259651
|
- |
|
cisco
|
unified_computing_system
|
The fabric-interconnect component in Cisco Unified Computing System (UCS) does not encrypt KVM media traffic, which allows remote attackers to obtain sensitive information, and consequently complete …
|
CWE-200
Information Exposure
|
CVE-2012-4116
|
2013-10-21 22:17 |
2013-10-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
259652
|
- |
|
cisco
|
unified_computing_system
|
The fabric-interconnect KVM module in Cisco Unified Computing System (UCS) does not encrypt video data, which allows man-in-the-middle attackers to watch KVM display content by sniffing the network o…
|
CWE-310
Cryptographic Issues
|
CVE-2012-4114
|
2013-10-21 22:16 |
2013-10-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
259653
|
- |
|
cisco
|
unified_computing_system
|
The fabric-interconnect component in Cisco Unified Computing System (UCS) allows local users to gain privileges and read arbitrary files via crafted command parameters within the command-line interfa…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2012-4113
|
2013-10-21 22:04 |
2013-10-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
259654
|
- |
|
cisco
|
unified_computing_system
|
The Baseboard Management Controller (BMC) in Cisco Unified Computing System (UCS) allows local users to gain privileges and execute arbitrary commands via crafted command parameters within the comman…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2012-4112
|
2013-10-21 21:45 |
2013-10-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
259655
|
- |
|
process-one
|
ejabberd
|
The TLS driver in ejabberd before 2.1.12 supports (1) SSLv2 and (2) weak SSL ciphers, which makes it easier for remote attackers to obtain sensitive information via a brute-force attack.
|
CWE-310
Cryptographic Issues
|
CVE-2013-6169
|
2013-10-19 02:46 |
2013-10-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
259656
|
- |
|
cisco
|
unified_meetingplace unified_meetingplace_web_conferencing
|
Cross-site request forgery (CSRF) vulnerability in the web framework in Cisco Unified MeetingPlace Solution, as used in Unified MeetingPlace Web Conferencing and Unified MeetingPlace, allows remote a…
|
CWE-352
Origin Validation Error
|
CVE-2013-5494
|
2013-10-18 22:51 |
2013-09-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
259657
|
- |
|
cisco
|
unified_communications_domain_manager
|
SQL injection vulnerability in the web framework in Cisco Unified Communications Domain Manager allows remote authenticated users to execute arbitrary SQL commands via a crafted URL, aka Bug ID CSCuh…
|
CWE-89
SQL Injection
|
CVE-2013-5517
|
2013-10-18 04:27 |
2013-10-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
259658
|
- |
|
cisco
|
wireless_lan_controller
|
Cross-site scripting (XSS) vulnerability in the management interface on Cisco Wireless LAN Controller (WLC) devices allows remote attackers to inject arbitrary web script or HTML via a crafted URL, a…
|
CWE-79
Cross-site Scripting
|
CVE-2013-5519
|
2013-10-18 04:19 |
2013-10-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
259659
|
- |
|
cisco
|
video_surveillance_4000_ip_camera video_surveillance_4300e_ip_camera video_surveillance_4500e_ip_camera
|
The analytics page on Cisco Video Surveillance 4000 IP cameras has hardcoded credentials, which allows remote attackers to watch the video feed by leveraging knowledge of the password, aka Bug IDs CS…
|
CWE-255
Credentials Management
|
CVE-2013-5535
|
2013-10-18 04:09 |
2013-10-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
259660
|
- |
|
emc
|
atmos
|
EMC Atmos before 2.1.4 has a blank password for the PostgreSQL account, which allows remote attackers to obtain sensitive administrative information via a database-server connection.
|
CWE-255
Credentials Management
|
CVE-2013-3279
|
2013-10-18 03:30 |
2013-10-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|