|
260501
|
- |
|
imperva
|
securesphere
|
The Key Management feature in the SecureSphere Operations Manager (SOM) Management Server in Imperva SecureSphere 9.0.0.5 allows remote authenticated users to upload executable files via the (1) priv…
|
CWE-20
Improper Input Validation
|
CVE-2013-4094
|
2013-07-2 01:50 |
2013-06-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260502
|
- |
|
imperva
|
securesphere
|
The SecureSphere Operations Manager (SOM) Management Server in Imperva SecureSphere 9.0.0.5 allows remote attackers to obtain sensitive information via (1) a direct request to dwr/call/plaincall/Asyn…
|
CWE-22
Path Traversal
|
CVE-2013-4093
|
2013-07-2 01:45 |
2013-06-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260503
|
- |
|
imperva
|
securesphere
|
The SecureSphere Operations Manager (SOM) Management Server in Imperva SecureSphere 9.0.0.5 allows context-dependent attackers to obtain sensitive information by leveraging the presence of (1) a sess…
|
CWE-255
Credentials Management
|
CVE-2013-4092
|
2013-07-2 01:44 |
2013-06-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260504
|
- |
|
imperva
|
securesphere
|
The SecureSphere Operations Manager (SOM) Management Server in Imperva SecureSphere 9.0.0.5 does not have an off autocomplete attribute for the password (aka j_password) field on the secsphLogin.jsp …
|
CWE-255
Credentials Management
|
CVE-2013-4091
|
2013-07-2 01:38 |
2013-06-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260505
|
- |
|
indra
|
editran_communications_platform
|
Buffer overflow in the lsConnectionCached function in editcp in EDItran Communications Platform 4.1 R7 allows remote attackers to cause a denial of service (daemon crash) or possibly execute arbitrar…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2010-5288
|
2013-07-2 01:09 |
2013-06-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260506
|
- |
|
js-yaml_project
|
js-yaml
|
The JS-YAML module before 2.0.5 for Node.js parses input without properly considering the unsafe !!js/function tag, which allows remote attackers to execute arbitrary code via a crafted string that t…
|
CWE-20
Improper Input Validation
|
CVE-2013-4660
|
2013-07-1 23:51 |
2013-06-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260507
|
- |
|
digital_alert_systems
monroe_electronics
|
dasdec_eas
r189_one-net_eas
|
The web server on the Digital Alert Systems DASDEC EAS device before 2.0-2 and the Monroe Electronics R189 One-Net EAS device before 2.0-2 allows remote attackers to obtain sensitive configuration an…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2013-4733
|
2013-07-1 13:00 |
2013-07-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260508
|
- |
|
cisco
|
ironport_asyncos
|
The web framework in IronPort AsyncOS on Cisco Web Security Appliance devices before 7.1.3-013, 7.5 before 7.5.0-838, and 7.7 before 7.7.0-550 allows remote authenticated users to execute arbitrary c…
|
CWE-94
Code Injection
|
CVE-2013-3383
|
2013-06-28 13:00 |
2013-06-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260509
|
- |
|
cisco
|
prime_central_for_hosted_collaboration_solution
|
The web framework in Cisco Prime Central for Hosted Collaboration Solution (HCS) Assurance provides different responses to requests for arbitrary pathnames depending on whether the pathname exists, w…
|
CWE-200
Information Exposure
|
CVE-2013-3398
|
2013-06-28 07:41 |
2013-06-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260510
|
- |
|
cisco
|
adaptive_security_appliance
|
The Next-Generation Firewall (aka NGFW, formerly CX Context-Aware Security) module 9.x before 9.1.1.9 and 9.1.2.x before 9.1.2.12 for Cisco Adaptive Security Appliances (ASA) devices allows remote at…
|
CWE-20
Improper Input Validation
|
CVE-2013-3382
|
2013-06-28 05:50 |
2013-06-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
