|
290181
|
- |
|
cisco
|
nx-os
|
Directory traversal vulnerability in the command-line interface in Cisco NX-OS 6.2(2a) and earlier allows local users to read arbitrary files via unspecified input, aka Bug ID CSCul05217.
|
CWE-22
Path Traversal
|
CVE-2013-6975
|
2024-11-21 11:00 |
2014-05-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290182
|
- |
|
livezilla
|
livezilla
|
LiveZilla 5.1.2.1 and earlier includes the MD5 hash of the operator password in plaintext in Javascript code that is generated by lz/mobile/chat.php, which allows remote attackers to obtain sensitive…
|
CWE-310
Cryptographic Issues
|
CVE-2013-7385
|
2024-11-21 11:00 |
2014-05-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290183
|
- |
|
unrealircd
|
unrealircd
|
UnrealIRCd 3.2.10 before 3.2.10.2 allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via unspecified vectors, related to SSL. NOTE: this issue was SPLIT from C…
|
NVD-CWE-Other
|
CVE-2013-7384
|
2024-11-21 11:00 |
2014-05-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290184
|
- |
|
apple
python
|
mac_os_x
python
|
Python 2.7 before 3.4 only uses the last eight bits of the prefix to randomize hash values, which causes it to compute hash values without restricting the ability to trigger hash collisions predictab…
|
CWE-310
Cryptographic Issues
|
CVE-2013-7040
|
2024-11-21 11:00 |
2014-05-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290185
|
- |
|
livezilla
|
livezilla
|
LiveZilla before 5.1.2.1 includes the operator password in plaintext in Javascript code that is generated by lz/mobile/chat.php, which might allow remote attackers to obtain sensitive information and…
|
CWE-310
Cryptographic Issues
|
CVE-2013-7033
|
2024-11-21 11:00 |
2014-05-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290186
|
- |
|
opentext
|
exceed_ondemand
|
OpenText Exceed OnDemand (EoD) 8 transmits the session ID in cleartext, which allows remote attackers to perform session fixation attacks by sniffing the network.
|
CWE-310
Cryptographic Issues
|
CVE-2013-6994
|
2024-11-21 11:00 |
2014-05-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290187
|
- |
|
vicidial
|
vicidial
|
VICIDIAL dialer (aka Asterisk GUI client) 2.8-403a, 2.7, 2.7RC1, and earlier has a hardcoded password of donotedit for the (1) VDAD and (2) VDCL users, which makes it easier for remote attackers to o…
|
CWE-255
Credentials Management
|
CVE-2013-7382
|
2024-11-21 11:00 |
2014-05-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290188
|
- |
|
ucdok
|
tomato
|
The admin API in the tomato module before 0.0.6 for Node.js does not properly check the access key when it is set to a string, which allows remote attackers to bypass authentication via a string in t…
|
CWE-287
Improper Authentication
|
CVE-2013-7379
|
2024-11-21 11:00 |
2014-05-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290189
|
- |
|
openx
|
openx
|
Multiple cross-site request forgery (CSRF) vulnerabilities in OpenX 2.8.10, possibly before revision 82710, allow remote attackers to hijack the authentication of administrators, as demonstrated by r…
|
CWE-352
Origin Validation Error
|
CVE-2013-7376
|
2024-11-21 11:00 |
2014-05-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290190
|
- |
|
cristian_gafton
|
pam_userdb
|
The pam_userdb module for Pam uses a case-insensitive method to compare hashed passwords, which makes it easier for attackers to guess the password via a brute force attack.
|
CWE-310
Cryptographic Issues
|
CVE-2013-7041
|
2024-11-21 11:00 |
2014-05-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
