260211
|
- |
|
ibm
|
db2
|
IBM DB2 9.1 before FP8 does not require the SETSESSIONUSER privilege for the SET SESSION AUTHORIZATION statement, which has unspecified impact and remote attack vectors.
|
NVD-CWE-noinfo
|
CVE-2009-3473
|
2013-09-11 14:59 |
2009-09-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
260212
|
- |
|
cisco
|
unified_communications_manager
|
Cisco Unified Communications Manager (Unified CM) 7.1(x) before 7.1(5b)su6a does not properly handle errors, which allows remote attackers to cause a denial of service (service disruption) via malfor…
|
CWE-399
Resource Management Errors
|
CVE-2013-3459
|
2013-09-11 12:23 |
2013-08-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
260213
|
- |
|
searchblox
|
searchblox
|
Directory traversal vulnerability in servlet/CreateTemplateServlet in SearchBlox before 7.5 build 1 allows remote attackers to overwrite arbitrary files via a .. (dot dot) in the name parameter.
|
CWE-22
Path Traversal
|
CVE-2013-3598
|
2013-09-11 12:23 |
2013-08-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
260214
|
- |
|
oracle
|
fusion_middleware
|
Unspecified vulnerability in the Oracle Endeca Server component in Oracle Fusion Middleware 7.4.0 and 7.5.1.1 allows remote authenticated users to affect confidentiality and integrity via unknown vec…
|
NVD-CWE-noinfo
|
CVE-2013-3763
|
2013-09-11 12:23 |
2013-07-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
260215
|
- |
|
kingsoft
|
office_2012 writer_2012
|
Stack-based buffer overflow in Kingsoft Writer 2012 8.1.0.3030, as used in Kingsoft Office 2013 before 9.1.0.4256, allows remote attackers to execute arbitrary code via a long font name in a WPS file.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2013-3934
|
2013-09-11 08:05 |
2013-09-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
260216
|
- |
|
apple
|
mac_os_x mac_os_x_server
|
Directory traversal vulnerability in AFP Server in Apple Mac OS X before 10.6.3 allows remote attackers to list a share root's parent directory, and read and modify files in that directory, via unspe…
|
CWE-22
Path Traversal
|
CVE-2010-0533
|
2013-09-11 02:18 |
2010-03-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
260217
|
- |
|
wordpress
|
wordpress
|
WordPress before 3.5.2, when the uploads directory forbids write access, allows remote attackers to obtain sensitive information via an invalid upload request, which reveals the absolute path in an X…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2013-2203
|
2013-09-11 02:12 |
2013-07-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
260218
|
- |
|
wordpress
|
wordpress
|
Multiple cross-site scripting (XSS) vulnerabilities in WordPress before 3.5.2 allow remote attackers to inject arbitrary web script or HTML via vectors involving (1) uploads of media files, (2) editi…
|
CWE-79
Cross-site Scripting
|
CVE-2013-2201
|
2013-09-11 02:03 |
2013-07-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
260219
|
- |
|
twilightcms
|
twilight_cms
|
Cross-site scripting (XSS) vulnerability in Twilight CMS 5.17 and possibly earlier allows remote attackers to inject arbitrary web script or HTML via the PATH_INFO to the gallery/ page.
|
CWE-79
Cross-site Scripting
|
CVE-2013-4899
|
2013-09-10 22:31 |
2013-09-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
260220
|
- |
|
prosoft-technology
|
radiolinx_controlscape
|
ProSoft RadioLinx ControlScape before 6.00.040 uses a deficient PRNG algorithm and seeding strategy for passphrases, which makes it easier for remote attackers to obtain access via a brute-force atta…
|
CWE-310
Cryptographic Issues
|
CVE-2013-2803
|
2013-09-10 04:28 |
2013-09-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|