|
292521
|
- |
|
citrix
|
netscaler_application_delivery_controller_firmware
|
Citrix NetScaler Application Delivery Controller (ADC) 9.3.x before 9.3-64.4, 10.0 before 10.0-77.5, and 10.1 before 10.1-118.7 logs user credentials, which allows attackers to obtain sensitive infor…
|
CWE-255
Credentials Management
|
CVE-2013-6940
|
2024-11-21 11:00 |
2014-03-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
292522
|
- |
|
citrix
|
netscaler_application_delivery_controller_firmware
|
Unspecified vulnerability in the Service VM in Citrix NetScaler SDX 9.3 before 9.3-64.4 and 10.0 before 10.0-77.5 and Application Delivery Controller (ADC) 9.3.x before 9.3-64.4, 10.0 before 10.0-77.…
|
NVD-CWE-noinfo
|
CVE-2013-6938
|
2024-11-21 11:00 |
2014-03-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
292523
|
- |
|
nongnu
|
oath_toolkit
|
usersfile.c in liboath in OATH Toolkit before 2.4.1 does not properly handle lines containing an invalid one-time-password (OTP) type and a user name in /etc/users.oath, which causes the wrong line t…
|
CWE-287
Improper Authentication
|
CVE-2013-7322
|
2024-11-21 11:00 |
2014-03-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
292524
|
- |
|
microsoft
|
windows_8.1
windows_8
|
The Microsoft.XMLDOM ActiveX control in Microsoft Windows 8.1 and earlier does not properly detect recursion during entity expansion, which allows remote attackers to cause a denial of service (memor…
|
CWE-399
Resource Management Errors
|
CVE-2013-7332
|
2024-11-21 11:00 |
2014-02-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
292525
|
- |
|
belkin
|
wemo_home_automation_firmware
|
The Belkin WeMo Home Automation firmware before 3949 has a hardcoded GPG key, which makes it easier for remote attackers to spoof firmware updates and execute arbitrary code via crafted signed data.
|
CWE-310
Cryptographic Issues
|
CVE-2013-6952
|
2024-11-21 11:00 |
2014-02-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
292526
|
- |
|
belkin
|
wemo_home_automation_firmware
|
The Belkin WeMo Home Automation firmware before 3949 does not maintain a set of Certification Authority public keys, which allows man-in-the-middle attackers to spoof SSL servers via an arbitrary X.5…
|
CWE-310
Cryptographic Issues
|
CVE-2013-6951
|
2024-11-21 11:00 |
2014-02-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
292527
|
- |
|
belkin
|
wemo_home_automation_firmware
|
The Belkin WeMo Home Automation firmware before 3949 does not use SSL for the distribution feed, which allows man-in-the-middle attackers to install arbitrary firmware by spoofing a distribution serv…
|
CWE-310
Cryptographic Issues
|
CVE-2013-6950
|
2024-11-21 11:00 |
2014-02-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
292528
|
- |
|
belkin
|
wemo_home_automation_firmware
|
The Belkin WeMo Home Automation firmware before 3949 does not properly use the STUN and TURN protocols, which allows remote attackers to hijack connections and possibly have unspecified other impact …
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2013-6949
|
2024-11-21 11:00 |
2014-02-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
292529
|
- |
|
belkin
|
wemo_home_automation_firmware
|
The peerAddresses API in the Belkin WeMo Home Automation firmware before 3949 allows remote attackers to read arbitrary files via an XML document containing an external entity declaration in conjunct…
|
CWE-94
Code Injection
|
CVE-2013-6948
|
2024-11-21 11:00 |
2014-02-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
292530
|
- |
|
php
|
php
|
Multiple integer signedness errors in the gdImageCrop function in ext/gd/gd.c in PHP 5.5.x before 5.5.9 allow remote attackers to cause a denial of service (application crash) or obtain sensitive inf…
|
CWE-189
Numeric Errors
|
CVE-2013-7328
|
2024-11-21 11:00 |
2014-02-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
