|
259561
|
- |
|
cisco
|
prime_network_registrar
|
Cross-site scripting (XSS) vulnerability in the web interface in Cisco Prime Network Registrar 8.1 and earlier allows remote attackers to inject arbitrary web script or HTML via a crafted field, aka …
|
CWE-79
Cross-site Scripting
|
CVE-2013-3394
|
2013-11-28 00:21 |
2013-11-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
259562
|
- |
|
nagios
|
nagios_xi
|
SQL injection vulnerability in functions/prepend_adm.php in Nagios Core Config Manager in Nagios XI before 2012R2.4 allows remote attackers to execute arbitrary SQL commands via the tfPassword parame…
|
CWE-89
SQL Injection
|
CVE-2013-6875
|
2013-11-27 23:58 |
2013-11-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
259563
|
- |
|
vortexgroup
|
light_alloy
|
Stack-based buffer overflow in Vortex Light Alloy before 4.7.4 allows remote attackers to execute arbitrary code via a long URL in a .m3u file.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2013-6874
|
2013-11-27 23:49 |
2013-11-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
259564
|
- |
|
sybase
|
adaptive_server_enterprise
|
Unspecified vulnerability in SAP Sybase Adaptive Server Enterprise (ASE) 15.7 before 15.7 SP50 or 15.7 SP100 allows remote attackers to cause a denial of service via unspecified vectors.
|
NVD-CWE-noinfo
|
CVE-2013-6867
|
2013-11-26 12:26 |
2013-11-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
259565
|
- |
|
sybase
|
adaptive_server_enterprise
|
SAP Sybase Adaptive Server Enterprise (ASE) 15.0.3 before 15.0.3 ESD#4.3, 15.5 before 15.5 ESD#5.3, and 15.7 before 15.7 SP50 or 15.7 SP100 allows local users to obtain sensitive information via unsp…
|
CWE-200
Information Exposure
|
CVE-2013-6868
|
2013-11-26 04:53 |
2013-11-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
259566
|
- |
|
sybase
|
adaptive_server_enterprise
|
SAP Sybase Adaptive Server Enterprise (ASE) 15.0.3 before 15.0.3 ESD#4.3, 15.5 before 15.5 ESD#5.3, and 15.7 before 15.7 SP50 or 15.7 SP100 allows remote authenticated users to execute arbitrary code…
|
CWE-94
Code Injection
|
CVE-2013-6865
|
2013-11-26 04:44 |
2013-11-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
259567
|
- |
|
robert_ancell
canonical
|
lightdm
ubuntu_linux
|
LightDM 1.7.5 through 1.8.3 and 1.9.x before 1.9.2 does not apply the AppArmor profile to the Guest account, which allows local users to bypass intended restrictions by leveraging the Guest account.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2013-4459
|
2013-11-26 04:11 |
2013-11-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
259568
|
- |
|
sybase
|
adaptive_server_enterprise
|
SAP Sybase Adaptive Server Enterprise (ASE) before 15.0.3 ESD#4.3. 15.5 before 15.5 ESD#5.3, and 15.7 before 15.7 SP50 or 15.7 SP100 does not properly perform authorization, which allows remote authe…
|
CWE-287
Improper Authentication
|
CVE-2013-6859
|
2013-11-26 03:46 |
2013-11-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
259569
|
- |
|
canonical
|
ubuntu_linux
maas
|
maas-import-pxe-files in MAAS before 13.10 does not verify the integrity of downloaded files, which allows remote attackers to modify these files via a man-in-the-middle (MITM) attack.
|
CWE-310
Cryptographic Issues
|
CVE-2013-1058
|
2013-11-26 03:36 |
2013-11-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
259570
|
- |
|
openstack
|
image_registry_and_delivery_service_\(glance\)
|
The API before 2.1 in OpenStack Image Registry and Delivery Service (Glance) makes it easier for local users to inject images into arbitrary tenants by adding the tenant as a member of the image.
|
CWE-20
Improper Input Validation
|
CVE-2013-4354
|
2013-11-26 01:42 |
2013-11-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
