260891
|
- |
|
opera
|
opera_browser
|
Opera before 12.13 does not send CORS preflight requests in all required cases, which allows remote attackers to bypass a CSRF protection mechanism via a crafted web site that triggers a CORS request.
|
CWE-352
Origin Validation Error
|
CVE-2013-1639
|
2013-03-8 13:12 |
2013-02-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
260892
|
- |
|
linux
|
linux_kernel
|
The xen_failsafe_callback function in Xen for the Linux kernel 2.6.23 and other versions, when running a 32-bit PVOPS guest, allows local users to cause a denial of service (guest crash) by triggerin…
|
CWE-20
Improper Input Validation
|
CVE-2013-0190
|
2013-03-8 13:11 |
2013-02-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
260893
|
- |
|
fedoraproject
|
389_directory_server
|
389 Directory Server 1.2.10 does not properly update the ACL when a DN entry is moved by a modrdn operation, which allows remote authenticated users with certain permissions to bypass ACL restriction…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2012-4450
|
2013-03-8 13:09 |
2012-10-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
260894
|
- |
|
redhat
|
certificate_system
|
Multiple cross-site scripting (XSS) vulnerabilities in Red Hat Certificate System (RHCS) before 8.1.3 allow remote attackers to inject arbitrary web script or HTML via the (1) pageStart or (2) pageSi…
|
CWE-79
Cross-site Scripting
|
CVE-2012-4543
|
2013-03-8 13:09 |
2013-01-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
260895
|
- |
|
cisco
|
wireless_lan_controller_software wireless_lan_controller
|
The mDNS snooping functionality on Cisco Wireless LAN Controller (WLC) devices with software 7.4.1.54 and earlier does not properly manage buffers, which allows remote authenticated users to cause a …
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2013-1141
|
2013-03-7 14:00 |
2013-03-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
260896
|
- |
|
dovecot
|
dovecot
|
Dovecot 2.0.x before 2.0.16, when ssl or starttls is enabled and hostname is used to define the proxy destination, does not verify that the server hostname matches a domain name in the subject's Comm…
|
CWE-20
Improper Input Validation
|
CVE-2011-4318
|
2013-03-7 14:00 |
2013-03-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
260897
|
- |
|
cisco
|
security_monitoring_analysis_and_response_system
|
The XML parser in Cisco Security Monitoring, Analysis, and Response System (MARS) allows remote attackers to read arbitrary files via an external entity declaration in conjunction with an entity refe…
|
CWE-200
Information Exposure
|
CVE-2013-1140
|
2013-03-7 02:22 |
2013-03-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
260898
|
- |
|
debian
|
apache2
|
The Debian apache2ctl script in the apache2 package squeeze before 2.2.16-6+squeeze11, wheezy before 2.2.22-13, and sid before 2.2.22-13 for the Apache HTTP Server on Debian GNU/Linux does not proper…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2013-1048
|
2013-03-7 01:50 |
2013-03-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
260899
|
- |
|
adobe
|
flash_player flash_player_for_android adobe_air adobe_air_sdk
|
Buffer overflow in Adobe Flash Player before 10.3.183.50 and 11.x before 11.5.502.146 on Windows and Mac OS X, before 10.3.183.50 and 11.x before 11.2.202.261 on Linux, before 11.1.111.31 on Android …
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2013-0630
|
2013-03-6 14:07 |
2013-01-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
260900
|
- |
|
rsa
|
authentication_agent_for_windows
|
EMC RSA Authentication Agent 7.1.x before 7.1.2 on Windows does not enforce the Quick PIN Unlock timeout feature, which allows physically proximate attackers to bypass the passcode requirement for a …
|
CWE-16
Configuration
|
CVE-2013-0931
|
2013-03-6 14:00 |
2013-03-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|