|
291191
|
9.8 |
CRITICAL
Network
|
vivotek
|
pt7135_firmware
|
A Buffer Overflow vulnerability exists in Vivotek PT7135 IP Camera 0300a and 0400a via a specially crafted packet in the Authorization header field sent to the RTSP service, which could let a remote …
|
CWE-120
Classic Buffer Overflow
|
CVE-2013-1595
|
2024-11-21 10:49 |
2020-01-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291192
|
7.5 |
HIGH
Network
|
vivotek
|
pt7135_firmware
|
An Information Disclosure vulnerability exists via a GET request in Vivotek PT7135 IP Camera 0300a and 0400a due to wireless keys and 3rd party credentials stored in clear text.
|
CWE-200
Information Exposure
|
CVE-2013-1594
|
2024-11-21 10:49 |
2020-01-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291193
|
7.5 |
HIGH
Network
|
sap
|
netweaver
|
A Denial of Service vulnerability exists in the WRITE_C function in the msg_server.exe module in SAP NetWeaver 2004s, 7.01 SR1, 7.02 SP06, and 7.30 SP04 when sending a crafted SAP Message Server pack…
|
CWE-129
Improper Validation of Array Index
|
CVE-2013-1593
|
2024-11-21 10:49 |
2020-01-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291194
|
9.8 |
CRITICAL
Network
|
sap
|
netweaver
|
A Buffer Overflow vulnerability exists in the Message Server service _MsJ2EE_AddStatistics() function when sending specially crafted SAP Message Server packets to remote TCP ports 36NN and/or 39NN in…
|
CWE-120
Classic Buffer Overflow
|
CVE-2013-1592
|
2024-11-21 10:49 |
2020-01-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291195
|
6.1 |
MEDIUM
Network
|
get-simple
|
getsimple_cms
|
Multiple cross-site scripting (XSS) vulnerabilities in GetSimple CMS before 3.2.1 allow remote attackers to inject arbitrary web script or HTML via the (1) id parameter to backup-edit.php; (2) title …
|
CWE-79
Cross-site Scripting
|
CVE-2013-1420
|
2024-11-21 10:49 |
2020-01-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291196
|
6.3 |
MEDIUM
Local
|
debian
canonical
|
lintian
debian_linux
ubuntu_linux
|
Lintian before 2.5.12 allows remote attackers to gather information about the "host" system using crafted symlinks.
|
CWE-59
Link Following
|
CVE-2013-1429
|
2024-11-21 10:49 |
2019-11-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291197
|
6.1 |
MEDIUM
Network
|
mahara
|
mahara
|
Cross-site Scripting (XSS) in Mahara before 1.5.9 and 1.6.x before 1.6.4 allows remote attackers to inject arbitrary web script or HTML via the TinyMCE editor.
|
CWE-79
Cross-site Scripting
|
CVE-2013-1426
|
2024-11-21 10:49 |
2019-11-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291198
|
5.5 |
MEDIUM
Local
|
ldap_git_backup_project
debian
|
ldap_git_backup
debian_linux
|
ldap-git-backup before 1.0.4 exposes password hashes due to incorrect directory permissions.
|
CWE-276
Incorrect Default Permissions
|
CVE-2013-1425
|
2024-11-21 10:49 |
2019-11-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291199
|
7.5 |
HIGH
Network
|
huntcctv
capturecctv
hachi
novuscctv
vsp
|
dvr-04ch_firmware
dvr-04nc_firmware
dvr-08ch_firmware
dvr-08nc_firmware
dvr-16ch_firmware
dr6-704a4h_firmware
dr6-708a4h_firmware
dr6-7316a4h_firmware
dr6-7316a4hl_firmware
Authentication bypass vulnerability in the the web interface in Hunt CCTV, Capture CCTV, Hachi CCTV, NoVus CCTV, and Well-Vision Inc DVR systems allows a remote attacker to retrieve the device config…
|
CWE-287
Improper Authentication
|
CVE-2013-1391
|
2024-11-21 10:49 |
2019-10-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
|
291200
|
9.8 |
CRITICAL
Network
|
neutrinolabs
debian
|
xrdp
debian_linux
|
An issue was discovered in xrdp before 0.9.1. When successfully logging in using RDP into an xrdp session, the file ~/.vnc/sesman_${username}_passwd is created. Its content is the equivalent of the u…
|
CWE-255
Credentials Management
|
CVE-2013-1430
|
2024-11-21 10:49 |
2016-12-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
