259021
|
- |
|
sybase
|
adaptive_server_enterprise
|
SAP Sybase Adaptive Server Enterprise (ASE) before 15.0.3 ESD#4.3. 15.5 before 15.5 ESD#5.3, and 15.7 before 15.7 SP50 or 15.7 SP100 does not properly perform authorization, which allows remote authe…
|
CWE-287
Improper Authentication
|
CVE-2013-6859
|
2013-11-26 03:46 |
2013-11-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
259022
|
- |
|
canonical
|
ubuntu_linux maas
|
maas-import-pxe-files in MAAS before 13.10 does not verify the integrity of downloaded files, which allows remote attackers to modify these files via a man-in-the-middle (MITM) attack.
|
CWE-310
Cryptographic Issues
|
CVE-2013-1058
|
2013-11-26 03:36 |
2013-11-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
259023
|
- |
|
openstack
|
image_registry_and_delivery_service_\(glance\)
|
The API before 2.1 in OpenStack Image Registry and Delivery Service (Glance) makes it easier for local users to inject images into arbitrary tenants by adding the tenant as a member of the image.
|
CWE-20
Improper Input Validation
|
CVE-2013-4354
|
2013-11-26 01:42 |
2013-11-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
259024
|
- |
|
tweet-blender
|
tweet-blender
|
Cross-site scripting (XSS) vulnerability in the Tweet Blender plugin before 4.0.2 for WordPress allows remote attackers to inject arbitrary web script or HTML via the tb_tab_index parameter to wp-adm…
|
CWE-79
Cross-site Scripting
|
CVE-2013-6342
|
2013-11-26 00:20 |
2013-11-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
259025
|
- |
|
cisco
|
wireless_lan_controller
|
The web interface on Cisco Wireless LAN Controller (WLC) devices does not properly restrict use of IFRAME elements, which makes it easier for remote attackers to conduct clickjacking attacks and unsp…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2013-6698
|
2013-11-26 00:03 |
2013-11-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
259026
|
- |
|
cisco
|
ios
|
The IPSec implementation in Cisco IOS allows remote attackers to cause a denial of service (MTU change and tunnel-session drop) via crafted ICMP packets, aka Bug ID CSCul29918.
|
CWE-20
Improper Input Validation
|
CVE-2013-6694
|
2013-11-26 00:00 |
2013-11-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
259027
|
- |
|
sybase
|
adaptive_server_enterprise
|
Unspecified vulnerability in SAP Sybase Adaptive Server Enterprise (ASE) before 15.0.3 ESD#4.3. 15.5 before 15.5 ESD#5.3, and 15.7 before 15.7 SP50 or 15.7 SP100 allows remote authenticated users to …
|
NVD-CWE-noinfo
|
CVE-2013-6245
|
2013-11-25 13:36 |
2013-10-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
259028
|
- |
|
apache
|
struts
|
Multiple cross-site scripting (XSS) vulnerabilities in Apache Struts 2.3.15.3 allow remote attackers to inject arbitrary web script or HTML via the namespace parameter to (1) actionNames.action and (…
|
CWE-79
Cross-site Scripting
|
CVE-2013-6348
|
2013-11-25 13:36 |
2013-11-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
259029
|
- |
|
pineapp
|
mail-secure_5099sk
|
admin/confnetworking.html in PineApp Mail-SeCure 3.70 and earlier on 5099SK and earlier platforms allows remote attackers to execute arbitrary commands via shell metacharacters in the nsserver parame…
|
CWE-94
Code Injection
|
CVE-2013-6830
|
2013-11-25 13:36 |
2013-11-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
259030
|
- |
|
pineapp
|
mail-secure_5099sk
|
PineApp Mail-SeCure 3.70 and earlier on 5099SK and earlier platforms has a sudoers file that does not properly restrict user specifications, which allows local users to gain privileges via a sudo com…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2013-6831
|
2013-11-25 13:36 |
2013-11-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|