261241
|
- |
|
gree
|
gree
|
Directory traversal vulnerability in the GREE application before 1.3.3 for Android allows remote attackers to obtain sensitive information via a crafted URL, which is not properly handled during inte…
|
CWE-200
Information Exposure
|
CVE-2013-0704
|
2013-02-15 21:09 |
2013-02-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
261242
|
- |
|
vmware
|
vcenter_server virtualcenter vsphere_client vi-client esxi esx
|
VMware vCenter Server 4.0 before Update 4b and 4.1 before Update 3a, VMware VirtualCenter 2.5, VMware vSphere Client 4.0 before Update 4b and 4.1 before Update 3a, VMware VI-Client 2.5, VMware ESXi 3…
|
CWE-287
Improper Authentication
|
CVE-2013-1405
|
2013-02-15 21:09 |
2013-02-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
261243
|
- |
|
moxa
|
edr_g903_firmware edr-g903
|
Moxa EDR-G903 series routers with firmware before 2.11 do not use a sufficient source of entropy for (1) SSH and (2) SSL keys, which makes it easier for man-in-the-middle attackers to spoof a device …
|
CWE-310
Cryptographic Issues
|
CVE-2012-4694
|
2013-02-15 21:09 |
2013-02-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
261244
|
- |
|
openstack
|
folsom grizzly
|
OpenStack Compute (Nova) Folsom before 2012.2.2 and Grizzly, when using libvirt and LVM backed instances, does not properly clear physical volume (PV) content when reallocating for instances, which a…
|
CWE-200
Information Exposure
|
CVE-2012-5625
|
2013-02-15 14:04 |
2012-12-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
261245
|
- |
|
digitiliti
|
digilibe
|
DigiLIBE 3.4 and possibly other versions sends a redirect but does not exit, which allows remote attackers to obtain sensitive configuration information via a direct request to configuration/general_…
|
CWE-200
Information Exposure
|
CVE-2013-1402
|
2013-02-15 14:00 |
2013-02-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
261246
|
- |
|
irfanview
|
flashpix_plugin
|
Heap-based buffer overflow in the FlashPix PlugIn before 4.3.4.0 for IrfanView might allow remote attackers to execute arbitrary code via a .fpx file containing a crafted FlashPix image that is not p…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2012-0278
|
2013-02-15 13:53 |
2012-04-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
261247
|
- |
|
kay_framework_project openid redhat
|
kay_framework openid4java jboss_enterprise_application_platform
|
message/ax/AxMessage.java in OpenID4Java before 0.9.6 final, as used in JBoss Enterprise Application Platform 5.1 before 5.1.2, Step2, Kay Framework before 1.0.2, and possibly other products does not…
|
CWE-20
Improper Input Validation
|
CVE-2011-4314
|
2013-02-15 13:50 |
2012-01-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
261248
|
- |
|
cybozu
|
garoon
|
Cross-site scripting (XSS) vulnerability in Cybozu Garoon 2.0.0 through 3.5.3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
|
CWE-79
Cross-site Scripting
|
CVE-2013-0702
|
2013-02-15 03:07 |
2013-02-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
261249
|
- |
|
cybozu
|
garoon
|
SQL injection vulnerability in Cybozu Garoon 2.5.0 through 3.5.3 allows remote authenticated users to execute arbitrary SQL commands by leveraging a logging privilege.
|
CWE-89
SQL Injection
|
CVE-2013-0701
|
2013-02-14 21:11 |
2013-02-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
261250
|
- |
|
cisco
|
ios
|
The HTTP server in Cisco IOS on Catalyst switches does not properly handle TCP socket events, which allows remote attackers to cause a denial of service (device crash) via crafted packets on TCP port…
|
CWE-399
Resource Management Errors
|
CVE-2013-1100
|
2013-02-14 14:00 |
2013-02-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|