|
257421
|
- |
|
cisco
|
webex_meetings_server
|
The web portal in the Enterprise License Manager component in Cisco WebEx Meetings Server allows remote authenticated users to discover the cleartext administrative password by reading HTML source co…
|
CWE-255
Credentials Management
|
CVE-2013-6687
|
2014-01-18 00:12 |
2014-01-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257422
|
- |
|
wireshark
|
wireshark
|
epan/dissectors/packet-bssgp.c in the BSSGP dissector in Wireshark 1.10.x before 1.10.4 incorrectly relies on a global variable, which allows remote attackers to cause a denial of service (applicatio…
|
CWE-20
Improper Input Validation
|
CVE-2013-7113
|
2014-01-17 14:20 |
2013-12-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257423
|
- |
|
symantec
|
web_gateway
web_gateway_appliance_8450
web_gateway_appliance_8490
|
Multiple cross-site scripting (XSS) vulnerabilities in the management console on the Symantec Web Gateway (SWG) appliance before 5.1.1 allow remote attackers to inject arbitrary web script or HTML vi…
|
CWE-79
Cross-site Scripting
|
CVE-2013-4670
|
2014-01-17 14:17 |
2013-08-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257424
|
- |
|
symantec
|
web_gateway
web_gateway_appliance_8450
web_gateway_appliance_8490
|
Cross-site request forgery (CSRF) vulnerability in the management console on the Symantec Web Gateway (SWG) appliance before 5.1.1 allows remote authenticated users to hijack the authentication of un…
|
CWE-352
Origin Validation Error
|
CVE-2013-4671
|
2014-01-17 14:17 |
2013-08-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257425
|
- |
|
symantec
|
web_gateway
web_gateway_appliance_8450
web_gateway_appliance_8490
|
The management console on the Symantec Web Gateway (SWG) appliance before 5.1.1 has an incorrect sudoers file, which allows local users to bypass intended access restrictions via a command.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2013-4672
|
2014-01-17 14:17 |
2013-08-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257426
|
- |
|
symantec
|
web_gateway
web_gateway_appliance_8450
web_gateway_appliance_8490
|
The management console on the Symantec Web Gateway (SWG) appliance before 5.1.1 allows remote attackers to execute arbitrary commands by injecting a command into an application script.
|
CWE-78
OS Command
|
CVE-2013-1616
|
2014-01-17 14:13 |
2013-08-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257427
|
- |
|
symantec
|
web_gateway
web_gateway_appliance_8450
web_gateway_appliance_8490
|
Multiple SQL injection vulnerabilities in the management console on the Symantec Web Gateway (SWG) appliance before 5.1.1 allow remote authenticated administrators to execute arbitrary SQL commands v…
|
CWE-89
SQL Injection
|
CVE-2013-1617
|
2014-01-17 14:13 |
2013-08-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257428
|
- |
|
stunnel
|
stunnel
|
stunnel 4.21 through 4.54, when CONNECT protocol negotiation and NTLM authentication are enabled, does not correctly perform integer conversion, which allows remote proxy servers to execute arbitrary…
|
CWE-94
Code Injection
|
CVE-2013-1762
|
2014-01-17 14:13 |
2013-03-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257429
|
- |
|
wellintech
|
kingalarm\&event
kinggraphic
kingscada
|
An unspecified ActiveX control in WellinTech KingSCADA before 3.1.2, KingAlarm&Event before 3.1, and KingGraphic before 3.1.2 allows remote attackers to download arbitrary DLL code onto a client mach…
|
CWE-94
Code Injection
|
CVE-2013-2827
|
2014-01-17 02:21 |
2014-01-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257430
|
- |
|
wellintech
|
kingalarm\&event
kinggraphic
kingscada
|
WellinTech KingSCADA before 3.1.2, KingAlarm&Event before 3.1, and KingGraphic before 3.1.2 perform authentication on the KAEClientManager console rather than on the server, which allows remote attac…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2013-2826
|
2014-01-17 02:18 |
2014-01-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
