260721
|
- |
|
cisco
|
secure_access_control_system
|
Session fixation vulnerability in Cisco Secure Access Control System (ACS) allows remote attackers to hijack web sessions via unspecified vectors, aka Bug ID CSCud95787.
|
CWE-287
Improper Authentication
|
CVE-2013-1200
|
2013-05-16 22:02 |
2013-05-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
260722
|
- |
|
novell
|
imanager
|
Cross-site request forgery (CSRF) vulnerability in Novell iManager 2.7 before SP6 Patch 1 allows remote attackers to hijack the authentication of arbitrary users by leveraging improper request valida…
|
CWE-352
Origin Validation Error
|
CVE-2013-1088
|
2013-05-16 13:00 |
2013-04-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
260723
|
- |
|
cisco
|
unified_communications_manager
|
Cisco Unified Communications Manager (CUCM) does not properly limit the rate of authentication attempts, which allows remote attackers to cause a denial of service (application slowdown) via a series…
|
CWE-287
Improper Authentication
|
CVE-2013-1188
|
2013-05-16 13:00 |
2013-05-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
260724
|
- |
|
cisco
|
webex_social
|
Cross-site scripting (XSS) vulnerability in the portal module in Cisco WebEx Social allows remote authenticated users to inject arbitrary web script or HTML via a javascript: URL in the link field in…
|
CWE-79
Cross-site Scripting
|
CVE-2013-1244
|
2013-05-16 13:00 |
2013-05-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
260725
|
- |
|
cisco
|
webex_social
|
The user-management page in Cisco WebEx Social relies on client-side validation of values in the Screen Name, First Name, Middle Name, Last Name, Email Address, and Job Title fields, which allows rem…
|
CWE-20
Improper Input Validation
|
CVE-2013-1245
|
2013-05-16 13:00 |
2013-05-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
260726
|
- |
|
microsoft
|
malware_protection_engine
|
mpengine.dll in Microsoft Malware Protection Engine before 1.1.9506.0 on x64 platforms allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2013-1346
|
2013-05-15 19:55 |
2013-05-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
260727
|
- |
|
mitsubishi-automation schneider-electric
|
mitsubishi_mx_component citectfacilities citectscada
|
Multiple buffer overflows in ActUWzd.dll 1.0.0.1 in Mitsubishi MX Component 3, as distributed in Citect CitectFacilities 7.10 and CitectScada 7.10r1, allow remote attackers to execute arbitrary code …
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2013-3075
|
2013-05-15 13:00 |
2013-04-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
260728
|
- |
|
schneider-electric
|
kerweb kerwin
|
Multiple cross-site scripting (XSS) vulnerabilities in Schneider Electric Kerweb before 3.0.1 and Kerwin before 6.0.1 allow remote attackers to inject arbitrary web script or HTML via (1) the evtvari…
|
CWE-79
Cross-site Scripting
|
CVE-2012-1990
|
2013-05-15 13:00 |
2012-05-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
260729
|
- |
|
splunk
|
splunk
|
Cross-site scripting (XSS) vulnerability in Splunk Web in Splunk 4.3.0 through 4.3.5 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
|
CWE-79
Cross-site Scripting
|
CVE-2013-2766
|
2013-05-15 12:36 |
2013-04-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
260730
|
- |
|
openstack
|
cinder_folsom compute_\(nova\)_essex compute_\(nova\)_folsom folsom grizzly keystone_essex
|
The XML libraries for Python 3.4, 3.3, 3.2, 3.1, 2.7, and 2.6, as used in OpenStack Keystone Essex, Folsom, and Grizzly; Compute (Nova) Essex and Folsom; Cinder Folsom; Django; and possibly other pro…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2013-1664
|
2013-05-15 12:35 |
2013-04-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|