|
260141
|
- |
|
guillaume_gauvrit
|
pyshop
|
pyshop before 0.7.1 uses HTTP to retrieve packages from the PyPI repository, and does not perform integrity checks on package contents, which allows man-in-the-middle attackers to execute arbitrary c…
|
CWE-20
Improper Input Validation
|
CVE-2013-1630
|
2013-10-8 04:56 |
2013-08-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260142
|
- |
|
wordpress
|
wordpress
|
WordPress before 3.5.2 allows remote attackers to read arbitrary files via an oEmbed XML provider response containing an external entity declaration in conjunction with an entity reference, related t…
|
CWE-200
Information Exposure
|
CVE-2013-2202
|
2013-10-8 04:36 |
2013-07-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260143
|
- |
|
cybozu
|
mailwise
|
Cybozu Mailwise 5.0.4 and 5.0.5 allows remote authenticated users to obtain sensitive e-mail content intended for different persons in opportunistic circumstances by reading Subject header lines with…
|
CWE-200
Information Exposure
|
CVE-2013-4698
|
2013-10-8 04:29 |
2013-08-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260144
|
- |
|
iconcool
|
pdfcool_studio
|
Stack-based buffer overflow in PDFAX0722_IconCool.dll 7.22.1125.2121 in IconCool PDFCool Studio 3.32 Build 130330 and earlier allows remote attackers to execute arbitrary code via a crafted PDF file.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2013-4986
|
2013-10-8 03:08 |
2013-10-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260145
|
- |
|
dell
|
latitude_d530
latitude_d531
latitude_d630
latitude_d631
latitude_d830
latitude_e4200
latitude_e4300
latitude_e5400
latitude_e5500
latitude_e6400
latitude_e6400_atg
la…
|
Buffer overflow in Dell BIOS on Dell Latitude D###, E####, XT2, and Z600 devices, and Dell Precision M#### devices, allows local users to bypass intended BIOS signing requirements and install arbitra…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2013-3582
|
2013-10-8 03:04 |
2013-08-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260146
|
- |
|
searchblox
|
searchblox
|
Unrestricted file upload vulnerability in admin/uploadImage.html in SearchBlox before 7.5 build 1 allows remote attackers to execute arbitrary code by uploading an executable file with the image/jpeg…
|
NVD-CWE-Other
|
CVE-2013-3590
|
2013-10-8 03:01 |
2013-08-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260147
|
- |
|
searchblox
|
searchblox
|
Per: http://cwe.mitre.org/data/definitions/434.html
'CWE-434: Unrestricted Upload of File with Dangerous Type'
|
NVD-CWE-Other
|
CVE-2013-3590
|
2013-10-8 03:01 |
2013-08-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260148
|
- |
|
philips
|
xper_information_management_physiomonitoring_5
xperconnect
xper_information_management_vascular_monitoring_5
xper_flex_cardio
|
Heap-based buffer overflow in Xper in Philips Xper Information Management Physiomonitoring 5 components, Xper Information Management Vascular Monitoring 5 components, and Xper Information Management …
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2013-2808
|
2013-10-8 02:56 |
2013-10-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260149
|
- |
|
emc
|
rsa_authentication_agent
|
EMC RSA Authentication Agent for PAM 7.0 before 7.0.2.1 enforces the maximum number of login attempts within the PAM-enabled application codebase, instead of within the Agent codebase, which makes it…
|
CWE-255
Credentials Management
|
CVE-2013-3271
|
2013-10-8 02:56 |
2013-08-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260150
|
- |
|
corporater
|
epm_suite
|
Cross-site scripting (XSS) vulnerability in Corporater EPM Suite allows remote attackers to inject arbitrary web script or HTML via the customerId parameter to an unspecified component.
|
CWE-79
Cross-site Scripting
|
CVE-2013-3584
|
2013-10-8 02:54 |
2013-08-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
