|
260511
|
- |
|
symantec
|
security_information_manager
security_information_manager_appliance
|
Multiple cross-site scripting (XSS) vulnerabilities in the management console (aka Java console) on the Symantec Security Information Manager (SSIM) appliance 4.7.x and 4.8.x before 4.8.1 allow remot…
|
CWE-79
Cross-site Scripting
|
CVE-2013-1614
|
2013-07-9 02:55 |
2013-07-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260512
|
- |
|
symantec
|
security_information_manager
security_information_manager_appliance
|
The management console (aka Java console) on the Symantec Security Information Manager (SSIM) appliance 4.7.x and 4.8.x before 4.8.1 allows remote attackers to obtain sensitive information via unspec…
|
CWE-200
Information Exposure
|
CVE-2013-1615
|
2013-07-9 02:55 |
2013-07-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260513
|
- |
|
cisco
|
unified_customer_voice_portal
|
Directory traversal vulnerability in the Resource Manager in Cisco Unified Customer Voice Portal (CVP) Software before 9.0.1 ES 11 allows remote attackers to overwrite arbitrary files via a crafted (…
|
CWE-22
Path Traversal
|
CVE-2013-1224
|
2013-07-8 13:00 |
2013-05-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260514
|
- |
|
realnetworks
|
realplayer
|
RealNetworks RealPlayer 16.0.2.32 and earlier allows remote attackers to cause a denial of service (resource consumption or application crash) via an HTML document containing JavaScript code that con…
|
CWE-20
Improper Input Validation
|
CVE-2013-3299
|
2013-07-8 13:00 |
2013-07-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260515
|
- |
|
symantec
|
discovery
on_command_discovery
|
The installation of ON Symantec Discovery 4.5.x and Symantec Discovery 6.0 creates the (1) DiscoveryWeb and (2) DiscoveryRO database accounts with null passwords, which could allow attackers to gain …
|
NVD-CWE-Other
|
CVE-2005-3316
|
2013-07-7 13:45 |
2005-10-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260516
|
- |
|
google
|
picasa
|
Multiple buffer overflows in Google Picasa have unspecified attack vectors and impact. NOTE: this information is based upon a vague pre-advisory.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2007-4823
|
2013-07-5 14:45 |
2007-09-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260517
|
- |
|
lianja
|
lianja_sql_server
|
Stack-based buffer overflow in db_netserver in Lianja SQL Server before 1.0.0RC5.2 allows remote attackers to cause a denial of service (daemon crash) or possibly execute arbitrary code via a crafted…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2013-3563
|
2013-07-5 13:00 |
2013-07-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260518
|
- |
|
mongodb
|
mongodb
|
MongoDB 2.4.x before 2.4.5 and 2.5.x before 2.5.1 allows remote authenticated users to obtain internal system privileges by leveraging a username of __system in an arbitrary database.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2013-4650
|
2013-07-5 13:00 |
2013-07-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260519
|
- |
|
phpmyadmin
|
phpmyadmin
|
import.php in phpMyAdmin 4.x before 4.0.4.1 does not properly restrict the ability of input data to specify a file format, which allows remote authenticated users to modify the GLOBALS superglobal ar…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2013-4729
|
2013-07-5 13:00 |
2013-07-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260520
|
- |
|
redhat
|
enterprise_virtualization_manager
|
Red Hat Enterprise Virtualization Manager (RHEVM) before 3.2 does not properly check permissions for the target storage domain, which allows attackers to cause a denial of service (disk space consump…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2013-2144
|
2013-07-5 04:13 |
2013-07-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
