|
258371
|
- |
|
open-xchange
|
open-xchange_server
|
OXUpdater in Open-Xchange Server before 6.20.7 rev14, 6.22.0 before rev13, and 6.22.1 before rev14 does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spo…
|
CWE-310
Cryptographic Issues
|
CVE-2013-1651
|
2014-03-6 04:01 |
2013-09-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258372
|
- |
|
cisco
|
jabber
|
Cisco Jabber on Windows does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and modify the client-server data stream via a crafted certifica…
|
CWE-310
Cryptographic Issues
|
CVE-2013-1228
|
2014-03-6 04:00 |
2013-09-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258373
|
- |
|
kingsoft
|
kdrive
|
Kingsoft KDrive Personal before 1.21.0.1880 on Windows does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information …
|
CWE-310
Cryptographic Issues
|
CVE-2013-5999
|
2014-03-6 03:58 |
2013-11-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258374
|
- |
|
codeaurora
|
android-msm
|
The genlock_dev_ioctl function in genlock.c in the Genlock driver for the Linux kernel 3.x, as used in Qualcomm Innovation Center (QuIC) Android contributions for MSM devices and other products, does…
|
CWE-399
Resource Management Errors
|
CVE-2013-6392
|
2014-03-6 03:29 |
2013-11-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258375
|
- |
|
satechi
|
smart_travel_router
|
The web interface on the Satechi travel router 1.5, when Wi-Fi is used for WAN access, exposes the console without authentication on the WAN IP address regardless of the "Web Management via WAN" sett…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2013-6918
|
2014-03-6 02:46 |
2013-11-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258376
|
- |
|
apple
|
mac_os_x
|
A certain Apple patch for OpenSSL in Apple OS X 10.9.2 and earlier uses a Trust Evaluation Agent (TEA) feature without terminating certain TLS/SSL handshakes as specified in the SSL_CTX_set_verify ca…
|
CWE-20
Improper Input Validation
|
CVE-2014-2234
|
2014-03-6 02:44 |
2014-03-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258377
|
- |
|
novell
|
suse_manager
|
Cross-site scripting (XSS) vulnerability in the Spacewalk service in SUSE Manager 1.2 for SUSE Linux Enterprise (SLE) 11 SP1 allows remote attackers to inject arbitrary web script or HTML via an imag…
|
CWE-79
Cross-site Scripting
|
CVE-2012-0414
|
2014-03-5 03:56 |
2013-12-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258378
|
- |
|
novell
|
suse_cloud
|
The server in Crowbar, as used in SUSE Cloud 1.0, uses weak permissions for the production.log file, which has unspecified impact and attack vectors.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2012-0434
|
2014-03-5 03:56 |
2013-12-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258379
|
- |
|
cisco
|
secure_access_control_system
|
The RBAC implementation in Cisco Secure Access Control System (ACS) does not properly verify privileges for support-bundle downloads, which allows remote authenticated users to obtain sensitive infor…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2013-6695
|
2014-03-5 03:54 |
2013-12-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258380
|
- |
|
freebsd
|
freebsd
|
The ql_eioctl function in sys/dev/qlxgbe/ql_ioctl.c in the kernel in FreeBSD 10 and earlier does not validate a certain size parameter, which allows local users to obtain sensitive information from k…
|
CWE-20
Improper Input Validation
|
CVE-2013-6834
|
2014-03-5 03:52 |
2013-11-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
