260471
|
- |
|
erikwebb
|
password_policy
|
The Password policy module 6.x-1.x before 6.x-1.5 and 7.x-1.x before 7.x-1.3 for Drupal allows remote attackers to obtain password hashes by sniffing the network, related to "client-side password his…
|
CWE-200
Information Exposure
|
CVE-2012-5552
|
2013-07-20 12:33 |
2012-12-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
260472
|
- |
|
manuel_garcia
|
galleryformatter
|
Multiple cross-site scripting (XSS) vulnerabilities in the galleryformatter_field_formatter_view functiuon in galleryformatter.tpl.php the Gallery formatter module before 7.x-1.2 for Drupal allow rem…
|
CWE-79
Cross-site Scripting
|
CVE-2012-4485
|
2013-07-20 12:31 |
2012-11-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
260473
|
- |
|
verizon
|
wireless_network_extender
|
The Verizon Wireless Network Extender SCS-2U01 has a hardcoded password for the root account, which makes it easier for physically proximate attackers to obtain administrative access by leveraging a …
|
CWE-255
Credentials Management
|
CVE-2013-4876
|
2013-07-19 13:00 |
2013-07-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
260474
|
- |
|
iatek
|
portalapp
|
Cross-site scripting (XSS) vulnerability in login.asp in PortalApp 3.3 and earlier allows remote attackers to inject arbitrary web script or HTML via the ret_page parameter.
|
NVD-CWE-Other
|
CVE-2005-4482
|
2013-07-18 22:37 |
2005-12-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
260475
|
- |
|
cisco
|
identity_services_engine_software identity_services_engine
|
Cross-site request forgery (CSRF) vulnerability in the web framework on the Cisco Identity Services Engine (ISE) allows remote attackers to hijack the authentication of arbitrary users, aka Bug ID CS…
|
CWE-352
Origin Validation Error
|
CVE-2013-3420
|
2013-07-18 21:51 |
2013-07-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
260476
|
- |
|
cisco
|
unified_ip_phones_9900_series_firmware unified_ip_phone_9951 unified_ip_phone_9971
|
The Serviceability servlet on Cisco 9900 IP phones does not properly restrict paths, which allows remote attackers to read arbitrary files by specifying a pathname in a file request, aka Bug ID CSCuh…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2013-3426
|
2013-07-18 21:51 |
2013-07-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
260477
|
- |
|
cisco
|
asa_5500-x_series_ips_ssp_software intrusion_prevention_system asa_5585-x idsm-2 ips_4345_sensor ips_4360_sensor ips_4510_sensor ips_4520_sensor ips_nme
|
Cisco Intrusion Prevention System (IPS) Software in ASA 5500-X IPS-SSP software modules before 7.1(7)sp1E4 allows remote attackers to cause a denial of service (Analysis Engine process hang or device…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2013-1218
|
2013-07-18 21:48 |
2013-07-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
260478
|
- |
|
speartek
|
speartek
|
Cross-site scripting (XSS) vulnerability in SpearTek 6.0 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified search parameters.
|
NVD-CWE-Other
|
CVE-2005-4493
|
2013-07-17 23:41 |
2005-12-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
260479
|
- |
|
sun
|
sunos
|
Unspecified vulnerability in Oracle Solaris 11 allows local users to affect confidentiality, integrity, and availability via unknown vectors related to Kernel/VM
|
NVD-CWE-noinfo
|
CVE-2013-3750
|
2013-07-17 22:41 |
2013-07-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
260480
|
- |
|
sun
|
sunos
|
Per: http://www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.html
'CVE-2013-3750 occurs only when Solaris is running on X86 platform.'
|
NVD-CWE-noinfo
|
CVE-2013-3750
|
2013-07-17 22:41 |
2013-07-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|