|
290121
|
- |
|
ibm
|
lotus_sametime
|
The Enterprise Meeting Server in IBM Lotus Sametime 8.5.2 and 8.5.2.1 allows remote authenticated users to spoof the origin of chat messages, or compose anonymous chat messages, by leveraging meeting…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2013-3044
|
2024-11-21 10:52 |
2013-11-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290122
|
- |
|
andrew_simpson
|
webcollab
|
CRLF injection vulnerability in help/help_language.php in WebCollab 3.30 and earlier allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via the item …
|
CWE-79
Cross-site Scripting
|
CVE-2013-2652
|
2024-11-21 10:52 |
2013-11-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290123
|
- |
|
linksalpha
|
social_sharing_toolkit_plugin
|
Cross-site request forgery (CSRF) vulnerability in the Social Sharing Toolkit plugin 2.1.1 for WordPress allows remote attackers to hijack the authentication of administrators for requests that manip…
|
CWE-352
Origin Validation Error
|
CVE-2013-2701
|
2024-11-21 10:52 |
2013-11-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290124
|
- |
|
boltwire
|
boltwire
|
Multiple cross-site scripting (XSS) vulnerabilities in BoltWire 3.5 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) "p" or (2) content parameter to index.php.
|
CWE-79
Cross-site Scripting
|
CVE-2013-2651
|
2024-11-21 10:52 |
2013-10-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290125
|
- |
|
ibm
|
rational_focal_point
|
Multiple cross-site scripting (XSS) vulnerabilities in IBM Rational Focal Point 6.5.x and 6.6.x before 6.6.0.1 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors.
|
CWE-79
Cross-site Scripting
|
CVE-2013-3025
|
2024-11-21 10:52 |
2013-10-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290126
|
- |
|
google
|
chrome
|
Multiple unspecified vulnerabilities in Google Chrome before 30.0.1599.101 allow attackers to cause a denial of service or possibly have other impact via unknown vectors.
|
NVD-CWE-noinfo
|
CVE-2013-2928
|
2024-11-21 10:52 |
2013-10-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290127
|
- |
|
debian
opensuse
google
|
debian_linux
opensuse
chrome
|
Use-after-free vulnerability in the HTMLFormElement::prepareForSubmission function in core/html/HTMLFormElement.cpp in Blink, as used in Google Chrome before 30.0.1599.101, allows remote attackers to…
|
CWE-399
Resource Management Errors
|
CVE-2013-2927
|
2024-11-21 10:52 |
2013-10-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290128
|
- |
|
google
|
chrome
|
Use-after-free vulnerability in the IndentOutdentCommand::tryIndentingAsListItem function in core/editing/IndentOutdentCommand.cpp in Blink, as used in Google Chrome before 30.0.1599.101, allows user…
|
CWE-399
Resource Management Errors
|
CVE-2013-2926
|
2024-11-21 10:52 |
2013-10-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290129
|
- |
|
google
|
chrome
|
Use-after-free vulnerability in core/xml/XMLHttpRequest.cpp in Blink, as used in Google Chrome before 30.0.1599.101, allows remote attackers to cause a denial of service or possibly have unspecified …
|
CWE-399
Resource Management Errors
|
CVE-2013-2925
|
2024-11-21 10:52 |
2013-10-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290130
|
- |
|
alstom
|
e-terracontrol
|
Alstom e-terracontrol 3.5, 3.6, and 3.7 allows remote attackers to cause a denial of service (infinite loop) via crafted DNP3 packets.
|
CWE-20
Improper Input Validation
|
CVE-2013-2787
|
2024-11-21 10:52 |
2013-10-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
