|
259571
|
- |
|
tweet-blender
|
tweet-blender
|
Cross-site scripting (XSS) vulnerability in the Tweet Blender plugin before 4.0.2 for WordPress allows remote attackers to inject arbitrary web script or HTML via the tb_tab_index parameter to wp-adm…
|
CWE-79
Cross-site Scripting
|
CVE-2013-6342
|
2013-11-26 00:20 |
2013-11-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
259572
|
- |
|
cisco
|
wireless_lan_controller
|
The web interface on Cisco Wireless LAN Controller (WLC) devices does not properly restrict use of IFRAME elements, which makes it easier for remote attackers to conduct clickjacking attacks and unsp…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2013-6698
|
2013-11-26 00:03 |
2013-11-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
259573
|
- |
|
cisco
|
ios
|
The IPSec implementation in Cisco IOS allows remote attackers to cause a denial of service (MTU change and tunnel-session drop) via crafted ICMP packets, aka Bug ID CSCul29918.
|
CWE-20
Improper Input Validation
|
CVE-2013-6694
|
2013-11-26 00:00 |
2013-11-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
259574
|
- |
|
sybase
|
adaptive_server_enterprise
|
Unspecified vulnerability in SAP Sybase Adaptive Server Enterprise (ASE) before 15.0.3 ESD#4.3. 15.5 before 15.5 ESD#5.3, and 15.7 before 15.7 SP50 or 15.7 SP100 allows remote authenticated users to …
|
NVD-CWE-noinfo
|
CVE-2013-6245
|
2013-11-25 13:36 |
2013-10-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
259575
|
- |
|
apache
|
struts
|
Multiple cross-site scripting (XSS) vulnerabilities in Apache Struts 2.3.15.3 allow remote attackers to inject arbitrary web script or HTML via the namespace parameter to (1) actionNames.action and (…
|
CWE-79
Cross-site Scripting
|
CVE-2013-6348
|
2013-11-25 13:36 |
2013-11-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
259576
|
- |
|
pineapp
|
mail-secure_5099sk
|
admin/confnetworking.html in PineApp Mail-SeCure 3.70 and earlier on 5099SK and earlier platforms allows remote attackers to execute arbitrary commands via shell metacharacters in the nsserver parame…
|
CWE-94
Code Injection
|
CVE-2013-6830
|
2013-11-25 13:36 |
2013-11-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
259577
|
- |
|
pineapp
|
mail-secure_5099sk
|
PineApp Mail-SeCure 3.70 and earlier on 5099SK and earlier platforms has a sudoers file that does not properly restrict user specifications, which allows local users to gain privileges via a sudo com…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2013-6831
|
2013-11-25 13:36 |
2013-11-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
259578
|
- |
|
freebsd
|
freebsd
|
The nand_ioctl function in sys/dev/nand/nand_geom.c in the nand driver in the kernel in FreeBSD 10 and earlier does not properly initialize a certain data structure, which allows local users to obtai…
|
CWE-200
Information Exposure
|
CVE-2013-6832
|
2013-11-25 13:36 |
2013-11-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
259579
|
- |
|
freebsd
|
freebsd
|
The qls_eioctl function in sys/dev/qlxge/qls_ioctl.c in the kernel in FreeBSD 10 and earlier does not validate a certain size parameter, which allows local users to obtain sensitive information from …
|
CWE-20
Improper Input Validation
|
CVE-2013-6833
|
2013-11-25 13:36 |
2013-11-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
259580
|
- |
|
gwos
|
groundwork_monitor
|
GroundWork Monitor Enterprise 6.7.0 performs authentication on the basis of the HTTP Referer header, which allows remote attackers to obtain administrative privileges or access files via a crafted he…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2013-3499
|
2013-11-25 13:34 |
2013-05-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
