|
291841
|
- |
|
olat
|
olat
|
Cross-site scripting (XSS) vulnerability in the Calendar module in Olat 7.8.0.1 (b20130821 N1) allows remote attackers to inject arbitrary web script or HTML via the Location field. NOTE: the proven…
|
CWE-79
Cross-site Scripting
|
CVE-2013-6794
|
2024-11-21 10:59 |
2013-11-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291842
|
- |
|
olat
|
olat
|
Multiple cross-site scripting (XSS) vulnerabilities in the Calendar module in Olat 7.8.0.1 (b20130821 N1) allow remote attackers to inject arbitrary web script or HTML via the (1) event name or (2) d…
|
CWE-79
Cross-site Scripting
|
CVE-2013-6793
|
2024-11-21 10:59 |
2013-11-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291843
|
- |
|
yahoo
|
yui
|
Cross-site scripting (XSS) vulnerability in uploader.swf in the Uploader component in Yahoo! YUI 2.5.0 through 2.9.0 allows remote attackers to inject arbitrary web script or HTML via the allowedDoma…
|
CWE-79
Cross-site Scripting
|
CVE-2013-6780
|
2024-11-21 10:59 |
2013-11-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291844
|
- |
|
cisco
|
unified_ip_phone_firmware
unified_ip_phone_8961
unified_ip_phone_9951
unified_ip_phone_9971
|
The firmware on Cisco Unified IP phones 8961, 9951, and 9971 uses weak permissions for memory block devices, which allows local users to gain privileges by mounting a device with a setuid file in its…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2013-6685
|
2024-11-21 10:59 |
2013-11-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291845
|
- |
|
cisco
|
wireless_lan_controller
|
The web framework on Cisco Wireless LAN Controller (WLC) devices does not properly validate configuration parameters, which allows remote authenticated users to cause a denial of service via a crafte…
|
CWE-20
Improper Input Validation
|
CVE-2013-6684
|
2024-11-21 10:59 |
2013-11-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291846
|
- |
|
cisco
|
nx-os
|
The IPv6 implementation in Cisco NX-OS does not properly handle neighbor-table adjacencies, which allows remote attackers to cause a denial of service (NS processing outage) via a series of malformed…
|
CWE-20
Improper Input Validation
|
CVE-2013-6683
|
2024-11-21 10:59 |
2013-11-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291847
|
- |
|
cisco
|
adaptive_security_appliance_software
|
The phone-proxy implementation in Cisco Adaptive Security Appliance (ASA) Software 9.0.3.6 and earlier does not properly validate X.509 certificates, which allows remote attackers to cause a denial o…
|
CWE-20
Improper Input Validation
|
CVE-2013-6682
|
2024-11-21 10:59 |
2013-11-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291848
|
- |
|
google
|
chrome
|
net/socket/ssl_client_socket_nss.cc in the TLS implementation in Google Chrome before 31.0.1650.48 does not ensure that a server's X.509 certificate is the same during renegotiation as it was before …
|
NVD-CWE-noinfo
|
CVE-2013-6628
|
2024-11-21 10:59 |
2013-11-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291849
|
- |
|
google
|
chrome
|
net/http/http_stream_parser.cc in Google Chrome before 31.0.1650.48 does not properly process HTTP Informational (aka 1xx) status codes, which allows remote web servers to cause a denial of service (…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2013-6627
|
2024-11-21 10:59 |
2013-11-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291850
|
- |
|
google
|
chrome
|
The WebContentsImpl::AttachInterstitialPage function in content/browser/web_contents/web_contents_impl.cc in Google Chrome before 31.0.1650.48 does not cancel JavaScript dialogs upon generating an in…
|
NVD-CWE-noinfo
|
CVE-2013-6626
|
2024-11-21 10:59 |
2013-11-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
