM -0400	V4.0:(not available) V3.x:(not available) V2.0: 7.5 HIGH