|
257461
|
- |
|
belkin
|
f5d8236-4_v2
|
Cross-site request forgery (CSRF) vulnerability in cgi-bin/system_setting.exe in Belkin F5D8236-4 v2 allows remote attackers to hijack the authentication of administrators for requests that open the …
|
CWE-352
Origin Validation Error
|
CVE-2013-3083
|
2014-10-1 10:04 |
2014-09-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257462
|
- |
|
belkin
|
n300_firmware
n300
|
The Belkin N300 (F7D7301v1) router allows remote attackers to bypass authentication and gain privileges via vectors related to incorrect validation of the HTTP Authorization header.
|
CWE-287
Improper Authentication
|
CVE-2013-3092
|
2014-10-1 10:01 |
2014-09-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257463
|
- |
|
belkin
|
n900_firmware
n900
|
Cross-site request forgery (CSRF) vulnerability in util_system.html in Belkin N900 router allows remote attackers to hijack the authentication of administrators for requests that change configuration…
|
CWE-352
Origin Validation Error
|
CVE-2013-3086
|
2014-10-1 10:00 |
2014-09-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257464
|
- |
|
belkin
|
n300_firmware
n300
|
Cross-site request forgery (CSRF) vulnerability in apply.cgi in Belkin N300 (F7D7301v1) router allows remote attackers to hijack the authentication of administrators for requests that modify configur…
|
CWE-352
Origin Validation Error
|
CVE-2013-3089
|
2014-10-1 09:59 |
2014-09-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257465
|
- |
|
juniper
|
juniper_installer_service_client
junos_pulse_client
|
Juniper Installer Service (JIS) Client 7.x before 7.4R6 for Windows and Junos Pulse Client before 4.0R6 allows local users to gain privileges via unspecified vectors.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2014-3811
|
2014-10-1 03:26 |
2014-09-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257466
|
- |
|
linksys
|
ea6500_firmware
ea6500
|
Cross-site scripting (XSS) vulnerability in the Parental Controls section in Linksys EA6500 with firmware 1.1.28.147876 allows remote authenticated users to inject arbitrary web script or HTML via ve…
|
CWE-79
Cross-site Scripting
|
CVE-2013-3065
|
2014-10-1 03:25 |
2014-09-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257467
|
- |
|
linksys
|
ea6500_firmware
ea6500
|
Linksys EA6500 with firmware 1.1.28.147876 does not properly restrict access, which allows remote attackers to obtain sensitive information (clients and router configuration) via a request to /JNAP/.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2013-3066
|
2014-10-1 03:25 |
2014-09-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257468
|
- |
|
linksys
|
ea6500_firmware
ea6500
|
Open redirect vulnerability in ui/dynamic/unsecured.html in Linksys EA6500 with firmware 1.1.28.147876 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks vi…
|
NVD-CWE-Other
|
CVE-2013-3064
|
2014-10-1 03:23 |
2014-09-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257469
|
- |
|
linksys
|
ea6500_firmware
ea6500
|
<a href = "http://cwe.mitre.org/data/definitions/601.html"> CWE-601: URL Redirection to Untrusted Site ('Open Redirect') </a>
|
NVD-CWE-Other
|
CVE-2013-3064
|
2014-10-1 03:23 |
2014-09-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257470
|
- |
|
sleuthkit
|
the_sleuth_kit
|
The Sleuth Kit (TSK) 4.0.1 does not properly handle "." (dotfile) file system entries in FAT file systems and other file systems for which . is not a reserved name, which allows local users to hide a…
|
CWE-20
Improper Input Validation
|
CVE-2012-5619
|
2014-10-1 02:47 |
2014-09-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
