|
290111
|
- |
|
linux
|
linux_kernel
|
The fib6_add_rt2node function in net/ipv6/ip6_fib.c in the IPv6 stack in the Linux kernel through 3.10.1 does not properly handle Router Advertisement (RA) messages in certain circumstances involving…
|
CWE-399
Resource Management Errors
|
CVE-2013-4125
|
2024-11-21 10:54 |
2013-07-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290112
|
- |
|
php
|
php
|
ext/xml/xml.c in PHP before 5.3.27 does not properly consider parsing depth, which allows remote attackers to cause a denial of service (heap memory corruption) or possibly have unspecified other imp…
|
CWE-787
Out-of-bounds Write
|
CVE-2013-4113
|
2024-11-21 10:54 |
2013-07-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290113
|
- |
|
blackberry
|
blackberry_os
z10
|
BlackBerry 10 OS before 10.0.10.648 on BlackBerry Z10 smartphones uses weak permissions for a BlackBerry Protect object, which allows physically proximate attackers to bypass intended access restrict…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2013-3692
|
2024-11-21 10:54 |
2013-07-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290114
|
- |
|
sharp
|
aquos_hn-pp150_firmware
aquos_hn-pp150
|
The Sharp AQUOS PhotoPlayer HN-PP150 with firmware before 1.04.00.04 allows remote attackers to cause a denial of service (networking outage) via crafted packet data.
|
NVD-CWE-noinfo
|
CVE-2013-3655
|
2024-11-21 10:54 |
2013-07-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290115
|
- |
|
phpmyadmin
|
phpmyadmin
|
Cross-site scripting (XSS) vulnerability in view_create.php (aka the Create View page) in phpMyAdmin 4.x before 4.0.3 allows remote authenticated users to inject arbitrary web script or HTML via an i…
|
CWE-79
Cross-site Scripting
|
CVE-2013-3742
|
2024-11-21 10:54 |
2013-07-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290116
|
- |
|
atlassian
|
crowd
|
Atlassian Crowd 2.6.3 allows remote attackers to execute arbitrary commands via unspecified vectors related to a "symmetric backdoor." NOTE: as of 20130704, the vendor could not reproduce the issue,…
|
NVD-CWE-Other
|
CVE-2013-3926
|
2024-11-21 10:54 |
2013-07-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290117
|
- |
|
atlassian
|
crowd
|
Atlassian Crowd 2.5.x before 2.5.4, 2.6.x before 2.6.3, 2.3.8, and 2.4.9 allows remote attackers to read arbitrary files and send HTTP requests to intranet servers via a request to (1) /services/2 or…
|
CWE-20
Improper Input Validation
|
CVE-2013-3925
|
2024-11-21 10:54 |
2013-07-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290118
|
- |
|
lockon
|
ec-cube
|
Multiple cross-site scripting (XSS) vulnerabilities in the RecommendSearch feature in the management screen in LOCKON EC-CUBE before 2.12.5 allow remote attackers to inject arbitrary web script or HT…
|
CWE-79
Cross-site Scripting
|
CVE-2013-3653
|
2024-11-21 10:54 |
2013-07-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290119
|
- |
|
lockon
|
ec-cube
|
Cross-site scripting (XSS) vulnerability in data/class/pages/products/LC_Page_Products_List.php in LOCKON EC-CUBE 2.11.0 through 2.12.4 allows remote attackers to inject arbitrary web script or HTML …
|
CWE-79
Cross-site Scripting
|
CVE-2013-3652
|
2024-11-21 10:54 |
2013-07-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290120
|
- |
|
lockon
|
ec-cube
|
Directory traversal vulnerability in LOCKON EC-CUBE 2.12.0 through 2.12.4 allows remote attackers to read arbitrary image files via vectors related to data/class/SC_CheckError.php and data/class/SC_F…
|
CWE-22
Path Traversal
|
CVE-2013-3654
|
2024-11-21 10:54 |
2013-07-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
