260321
|
- |
|
open-xchange
|
open-xchange_server
|
Multiple CRLF injection vulnerabilities in Open-Xchange Server before 6.20.7 rev14, 6.22.0 before rev13, and 6.22.1 before rev14 allow remote attackers to inject arbitrary HTTP headers and conduct HT…
|
CWE-94
Code Injection
|
CVE-2013-1647
|
2013-09-27 01:38 |
2013-09-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
260322
|
- |
|
open-xchange
|
open-xchange_server
|
Multiple cross-site scripting (XSS) vulnerabilities in Open-Xchange Server before 6.20.7 rev14, 6.22.0 before rev13, and 6.22.1 before rev14 allow remote attackers to inject arbitrary web script or H…
|
CWE-79
Cross-site Scripting
|
CVE-2013-1646
|
2013-09-27 01:37 |
2013-09-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
260323
|
- |
|
open-xchange
|
open-xchange_appsuite
|
Open-Xchange AppSuite before 7.0.2 rev14, 7.2.0 before rev11, 7.2.1 before rev10, and 7.2.2 before rev9 relies on user-supplied data to predict the IMAP server hostname for an external domain name, w…
|
CWE-255
Credentials Management
|
CVE-2013-4790
|
2013-09-27 01:36 |
2013-09-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
260324
|
- |
|
open-xchange
|
open-xchange_server
|
Open-Xchange Server before 6.20.7 rev14, 6.22.0 before rev13, and 6.22.1 before rev14 uses weak permissions (group "other" readable) under opt/open-xchange/etc/, which allows local users to obtain se…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2013-1650
|
2013-09-27 01:20 |
2013-09-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
260325
|
- |
|
matrikonopc
|
scada_dnp3_opc_server
|
MatrikonOPC SCADA DNP3 OPC Server 1.2.0 allows remote attackers to cause a denial of service (master-station daemon crash) via a malformed DNP3 TCP packet from the IP address of an outstation.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2013-2791
|
2013-09-27 01:17 |
2013-09-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
260326
|
- |
|
freebsd
|
freebsd
|
The sendfile system-call implementation in sys/kern/uipc_syscalls.c in the kernel in FreeBSD 9.2-RC1 and 9.2-RC2 does not properly pad transmissions, which allows local users to obtain sensitive info…
|
CWE-200
Information Exposure
|
CVE-2013-5666
|
2013-09-26 12:53 |
2013-09-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
260327
|
- |
|
hp
|
identity_driven_manager procurve_manager
|
Multiple SQL injection vulnerabilities in GetEventsServlet in HP ProCurve Manager (PCM) 3.20 and 4.0, PCM+ 3.20 and 4.0, and Identity Driven Manager (IDM) 4.0 allow remote attackers to execute arbitr…
|
CWE-89
SQL Injection
|
CVE-2013-4809
|
2013-09-26 12:52 |
2013-09-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
260328
|
- |
|
hp
|
identity_driven_manager procurve_manager
|
UpdateDomainControllerServlet in the SNAC registration server in HP ProCurve Manager (PCM) 3.20 and 4.0, PCM+ 3.20 and 4.0, and Identity Driven Manager (IDM) 4.0 does not properly validate the adCert…
|
CWE-20
Improper Input Validation
|
CVE-2013-4811
|
2013-09-26 12:52 |
2013-09-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
260329
|
- |
|
hp
|
identity_driven_manager procurve_manager
|
UpdateCertificatesServlet in the SNAC registration server in HP ProCurve Manager (PCM) 3.20 and 4.0, PCM+ 3.20 and 4.0, and Identity Driven Manager (IDM) 4.0 does not properly validate the fileName a…
|
CWE-20
Improper Input Validation
|
CVE-2013-4812
|
2013-09-26 12:52 |
2013-09-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
260330
|
- |
|
hp
|
identity_driven_manager procurve_manager
|
The Agent (aka AgentController) servlet in HP ProCurve Manager (PCM) 3.20 and 4.0, PCM+ 3.20 and 4.0, and Identity Driven Manager (IDM) 4.0 allows remote attackers to execute arbitrary commands via a…
|
CWE-94
Code Injection
|
CVE-2013-4813
|
2013-09-26 12:52 |
2013-09-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|