|
259771
|
- |
|
open-xchange
|
open-xchange_appsuite
open-xchange_server
|
Multiple cross-site scripting (XSS) vulnerabilities in Open-Xchange AppSuite and Server before 6.20.7 rev16, 6.22.0 before rev15, 6.22.1 before rev17, 7.0.1 before rev6, and 7.0.2 before rev7 allow r…
|
CWE-79
Cross-site Scripting
|
CVE-2013-2583
|
2013-09-27 01:44 |
2013-09-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
259772
|
- |
|
open-xchange
|
open-xchange_server
|
Directory traversal vulnerability in Open-Xchange Server before 6.20.7 rev14, 6.22.0 before rev13, and 6.22.1 before rev14 allows remote authenticated users to read arbitrary files via a .. (dot dot)…
|
CWE-22
Path Traversal
|
CVE-2013-1645
|
2013-09-27 01:42 |
2013-09-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
259773
|
- |
|
emc
|
rsa_archer_egrc
|
EMC RSA Archer GRC 5.x before 5.4 allows remote authenticated users to bypass intended access restrictions and complete a login by leveraging a deactivated account.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2013-3276
|
2013-09-27 01:41 |
2013-09-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
259774
|
- |
|
open-xchange
|
open-xchange_server
|
Multiple CRLF injection vulnerabilities in Open-Xchange Server before 6.20.7 rev14, 6.22.0 before rev13, and 6.22.1 before rev14 allow remote attackers to inject arbitrary HTTP headers and conduct HT…
|
CWE-94
Code Injection
|
CVE-2013-1647
|
2013-09-27 01:38 |
2013-09-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
259775
|
- |
|
open-xchange
|
open-xchange_server
|
Multiple cross-site scripting (XSS) vulnerabilities in Open-Xchange Server before 6.20.7 rev14, 6.22.0 before rev13, and 6.22.1 before rev14 allow remote attackers to inject arbitrary web script or H…
|
CWE-79
Cross-site Scripting
|
CVE-2013-1646
|
2013-09-27 01:37 |
2013-09-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
259776
|
- |
|
open-xchange
|
open-xchange_appsuite
|
Open-Xchange AppSuite before 7.0.2 rev14, 7.2.0 before rev11, 7.2.1 before rev10, and 7.2.2 before rev9 relies on user-supplied data to predict the IMAP server hostname for an external domain name, w…
|
CWE-255
Credentials Management
|
CVE-2013-4790
|
2013-09-27 01:36 |
2013-09-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
259777
|
- |
|
open-xchange
|
open-xchange_server
|
Open-Xchange Server before 6.20.7 rev14, 6.22.0 before rev13, and 6.22.1 before rev14 uses weak permissions (group "other" readable) under opt/open-xchange/etc/, which allows local users to obtain se…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2013-1650
|
2013-09-27 01:20 |
2013-09-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
259778
|
- |
|
matrikonopc
|
scada_dnp3_opc_server
|
MatrikonOPC SCADA DNP3 OPC Server 1.2.0 allows remote attackers to cause a denial of service (master-station daemon crash) via a malformed DNP3 TCP packet from the IP address of an outstation.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2013-2791
|
2013-09-27 01:17 |
2013-09-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
259779
|
- |
|
freebsd
|
freebsd
|
The sendfile system-call implementation in sys/kern/uipc_syscalls.c in the kernel in FreeBSD 9.2-RC1 and 9.2-RC2 does not properly pad transmissions, which allows local users to obtain sensitive info…
|
CWE-200
Information Exposure
|
CVE-2013-5666
|
2013-09-26 12:53 |
2013-09-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
259780
|
- |
|
hp
|
identity_driven_manager
procurve_manager
|
Multiple SQL injection vulnerabilities in GetEventsServlet in HP ProCurve Manager (PCM) 3.20 and 4.0, PCM+ 3.20 and 4.0, and Identity Driven Manager (IDM) 4.0 allow remote attackers to execute arbitr…
|
CWE-89
SQL Injection
|
CVE-2013-4809
|
2013-09-26 12:52 |
2013-09-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
