261301
|
- |
|
kay_framework_project openid redhat
|
kay_framework openid4java jboss_enterprise_application_platform
|
message/ax/AxMessage.java in OpenID4Java before 0.9.6 final, as used in JBoss Enterprise Application Platform 5.1 before 5.1.2, Step2, Kay Framework before 1.0.2, and possibly other products does not…
|
CWE-20
Improper Input Validation
|
CVE-2011-4314
|
2013-02-15 13:50 |
2012-01-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
261302
|
- |
|
cybozu
|
garoon
|
Cross-site scripting (XSS) vulnerability in Cybozu Garoon 2.0.0 through 3.5.3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
|
CWE-79
Cross-site Scripting
|
CVE-2013-0702
|
2013-02-15 03:07 |
2013-02-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
261303
|
- |
|
cybozu
|
garoon
|
SQL injection vulnerability in Cybozu Garoon 2.5.0 through 3.5.3 allows remote authenticated users to execute arbitrary SQL commands by leveraging a logging privilege.
|
CWE-89
SQL Injection
|
CVE-2013-0701
|
2013-02-14 21:11 |
2013-02-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
261304
|
- |
|
cisco
|
ios
|
The HTTP server in Cisco IOS on Catalyst switches does not properly handle TCP socket events, which allows remote attackers to cause a denial of service (device crash) via crafted packets on TCP port…
|
CWE-399
Resource Management Errors
|
CVE-2013-1100
|
2013-02-14 14:00 |
2013-02-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
261305
|
- |
|
cisco
|
ata_187_analog_telephone_adaptor_firmware ata_187_analog_telephone_adaptor
|
The Cisco ATA 187 Analog Telephone Adaptor with firmware 9.2.1.0 and 9.2.3.1 before ES build 4 does not properly implement access control, which allows remote attackers to execute operating-system co…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2013-1111
|
2013-02-14 14:00 |
2013-02-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
261306
|
- |
|
cisco
|
unity_express_software
|
Multiple cross-site scripting (XSS) vulnerabilities in Cisco Unity Express before 8.0 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors, aka Bug ID CSCud87527.
|
CWE-79
Cross-site Scripting
|
CVE-2013-1114
|
2013-02-14 14:00 |
2013-02-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
261307
|
- |
|
cisco
|
small_business_wireless_access_ppoints
|
Cisco Small Business Wireless Access Points WAP200, WAP2000, WAP200E, and WET200 allow remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted SSID that …
|
NVD-CWE-noinfo
|
CVE-2013-1131
|
2013-02-14 14:00 |
2013-02-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
261308
|
- |
|
cisco
|
ios ios_xe ios_xr
|
The BGP implementation in Cisco IOS 15.2, IOS XE 3.5.xS before 3.5.2S, and IOS XR 4.1.0 through 4.2.2 allows remote attackers to cause a denial of service (multiple connection resets) by leveraging a…
|
CWE-20
Improper Input Validation
|
CVE-2012-4617
|
2013-02-14 13:56 |
2012-09-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
261309
|
- |
|
cisco
|
ios
|
The Device Sensor feature in Cisco IOS 15.0 through 15.2 allows remote attackers to cause a denial of service (device reload) via a DHCP packet, aka Bug ID CSCty96049.
|
CWE-399
Resource Management Errors
|
CVE-2012-4621
|
2013-02-14 13:56 |
2012-09-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
261310
|
- |
|
symantec
|
pgp_universal_server
|
Symantec PGP Universal Server 3.2.x before 3.2.1 MP2 does not properly manage sessions that include key search requests, which might allow remote attackers to read a private key in opportunistic circ…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2012-3582
|
2013-02-14 13:55 |
2012-09-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|