259861
|
- |
|
simple_invoices
|
simple_invoices
|
Multiple cross-site scripting (XSS) vulnerabilities in SimpleInvoices before stable-2012-1-CIS3000 allow remote attackers to inject arbitrary web script or HTML via (1) the having parameter in a mana…
|
CWE-79
Cross-site Scripting
|
CVE-2012-4932
|
2013-10-11 23:51 |
2012-12-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
259862
|
- |
|
google
|
android
|
Android 1.6 Donut through 4.2 Jelly Bean does not properly check cryptographic signatures for applications, which allows attackers to execute arbitrary code via an application package file (APK) that…
|
CWE-310
Cryptographic Issues
|
CVE-2013-4787
|
2013-10-11 23:49 |
2013-07-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
259863
|
- |
|
bluecoat
|
avos proxyav
|
Multiple cross-site request forgery (CSRF) vulnerabilities on the Blue Coat ProxyAV appliance before 3.2.6.1 allow remote attackers to hijack the authentication of administrators for requests that (1…
|
CWE-352
Origin Validation Error
|
CVE-2010-5191
|
2013-10-11 23:48 |
2012-08-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
259864
|
- |
|
cisco
|
telepresence_tc_software
|
The web portal in TC software on Cisco TelePresence endpoints does not require an exact password match during a login attempt by a user who has not configured a password, which allows remote attacker…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2013-3405
|
2013-10-11 23:46 |
2013-07-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
259865
|
- |
|
wago
|
wago_i\/o_system_758_industrial_pc_device
|
The Linux Console on the WAGO I/O System 758 model 758-870, 758-874, 758-875, and 758-876 Industrial PC (IPC) devices has a default password of wago for the (1) root and (2) admin accounts, (3) a def…
|
CWE-255
Credentials Management
|
CVE-2012-4879
|
2013-10-11 23:45 |
2012-09-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
259866
|
- |
|
cisco
|
asa_5500-x_series_ips_ssp_software intrusion_prevention_system asa_5585-x idsm-2 ips_4345_sensor ips_4360_sensor ips_4510_sensor ips_4520_sensor ips_nme
|
The IP stack in Cisco Intrusion Prevention System (IPS) Software in ASA 5500-X IPS-SSP software and hardware modules before 7.1(5)E4, IPS 4500 sensors before 7.1(6)E4, and IPS 4300 sensors before 7.1…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2013-1243
|
2013-10-11 23:44 |
2013-07-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
259867
|
- |
|
cisco
|
unified_meetingplace
|
Cross-site scripting (XSS) vulnerability in the web framework in the Application Server in Cisco Unified MeetingPlace allows remote attackers to inject arbitrary web script or HTML via an unspecified…
|
CWE-79
Cross-site Scripting
|
CVE-2013-5495
|
2013-10-11 23:35 |
2013-09-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
259868
|
- |
|
symantec
|
network_access_control
|
Unquoted Windows search path vulnerability in Symantec Network Access Control (SNAC) 12.1 before RU2 allows local users to gain privileges via unspecified vectors.
|
NVD-CWE-noinfo
|
CVE-2012-4349
|
2013-10-11 23:26 |
2012-12-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
259869
|
- |
|
owncloud
|
owncloud
|
Multiple cross-site request forgery (CSRF) vulnerabilities in ownCloud before 4.0.6 allow remote attackers to hijack the authentication of arbitrary users for requests that use (1) addBookmark.php, (…
|
CWE-352
Origin Validation Error
|
CVE-2012-4393
|
2013-10-11 23:10 |
2012-09-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
259870
|
- |
|
python
|
setuptools
|
easy_install in setuptools before 0.7 uses HTTP to retrieve packages from the PyPI repository, and does not perform integrity checks on package contents, which allows man-in-the-middle attackers to e…
|
CWE-20
Improper Input Validation
|
CVE-2013-1633
|
2013-10-11 22:59 |
2013-08-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|