|
260591
|
- |
|
cisco
|
unified_communications_manager
|
Cisco Unified Communications Manager (CUCM) does not properly limit the rate of authentication attempts, which allows remote attackers to cause a denial of service (application slowdown) via a series…
|
CWE-287
Improper Authentication
|
CVE-2013-1188
|
2013-05-16 13:00 |
2013-05-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260592
|
- |
|
cisco
|
webex_social
|
Cross-site scripting (XSS) vulnerability in the portal module in Cisco WebEx Social allows remote authenticated users to inject arbitrary web script or HTML via a javascript: URL in the link field in…
|
CWE-79
Cross-site Scripting
|
CVE-2013-1244
|
2013-05-16 13:00 |
2013-05-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260593
|
- |
|
cisco
|
webex_social
|
The user-management page in Cisco WebEx Social relies on client-side validation of values in the Screen Name, First Name, Middle Name, Last Name, Email Address, and Job Title fields, which allows rem…
|
CWE-20
Improper Input Validation
|
CVE-2013-1245
|
2013-05-16 13:00 |
2013-05-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260594
|
- |
|
microsoft
|
malware_protection_engine
|
mpengine.dll in Microsoft Malware Protection Engine before 1.1.9506.0 on x64 platforms allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2013-1346
|
2013-05-15 19:55 |
2013-05-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260595
|
- |
|
mitsubishi-automation
schneider-electric
|
mitsubishi_mx_component
citectfacilities
citectscada
|
Multiple buffer overflows in ActUWzd.dll 1.0.0.1 in Mitsubishi MX Component 3, as distributed in Citect CitectFacilities 7.10 and CitectScada 7.10r1, allow remote attackers to execute arbitrary code …
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2013-3075
|
2013-05-15 13:00 |
2013-04-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260596
|
- |
|
schneider-electric
|
kerweb
kerwin
|
Multiple cross-site scripting (XSS) vulnerabilities in Schneider Electric Kerweb before 3.0.1 and Kerwin before 6.0.1 allow remote attackers to inject arbitrary web script or HTML via (1) the evtvari…
|
CWE-79
Cross-site Scripting
|
CVE-2012-1990
|
2013-05-15 13:00 |
2012-05-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260597
|
- |
|
splunk
|
splunk
|
Cross-site scripting (XSS) vulnerability in Splunk Web in Splunk 4.3.0 through 4.3.5 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
|
CWE-79
Cross-site Scripting
|
CVE-2013-2766
|
2013-05-15 12:36 |
2013-04-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260598
|
- |
|
openstack
|
cinder_folsom
compute_\(nova\)_essex
compute_\(nova\)_folsom
folsom
grizzly
keystone_essex
|
The XML libraries for Python 3.4, 3.3, 3.2, 3.1, 2.7, and 2.6, as used in OpenStack Keystone Essex, Folsom, and Grizzly; Compute (Nova) Essex and Folsom; Cinder Folsom; Django; and possibly other pro…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2013-1664
|
2013-05-15 12:35 |
2013-04-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260599
|
- |
|
openstack
|
folsom
keystone_essex
|
The XML libraries for Python 3.4, 3.3, 3.2, 3.1, 2.7, and 2.6, as used in OpenStack Keystone Essex and Folsom, Django, and possibly other products allow remote attackers to read arbitrary files via a…
|
CWE-200
Information Exposure
|
CVE-2013-1665
|
2013-05-15 12:35 |
2013-04-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260600
|
- |
|
fedoraproject
|
sssd
|
The Simple Access Provider in System Security Services Daemon (SSSD) 1.9.0 through 1.9.4, when the Active Directory provider is used, does not properly enforce the simple_deny_groups option, which al…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2013-0287
|
2013-05-15 12:34 |
2013-03-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
