|
290311
|
- |
|
brocade
|
icx
vyatta
mlx
bigiron_rx
netiron_ces
netiron_xmr
netiron_cer
vdx
adx
fastiron
turboiron
|
The OSPF implementation on Brocade routers does not consider the possibility of duplicate Link State ID values in Link State Advertisement (LSA) packets before performing operations on the LSA databa…
|
CWE-20
Improper Input Validation
|
CVE-2013-7306
|
2024-11-21 11:00 |
2014-01-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290312
|
- |
|
e107
|
e107
|
fpw.php in e107 through 1.0.4 does not check the user_ban field, which makes it easier for remote attackers to reset passwords by sending a pwsubmit request and leveraging access to the e-mail accoun…
|
CWE-255
Credentials Management
|
CVE-2013-7305
|
2024-11-21 11:00 |
2014-01-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290313
|
- |
|
checkpoint
|
endpoint_security_mi_server_r73
|
Check Point Endpoint Security MI Server through R73 3.0.0 HFA2.5 does not configure X.509 certificate validation for client devices, which allows man-in-the-middle attackers to spoof SSL servers by p…
|
CWE-310
Cryptographic Issues
|
CVE-2013-7304
|
2024-11-21 11:00 |
2014-01-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290314
|
- |
|
2glux
|
com_sexypolling
|
SQL injection vulnerability in vote.php in the 2Glux Sexy Polling (com_sexypolling) component before 1.0.9 for Joomla! allows remote attackers to execute arbitrary SQL commands via the answer_id[] pa…
|
CWE-89
SQL Injection
|
CVE-2013-7219
|
2024-11-21 11:00 |
2014-01-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290315
|
- |
|
typo3
|
typo3
|
Cross-site scripting (XSS) vulnerability in the errorAction method in the ActionController base class in the Extbase Framework in TYPO3 4.5.0 through 4.5.31, 4.7.0 through 4.7.16, 6.0.0 through 6.0.1…
|
CWE-79
Cross-site Scripting
|
CVE-2013-7078
|
2024-11-21 11:00 |
2014-01-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290316
|
- |
|
torproject
|
tor
|
Tor before 0.2.4.20, when OpenSSL 1.x is used in conjunction with a certain HardwareAccel setting on Intel Sandy Bridge and Ivy Bridge platforms, does not properly generate random numbers for (1) rel…
|
CWE-310
Cryptographic Issues
|
CVE-2013-7295
|
2024-11-21 11:00 |
2014-01-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290317
|
- |
|
get-simple
|
getsimple_cms
|
Multiple cross-site scripting (XSS) vulnerabilities in GetSimple CMS 3.1.2 and 3.2.3 allow remote attackers to inject arbitrary web script or HTML via the (1) post-menu field to edit.php or (2) Displ…
|
CWE-79
Cross-site Scripting
|
CVE-2013-7243
|
2024-11-21 11:00 |
2014-01-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290318
|
- |
|
conceptronic
|
cipcamptiwl_1.0_firmware
cipcamptiwl
|
Cross-site request forgery (CSRF) vulnerability in set_users.cgi in Conceptronic CIPCAMPTIWL Camera 1.0 with firmware 21.37.2.49 allows remote attackers to hijack the authentication of administrators…
|
CWE-352
Origin Validation Error
|
CVE-2013-7204
|
2024-11-21 11:00 |
2014-01-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290319
|
- |
|
libreswan
|
libreswan
|
The ikev2parent_inI1outR1 function in pluto/ikev2_parent.c in libreswan before 3.7 allows remote attackers to cause a denial of service (restart) via an IKEv2 I1 notification without a KE payload.
|
CWE-20
Improper Input Validation
|
CVE-2013-7294
|
2024-11-21 11:00 |
2014-01-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290320
|
- |
|
asus
|
wl-330nul
|
The ASUS WL-330NUL router has a configuration process that relies on accessing the 192.168.1.1 IP address, but the documentation advises users to instead access a DNS hostname that does not always re…
|
CWE-16
CWE-284
Configuration
Improper Access Control
|
CVE-2013-7293
|
2024-11-21 11:00 |
2014-01-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
