|
259961
|
- |
|
arubanetworks
|
clearpass
clearpass_guest
|
The Sponsorship Confirmation functionality in Aruba Networks ClearPass 5.x, 6.0.1, and 6.0.2, and Amigopod/ClearPass Guest 3.0 through 3.9.7, allows remote attackers to bypass intended access restric…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2013-2269
|
2013-10-9 05:45 |
2013-10-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
259962
|
- |
|
canonical
michael_vogt
|
ubuntu_linux
ubuntu-system-service
|
ubuntu-system-service 0.2.4 before 0.2.4.1. 0.2.3 before 0.2.3.1, and 0.2.2 before 0.2.2.1 does not properly use D-Bus for communication with a polkit authority, which allows local users to bypass in…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2013-1062
|
2013-10-9 03:05 |
2013-10-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
259963
|
- |
|
wago
|
wago_i\/o_system_758_industrial_pc_device
|
WAGO I/O System 758 model 758-870, 758-874, 758-875, and 758-876 Industrial PC (IPC) devices have default passwords for unspecified Web Based Management accounts, which makes it easier for remote att…
|
CWE-255
Credentials Management
|
CVE-2012-3013
|
2013-10-9 02:41 |
2012-09-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
259964
|
- |
|
htmlcleaner_project
open-xchange
|
htmlcleaner
open-xchange_appsuite
|
Multiple race conditions in HtmlCleaner before 2.6, as used in Open-Xchange AppSuite 7.2.2 before rev13 and other products, allow remote authenticated users to read the private e-mail of other person…
|
CWE-362
Race Condition
|
CVE-2013-5035
|
2013-10-9 02:33 |
2013-09-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
259965
|
- |
|
htmlcleaner_project
open-xchange
|
htmlcleaner
open-xchange_appsuite
|
CVSS score reflects vendor comments provided in http://archives.neohapsis.com/archives/bugtraq/2013-08/0115.html
|
CWE-362
Race Condition
|
CVE-2013-5035
|
2013-10-9 02:33 |
2013-09-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
259966
|
- |
|
trianglemicroworks
|
ansi_c_source_code_libraries
.net_communication_protocol_components
scada_data_gateway
|
Triangle MicroWorks SCADA Data Gateway 2.50.0309 through 3.00.0616, DNP3 .NET Protocol components 3.06.0.171 through 3.15.0.369, and DNP3 C libraries 3.06.0000 through 3.15.0000 allow physically prox…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2013-2794
|
2013-10-9 02:24 |
2013-09-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
259967
|
- |
|
chamanet
|
chamacargo
|
Cross-site scripting (XSS) vulnerability in ChamaNet ChamaCargo 7.0000 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
|
CWE-79
Cross-site Scripting
|
CVE-2013-4704
|
2013-10-9 01:23 |
2013-09-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
259968
|
- |
|
gomlab
|
gom_player
|
Gretech GOM Media Player 2.2.53.5169 and possibly earlier allows remote attackers to cause a denial of service (application crash) via a crafted WAV file.
|
CWE-20
Improper Input Validation
|
CVE-2013-5716
|
2013-10-9 01:04 |
2013-09-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
259969
|
- |
|
gomlab
|
gom_player
|
Buffer overflow in Gretech GOM Media Player before 2.2.53.5169 has unspecified impact and attack vectors.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2013-5715
|
2013-10-9 00:51 |
2013-09-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
259970
|
- |
|
marketpress
|
backwpup_plugin
|
Cross-site scripting (XSS) vulnerability in the BackWPup plugin before 3.0.13 for WordPress allows remote attackers to inject arbitrary web script or HTML via the tab parameter to wp-admin/admin.php.
|
CWE-79
Cross-site Scripting
|
CVE-2013-4626
|
2013-10-8 23:22 |
2013-09-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
