|
290081
|
- |
|
ibm
|
sametime
|
Cross-site scripting (XSS) vulnerability in the Meeting Server in IBM Sametime 8.5.2 through 8.5.2.1 and 9.x through 9.0.0.1 allows remote authenticated users to inject arbitrary web script or HTML v…
|
CWE-79
Cross-site Scripting
|
CVE-2013-6743
|
2024-11-21 10:59 |
2014-02-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290082
|
- |
|
ibm
|
sametime
|
The Meeting Server in IBM Sametime 8.5.2 through 8.5.2.1 and 9.x through 9.0.0.1 do not have an off autocomplete attribute for a password field, which makes it easier for remote attackers to obtain a…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2013-6742
|
2024-11-21 10:59 |
2014-02-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290083
|
- |
|
ibm
|
websphere_portal
|
Unrestricted file upload vulnerability in the Registration/Edit My Profile portlet in IBM WebSphere Portal 7.x before 7.0.0.2 CF27 and 8.x through 8.0.0.1 CF09 allows remote attackers to cause a deni…
|
NVD-CWE-Other
|
CVE-2013-6722
|
2024-11-21 10:59 |
2014-02-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290084
|
- |
|
ibm
|
websphere_dashboard_framework
|
The charting component in IBM WebSphere Dashboard Framework (WDF) 6.1.5 and 7.0.1 allows remote attackers to view or delete image files by leveraging incorrect security constraints for a temporary di…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2013-6728
|
2024-11-21 10:59 |
2014-02-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290085
|
- |
|
ibm
|
algo_one
|
Unrestricted file upload vulnerability in IBM Algo One UDS 4.7.0 through 5.0.0 allows remote authenticated users to execute arbitrary code by uploading a .jsp file and then launching it.
|
NVD-CWE-Other
|
CVE-2013-6332
|
2024-11-21 10:59 |
2014-02-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290086
|
- |
|
pyyaml
canonical
redhat
debian
opensuse
|
libyaml
ubuntu_linux
openstack
debian_linux
opensuse
leap
|
The yaml_parser_scan_tag_uri function in scanner.c in LibYAML before 0.1.5 performs an incorrect cast, which allows remote attackers to cause a denial of service (application crash) and possibly exec…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2013-6393
|
2024-11-21 10:59 |
2014-02-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290087
|
- |
|
pidgin
|
pidgin
|
The SIMPLE protocol functionality in Pidgin before 2.10.8 allows remote attackers to have an unspecified impact via a negative Content-Length header, which triggers a buffer overflow.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2013-6490
|
2024-11-21 10:59 |
2014-02-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290088
|
- |
|
pidgin
|
pidgin
|
Integer signedness error in the MXit functionality in Pidgin before 2.10.8 allows remote attackers to cause a denial of service (segmentation fault) via a crafted emoticon value, which triggers an in…
|
CWE-189
Numeric Errors
|
CVE-2013-6489
|
2024-11-21 10:59 |
2014-02-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290089
|
- |
|
pidgin
|
pidgin
|
Integer overflow in libpurple/protocols/gg/lib/http.c in the Gadu-Gadu (gg) parser in Pidgin before 2.10.8 allows remote attackers to have an unspecified impact via a large Content-Length value, whic…
|
CWE-189
Numeric Errors
|
CVE-2013-6487
|
2024-11-21 10:59 |
2014-02-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290090
|
- |
|
pidgin
|
pidgin
|
Pidgin before 2.10.8 allows remote MSN servers to cause a denial of service (NULL pointer dereference and crash) via a crafted (1) SOAP response, (2) OIM XML response, or (3) Content-Length header.
|
CWE-20
Improper Input Validation
|
CVE-2013-6482
|
2024-11-21 10:59 |
2014-02-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
