|
260701
|
- |
|
cisco
|
telepresence_supervisor_mse_8050_software
telepresence_supervisor_mse_8050
|
Cisco TelePresence Supervisor MSE 8050 before 2.3(1.31) allows remote attackers to cause a denial of service (CPU consumption or device reload) by establishing TCP connections at a high rate, aka Bug…
|
CWE-20
Improper Input Validation
|
CVE-2013-1236
|
2013-05-16 22:13 |
2013-05-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260702
|
- |
|
cisco
|
secure_access_control_system
|
Session fixation vulnerability in Cisco Secure Access Control System (ACS) allows remote attackers to hijack web sessions via unspecified vectors, aka Bug ID CSCud95787.
|
CWE-287
Improper Authentication
|
CVE-2013-1200
|
2013-05-16 22:02 |
2013-05-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260703
|
- |
|
novell
|
imanager
|
Cross-site request forgery (CSRF) vulnerability in Novell iManager 2.7 before SP6 Patch 1 allows remote attackers to hijack the authentication of arbitrary users by leveraging improper request valida…
|
CWE-352
Origin Validation Error
|
CVE-2013-1088
|
2013-05-16 13:00 |
2013-04-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260704
|
- |
|
cisco
|
unified_communications_manager
|
Cisco Unified Communications Manager (CUCM) does not properly limit the rate of authentication attempts, which allows remote attackers to cause a denial of service (application slowdown) via a series…
|
CWE-287
Improper Authentication
|
CVE-2013-1188
|
2013-05-16 13:00 |
2013-05-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260705
|
- |
|
cisco
|
webex_social
|
Cross-site scripting (XSS) vulnerability in the portal module in Cisco WebEx Social allows remote authenticated users to inject arbitrary web script or HTML via a javascript: URL in the link field in…
|
CWE-79
Cross-site Scripting
|
CVE-2013-1244
|
2013-05-16 13:00 |
2013-05-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260706
|
- |
|
cisco
|
webex_social
|
The user-management page in Cisco WebEx Social relies on client-side validation of values in the Screen Name, First Name, Middle Name, Last Name, Email Address, and Job Title fields, which allows rem…
|
CWE-20
Improper Input Validation
|
CVE-2013-1245
|
2013-05-16 13:00 |
2013-05-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260707
|
- |
|
microsoft
|
malware_protection_engine
|
mpengine.dll in Microsoft Malware Protection Engine before 1.1.9506.0 on x64 platforms allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2013-1346
|
2013-05-15 19:55 |
2013-05-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260708
|
- |
|
mitsubishi-automation
schneider-electric
|
mitsubishi_mx_component
citectfacilities
citectscada
|
Multiple buffer overflows in ActUWzd.dll 1.0.0.1 in Mitsubishi MX Component 3, as distributed in Citect CitectFacilities 7.10 and CitectScada 7.10r1, allow remote attackers to execute arbitrary code …
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2013-3075
|
2013-05-15 13:00 |
2013-04-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260709
|
- |
|
schneider-electric
|
kerweb
kerwin
|
Multiple cross-site scripting (XSS) vulnerabilities in Schneider Electric Kerweb before 3.0.1 and Kerwin before 6.0.1 allow remote attackers to inject arbitrary web script or HTML via (1) the evtvari…
|
CWE-79
Cross-site Scripting
|
CVE-2012-1990
|
2013-05-15 13:00 |
2012-05-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260710
|
- |
|
splunk
|
splunk
|
Cross-site scripting (XSS) vulnerability in Splunk Web in Splunk 4.3.0 through 4.3.5 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
|
CWE-79
Cross-site Scripting
|
CVE-2013-2766
|
2013-05-15 12:36 |
2013-04-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
