|
260141
|
- |
|
vmware
|
esx
esxi
|
Directory traversal vulnerability in VMware ESXi 4.0 through 5.0, and ESX 4.0 and 4.1, allows remote attackers to delete arbitrary host OS files via unspecified vectors.
|
CWE-22
Path Traversal
|
CVE-2013-3658
|
2013-09-13 02:07 |
2013-09-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260142
|
- |
|
adobe
|
shockwave_player
|
Adobe Shockwave Player before 12.0.4.144 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2013-3…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2013-3360
|
2013-09-12 22:58 |
2013-09-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260143
|
- |
|
adobe
|
shockwave_player
|
Adobe Shockwave Player before 12.0.4.144 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2013-3…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2013-3359
|
2013-09-12 22:57 |
2013-09-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260144
|
- |
|
freewebshop
|
freewebshop
|
Static code injection vulnerability in ajax_save_name.php in the Ajax File Manager module in the tinymce plugin in FreeWebshop 2.2.9 R2 and earlier allows remote attackers to inject arbitrary PHP cod…
|
CWE-94
Code Injection
|
CVE-2011-5147
|
2013-09-12 15:24 |
2012-09-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260145
|
- |
|
uiga
|
business_portal
|
Multiple SQL injection vulnerabilities in Uiga Business Portal allow remote attackers to execute arbitrary SQL commands via the (1) noentryid parameter to blog/index.php and the (2) p parameter to in…
|
CWE-89
SQL Injection
|
CVE-2010-1049
|
2013-09-12 15:08 |
2010-03-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260146
|
- |
|
openedit_inc
|
openedit
|
Cross-site scripting (XSS) vulnerability in store/search/results.html in OpenEdit 4.0 and earlier allows remote attackers to inject arbitrary web script or HTML via the (1) oe-action and (2) page par…
|
NVD-CWE-Other
|
CVE-2005-4476
|
2013-09-12 13:48 |
2005-12-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260147
|
- |
|
realnetworks
|
realplayer
realplayer_sp
|
Stack-based buffer overflow in RealNetworks RealPlayer before 16.0.3.51, and RealPlayer SP 1.0 through 1.1.5, allows remote attackers to execute arbitrary code via a crafted .rmp file.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2013-4973
|
2013-09-12 12:37 |
2013-08-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260148
|
- |
|
realnetworks
|
realplayer
realplayer_sp
|
RealNetworks RealPlayer before 16.0.3.51, and RealPlayer SP 1.0 through 1.1.5, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a malformed RealM…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2013-4974
|
2013-09-12 12:37 |
2013-08-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260149
|
- |
|
juniper
|
junos_space
junos_space_virtual_appliance
junos_space_ja1500_appliance
|
Cross-site scripting (XSS) vulnerability in the web-based interface in Juniper Junos Space before 13.1R1.6, as used on the JA1500 appliance and in other contexts, allows remote attackers to inject ar…
|
CWE-79
Cross-site Scripting
|
CVE-2013-5095
|
2013-09-12 12:37 |
2013-08-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260150
|
- |
|
juniper
|
junos_space
junos_space_virtual_appliance
junos_space_ja1500_appliance
|
Juniper Junos Space before 13.1R1.6, as used on the JA1500 appliance and in other contexts, does not properly implement role-based access control, which allows remote authenticated users to modify th…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2013-5096
|
2013-09-12 12:37 |
2013-08-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
