|
291261
|
- |
|
opentext
|
exceed_ondemand
|
OpenText Exceed OnDemand (EoD) 8 transmits the session ID in cleartext, which allows remote attackers to perform session fixation attacks by sniffing the network.
|
CWE-310
Cryptographic Issues
|
CVE-2013-6994
|
2024-11-21 11:00 |
2014-05-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291262
|
- |
|
vicidial
|
vicidial
|
VICIDIAL dialer (aka Asterisk GUI client) 2.8-403a, 2.7, 2.7RC1, and earlier has a hardcoded password of donotedit for the (1) VDAD and (2) VDCL users, which makes it easier for remote attackers to o…
|
CWE-255
Credentials Management
|
CVE-2013-7382
|
2024-11-21 11:00 |
2014-05-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291263
|
- |
|
ucdok
|
tomato
|
The admin API in the tomato module before 0.0.6 for Node.js does not properly check the access key when it is set to a string, which allows remote attackers to bypass authentication via a string in t…
|
CWE-287
Improper Authentication
|
CVE-2013-7379
|
2024-11-21 11:00 |
2014-05-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291264
|
- |
|
openx
|
openx
|
Multiple cross-site request forgery (CSRF) vulnerabilities in OpenX 2.8.10, possibly before revision 82710, allow remote attackers to hijack the authentication of administrators, as demonstrated by r…
|
CWE-352
Origin Validation Error
|
CVE-2013-7376
|
2024-11-21 11:00 |
2014-05-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291265
|
- |
|
cristian_gafton
|
pam_userdb
|
The pam_userdb module for Pam uses a case-insensitive method to compare hashed passwords, which makes it easier for attackers to guess the password via a brute force attack.
|
CWE-310
Cryptographic Issues
|
CVE-2013-7041
|
2024-11-21 11:00 |
2014-05-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291266
|
- |
|
redhat
opensuse
|
libvirt
opensuse
|
The qemuMigrationWaitForSpice function in qemu/qemu_migration.c in libvirt before 1.1.3 does not properly enter a monitor when performing seamless SPICE migration, which allows local users to cause a…
|
NVD-CWE-Other
|
CVE-2013-7336
|
2024-11-21 11:00 |
2014-05-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291267
|
- |
|
libpng
|
libpng
|
Multiple integer overflows in libpng before 1.5.14rc03 allow remote attackers to cause a denial of service (crash) via a crafted image to the (1) png_set_sPLT or (2) png_set_text_2 function, which tr…
|
CWE-189
Numeric Errors
|
CVE-2013-7354
|
2024-11-21 11:00 |
2014-05-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291268
|
- |
|
libpng
|
libpng
|
Integer overflow in the png_set_unknown_chunks function in libpng/pngset.c in libpng before 1.5.14beta08 allows context-dependent attackers to cause a denial of service (segmentation fault and crash)…
|
CWE-189
Numeric Errors
|
CVE-2013-7353
|
2024-11-21 11:00 |
2014-05-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291269
|
- |
|
php-fusion
|
php-fusion
|
SQL injection vulnerability in includes/classes/Authenticate.class.php in PHP-Fusion 7.02.01 through 7.02.05 allows remote attackers to execute arbitrary SQL commands via the user ID in a user cookie…
|
CWE-89
SQL Injection
|
CVE-2013-7375
|
2024-11-21 11:00 |
2014-05-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291270
|
- |
|
livezilla
|
livezilla
|
The setCookieValue function in _lib/functions.global.inc.php in LiveZilla before 5.1.2.1 allows remote attackers to execute arbitrary PHP code via a serialized PHP object in a cookie.
|
CWE-94
Code Injection
|
CVE-2013-7034
|
2024-11-21 11:00 |
2014-05-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
