260111
|
- |
|
ni
|
lookout
|
An ActiveX control in lookout650.ocx, lookout660.ocx, and lookout670.ocx in National Instruments Lookout 6.5 through 6.7 allows remote attackers to execute arbitrary code by triggering the download o…
|
NVD-CWE-noinfo
|
CVE-2013-5026
|
2013-09-18 12:30 |
2013-08-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
260112
|
- |
|
juniper
|
ive_os
|
Multiple cross-site scripting (XSS) vulnerabilities in Juniper Junos Pulse Secure Access Service (aka SSL VPN) with IVE OS 7.1 before 7.1r15, 7.2 before 7.2r11, 7.3 before 7.3r6, and 7.4 before 7.4r3…
|
CWE-79
Cross-site Scripting
|
CVE-2013-5649
|
2013-09-18 12:30 |
2013-09-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
260113
|
- |
|
imagemagick
|
imagemagick
|
The ReadGIFImage function in coders/gif.c in ImageMagick before 6.7.8-8 allows remote attackers to cause a denial of service (memory corruption and application crash) via a crafted comment in a GIF i…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2013-4298
|
2013-09-18 12:29 |
2013-09-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
260114
|
- |
|
apple
|
safari iphone_os
|
Race condition in WebKit in Apple iOS before 6.0.1 and Safari before 6.0.2 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via vectors involving Jav…
|
CWE-362
Race Condition
|
CVE-2012-3748
|
2013-09-18 12:22 |
2012-11-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
260115
|
- |
|
dahuasecurity
|
dvr0404hd-a dvr0404hd-l dvr0404hd-s dvr0404hd-u dvr0404hf-a-e dvr0404hf-al-e dvr0404hf-s-e dvr0404hf-u-e dvr0804 dvr0804hd-l dvr0804hd-s dvr0804hf-a-e dvr0804hf-al…
|
Dahua DVR appliances use a password-hash algorithm with a short hash length, which makes it easier for context-dependent attackers to discover cleartext passwords via a brute-force attack.
|
CWE-255
Credentials Management
|
CVE-2013-3615
|
2013-09-18 03:37 |
2013-09-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
260116
|
- |
|
dahuasecurity
|
dvr0404hd-a dvr0404hd-l dvr0404hd-s dvr0404hd-u dvr0404hf-a-e dvr0404hf-al-e dvr0404hf-s-e dvr0404hf-u-e dvr0804 dvr0804hd-l dvr0804hd-s dvr0804hf-a-e dvr0804hf-al…
|
Dahua DVR appliances do not properly restrict UPnP requests, which makes it easier for remote attackers to obtain access via vectors involving a replay attack against the TELNET port.
|
CWE-287
Improper Authentication
|
CVE-2013-3613
|
2013-09-18 03:35 |
2013-09-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
260117
|
- |
|
dahuasecurity
|
dvr0404hd-a dvr0404hd-l dvr0404hd-s dvr0404hd-u dvr0404hf-a-e dvr0404hf-al-e dvr0404hf-s-e dvr0404hf-u-e dvr0804 dvr0804hd-l dvr0804hd-s dvr0804hf-a-e dvr0804hf-al…
|
Dahua DVR appliances have a hardcoded password for (1) the root account and (2) an unspecified "backdoor" account, which makes it easier for remote attackers to obtain administrative access via autho…
|
CWE-255
Credentials Management
|
CVE-2013-3612
|
2013-09-18 01:15 |
2013-09-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
260118
|
- |
|
twilightcms
|
twilight_cms
|
Directory traversal vulnerability in DeWeS web server 0.4.2 and possibly earlier, as used in Twilight CMS, allows remote attackers to read arbitrary files via a ..%5c (dot dot encoded backslash) in a…
|
CWE-22
Path Traversal
|
CVE-2013-4900
|
2013-09-14 03:56 |
2013-09-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
260119
|
- |
|
cisco
|
digital_media_manager
|
Open redirect vulnerability in the login page in Cisco Digital Media Manager (DMM) allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vector…
|
CWE-20
Improper Input Validation
|
CVE-2013-3446
|
2013-09-14 03:35 |
2013-09-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
260120
|
- |
|
opera
|
opera_browser
|
Cross-site scripting (XSS) vulnerability in Opera before 15.00 allows remote attackers to inject arbitrary web script or HTML by leveraging UTF-8 encoding.
|
CWE-79
Cross-site Scripting
|
CVE-2013-4705
|
2013-09-14 03:08 |
2013-09-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|