260421
|
- |
|
selinc
|
sel-2241 sel-3505 sel-3530 sel-3530-4
|
Schweitzer Engineering Laboratories (SEL) SEL-2241, SEL-3505, and SEL-3530 RTAC master devices allow physically proximate attackers to cause a denial of service (infinite loop) via crafted input over…
|
CWE-20
Improper Input Validation
|
CVE-2013-2798
|
2013-08-13 05:23 |
2013-08-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
260422
|
- |
|
schneider-electric
|
citectscada powerlogic_scada vijeo_citect
|
Schneider Electric Vijeo Citect 7.20 and earlier, CitectSCADA 7.20 and earlier, and PowerLogic SCADA 7.20 and earlier allow remote attackers to read arbitrary files, send HTTP requests to intranet se…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2013-2796
|
2013-08-13 05:21 |
2013-08-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
260423
|
- |
|
schneider-electric
|
citectscada powerlogic_scada vijeo_citect
|
Per: http://ics-cert.us-cert.gov/advisories/ICSA-13-217-02
"This vulnerability is not exploitable remotely."
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2013-2796
|
2013-08-13 05:21 |
2013-08-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
260424
|
- |
|
selinc
|
sel-2241 sel-3505 sel-3530 sel-3530-4
|
Schweitzer Engineering Laboratories (SEL) SEL-2241, SEL-3505, and SEL-3530 RTAC master devices allow remote attackers to cause a denial of service (infinite loop) via a crafted DNP3 TCP packet.
|
CWE-20
Improper Input Validation
|
CVE-2013-2792
|
2013-08-13 05:00 |
2013-08-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
260425
|
- |
|
moxa
|
oncell_gateway_firmware oncell_gateway_g3111 oncell_gateway_g3151 oncell_gateway_g3211 oncell_gateway_g3251
|
Moxa OnCell Gateway G3111, G3151, G3211, and G3251 devices with firmware before 1.4 do not use a sufficient source of entropy for SSH and SSL keys, which makes it easier for remote attackers to obtai…
|
CWE-310
Cryptographic Issues
|
CVE-2012-3039
|
2013-08-13 04:28 |
2013-08-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
260426
|
- |
|
alkacon
|
opencms
|
Multiple cross-site scripting (XSS) vulnerabilities in Alkacon OpenCms before 8.5.2 allow remote attackers to inject arbitrary web script or HTML via the (1) title parameter to system/workplace/views…
|
CWE-79
Cross-site Scripting
|
CVE-2013-4600
|
2013-08-13 02:45 |
2013-08-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
260427
|
- |
|
cisco
|
telepresence_system_tx9000 telepresence_system_tx9200 telepresence_system_software telepresence_system_1300 telepresence_system_1300-65 telepresence_system_3000 telepresence_system_…
|
Cisco TelePresence System Software 1.10.1 and earlier on 500, 13X0, 1X00, 30X0, and 3X00 devices, and 6.0.3 and earlier on TX 9X00 devices, has a default password for the pwrecovery account, which ma…
|
CWE-255
Credentials Management
|
CVE-2013-3454
|
2013-08-10 02:55 |
2013-08-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
260428
|
- |
|
symantec
|
backup_exec
|
The NDMP protocol implementation in Symantec Backup Exec 2010 R3 before 2010 R3 SP3 and 2012 before SP2 allows remote authenticated users to obtain sensitive host-version information via unspecified …
|
CWE-200
Information Exposure
|
CVE-2013-4678
|
2013-08-9 23:08 |
2013-08-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
260429
|
- |
|
dbmasters
|
db_masters_multimedia_links_directory
|
admin.php in dB Masters Multimedia Links Directory 3.1.3 allows remote attackers to bypass authentication and gain administrative access via a certain value of the admin_log cookie.
|
CWE-287
Improper Authentication
|
CVE-2009-4584
|
2013-08-9 15:17 |
2010-01-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
260430
|
- |
|
oracle
|
database_server
|
Unspecified vulnerability in the Spatial component in Oracle Database 9.2.0.8 and 9.2.0.8DV has unknown impact and remote attack vectors, aka DB06.
|
NVD-CWE-noinfo
|
CVE-2007-5509
|
2013-08-9 14:47 |
2007-10-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|