261631
|
- |
|
christian_johansson
|
restrict_node_page_view
|
The Restrict node page view module 7.x-1.x before 7.x-1.2 for Drupal allows remote authenticated users with the "view any node page" or "view any node {type} page" permission to access unpublished no…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2012-4473
|
2013-01-30 13:54 |
2012-12-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
261632
|
- |
|
colorbox_node
|
dennis_blake
|
Multiple cross-site scripting (XSS) vulnerabilities in the Colorbox Node module 7.x-2.x before 7.x-2.2 for Drupal allow remote attackers to inject arbitrary web script or HTML via unspecified paramet…
|
CWE-79
Cross-site Scripting
|
CVE-2012-4474
|
2013-01-30 13:54 |
2012-12-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
261633
|
- |
|
sixapart
|
movable_type
|
lib/MT/Upgrade.pm in mt-upgrade.cgi in Movable Type 4.2x and 4.3x through 4.38 does not require authentication for requests to database-migration functions, which allows remote attackers to conduct e…
|
CWE-287
Improper Authentication
|
CVE-2013-0209
|
2013-01-29 14:00 |
2013-01-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
261634
|
- |
|
ge
|
intelligent_platforms_proficy_hmi\/scada_cimplicity intelligent_platforms_proficy_process_systems_with_cimplicity intelligent_platforms_proficy_process_systems
|
Directory traversal vulnerability in substitute.bcl in the WebView CimWeb subsystem in GE Intelligent Platforms Proficy HMI/SCADA - CIMPLICITY 4.01 through 8.0, and Proficy Process Systems with CIMPL…
|
CWE-22
Path Traversal
|
CVE-2013-0653
|
2013-01-29 14:00 |
2013-01-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
261635
|
- |
|
ge
|
intelligent_platforms_proficy_hmi\/scada_cimplicity intelligent_platforms_proficy_process_systems_with_cimplicity intelligent_platforms_proficy_process_systems
|
CimWebServer in GE Intelligent Platforms Proficy HMI/SCADA - CIMPLICITY 4.01 through 8.0, and Proficy Process Systems with CIMPLICITY, allows remote attackers to execute arbitrary commands or cause a…
|
CWE-20
Improper Input Validation
|
CVE-2013-0654
|
2013-01-29 14:00 |
2013-01-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
261636
|
- |
|
sitecom
|
wlm-2501
|
Multiple cross-site request forgery (CSRF) vulnerabilities in Sitecom WLM-2501 allow remote attackers to hijack the authentication of administrators for requests that modify settings for (1) Mac Filt…
|
CWE-352
Origin Validation Error
|
CVE-2012-1922
|
2013-01-29 14:00 |
2013-01-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
261637
|
- |
|
ge
|
intelligent_platforms_proficy_hmi\/scada_cimplicity intelligent_platforms_proficy_process_systems_with_cimplicity intelligent_platforms_proficy_process_systems
|
Integer overflow in CimWebServer.exe in GE Intelligent Platforms Proficy HMI/SCADA - CIMPLICITY 4.01 through 8.0, and Proficy Process Systems with CIMPLICITY, allows remote attackers to cause a denia…
|
CWE-189
Numeric Errors
|
CVE-2012-4689
|
2013-01-29 14:00 |
2013-01-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
261638
|
- |
|
siemens
|
automation_license_manager
|
Memory leak in Siemens Automation License Manager (ALM) 4.x and 5.x before 5.2 allows remote attackers to cause a denial of service (memory consumption) via crafted packets.
|
CWE-399
Resource Management Errors
|
CVE-2012-4691
|
2013-01-29 14:00 |
2012-12-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
261639
|
- |
|
siemens
|
automation_license_manager
|
Per: http://www.siemens.com/corporate-technology/pool/de/forschungsfelder/siemens_security_advisory_ssa-783261.pdf
"The attacker must have access to the local subnet where ALM is located. During i…
|
CWE-399
Resource Management Errors
|
CVE-2012-4691
|
2013-01-29 14:00 |
2012-12-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
261640
|
- |
|
tropos
|
mesh_os 1310_distrubution_automation_mesh_router 1410_mesh_router 1410_wireless_mesh_router 3310_indoor_mesh_router 3320_indoor_mesh_router 4310_mobile_mesh_router 6310_mesh_rout…
|
Mesh OS before 7.9.1.1 on Tropos wireless mesh routers does not use a sufficient source of entropy for SSH keys, which makes it easier for man-in-the-middle attackers to spoof a device or modify a cl…
|
CWE-310
Cryptographic Issues
|
CVE-2012-4898
|
2013-01-29 14:00 |
2012-12-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|