CVE-2014-3905
published 2014-08-17CVE-2014-3905: Cross-site scripting (XSS) vulnerability in tenfourzero Shutter 0.1.4 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
PriorityP415medium4.3CVSS 2.0
AVNACMAuNCNIPAN
EPSS
0.93%
56.2th percentile
Cross-site scripting (XSS) vulnerability in tenfourzero Shutter 0.1.4 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| tenfourzero | shutter | — | — |
CVSS provenance
nvdv2.04.3MEDIUMAV:N/AC:M/Au:N/C:N/I:P/A:N
vendor_cisco10.0CRITICAL
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-gm47-3xmp-7h63: Cross-site scripting (XSS) vulnerability in tenfourzero Shutter 0
ghsa_unreviewed·2022-05-17
CVE-2014-3905 [MEDIUM] CWE-79 GHSA-gm47-3xmp-7h63: Cross-site scripting (XSS) vulnerability in tenfourzero Shutter 0
Cross-site scripting (XSS) vulnerability in tenfourzero Shutter 0.1.4 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
Cisco
Unauthorized Access Vulnerability in Cisco Unified SIP Phone 3905
vendor_cisco·2014-02-19·CVSS 10.0
CVE-2014-0721 [CRITICAL] CWE-264 Unauthorized Access Vulnerability in Cisco Unified SIP Phone 3905
Unauthorized Access Vulnerability in Cisco Unified SIP Phone 3905
A vulnerability in the Cisco Unified SIP Phone 3905 could allow an unauthenticated, remote attacker to gain root-level access to an affected device.
Cisco has released software updates that address this vulnerability. Workarounds that mitigate this vulnerability are not available.
This advisory is available at the following link:
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140219-phone
Cisco
Unauthorized Access Vulnerability in Cisco Unified SIP Phone 3905
vendor_cisco
CVE-2014-0721 Unauthorized Access Vulnerability in Cisco Unified SIP Phone 3905
CVE-2014-0721: Unauthorized Access Vulnerability in Cisco Unified SIP Phone 3905
A vulnerability in the Cisco Unified SIP Phone 3905 could allow an unauthenticated, remote attacker to gain root -level access to an affected device. Cisco has released software updates that address this vulnerability.
CWE: CWE-264, CWE-264
Bug IDs: CSCuh75574, CSCuh75574
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
2014-08-17
Published