259401
|
- |
|
linksalpha
|
social_sharing_toolkit_plugin
|
Cross-site request forgery (CSRF) vulnerability in the Social Sharing Toolkit plugin 2.1.1 for WordPress allows remote attackers to hijack the authentication of administrators for requests that manip…
|
CWE-352
Origin Validation Error
|
CVE-2013-2701
|
2013-11-22 04:09 |
2013-11-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
259402
|
- |
|
strongswan
|
strongswan
|
The compare_dn function in utils/identification.c in strongSwan 4.3.3 through 5.1.1 allows (1) remote attackers to cause a denial of service (out-of-bounds read, NULL pointer dereference, and daemon …
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2013-6075
|
2013-11-22 03:41 |
2013-11-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
259403
|
- |
|
strongswan
|
strongswan
|
Per http://www.strongswan.org/blog/2013/11/01/strongswan-denial-of-service-vulnerability-%28cve-2013-6075%29.html
'Affected are strongSwan versions 4.3.3 and newer, up to 5.1.0.'
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2013-6075
|
2013-11-22 03:41 |
2013-11-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
259404
|
- |
|
novell
|
zenworks_configuration_management
|
Directory traversal vulnerability in the GetFle method in the umaninv service in Novell ZENworks Configuration Management (ZCM) 11.2.3 allows remote attackers to read arbitrary files via a .. (dot do…
|
CWE-22
Path Traversal
|
CVE-2013-1084
|
2013-11-22 03:32 |
2013-11-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
259405
|
- |
|
strongswan
|
strongswan
|
strongSwan 5.0.2 through 5.1.0 allows remote attackers to cause a denial of service (NULL pointer dereference and charon daemon crash) via a crafted IKEv1 fragmentation packet.
|
NVD-CWE-Other
|
CVE-2013-6076
|
2013-11-22 03:32 |
2013-11-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
259406
|
- |
|
strongswan
|
strongswan
|
CWE-476: NULL Pointer Dereference per http://cwe.mitre.org/data/definitions/476.html
|
NVD-CWE-Other
|
CVE-2013-6076
|
2013-11-22 03:32 |
2013-11-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
259407
|
- |
|
openbravo
|
openbravo_erp
|
The XML API in Openbravo ERP 2.5, 3.0, and earlier allows remote authenticated users to read arbitrary files via an XML document with an external entity declaration in conjunction with an entity refe…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2013-3617
|
2013-11-22 03:29 |
2013-11-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
259408
|
- |
|
olat
|
olat
|
Multiple cross-site scripting (XSS) vulnerabilities in the Calendar module in Olat 7.8.0.1 (b20130821 N1) allow remote attackers to inject arbitrary web script or HTML via the (1) event name or (2) d…
|
CWE-79
Cross-site Scripting
|
CVE-2013-6793
|
2013-11-22 02:57 |
2013-11-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
259409
|
- |
|
olat
|
olat
|
Cross-site scripting (XSS) vulnerability in the Calendar module in Olat 7.8.0.1 (b20130821 N1) allows remote attackers to inject arbitrary web script or HTML via the Location field. NOTE: the proven…
|
CWE-79
Cross-site Scripting
|
CVE-2013-6794
|
2013-11-22 02:55 |
2013-11-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
259410
|
- |
|
tylertech
|
taxweb
|
Cross-site request forgery (CSRF) vulnerability in login.jsp in Tyler Technologies TaxWeb 3.13.3.1 allows remote attackers to hijack the authentication of arbitrary users for requests that change a p…
|
CWE-352
Origin Validation Error
|
CVE-2013-6018
|
2013-11-22 02:54 |
2013-10-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|