|
260741
|
- |
|
invensys
|
wonderware_information_server
|
Invensys Wonderware Information Server (WIS) 4.0 SP1SP1, 4.5- Portal, and 5.0- Portal does not restrict unspecified size and amount values, which allows remote attackers to execute arbitrary code or …
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2013-0685
|
2013-05-9 21:31 |
2013-05-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260742
|
- |
|
invensys
|
wonderware_information_server
|
Invensys Wonderware Information Server (WIS) 4.0 SP1SP1, 4.5- Portal, and 5.0- Portal allows remote attackers to read arbitrary files, send HTTP requests to intranet servers, or cause a denial of ser…
|
CWE-20
Improper Input Validation
|
CVE-2013-0686
|
2013-05-9 21:31 |
2013-05-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260743
|
- |
|
invensys
|
wonderware_information_server
|
Cross-site scripting (XSS) vulnerability in Invensys Wonderware Information Server (WIS) 4.0 SP1SP1, 4.5- Portal, and 5.0- Portal allows remote attackers to inject arbitrary web script or HTML via un…
|
CWE-79
Cross-site Scripting
|
CVE-2013-0688
|
2013-05-9 21:31 |
2013-05-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260744
|
- |
|
cisco
|
unified_customer_voice_portal
|
The CallServer component in Cisco Unified Customer Voice Portal (CVP) Software before 9.0.1 ES 11 allows remote attackers to cause a denial of service (call-acceptance outage) via malformed SIP INVIT…
|
NVD-CWE-Other
|
CVE-2013-1220
|
2013-05-9 21:31 |
2013-05-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260745
|
- |
|
cisco
|
unified_customer_voice_portal
|
The Tomcat Web Management feature in Cisco Unified Customer Voice Portal (CVP) Software before 9.0.1 ES 11 does not properly configure Tomcat components, which allows remote attackers to execute arbi…
|
CWE-16
Configuration
|
CVE-2013-1221
|
2013-05-9 21:31 |
2013-05-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260746
|
- |
|
cisco
|
unified_customer_voice_portal
|
The log viewer in Cisco Unified Customer Voice Portal (CVP) Software before 9.0.1 ES 11 does not properly validate an unspecified parameter, which allows remote attackers to read arbitrary files via …
|
CWE-20
Improper Input Validation
|
CVE-2013-1223
|
2013-05-9 21:31 |
2013-05-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260747
|
- |
|
cisco
|
unified_customer_voice_portal
|
Cisco Unified Customer Voice Portal (CVP) Software before 9.0.1 ES 11 allows remote attackers to read arbitrary files via a Resource Manager (1) HTTP or (2) HTTPS request containing an external entit…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2013-1225
|
2013-05-9 21:31 |
2013-05-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260748
|
- |
|
softbanktech
|
online_service_gate
|
The (1) OWA Helper and (2) OSG Lite programs in SoftBank Online Service Gate allow remote authenticated users to discover their own passwords, and consequently bypass an Office 365 restriction, via u…
|
CWE-200
Information Exposure
|
CVE-2013-2308
|
2013-05-9 21:31 |
2013-05-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260749
|
- |
|
cisco
|
ios
1921_integrated_services_router
1941_integrated_services_router
1941w_integrated_services_router
2901_integrated_services_router
2911_integrated_services_router
2921_integrated_…
|
The ISM module in Cisco IOS on ISR G2 routers does not properly handle authentication-header packets, which allows remote authenticated users to cause a denial of service (module reload) via a series…
|
CWE-287
Improper Authentication
|
CVE-2013-1241
|
2013-05-8 21:09 |
2013-05-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260750
|
- |
|
gwos
|
groundwork_monitor
|
The Foundation webapp admin interface in GroundWork Monitor Enterprise 6.7.0 uses the nagios account as the owner of writable files under /usr/local/groundwork, which allows context-dependent attacke…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2013-3500
|
2013-05-8 21:09 |
2013-05-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
