259521
|
- |
|
polarssl
|
polarssl
|
The x509parse_crt function in x509.h in PolarSSL 1.1.x before 1.1.7 and 1.2.x before 1.2.8 does not properly parse certificate messages during the SSL/TLS handshake, which allows remote attackers to …
|
CWE-20
Improper Input Validation
|
CVE-2013-4623
|
2013-10-31 12:35 |
2013-10-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
259522
|
- |
|
apple
|
iphone_os
|
Multiple cross-site scripting (XSS) vulnerabilities in WebKit in Apple iOS before 7 allow user-assisted remote attackers to inject arbitrary web script or HTML via vectors involving a (1) drag-and-dr…
|
CWE-79
Cross-site Scripting
|
CVE-2013-5129
|
2013-10-31 12:35 |
2013-09-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
259523
|
- |
|
apple
|
iphone_os
|
Cross-site scripting (XSS) vulnerability in WebKit in Apple iOS before 7 allows remote attackers to inject arbitrary web script or HTML via a crafted URL.
|
CWE-79
Cross-site Scripting
|
CVE-2013-5131
|
2013-10-31 12:35 |
2013-09-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
259524
|
- |
|
apple
|
iphone_os
|
IOCatalogue in IOKitUser in Apple iOS before 7 allows attackers to cause a denial of service (NULL pointer dereference and device crash) via a crafted application.
|
NVD-CWE-Other
|
CVE-2013-5138
|
2013-10-31 12:35 |
2013-09-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
259525
|
- |
|
apple
|
iphone_os
|
The kernel in Apple iOS before 7 uses an incorrect data size for a certain integer variable, which allows attackers to cause a denial of service (infinite loop and device hang) via a crafted applicat…
|
CWE-189
Numeric Errors
|
CVE-2013-5141
|
2013-10-31 12:35 |
2013-09-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
259526
|
- |
|
apple
|
iphone_os
|
The kernel in Apple iOS before 7 does not initialize unspecified kernel data structures, which allows local users to obtain sensitive information from kernel stack memory via the (1) msgctl API or (2…
|
CWE-200
Information Exposure
|
CVE-2013-5142
|
2013-10-31 12:35 |
2013-09-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
259527
|
- |
|
apple
|
iphone_os
|
kextd in Kext Management in Apple iOS before 7 does not properly verify authorization for IPC messages, which allows local users to (1) load or (2) unload kernel extensions via a crafted message.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2013-5145
|
2013-10-31 12:35 |
2013-09-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
259528
|
- |
|
oracle
|
ilearning
|
Unspecified vulnerability in the Oracle iLearning component in Oracle iLearning 5.2.1 and 6.0 allows remote attackers to affect integrity via unknown vectors related to Learner Administration.
|
NVD-CWE-noinfo
|
CVE-2013-5845
|
2013-10-31 12:35 |
2013-10-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
259529
|
- |
|
oracle
|
peoplesoft_products
|
Unspecified vulnerability in the PeopleSoft Enterprise HRMS eCompensation component in Oracle PeopleSoft Products 9.1 and 9.2 allows remote authenticated users to affect confidentiality via unknown v…
|
NVD-CWE-noinfo
|
CVE-2013-5847
|
2013-10-31 12:35 |
2013-10-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
259530
|
- |
|
oracle
|
industry_applications
|
Unspecified vulnerability in the Oracle Health Sciences InForm component in Oracle Industry Applications 4.5 SP3, 4.5 SP3a-k, 4.6 SP0, 4.6 SP0a-c, 4.6 SP1, 4.6 SP1a-c, 4.6 SP2, 4.6 SP2a-c, 5.0 SP0, 5…
|
NVD-CWE-noinfo
|
CVE-2013-5856
|
2013-10-31 12:35 |
2013-10-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|