|
258921
|
- |
|
cooperindustries
|
smp_16_gateway_\(data_concentrator\)
smp_4\/dp_gateway_\(data_concentrator\)
smp_4_gateway_\(data_concentrator\)
|
The DNP3 component in Cooper Power Systems SMP 4, 4/DP, and 16 gateways allows physically proximate attackers to cause a denial of service (reboot or link outage) via crafted input over a serial line.
|
CWE-20
Improper Input Validation
|
CVE-2013-2816
|
2013-12-18 12:42 |
2013-12-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258922
|
- |
|
cooperindustries
|
smp_16_gateway_\(data_concentrator\)
smp_4\/dp_gateway_\(data_concentrator\)
smp_4_gateway_\(data_concentrator\)
|
The DNP3 component in Cooper Power Systems SMP 4, 4/DP, and 16 gateways allows remote attackers to cause a denial of service (reboot or link outage) via a crafted DNP3 TCP packet.
|
CWE-20
Improper Input Validation
|
CVE-2013-2813
|
2013-12-18 12:38 |
2013-12-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258923
|
- |
|
xmlsoft
|
libxslt
|
xslt.c in libxslt before 1.1.25 allows context-dependent attackers to cause a denial of service (crash) via a stylesheet that embeds a DTD, which causes a structure to be accessed as a different type…
|
NVD-CWE-Other
|
CVE-2013-4520
|
2013-12-17 08:05 |
2013-12-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258924
|
- |
|
rockmongo
|
rockmongo
|
Directory traversal vulnerability in RockMongo 1.1.5 and earlier allows remote attackers to read arbitrary files via a .. (dot dot) in the ROCK_LANG cookie, as demonstrated in a login.index action to…
|
CWE-22
Path Traversal
|
CVE-2013-5107
|
2013-12-17 05:35 |
2013-12-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258925
|
- |
|
zabbix
|
zabbix
|
The user.login function in Zabbix before 1.8.16 and 2.x before 2.0.5rc1 allows remote attackers to override LDAP configuration via the cnf parameter.
|
CWE-287
Improper Authentication
|
CVE-2013-1364
|
2013-12-17 04:42 |
2013-12-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258926
|
- |
|
sonarsource
|
jenkins_plugin
|
The Jenkins Plugin for SonarQube 3.7 and earlier allows remote authenticated users to obtain sensitive information (cleartext passwords) by reading the value in the sonar.sonarPassword parameter from…
|
CWE-310
Cryptographic Issues
|
CVE-2013-5676
|
2013-12-17 02:16 |
2013-12-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258927
|
- |
|
mediawiki
|
mediawiki
|
The CleanChanges extension for MediaWiki before 1.19.9, 1.20.x before 1.20.8, and 1.21.x before 1.21.3, when "Group changes by page in recent changes and watchlist" is enabled, allows remote attacker…
|
CWE-200
Information Exposure
|
CVE-2013-4569
|
2013-12-17 00:54 |
2013-12-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258928
|
- |
|
mediawiki
|
mediawiki
|
Cross-site request forgery (CSRF) vulnerability in the CentralAuth extension for MediaWiki before 1.19.9, 1.20.x before 1.20.8, and 1.21.x before 1.21.3 allows remote attackers to hijack the authenti…
|
CWE-352
Origin Validation Error
|
CVE-2012-5394
|
2013-12-17 00:24 |
2013-12-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258929
|
- |
|
instantsoft
|
instantcms
|
SQL injection vulnerability in InstantSoft InstantCMS 1.10.3 and earlier allows remote attackers to execute arbitrary SQL commands via the orderby parameter to catalog/[id].
|
CWE-89
SQL Injection
|
CVE-2013-6839
|
2013-12-17 00:13 |
2013-12-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258930
|
- |
|
fedoraproject
janrain
|
fedora
ruby-openid
|
The ruby-openid gem before 2.2.2 for Ruby allows remote OpenID providers to cause a denial of service (CPU consumption) via (1) a large XRDS document or (2) an XML Entity Expansion (XEE) attack.
|
CWE-399
Resource Management Errors
|
CVE-2013-1812
|
2013-12-14 01:12 |
2013-12-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
