258191
|
- |
|
apache
|
struts
|
Apache Struts 2.0.0 through 2.3.15.1 allows remote attackers to bypass access controls via a crafted action: prefix.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2013-4310
|
2014-05-5 14:25 |
2013-10-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
258192
|
- |
|
matrix42
|
service_store
|
Cross-site scripting (XSS) vulnerability in SPS/Portal/default.aspx in Service Desk in Matrix42 Service Store 5.3 SP3 (aka 5.33.946.0) allows remote attackers to inject arbitrary web script or HTML v…
|
CWE-79
Cross-site Scripting
|
CVE-2013-2504
|
2014-05-5 14:22 |
2013-12-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
258193
|
- |
|
openstack
|
keystone
|
OpenStack Identity (Keystone) Grizzly 2013.1.1, when DEBUG mode logging is enabled, logs the (1) admin_token and (2) LDAP password in plaintext, which allows local users to obtain sensitive by readin…
|
CWE-200
Information Exposure
|
CVE-2013-2006
|
2014-05-5 14:21 |
2013-05-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
258194
|
- |
|
openstack
|
compute folsom grizzly havana
|
keystone/middleware/auth_token.py in OpenStack Nova Folsom, Grizzly, and Havana uses an insecure temporary directory for storing signing certificates, which allows local users to spoof servers by pre…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2013-2030
|
2014-05-5 14:21 |
2013-12-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
258195
|
- |
|
emc
|
alphastor
|
Buffer overflow in Drive Control Program (DCP) in EMC AlphaStor 4.0 before build 814 allows remote attackers to execute arbitrary code via vectors involving a new device name.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2013-0930
|
2014-05-5 14:19 |
2013-02-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
258196
|
- |
|
netshinesoftware
|
com_netinvoice
|
Cross-site scripting (XSS) vulnerability in the nBill (com_nbill) component 2.3.2 for Joomla! allows remote attackers to inject arbitrary web script or HTML via the message parameter in an income act…
|
CWE-79
Cross-site Scripting
|
CVE-2012-6514
|
2014-05-5 14:17 |
2013-01-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
258197
|
- |
|
3s-software
|
codesys_runtime_system
|
The Runtime Toolkit in CODESYS Runtime System 2.3.x and 2.4.x does not require authentication, which allows remote attackers to (1) execute commands via the command-line interface in the TCP listener…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2012-6068
|
2014-05-5 14:16 |
2013-01-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
258198
|
- |
|
xen
|
xen
|
Xen 4.0, and 4.1, when running a 64-bit PV guest on "older" AMD CPUs, does not properly protect against a certain AMD processor bug, which allows local guest OS users to cause a denial of service (ho…
|
NVD-CWE-noinfo
|
CVE-2012-2934
|
2014-05-5 14:11 |
2012-12-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
258199
|
- |
|
canonical
|
update-manager ubuntu_linux
|
DistUpgrade/DistUpgradeViewKDE.py in Update Manager before 1:0.87.31.1, 1:0.134.x before 1:0.134.11.1, 1:0.142.x before 1:0.142.23.1, 1:0.150.x before 1:0.150.5.1, and 1:0.152.x before 1:0.152.25.5 d…
|
CWE-59
Link Following
|
CVE-2011-3154
|
2014-05-5 13:59 |
2014-04-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
258200
|
- |
|
emc
|
avamar
|
Unspecified vulnerability in EMC Avamar 4.1.x and 5.0 before SP1 allows remote attackers to cause a denial of service (gsan service hang) by sending a crafted message using TCP.
|
NVD-CWE-noinfo
|
CVE-2010-1919
|
2014-05-5 13:43 |
2010-05-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|