259541
|
- |
|
apple
|
iphone_os
|
Safari in Apple iOS before 7 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted XML document.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2013-1036
|
2013-10-31 12:31 |
2013-09-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
259542
|
- |
|
oracle
|
jdk jre
|
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 6 and earlier allows remote attackers to affect confidentiality, integrity, and availability via u…
|
NVD-CWE-noinfo
|
CVE-2012-1682
|
2013-10-31 12:24 |
2012-08-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
259543
|
- |
|
rack_project
|
rack
|
Rack before 1.1.3, 1.2.x before 1.2.5, and 1.3.x before 1.3.6 computes hash values for form parameters without restricting the ability to trigger hash collisions predictably, which allows remote atta…
|
CWE-310
Cryptographic Issues
|
CVE-2011-5036
|
2013-10-31 12:21 |
2011-12-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
259544
|
- |
|
redhat
|
jboss_community_application_server jboss_enterprise_application_platform
|
The org.apache.catalina.connector.Response.encodeURL method in Red Hat JBoss Web 7.1.x and earlier, when the tracking mode is set to COOKIE, sends the jsessionid in the URL of the first response of a…
|
NVD-CWE-noinfo
|
CVE-2012-4529
|
2013-10-30 23:49 |
2013-10-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
259545
|
- |
|
redhat
|
jboss_enterprise_application_platform jboss_enterprise_portal_platform
|
Red Hat JBoss Enterprise Application Platform (EAP) before 6.1.0 and JBoss Portal before 6.1.0 does not load the implementation of a custom authorization module for a new application when an implemen…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2012-4572
|
2013-10-30 23:47 |
2013-10-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
259546
|
- |
|
redhat
|
jboss_enterprise_portal_platform
|
The default configuration of Red Hat JBoss Portal before 6.1.0 enables the JGroups diagnostics service with no authentication when a JGroups channel is started, which allows remote attackers to obtai…
|
CWE-287
Improper Authentication
|
CVE-2013-2102
|
2013-10-30 23:46 |
2013-10-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
259547
|
- |
|
redhat
|
jboss_enterprise_portal_platform
|
AV:A per https://bugzilla.redhat.com/show_bug.cgi?id=963984
|
CWE-287
Improper Authentication
|
CVE-2013-2102
|
2013-10-30 23:46 |
2013-10-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
259548
|
- |
|
andreas_krennmair
|
tpp
|
tpp 1.3.1 allows remote attackers to execute arbitrary commands via a --exec command in a TPP template file.
|
CWE-94
Code Injection
|
CVE-2013-2208
|
2013-10-30 23:39 |
2013-10-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
259549
|
- |
|
openstack redhat
|
folsom grizzly openstack
|
OpenStack Compute (Nova) Folsom, Grizzly, and earlier, when using Apache Qpid for the RPC backend, does not properly handle errors that occur during messaging, which allows remote attackers to cause …
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2013-4261
|
2013-10-30 22:53 |
2013-10-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
259550
|
- |
|
fengoffice
|
feng_office
|
Cross-site scripting (XSS) vulnerability in Feng Office 2.3.2-rc and earlier allows remote attackers to inject arbitrary web script or HTML via an arbitrary ref_XXX parameter.
|
CWE-79
Cross-site Scripting
|
CVE-2013-5744
|
2013-10-30 06:04 |
2013-10-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|