|
258531
|
- |
|
schneider-electric
|
citectscada
powerlogic_scada
struxureware_powerscada_expert
struxureware_scada_expert_vijeo_citect
|
Schneider Electric StruxureWare SCADA Expert Vijeo Citect 7.40, Vijeo Citect 7.20 through 7.30SP1, CitectSCADA 7.20 through 7.30SP1, StruxureWare PowerSCADA Expert 7.30 through 7.30SR1, and PowerLogi…
|
NVD-CWE-Other
|
CVE-2013-2824
|
2014-02-27 01:58 |
2014-02-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258532
|
- |
|
osehra
|
vista
|
The M2M Broker in OSEHRA VistA, as distributed before September 30, 2013, allows attackers to bypass authentication and authorization to perform doctor-only actions and read or modify patient records…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2013-6945
|
2014-02-26 03:18 |
2013-12-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258533
|
- |
|
tattyan
|
tattyan_hptown
|
Directory traversal vulnerability in Tattyan HP TOWN before 5_10_1 allows remote attackers to read arbitrary files via a .. (dot dot) in a request.
|
CWE-22
Path Traversal
|
CVE-2013-6000
|
2014-02-26 03:16 |
2013-12-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258534
|
- |
|
cru-inc
|
ditto_forensic_fieldstation_firmware
ditto_forensic_fieldstation
|
CRU Ditto Forensic FieldStation with firmware before 2013Oct15a allows remote attackers to execute arbitrary commands via shell metacharacters in the (1) sector size or (2) skip count fields for the …
|
CWE-78
OS Command
|
CVE-2013-6881
|
2014-02-26 03:11 |
2014-01-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258535
|
- |
|
libreswan
|
libreswan
|
Libreswan 3.6 allows remote attackers to cause a denial of service (crash) via a small length value and (1) no version or (2) an invalid major number in an IKE packet.
|
CWE-189
Numeric Errors
|
CVE-2013-4564
|
2014-02-26 03:02 |
2014-01-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258536
|
- |
|
mybb
|
mybb
|
Cross-site scripting (XSS) vulnerability in the mycode_parse_video function in inc/class_parser.php in MyBB (aka MyBulletinBoard) before 1.6.12 allows remote attackers to inject arbitrary web script …
|
CWE-79
Cross-site Scripting
|
CVE-2013-7288
|
2014-02-25 23:47 |
2014-01-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258537
|
- |
|
dotnetblogengine
|
blogengine.net
|
BlogEngine.NET 2.8.0.0 and earlier allows remote attackers to read usernames and password hashes via a request for the sioc.axd file.
|
CWE-200
Information Exposure
|
CVE-2013-6953
|
2014-02-25 23:38 |
2014-01-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258538
|
- |
|
xen
|
xen
|
Xen, when using x86 Intel processors and the VMX virtualization extension is enabled, does not properly handle cpuid instruction emulation when exiting the VM, which allows local guest users to cause…
|
NVD-CWE-noinfo
|
CVE-2011-1936
|
2014-02-25 23:10 |
2014-01-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258539
|
- |
|
7mediaws
|
edutrac
|
Directory traversal vulnerability in 7 Media Web Solutions eduTrac before 1.1.2 allows remote attackers to read arbitrary files via a .. (dot dot) in the showmask parameter to installer/overview.php.
|
CWE-22
Path Traversal
|
CVE-2013-7097
|
2014-02-25 23:05 |
2014-01-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258540
|
- |
|
mybb
|
mybb
|
Cross-site scripting (XSS) vulnerability in misc.php in MyBB (aka MyBulletinBoard) before 1.6.12 allows remote attackers to inject arbitrary web script or HTML via the editor parameter in a smilie li…
|
CWE-79
Cross-site Scripting
|
CVE-2013-7275
|
2014-02-25 23:03 |
2014-01-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
