|
260071
|
- |
|
oracle
|
industry_applications
|
Unspecified vulnerability in the Oracle Health Sciences InForm component in Oracle Industry Applications 4.6 SP0, 4.6 SP0a-c, 4.6 SP1, 4.6 SP1a-c, 4.6 SP2, 4.6 SP2a-c, 5.0 SP0, 5.0 SP0a, 5.0 SP1, 5.0…
|
NVD-CWE-noinfo
|
CVE-2013-5837
|
2013-11-3 12:34 |
2013-10-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260072
|
- |
|
juniper
|
junos
|
Juniper Junos 12.1X44 before 12.1.X44-D20 and 12.1X45 before 12.1X45-D15, when the no-validate option is enabled, does not properly handle configuration validation errors during the config commit pha…
|
CWE-287
Improper Authentication
|
CVE-2013-6012
|
2013-11-3 12:34 |
2013-10-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260073
|
- |
|
gwos
|
groundwork_monitor
|
monarch_scan.cgi in the MONARCH component in GroundWork Monitor Enterprise 6.7.0 allows remote authenticated users to execute arbitrary commands, and consequently obtain sensitive information, by lev…
|
CWE-255
Credentials Management
|
CVE-2013-3502
|
2013-11-3 12:33 |
2013-05-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260074
|
- |
|
f5
|
big-ip_access_policy_manager
|
The access policy logon page (logon.inc) in F5 BIG-IP APM 11.1.0 through 11.2.1 allows remote attackers to conduct clickjacking attacks via unspecified vectors.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2013-5975
|
2013-10-31 12:36 |
2013-10-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260075
|
- |
|
f5
|
big-ip_access_policy_manager
|
Cross-site scripting (XSS) vulnerability in the access policy logout page (logout.inc) in F5 BIG-IP APM 10.1.0 through 10.2.4 and 11.1.0 through 11.3.0 allows remote attackers to inject arbitrary web…
|
CWE-79
Cross-site Scripting
|
CVE-2013-5976
|
2013-10-31 12:36 |
2013-10-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260076
|
- |
|
sap
|
netweaver
|
The Live Update webdynpro application (webdynpro/dispatcher/sap.com/tc~slm~ui_lup/LUP) in SAP NetWeaver 7.31 and earlier allows remote attackers to read arbitrary files and directories via an XML doc…
|
NVD-CWE-noinfo
|
CVE-2013-6244
|
2013-10-31 12:36 |
2013-10-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260077
|
- |
|
polarssl
|
polarssl
|
The x509parse_crt function in x509.h in PolarSSL 1.1.x before 1.1.7 and 1.2.x before 1.2.8 does not properly parse certificate messages during the SSL/TLS handshake, which allows remote attackers to …
|
CWE-20
Improper Input Validation
|
CVE-2013-4623
|
2013-10-31 12:35 |
2013-10-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260078
|
- |
|
apple
|
iphone_os
|
Multiple cross-site scripting (XSS) vulnerabilities in WebKit in Apple iOS before 7 allow user-assisted remote attackers to inject arbitrary web script or HTML via vectors involving a (1) drag-and-dr…
|
CWE-79
Cross-site Scripting
|
CVE-2013-5129
|
2013-10-31 12:35 |
2013-09-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260079
|
- |
|
apple
|
iphone_os
|
Cross-site scripting (XSS) vulnerability in WebKit in Apple iOS before 7 allows remote attackers to inject arbitrary web script or HTML via a crafted URL.
|
CWE-79
Cross-site Scripting
|
CVE-2013-5131
|
2013-10-31 12:35 |
2013-09-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260080
|
- |
|
apple
|
iphone_os
|
IOCatalogue in IOKitUser in Apple iOS before 7 allows attackers to cause a denial of service (NULL pointer dereference and device crash) via a crafted application.
|
NVD-CWE-Other
|
CVE-2013-5138
|
2013-10-31 12:35 |
2013-09-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
