|
260131
|
- |
|
konstanty_bialkowski
debian
|
libmodplug
debian_linux
|
Integer overflow in the abc_set_parts function in load_abc.cpp in libmodplug 0.8.8.4 and earlier allows remote attackers to cause a denial of service and possibly execute arbitrary code via a crafted…
|
CWE-189
Numeric Errors
|
CVE-2013-4233
|
2013-09-26 03:21 |
2013-09-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260132
|
- |
|
slickremix
|
design_approval_system_plugin
|
Cross-site scripting (XSS) vulnerability in admin/walkthrough/walkthrough.php in the Design Approval System plugin before 3.7 for WordPress allows remote attackers to inject arbitrary web script or H…
|
CWE-79
Cross-site Scripting
|
CVE-2013-5711
|
2013-09-26 03:08 |
2013-09-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260133
|
- |
|
dahuasecurity
|
dvr0404hd-a
dvr0404hd-l
dvr0404hd-s
dvr0404hd-u
dvr0404hf-a-e
dvr0404hf-al-e
dvr0404hf-s-e
dvr0404hf-u-e
dvr0804
dvr0804hd-l
dvr0804hd-s
dvr0804hf-a-e
dvr0804hf-al…
|
Dahua DVR appliances have a small value for the maximum password length, which makes it easier for remote attackers to obtain access via a brute-force attack.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2013-3614
|
2013-09-26 03:07 |
2013-09-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260134
|
- |
|
dahuasecurity
|
dvr0404hd-a
dvr0404hd-l
dvr0404hd-s
dvr0404hd-u
dvr0404hf-a-e
dvr0404hf-al-e
dvr0404hf-s-e
dvr0404hf-u-e
dvr0804
dvr0804hd-l
dvr0804hd-s
dvr0804hf-a-e
dvr0804hf-al…
|
The authorization implementation on Dahua DVR appliances accepts a hash string representing the current date for the role of a master password, which makes it easier for remote attackers to obtain ad…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2013-5754
|
2013-09-26 03:07 |
2013-09-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260135
|
- |
|
dell
|
idrac6_firmware
idrac6_monolithic
idrac7_firmware
idrac7
|
Cross-site scripting (XSS) vulnerability in the login page in the Administrative Web Interface on Dell iDRAC6 monolithic devices with firmware before 1.96 and iDRAC7 devices with firmware before 1.46…
|
CWE-79
Cross-site Scripting
|
CVE-2013-3589
|
2013-09-26 02:52 |
2013-09-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260136
|
- |
|
ni
|
diadem
labview
labwindows
measurementstudio
teststand
|
The ActiveX controls in the HelpAsst component in NI Help Links in National Instruments LabWindows/CVI 2012 SP1 and earlier, LabVIEW 2012 SP1 and earlier, and other products allow remote attackers to…
|
NVD-CWE-noinfo
|
CVE-2013-5023
|
2013-09-26 00:06 |
2013-08-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260137
|
- |
|
ni
|
measurementstudio
|
An ActiveX control in NationalInstruments.Help2.dll in National Instruments NI .NET Class Library Help, as used in Measurement Studio 2013 and earlier and other products, allows remote attackers to o…
|
NVD-CWE-noinfo
|
CVE-2013-5024
|
2013-09-26 00:05 |
2013-08-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260138
|
- |
|
jforum
|
jforum
|
Open redirect vulnerability in JForum 2.1.9 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the returnPath parameter in a validateLogin acti…
|
CWE-20
Improper Input Validation
|
CVE-2012-5338
|
2013-09-25 03:01 |
2013-09-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260139
|
- |
|
cgi
|
hotscan
|
Stack-based buffer overflow in Logica HotScan allows remote attackers to cause a denial of service (crash) via a crafted packet.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2012-2624
|
2013-09-24 22:56 |
2013-09-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260140
|
- |
|
debian
|
phpbb3
|
Phpbb3 before 3.0.11-4 for Debian GNU/Linux uses world-writable permissions for cache files, which allows local users to modify the file contents via standard filesystem write operations.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2013-5724
|
2013-09-24 08:21 |
2013-09-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
