260611
|
- |
|
qnap
|
viostor_network_video_recorder surveillance_station_pro nas
|
QNAP VioStor NVR devices with firmware 4.0.3, and the Surveillance Station Pro component in QNAP NAS, have a hardcoded guest account, which allows remote attackers to obtain web-server login access v…
|
CWE-255
Credentials Management
|
CVE-2013-0142
|
2013-06-10 13:00 |
2013-06-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
260612
|
- |
|
qnap
|
viostor_network_video_recorder surveillance_station_pro nas
|
cgi-bin/pingping.cgi on QNAP VioStor NVR devices with firmware 4.0.3, and in the Surveillance Station Pro component in QNAP NAS, allows remote authenticated users to execute arbitrary commands by lev…
|
CWE-94
Code Injection
|
CVE-2013-0143
|
2013-06-10 13:00 |
2013-06-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
260613
|
- |
|
rsa
|
authentication_manager
|
EMC RSA Authentication Manager 8.0 before P1 allows local users to discover cleartext operating-system passwords, HTTP plug-in proxy passwords, and SNMP communities by reading a (1) log file or (2) c…
|
CWE-255
Credentials Management
|
CVE-2013-0947
|
2013-06-10 13:00 |
2013-06-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
260614
|
- |
|
jig
|
movatwitouch movatwitouch_paid
|
The Content Provider in the MovatwiTouch application before 1.793 and MovatwiTouch Paid application before 1.793 for Android does not properly restrict access to authorization information, which allo…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2013-2318
|
2013-06-7 13:00 |
2013-06-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
260615
|
- |
|
cisco
|
webex_meetings_server
|
The Event Center module in Cisco WebEx Meetings Server does not perform request authentication in all intended circumstances, which allows remote attackers to discover host keys and event passwords v…
|
CWE-287
Improper Authentication
|
CVE-2013-1205
|
2013-06-6 23:34 |
2013-06-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
260616
|
- |
|
apple
|
mac_os_x
|
The fill_pipeinfo function in bsd/kern/sys_pipe.c in the XNU kernel in Apple Mac OS X 10.8.x allows local users to defeat the KASLR protection mechanism via the PROC_PIDFDPIPEINFO option to the proc_…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2013-3952
|
2013-06-6 13:00 |
2013-06-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
260617
|
- |
|
apple
|
mac_os_x mac_os_x_server
|
Apple Mac OS X before 10.7.5 and 10.8.x before 10.8.2 allows local users to read passwords entered into Login Window (aka LoginWindow) or Screen Saver Unlock by installing an input method that interc…
|
CWE-200
Information Exposure
|
CVE-2012-3718
|
2013-06-6 13:00 |
2012-09-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
260618
|
- |
|
microsoft
|
windows_7 windows_8 windows_rt windows_server_2003 windows_server_2008 windows_server_2012 windows_vista windows_xp
|
The EPATHOBJ::bFlatten function in win32k.sys in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows Se…
|
CWE-22
Path Traversal
|
CVE-2013-3661
|
2013-06-6 12:26 |
2013-05-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
260619
|
- |
|
openssl
|
openssl
|
The elliptic curve cryptography (ECC) subsystem in OpenSSL 1.0.0d and earlier, when the Elliptic Curve Digital Signature Algorithm (ECDSA) is used for the ECDHE_ECDSA cipher suite, does not properly …
|
CWE-310
Cryptographic Issues
|
CVE-2011-1945
|
2013-06-6 12:10 |
2011-06-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
260620
|
- |
|
apple
|
safari
|
WebKit, as used in Apple Safari before 6.0.5, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a differ…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2013-1009
|
2013-06-6 01:55 |
2013-06-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|