260071
|
- |
|
freebsd
|
freebsd
|
The sendfile system-call implementation in sys/kern/uipc_syscalls.c in the kernel in FreeBSD 9.2-RC1 and 9.2-RC2 does not properly pad transmissions, which allows local users to obtain sensitive info…
|
CWE-200
Information Exposure
|
CVE-2013-5666
|
2013-09-26 12:53 |
2013-09-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
260072
|
- |
|
hp
|
identity_driven_manager procurve_manager
|
Multiple SQL injection vulnerabilities in GetEventsServlet in HP ProCurve Manager (PCM) 3.20 and 4.0, PCM+ 3.20 and 4.0, and Identity Driven Manager (IDM) 4.0 allow remote attackers to execute arbitr…
|
CWE-89
SQL Injection
|
CVE-2013-4809
|
2013-09-26 12:52 |
2013-09-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
260073
|
- |
|
hp
|
identity_driven_manager procurve_manager
|
UpdateDomainControllerServlet in the SNAC registration server in HP ProCurve Manager (PCM) 3.20 and 4.0, PCM+ 3.20 and 4.0, and Identity Driven Manager (IDM) 4.0 does not properly validate the adCert…
|
CWE-20
Improper Input Validation
|
CVE-2013-4811
|
2013-09-26 12:52 |
2013-09-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
260074
|
- |
|
hp
|
identity_driven_manager procurve_manager
|
UpdateCertificatesServlet in the SNAC registration server in HP ProCurve Manager (PCM) 3.20 and 4.0, PCM+ 3.20 and 4.0, and Identity Driven Manager (IDM) 4.0 does not properly validate the fileName a…
|
CWE-20
Improper Input Validation
|
CVE-2013-4812
|
2013-09-26 12:52 |
2013-09-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
260075
|
- |
|
hp
|
identity_driven_manager procurve_manager
|
The Agent (aka AgentController) servlet in HP ProCurve Manager (PCM) 3.20 and 4.0, PCM+ 3.20 and 4.0, and Identity Driven Manager (IDM) 4.0 allows remote attackers to execute arbitrary commands via a…
|
CWE-94
Code Injection
|
CVE-2013-4813
|
2013-09-26 12:52 |
2013-09-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
260076
|
- |
|
good
|
good_for_enterprise
|
Cross-site scripting (XSS) vulnerability in the Good for Enterprise app before 2.2.4.1659 for iOS allows remote attackers to inject arbitrary web script or HTML via an HTML e-mail message.
|
CWE-79
Cross-site Scripting
|
CVE-2013-5118
|
2013-09-26 07:57 |
2013-09-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
260077
|
- |
|
google motorola
|
android defy_xt
|
Stack-based buffer overflow in the sub_E110 function in init in a certain configuration of Android 2.3.7 on the Motorola Defy XT phone for Republic Wireless allows local users to gain privileges or c…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2013-5933
|
2013-09-26 07:53 |
2013-09-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
260078
|
- |
|
open-xchange
|
open-xchange_appsuite
|
Open-Xchange AppSuite 7.0.x before 7.0.2-rev15 and 7.2.x before 7.2.2-rev16 has a hardcoded password for node join operations, which allows remote attackers to expand a cluster by finding this passwo…
|
CWE-255
Credentials Management
|
CVE-2013-5934
|
2013-09-26 07:49 |
2013-09-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
260079
|
- |
|
open-xchange
|
open-xchange_appsuite
|
The Hazelcast cluster API in Open-Xchange AppSuite 7.0.x before 7.0.2-rev15 and 7.2.x before 7.2.2-rev16 does not properly restrict the set of network interfaces that can receive API calls, which mak…
|
CWE-200
Information Exposure
|
CVE-2013-5935
|
2013-09-26 07:48 |
2013-09-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
260080
|
- |
|
trianglemicroworks
|
.net_communication_protocol_components ansi_c_source_code_libraries scada_data_gateway
|
Triangle MicroWorks SCADA Data Gateway 2.50.0309 through 3.00.0616, DNP3 .NET Protocol components 3.06.0.171 through 3.15.0.369, and DNP3 C libraries 3.06.0000 through 3.15.0000 allow remote attacker…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2013-2793
|
2013-09-26 06:58 |
2013-09-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|