|
259221
|
- |
|
wellintech
|
kingview
|
The SUPERGRIDLib.SuperGrid ActiveX control in SuperGrid.ocx before 65.30.30000.10002 in WellinTech KingView before 6.53 does not properly restrict ReplaceDBFile method calls, which allows remote atta…
|
CWE-22
Path Traversal
|
CVE-2013-6127
|
2013-10-28 22:32 |
2013-10-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
259222
|
- |
|
emc
|
rsa_authentication_agent
|
EMC RSA Authentication Agent 7.1.x before 7.1.2 for Web for Internet Information Services has a fail-open design, which allows remote attackers to bypass intended access restrictions via vectors that…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2013-3280
|
2013-10-26 04:00 |
2013-10-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
259223
|
- |
|
cisco
|
identity_services_engine_software
|
Cisco Identity Services Engine does not properly restrict the creation of guest accounts, which allows remote attackers to cause a denial of service (exhaustion of the account supply) via a series of…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2013-5521
|
2013-10-26 04:00 |
2013-10-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
259224
|
- |
|
cisco
|
ios
catalyst_3750-x
|
Cisco IOS on Catalyst 3750X switches has default Service Module credentials, which makes it easier for local users to gain privileges via a Service Module login, aka Bug ID CSCue92286.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2013-5522
|
2013-10-26 03:59 |
2013-10-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
259225
|
- |
|
cisco
|
identity_services_engine_software
|
Cisco Identity Services Engine (ISE) 1.x before 1.1.1 allows remote attackers to bypass authentication, and read support-bundle configuration and credentials data, via a crafted session on TCP port 4…
|
CWE-287
Improper Authentication
|
CVE-2013-5531
|
2013-10-26 03:57 |
2013-10-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
259226
|
- |
|
cisco
|
ios_xr
|
Cisco IOS XR 3.8.1 through 4.2.0 does not properly process fragmented packets within the RP-A, RP-B, PRP, and DRP-B route-processor components, which allows remote attackers to cause a denial of serv…
|
NVD-CWE-noinfo
|
CVE-2013-5549
|
2013-10-26 03:57 |
2013-10-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
259227
|
- |
|
dhtmlx
|
dhtmlxspreadsheet
|
Cross-site scripting (XSS) vulnerability in codebase/spreadsheet.php in the Spreadsheet (dhtmlxSpreadsheet) plugin 2.0 for WordPress allows remote attackers to inject arbitrary web script or HTML via…
|
CWE-79
Cross-site Scripting
|
CVE-2013-6281
|
2013-10-26 03:17 |
2013-10-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
259228
|
- |
|
linksalpha
|
social_sharing_toolkit_plugin
|
Cross-site scripting (XSS) vulnerability in Social Sharing Toolkit plugin before 2.1.2 for WordPress allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
|
CWE-79
Cross-site Scripting
|
CVE-2013-6280
|
2013-10-26 03:06 |
2013-10-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
259229
|
- |
|
juniper
|
junos
|
J-Web in Juniper Junos before 10.4R13, 11.4 before 11.4R7, 12.1R before 12.1R6, 12.1X44 before 12.1X44-D15, 12.1x45 before 12.1X45-D10, 12.2 before 12.2R3, 12.3 before 12.3R2, and 13.1 before 13.1R3 …
|
CWE-352
Origin Validation Error
|
CVE-2013-4689
|
2013-10-26 02:04 |
2013-10-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
259230
|
- |
|
apple
|
iphone_os
|
The Sandbox subsystem in Apple iOS before 7 determines the sandboxing requirement for a #! application on the basis of the script interpreter instead of the script, which allows attackers to bypass i…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2013-5154
|
2013-10-26 01:58 |
2013-09-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
