|
260301
|
- |
|
argosoft
|
argosoft_mail_server
|
ArGoSoft Mail Server 1.8.1.7 and earlier allows a webmail user to cause a denial of service (CPU consumption) by forwarding the email to the user while autoresponse is enabled, which creates an infin…
|
NVD-CWE-Other
|
CVE-2002-1005
|
2013-10-1 10:22 |
2002-10-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260302
|
- |
|
vmware
|
esx
esxi
|
VMware ESXi 4.0 through 5.1, and ESX 4.0 and 4.1, does not properly implement the Network File Copy (NFC) protocol, which allows man-in-the-middle attackers to cause a denial of service (unhandled ex…
|
CWE-20
Improper Input Validation
|
CVE-2013-1661
|
2013-09-30 23:35 |
2013-09-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260303
|
- |
|
trivantis
|
coursemill_learning_management_system
|
Coursemill Learning Management System (LMS) 6.6 does not properly restrict JSP function calls, which allows remote authenticated users to perform arbitrary JSP operations by leveraging the Student ro…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2013-3601
|
2013-09-30 23:34 |
2013-09-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260304
|
- |
|
open-xchange
|
open-xchange_server
|
Open-Xchange Server before 6.20.7 rev14, 6.22.0 before rev13, and 6.22.1 before rev14 uses the crypt and SHA-1 algorithms for password hashing, which makes it easier for context-dependent attackers t…
|
CWE-255
Credentials Management
|
CVE-2013-1649
|
2013-09-30 23:32 |
2013-09-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260305
|
- |
|
cisco
|
ios_xe
ios
|
The NTP implementation in Cisco IOS 12.0 through 12.4 and 15.0 through 15.1, and IOS XE 2.1 through 3.3, does not properly handle encapsulation of multicast NTP packets within MSDP SA messages, which…
|
CWE-20
Improper Input Validation
|
CVE-2013-5472
|
2013-09-30 23:24 |
2013-09-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260306
|
- |
|
dell
|
idrac6_bmc
|
The Dell iDRAC6 with firmware 1.x before 1.92 and 2.x and 3.x before 3.42, and iDRAC7 with firmware before 1.23.23, allows remote attackers to bypass authentication and execute arbitrary IPMI command…
|
CWE-287
Improper Authentication
|
CVE-2013-4783
|
2013-09-27 12:47 |
2013-07-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260307
|
- |
|
dell
|
idrac6_firmware
|
The web interface on the Dell iDRAC6 with firmware before 1.95 allows remote attackers to modify the CLP interface for arbitrary users and possibly have other impact via a request to an unspecified f…
|
NVD-CWE-noinfo
|
CVE-2013-4785
|
2013-09-27 12:47 |
2013-07-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260308
|
- |
|
apple
|
iphone_os
|
Passcode Lock in Apple iOS before 7 does not properly manage the lock state, which allows physically proximate attackers to bypass an intended passcode requirement by leveraging a race condition invo…
|
CWE-362
Race Condition
|
CVE-2013-5147
|
2013-09-27 12:47 |
2013-09-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260309
|
- |
|
wordpress
|
wordpress
|
The get_allowed_mime_types function in wp-includes/functions.php in WordPress before 3.6.1 does not require the unfiltered_html capability for uploads of .htm and .html files, which might make it eas…
|
CWE-20
Improper Input Validation
|
CVE-2013-5738
|
2013-09-27 12:47 |
2013-09-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260310
|
- |
|
wordpress
|
wordpress
|
The default configuration of WordPress before 3.6.1 does not prevent uploads of .swf and .exe files, which might make it easier for remote authenticated users to conduct cross-site scripting (XSS) at…
|
CWE-79
Cross-site Scripting
|
CVE-2013-5739
|
2013-09-27 12:47 |
2013-09-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
