|
259711
|
- |
|
bluecoat
|
avos
proxyav
|
Multiple cross-site request forgery (CSRF) vulnerabilities on the Blue Coat ProxyAV appliance before 3.2.6.1 allow remote attackers to hijack the authentication of administrators for requests that (1…
|
CWE-352
Origin Validation Error
|
CVE-2010-5191
|
2013-10-11 23:48 |
2012-08-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
259712
|
- |
|
cisco
|
telepresence_tc_software
|
The web portal in TC software on Cisco TelePresence endpoints does not require an exact password match during a login attempt by a user who has not configured a password, which allows remote attacker…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2013-3405
|
2013-10-11 23:46 |
2013-07-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
259713
|
- |
|
wago
|
wago_i\/o_system_758_industrial_pc_device
|
The Linux Console on the WAGO I/O System 758 model 758-870, 758-874, 758-875, and 758-876 Industrial PC (IPC) devices has a default password of wago for the (1) root and (2) admin accounts, (3) a def…
|
CWE-255
Credentials Management
|
CVE-2012-4879
|
2013-10-11 23:45 |
2012-09-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
259714
|
- |
|
cisco
|
asa_5500-x_series_ips_ssp_software
intrusion_prevention_system
asa_5585-x
idsm-2
ips_4345_sensor
ips_4360_sensor
ips_4510_sensor
ips_4520_sensor
ips_nme
|
The IP stack in Cisco Intrusion Prevention System (IPS) Software in ASA 5500-X IPS-SSP software and hardware modules before 7.1(5)E4, IPS 4500 sensors before 7.1(6)E4, and IPS 4300 sensors before 7.1…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2013-1243
|
2013-10-11 23:44 |
2013-07-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
259715
|
- |
|
cisco
|
unified_meetingplace
|
Cross-site scripting (XSS) vulnerability in the web framework in the Application Server in Cisco Unified MeetingPlace allows remote attackers to inject arbitrary web script or HTML via an unspecified…
|
CWE-79
Cross-site Scripting
|
CVE-2013-5495
|
2013-10-11 23:35 |
2013-09-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
259716
|
- |
|
symantec
|
network_access_control
|
Unquoted Windows search path vulnerability in Symantec Network Access Control (SNAC) 12.1 before RU2 allows local users to gain privileges via unspecified vectors.
|
NVD-CWE-noinfo
|
CVE-2012-4349
|
2013-10-11 23:26 |
2012-12-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
259717
|
- |
|
owncloud
|
owncloud
|
Multiple cross-site request forgery (CSRF) vulnerabilities in ownCloud before 4.0.6 allow remote attackers to hijack the authentication of arbitrary users for requests that use (1) addBookmark.php, (…
|
CWE-352
Origin Validation Error
|
CVE-2012-4393
|
2013-10-11 23:10 |
2012-09-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
259718
|
- |
|
python
|
setuptools
|
easy_install in setuptools before 0.7 uses HTTP to retrieve packages from the PyPI repository, and does not perform integrity checks on package contents, which allows man-in-the-middle attackers to e…
|
CWE-20
Improper Input Validation
|
CVE-2013-1633
|
2013-10-11 22:59 |
2013-08-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
259719
|
- |
|
x2engine
|
x2crm
|
Cross-site scripting (XSS) vulnerability in X2Engine X2CRM before 3.5 allows remote attackers to inject arbitrary web script or HTML via the model parameter to index.php/admin/editor.
|
CWE-79
Cross-site Scripting
|
CVE-2013-5693
|
2013-10-11 22:33 |
2013-10-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
259720
|
- |
|
google
|
android
|
drivers/gpu/msm/kgsl.c in the Qualcomm Innovation Center (QuIC) Graphics KGSL kernel-mode driver for Android 2.3 through 4.2 allows attackers to cause a denial of service (NULL pointer dereference) v…
|
CWE-20
Improper Input Validation
|
CVE-2012-4222
|
2013-10-11 22:31 |
2012-11-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
