|
290221
|
- |
|
qualcomm
motorola
|
msm8960
android
atrix_hd
razr_hd
razr_m
|
The TrustZone kernel, when used in conjunction with a certain Motorola build of Android 4.1.2, on Motorola Razr HD, Razr M, and Atrix HD devices with the Qualcomm MSM8960 chipset does not verify the …
|
CWE-16
Configuration
|
CVE-2013-3051
|
2024-11-21 10:52 |
2013-04-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290222
|
- |
|
zapms
|
zapms
|
SQL injection vulnerability in ZAPms 1.41 and earlier allows remote attackers to execute arbitrary SQL commands via the pid parameter to product.
|
CWE-89
SQL Injection
|
CVE-2013-3050
|
2024-11-21 10:52 |
2013-04-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290223
|
- |
|
cisco
|
ios_xe
asr_1001
asr_1002
asr_1002-x
asr_1002_fixed_router
asr_1004
asr_1006
asr_1013
asr_1023_router
|
Cisco IOS XE 3.4 before 3.4.5S, and 3.5 through 3.7 before 3.7.1S, on 1000 series Aggregation Services Routers (ASR) does not properly implement the Cisco Multicast Leaf Recycle Elimination (MLRE) fe…
|
CWE-20
Improper Input Validation
|
CVE-2013-2779
|
2024-11-21 10:52 |
2013-04-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290224
|
- |
|
splunk
|
splunk
|
Cross-site scripting (XSS) vulnerability in Splunk Web in Splunk 4.3.0 through 4.3.5 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
|
CWE-79
Cross-site Scripting
|
CVE-2013-2766
|
2024-11-21 10:52 |
2013-04-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290225
|
- |
|
puppetlabs
puppet
|
puppet
puppet_enterprise
|
Puppet Labs Puppet Enterprise before 2.8.0 does not use a "randomized secret" in the CAS client config file (cas_client_config.yml) when upgrading from older 1.2.x or 2.0.x versions, which allows rem…
|
CWE-310
Cryptographic Issues
|
CVE-2013-2716
|
2024-11-21 10:52 |
2013-04-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290226
|
- |
|
chatelao
|
php_address_book
|
Cross-site request forgery (CSRF) vulnerability in addressbook/register/delete_user.php in PHP Address Book 8.2.5 allows remote attackers to hijack the authentication of administrators for requests t…
|
CWE-352
Origin Validation Error
|
CVE-2013-2778
|
2024-11-21 10:52 |
2013-04-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290227
|
- |
|
apple
todd_miller
|
mac_os_x
sudo
|
sudo before 1.7.10p5 and 1.8.x before 1.8.6p6, when the tty_tickets option is enabled, does not properly validate the controlling terminal device, which allows local users with sudo permissions to hi…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2013-2777
|
2024-11-21 10:52 |
2013-04-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290228
|
- |
|
todd_miller
apple
|
sudo
mac_os_x
|
sudo 1.3.5 through 1.7.10p5 and 1.8.0 through 1.8.6p6, when running on systems without /proc or the sysctl function with the tty_tickets option enabled, does not properly validate the controlling ter…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2013-2776
|
2024-11-21 10:52 |
2013-04-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290229
|
- |
|
novell
|
kanaka
|
The installation functionality in the Novell Kanaka component before 2.8 for Novell Open Enterprise Server (OES) on Mac OS X does not verify the server's X.509 certificate during an SSL session, whic…
|
CWE-20
Improper Input Validation
|
CVE-2013-2770
|
2024-11-21 10:52 |
2013-04-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290230
|
- |
|
schneider-electric
|
magelis_xbt_hmi
|
The Schneider Electric Magelis XBT HMI controller has a default password for authentication of configuration uploads, which makes it easier for remote attackers to bypass intended access restrictions…
|
CWE-255
CWE-352
Credentials Management
Origin Validation Error
|
CVE-2013-2762
|
2024-11-21 10:52 |
2013-04-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
