259591
|
- |
|
qualcomm
|
quic_mobile_station_modem_kernel
|
goodix_tool.c in the Goodix gt915 touchscreen driver for the Linux kernel 3.x, as used in Qualcomm Innovation Center (QuIC) Android contributions for MSM devices and other products, does not properly…
|
CWE-20
Improper Input Validation
|
CVE-2013-6122
|
2013-11-14 04:53 |
2013-11-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
259592
|
- |
|
silverstripe
|
silverstripe
|
security/MemberLoginForm.php in SilverStripe 3.0.3 supports credentials in a GET request, which allows remote or local attackers to obtain sensitive information by reading web-server access logs, web…
|
CWE-200
Information Exposure
|
CVE-2013-6789
|
2013-11-14 04:45 |
2013-11-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
259593
|
- |
|
tapbots
|
tweetbot
|
Tweetbot 1.3.3 for Mac, and 2.8.5 for iPad and iPhone, does not require confirmation of (1) follow or (2) favorite actions, which allows remote attackers to automatically force the user to perform un…
|
CWE-352
Origin Validation Error
|
CVE-2013-5726
|
2013-11-14 00:49 |
2013-11-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
259594
|
- |
|
silverstripe
|
silverstripe
|
security/MemberLoginForm.php in SilverStripe 3.0.3 supports login using a GET request, which makes it easier for remote attackers to conduct phishing attacks without detection by the victim.
|
CWE-20
Improper Input Validation
|
CVE-2013-2653
|
2013-11-13 23:33 |
2013-11-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
259595
|
- |
|
cisco
|
telepresence_vx_clinical_assistant
|
The WIL-A module in Cisco TelePresence VX Clinical Assistant 1.2 before 1.21 changes the admin password to an empty password upon a reboot, which makes it easier for remote attackers to obtain access…
|
CWE-255
Credentials Management
|
CVE-2013-5558
|
2013-11-9 03:43 |
2013-11-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
259596
|
- |
|
cisco
|
wide_area_application_services_mobile
|
Directory traversal vulnerability in the web-management interface in the server in Cisco Wide Area Application Services (WAAS) Mobile before 3.5.5 allows remote attackers to upload and execute arbitr…
|
CWE-22
Path Traversal
|
CVE-2013-5554
|
2013-11-9 03:24 |
2013-11-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
259597
|
- |
|
cisco
|
ios
|
Multiple memory leaks in Cisco IOS 15.1 before 15.1(4)M7 allow remote attackers to cause a denial of service (memory consumption or device reload) by sending a crafted SIP message over (1) IPv4 or (2…
|
CWE-399
Resource Management Errors
|
CVE-2013-5553
|
2013-11-9 02:43 |
2013-11-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
259598
|
- |
|
pineapp
|
mail-secure
|
PineApp Mail-SeCure before 3.70 allows remote authenticated users to gain privileges by leveraging console access and providing shell metacharacters in a "system ping" command.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2013-4987
|
2013-11-9 02:32 |
2013-11-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
259599
|
- |
|
tattyan
|
tattyan_hptown
|
Cross-site scripting (XSS) vulnerability in Tattyan HP TOWN 5_9_3 and earlier allows remote attackers to inject arbitrary web script or HTML via the query string.
|
CWE-79
Cross-site Scripting
|
CVE-2013-4716
|
2013-11-9 02:09 |
2013-11-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
259600
|
- |
|
vmware
|
hyperic_hq
|
The Groovy script console in VMware Hyperic HQ 4.6.6 allows remote authenticated administrators to execute arbitrary code via a Runtime.getRuntime().exec call.
|
CWE-94
Code Injection
|
CVE-2013-6366
|
2013-11-8 04:47 |
2013-11-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|