|
259251
|
- |
|
mozilla
|
bugzilla
|
Cross-site request forgery (CSRF) vulnerability in process_bug.cgi in Bugzilla 4.4.x before 4.4.1 allows remote attackers to hijack the authentication of arbitrary users for requests that modify bugs…
|
CWE-352
Origin Validation Error
|
CVE-2013-1733
|
2013-10-25 08:29 |
2013-10-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
259252
|
- |
|
mozilla
|
bugzilla
|
Multiple cross-site scripting (XSS) vulnerabilities in editflagtypes.cgi in Bugzilla 2.x, 3.x, and 4.0.x before 4.0.11; 4.1.x and 4.2.x before 4.2.7; and 4.3.x and 4.4.x before 4.4.1 allow remote att…
|
CWE-79
Cross-site Scripting
|
CVE-2013-1742
|
2013-10-25 08:29 |
2013-10-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
259253
|
- |
|
mozilla
|
bugzilla
|
Multiple cross-site scripting (XSS) vulnerabilities in report.cgi in Bugzilla 4.1.x and 4.2.x before 4.2.7 and 4.3.x and 4.4.x before 4.4.1 allow remote attackers to inject arbitrary web script or HT…
|
CWE-79
Cross-site Scripting
|
CVE-2013-1743
|
2013-10-25 08:28 |
2013-10-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
259254
|
- |
|
apple
|
safari
|
WebKit in Apple Safari before 6.1 disables the Private Browsing feature upon a launch of the Web Inspector, which makes it easier for context-dependent attackers to obtain browsing information by lev…
|
CWE-200
Information Exposure
|
CVE-2013-5130
|
2013-10-25 08:24 |
2013-10-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
259255
|
- |
|
cisco
|
secure_access_control_system
|
Cisco Secure Access Control System (ACS) does not properly implement an incoming-packet firewall rule, which allows remote attackers to cause a denial of service (process crash) via a flood of crafte…
|
CWE-20
Improper Input Validation
|
CVE-2013-5536
|
2013-10-25 08:23 |
2013-10-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
259256
|
- |
|
apple
|
keynote
|
Apple Keynote before 6.0 does not properly handle the interaction between Keynote presentation mode and the Screen Lock implementation, which allows physically proximate attackers to obtain access by…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2013-5148
|
2013-10-25 03:24 |
2013-10-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
259257
|
- |
|
apple
|
os_x_server
|
The RADIUS service in Server App in Apple OS X Server before 3.0 selects a fallback X.509 certificate in unspecified circumstances, which might allow man-in-the-middle attackers to hijack RADIUS sess…
|
NVD-CWE-Other
|
CVE-2013-5143
|
2013-10-25 01:59 |
2013-10-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
259258
|
- |
|
mozilla
|
bugzilla
|
Cross-site request forgery (CSRF) vulnerability in attachment.cgi in Bugzilla 2.x, 3.x, and 4.0.x before 4.0.11; 4.1.x and 4.2.x before 4.2.7; and 4.3.x and 4.4.x before 4.4.1 allows remote attackers…
|
CWE-352
Origin Validation Error
|
CVE-2013-1734
|
2013-10-25 01:35 |
2013-10-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
259259
|
- |
|
apple
|
mac_os_x
|
Smart Card Services in Apple Mac OS X before 10.9 does not properly implement certificate-revocation checks, which allows remote attackers to cause a denial of service (Smart Card usage outage) by in…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2013-5190
|
2013-10-25 01:19 |
2013-10-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
259260
|
- |
|
dell
|
quest_one_password_manager
|
The Dell Quest One Password Manager, possibly 5.0, allows remote attackers to bypass CAPTCHA protections and obtain sensitive information (user's full name) by sending a login request with a valid do…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2013-6246
|
2013-10-25 01:18 |
2013-10-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
