260191
|
- |
|
sophos
|
web_appliance_firmware
|
The get_referers function in /opt/ws/bin/sblistpack in Sophos Web Appliance before 3.7.9.1 and 3.8 before 3.8.1.1 allows remote attackers to execute arbitrary commands via shell metacharacters in the…
|
CWE-78
OS Command
|
CVE-2013-4983
|
2013-10-9 23:51 |
2013-09-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
260192
|
- |
|
metaclassy
|
byword
|
The Metaclassy Byword app 2.x before 2.1 for iOS does not require confirmation of Replace file actions, which allows remote attackers to overwrite arbitrary files via the name and text parameters in …
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2013-5725
|
2013-10-9 06:21 |
2013-10-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
260193
|
- |
|
arubanetworks
|
clearpass clearpass_guest
|
The Sponsorship Confirmation functionality in Aruba Networks ClearPass 5.x, 6.0.1, and 6.0.2, and Amigopod/ClearPass Guest 3.0 through 3.9.7, allows remote attackers to bypass intended access restric…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2013-2269
|
2013-10-9 05:45 |
2013-10-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
260194
|
- |
|
canonical michael_vogt
|
ubuntu_linux ubuntu-system-service
|
ubuntu-system-service 0.2.4 before 0.2.4.1. 0.2.3 before 0.2.3.1, and 0.2.2 before 0.2.2.1 does not properly use D-Bus for communication with a polkit authority, which allows local users to bypass in…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2013-1062
|
2013-10-9 03:05 |
2013-10-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
260195
|
- |
|
wago
|
wago_i\/o_system_758_industrial_pc_device
|
WAGO I/O System 758 model 758-870, 758-874, 758-875, and 758-876 Industrial PC (IPC) devices have default passwords for unspecified Web Based Management accounts, which makes it easier for remote att…
|
CWE-255
Credentials Management
|
CVE-2012-3013
|
2013-10-9 02:41 |
2012-09-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
260196
|
- |
|
htmlcleaner_project open-xchange
|
htmlcleaner open-xchange_appsuite
|
Multiple race conditions in HtmlCleaner before 2.6, as used in Open-Xchange AppSuite 7.2.2 before rev13 and other products, allow remote authenticated users to read the private e-mail of other person…
|
CWE-362
Race Condition
|
CVE-2013-5035
|
2013-10-9 02:33 |
2013-09-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
260197
|
- |
|
htmlcleaner_project open-xchange
|
htmlcleaner open-xchange_appsuite
|
CVSS score reflects vendor comments provided in http://archives.neohapsis.com/archives/bugtraq/2013-08/0115.html
|
CWE-362
Race Condition
|
CVE-2013-5035
|
2013-10-9 02:33 |
2013-09-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
260198
|
- |
|
trianglemicroworks
|
ansi_c_source_code_libraries .net_communication_protocol_components scada_data_gateway
|
Triangle MicroWorks SCADA Data Gateway 2.50.0309 through 3.00.0616, DNP3 .NET Protocol components 3.06.0.171 through 3.15.0.369, and DNP3 C libraries 3.06.0000 through 3.15.0000 allow physically prox…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2013-2794
|
2013-10-9 02:24 |
2013-09-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
260199
|
- |
|
chamanet
|
chamacargo
|
Cross-site scripting (XSS) vulnerability in ChamaNet ChamaCargo 7.0000 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
|
CWE-79
Cross-site Scripting
|
CVE-2013-4704
|
2013-10-9 01:23 |
2013-09-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
260200
|
- |
|
gomlab
|
gom_player
|
Gretech GOM Media Player 2.2.53.5169 and possibly earlier allows remote attackers to cause a denial of service (application crash) via a crafted WAV file.
|
CWE-20
Improper Input Validation
|
CVE-2013-5716
|
2013-10-9 01:04 |
2013-09-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|