260671
|
- |
|
nashtech
|
easy_php_calendar
|
Multiple cross-site scripting (XSS) vulnerabilities in (1) index.php and (2) datePicker.php in Easy PHP Calendar 6.x and 7.x before 7.0.13 allow remote attackers to inject arbitrary web script or HTM…
|
CWE-79
Cross-site Scripting
|
CVE-2013-1955
|
2013-07-29 13:00 |
2013-07-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
260672
|
- |
|
emc
|
avamar_server avamar_server_virtual_edition
|
EMC Avamar Server and Avamar Virtual Edition before 7.0 on Data Store Gen3, Gen4, and Gen4s platforms do not properly determine authorization for calls to Java RMI methods, which allows remote authen…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2013-3274
|
2013-07-29 13:00 |
2013-07-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
260673
|
- |
|
emc
|
avamar_server avamar_server_virtual_edition
|
EMC Avamar Server and Avamar Virtual Edition before 7.0 on Data Store Gen3, Gen4, and Gen4s platforms do not properly restrict use of FRAME elements, which makes it easier for remote attackers to obt…
|
CWE-20
Improper Input Validation
|
CVE-2013-3275
|
2013-07-29 13:00 |
2013-07-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
260674
|
- |
|
autodesk
|
autocad autocad_architecture autocad_civil_3d autocad_ecscad autocad_electrical autocad_lt autocad_map_3d autocad_mechanical autocad_mep autocad_p\&id autocad_plant_…
|
Unspecified vulnerability in Autodesk AutoCAD through 2014, AutoCAD LT through 2014, and DWG TrueView through 2014 allows remote attackers to execute arbitrary code via a crafted DWG file.
|
NVD-CWE-noinfo
|
CVE-2013-3665
|
2013-07-29 13:00 |
2013-07-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
260675
|
- |
|
parallels
|
parallels_plesk_panel parallels_small_business_panel
|
The default configuration of Parallels Plesk Panel 9.0.x and 9.2.x on UNIX, and Small Business Panel 10.x on UNIX, has an improper ScriptAlias directive for phppath, which makes it easier for remote …
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2013-4878
|
2013-07-29 13:00 |
2013-07-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
260676
|
- |
|
autonomy ibm
|
keyview_idol lotus_notes
|
Buffer overflow in the .mdb parser in Autonomy KeyView IDOL, as used in IBM Notes 8.5.x before 8.5.3 FP4, allows remote attackers to execute arbitrary code via a crafted file, aka SPR KLYH92XL3W.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2012-6349
|
2013-07-29 13:00 |
2013-07-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
260677
|
- |
|
asus
|
rt-ac66u_firmware rt-ac66u rt-n66u_firmware rt-n66u rt-n65u_firmware rt-n65u rt-n14u_firmware rt-n14u rt-n16_firmware rt-n16 rt-n56u_firmware rt-n56u dsl-n56u_firm…
|
Multiple unspecified vulnerabilities in the AiCloud feature on the ASUS RT-AC66U, RT-N66U, RT-N65U, RT-N14U, RT-N16, RT-N56U, and DSL-N55U with firmware before 3.0.4.372 have unknown impact and attac…
|
NVD-CWE-noinfo
|
CVE-2013-4937
|
2013-07-26 21:05 |
2013-07-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
260678
|
- |
|
officesip
|
officesip_server
|
OfficeSIP Server 3.1 allows remote attackers to cause a denial of service (daemon crash) via a crafted To header in a SIP INVITE message.
|
CWE-20
Improper Input Validation
|
CVE-2012-1008
|
2013-07-26 15:40 |
2012-02-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
260679
|
- |
|
bestpractical
|
request_tracker
|
Best Practical Solutions RT 3.8.x before 3.8.15 and 4.0.x before 4.0.8, when GnuPG is enabled, allows remote attackers to configure encryption or signing for certain outbound e-mail, and possibly cau…
|
CWE-310
Cryptographic Issues
|
CVE-2012-6579
|
2013-07-26 13:00 |
2013-07-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
260680
|
- |
|
cisco
|
unified_communications_domain_manager
|
Cisco Unified Communications Domain Manager does not properly allocate memory for GET and POST requests, which allows remote authenticated users to cause a denial of service (memory consumption and p…
|
CWE-399
Resource Management Errors
|
CVE-2013-3418
|
2013-07-26 01:52 |
2013-07-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|