|
291221
|
- |
|
attachmate
|
verastream_host_integrator
|
Directory traversal vulnerability in the Session Server in Attachmate Verastream Host Integrator (VHI) 6.0 through 7.5 SP 1 HF 1 allows remote attackers to upload and execute arbitrary files via a cr…
|
CWE-22
Path Traversal
|
CVE-2013-3626
|
2024-11-21 10:54 |
2013-11-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291222
|
- |
|
openafs
debian
|
openafs
debian_linux
|
The vos command in OpenAFS 1.6.x before 1.6.5, when using the -encrypt option, only enables integrity protection and sends data in cleartext, which allows remote attackers to obtain sensitive informa…
|
CWE-310
Cryptographic Issues
|
CVE-2013-4135
|
2024-11-21 10:54 |
2013-11-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291223
|
- |
|
openafs
debian
|
openafs
debian_linux
|
OpenAFS before 1.4.15, 1.6.x before 1.6.5, and 1.7.x before 1.7.26 uses weak encryption (DES) for Kerberos keys, which makes it easier for remote attackers to obtain the service key.
|
CWE-310
Cryptographic Issues
|
CVE-2013-4134
|
2024-11-21 10:54 |
2013-11-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291224
|
- |
|
nas4free
|
nas4free
|
NAS4Free 9.1.0.1.804 and earlier allows remote authenticated users to execute arbitrary PHP code via a request to exec.php, aka the "Advanced | Execute Command" feature. NOTE: this issue might not b…
|
CWE-94
Code Injection
|
CVE-2013-3631
|
2024-11-21 10:54 |
2013-11-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291225
|
- |
|
moodle
|
moodle
|
Moodle through 2.5.2 allows remote authenticated administrators to execute arbitrary programs by configuring the aspell pathname and then triggering a spell-check operation within the TinyMCE editor.
|
CWE-94
Code Injection
|
CVE-2013-3630
|
2024-11-21 10:54 |
2013-11-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291226
|
- |
|
novell
|
libzypp
|
The RPM GPG key import and handling feature in libzypp 12.15.0 and earlier reports a different key fingerprint than the one used to sign a repository when multiple key blobs are used, which might all…
|
CWE-310
Cryptographic Issues
|
CVE-2013-3704
|
2024-11-21 10:54 |
2013-10-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291227
|
- |
|
cmu
|
cyrus-sasl
|
Cyrus SASL 2.1.23, 2.1.26, and earlier does not properly handle when a NULL value is returned upon an error by the crypt function as implemented in glibc 2.17 and later, which allows remote attackers…
|
CWE-189
Numeric Errors
|
CVE-2013-4122
|
2024-11-21 10:54 |
2013-10-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291228
|
- |
|
ibm
|
security_appscan
|
IBM Security AppScan Enterprise 8.x before 8.8 sends a cleartext AppScan Source database password in a response, which allows remote authenticated users to obtain sensitive information, and subsequen…
|
CWE-310
Cryptographic Issues
|
CVE-2013-3989
|
2024-11-21 10:54 |
2013-10-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291229
|
- |
|
sun
|
sunos
|
Unspecified vulnerability Oracle Solaris 10 allows local users to affect confidentiality via vectors related to Oracle Configuration Manager (OCM).
|
NVD-CWE-noinfo
|
CVE-2013-3842
|
2024-11-21 10:54 |
2013-10-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291230
|
- |
|
oracle
|
siebel_crm
|
Unspecified vulnerability in the Siebel Core - EAI component in Oracle Siebel CRM 8.1.1 and 8.2.2 allows remote attackers to affect confidentiality via unknown vectors related to Web Services.
|
NVD-CWE-noinfo
|
CVE-2013-3841
|
2024-11-21 10:54 |
2013-10-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
