257691
|
- |
|
sybase
|
adaptive_server_enterprise
|
Unspecified vulnerability in SAP Sybase Adaptive Server Enterprise (ASE) before 15.0.3 ESD#4.3. 15.5 before 15.5 ESD#5.3, and 15.7 before 15.7 SP50 or 15.7 SP100 allows remote authenticated users to …
|
NVD-CWE-noinfo
|
CVE-2013-6245
|
2013-11-25 13:36 |
2013-10-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
257692
|
- |
|
apache
|
struts
|
Multiple cross-site scripting (XSS) vulnerabilities in Apache Struts 2.3.15.3 allow remote attackers to inject arbitrary web script or HTML via the namespace parameter to (1) actionNames.action and (…
|
CWE-79
Cross-site Scripting
|
CVE-2013-6348
|
2013-11-25 13:36 |
2013-11-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
257693
|
- |
|
pineapp
|
mail-secure_5099sk
|
admin/confnetworking.html in PineApp Mail-SeCure 3.70 and earlier on 5099SK and earlier platforms allows remote attackers to execute arbitrary commands via shell metacharacters in the nsserver parame…
|
CWE-94
Code Injection
|
CVE-2013-6830
|
2013-11-25 13:36 |
2013-11-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
257694
|
- |
|
pineapp
|
mail-secure_5099sk
|
PineApp Mail-SeCure 3.70 and earlier on 5099SK and earlier platforms has a sudoers file that does not properly restrict user specifications, which allows local users to gain privileges via a sudo com…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2013-6831
|
2013-11-25 13:36 |
2013-11-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
257695
|
- |
|
freebsd
|
freebsd
|
The nand_ioctl function in sys/dev/nand/nand_geom.c in the nand driver in the kernel in FreeBSD 10 and earlier does not properly initialize a certain data structure, which allows local users to obtai…
|
CWE-200
Information Exposure
|
CVE-2013-6832
|
2013-11-25 13:36 |
2013-11-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
257696
|
- |
|
freebsd
|
freebsd
|
The qls_eioctl function in sys/dev/qlxge/qls_ioctl.c in the kernel in FreeBSD 10 and earlier does not validate a certain size parameter, which allows local users to obtain sensitive information from …
|
CWE-20
Improper Input Validation
|
CVE-2013-6833
|
2013-11-25 13:36 |
2013-11-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
257697
|
- |
|
gwos
|
groundwork_monitor
|
GroundWork Monitor Enterprise 6.7.0 performs authentication on the basis of the HTTP Referer header, which allows remote attackers to obtain administrative privileges or access files via a crafted he…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2013-3499
|
2013-11-25 13:34 |
2013-05-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
257698
|
- |
|
gwos
|
groundwork_monitor
|
The Nagios-App component in GroundWork Monitor Enterprise 6.7.0 allows remote authenticated users to bypass intended access restrictions via a direct request for a (1) log file or (2) configuration f…
|
CWE-255
Credentials Management
|
CVE-2013-3505
|
2013-11-25 13:34 |
2013-05-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
257699
|
- |
|
freebsd
|
freebsd
|
The nfsrvd_readdir function in sys/fs/nfsserver/nfs_nfsdport.c in the new NFS server in FreeBSD 8.0 through 9.1-RELEASE-p3 does not verify that a READDIR request is for a directory node, which allows…
|
CWE-20
Improper Input Validation
|
CVE-2013-3266
|
2013-11-25 13:33 |
2013-05-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
257700
|
- |
|
x
|
libxres
|
Multiple integer overflows in X.org libXRes 1.0.6 and earlier allow X servers to trigger allocation of insufficient memory and a buffer overflow via vectors related to the (1) XResQueryClients and (2…
|
CWE-189
Numeric Errors
|
CVE-2013-1988
|
2013-11-25 13:32 |
2013-06-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|