|
291071
|
- |
|
freebsd
|
freebsd
|
The nullfs implementation in sys/fs/nullfs/null_vnops.c in the kernel in FreeBSD 8.3 through 9.2 allows local users with certain permissions to bypass access restrictions via a hardlink in a nullfs i…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2013-5710
|
2024-11-21 10:57 |
2013-09-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291072
|
- |
|
freebsd
|
freebsd
|
The sendfile system-call implementation in sys/kern/uipc_syscalls.c in the kernel in FreeBSD 9.2-RC1 and 9.2-RC2 does not properly pad transmissions, which allows local users to obtain sensitive info…
|
CWE-200
Information Exposure
|
CVE-2013-5666
|
2024-11-21 10:57 |
2013-09-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291073
|
- |
|
synacor
|
zimbra_collaboration_suite
|
Zimbra Collaboration Suite (ZCS) 6.0.16 and earlier allows man-in-the-middle attackers to obtain access by sniffing the network and replaying the ZM_AUTH_TOKEN token.
|
CWE-287
Improper Authentication
|
CVE-2013-5119
|
2024-11-21 10:57 |
2013-09-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291074
|
- |
|
freebsd
|
freebsd
|
The (1) IPv6 and (2) ATM ioctl request handlers in the kernel in FreeBSD 8.3 through 9.2-STABLE do not validate SIOCSIFADDR, SIOCSIFBRDADDR, SIOCSIFDSTADDR, and SIOCSIFNETMASK requests, which allows …
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2013-5691
|
2024-11-21 10:57 |
2013-09-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291075
|
- |
|
cisco
|
mediasense
|
The web interface in Cisco MediaSense does not properly protect the client-server communication channel, which allows remote attackers to obtain sensitive query string or cookie information via unspe…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2013-5502
|
2024-11-21 10:57 |
2013-09-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291076
|
- |
|
cisco
|
prime_data_center_network_manager
|
Cisco Prime Data Center Network Manager (DCNM) before 6.2(1) allows remote attackers to read arbitrary text files via an XML external entity declaration in conjunction with an entity reference, relat…
|
CWE-200
Information Exposure
|
CVE-2013-5490
|
2024-11-21 10:57 |
2013-09-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291077
|
- |
|
cisco
|
prime_data_center_network_manager
|
DCNM-SAN Server in Cisco Prime Data Center Network Manager (DCNM) before 6.2(1) allows remote attackers to read arbitrary files via unspecified vectors, aka Bug ID CSCue77029.
|
CWE-200
Information Exposure
|
CVE-2013-5487
|
2024-11-21 10:57 |
2013-09-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291078
|
- |
|
cisco
|
prime_data_center_network_manager
|
Directory traversal vulnerability in processImageSave.jsp in DCNM-SAN Server in Cisco Prime Data Center Network Manager (DCNM) before 6.2(1) allows remote attackers to write arbitrary files via the c…
|
CWE-78
OS Command
|
CVE-2013-5486
|
2024-11-21 10:57 |
2013-09-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291079
|
- |
|
glpi-project
|
glpi
|
inc/central.class.php in GLPI before 0.84.2 does not attempt to make install/install.php unavailable after an installation is completed, which allows remote attackers to conduct cross-site request fo…
|
CWE-352
Origin Validation Error
|
CVE-2013-5696
|
2024-11-21 10:57 |
2013-09-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291080
|
- |
|
cisco
|
mediasense
|
Cross-site scripting (XSS) vulnerability in the oraservice page in Cisco MediaSense allows remote attackers to inject arbitrary web script or HTML via an unspecified parameter, aka Bug ID CSCuj23328.
|
CWE-79
Cross-site Scripting
|
CVE-2013-5501
|
2024-11-21 10:57 |
2013-09-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
