|
291081
|
- |
|
cisco
|
mediasense
|
Multiple cross-site scripting (XSS) vulnerabilities in the oraadmin service page in Cisco MediaSense allow remote attackers to inject arbitrary web script or HTML via an unspecified parameter, aka Bu…
|
CWE-79
Cross-site Scripting
|
CVE-2013-5500
|
2024-11-21 10:57 |
2013-09-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291082
|
- |
|
cisco
|
intrusion_prevention_system
|
The authentication manager process in the web framework in Cisco Intrusion Prevention System (IPS) does not properly handle user tokens, which allows remote attackers to cause a denial of service (in…
|
CWE-287
Improper Authentication
|
CVE-2013-5497
|
2024-11-21 10:57 |
2013-09-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291083
|
- |
|
apple
|
iphone_os
|
WebKit in Apple iOS before 7 allows remote attackers to bypass the Same Origin Policy and obtain potentially sensitive information about use of the window.webkitRequestAnimationFrame API via an IFRAM…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2013-5159
|
2024-11-21 10:57 |
2013-09-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291084
|
- |
|
apple
|
iphone_os
|
The Social subsystem in Apple iOS before 7 does not properly restrict access to the cache of Twitter icons, which allows physically proximate attackers to obtain sensitive information about recent Tw…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2013-5158
|
2024-11-21 10:57 |
2013-09-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291085
|
- |
|
apple
|
iphone_os
|
The Twitter subsystem in Apple iOS before 7 does not require API conformity for access to Twitter daemon interfaces, which allows attackers to post Tweets via a crafted app that sends direct requests…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2013-5157
|
2024-11-21 10:57 |
2013-09-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291086
|
- |
|
apple
|
iphone_os
|
The Telephony subsystem in Apple iOS before 7 does not require API conformity for access to telephony-daemon interfaces, which allows attackers to bypass intended restrictions on phone calls via a cr…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2013-5156
|
2024-11-21 10:57 |
2013-09-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291087
|
- |
|
apple
|
iphone_os
|
The Sandbox subsystem in Apple iOS before 7 allows attackers to cause a denial of service (infinite loop) via an application that writes crafted values to /dev/random.
|
CWE-20
Improper Input Validation
|
CVE-2013-5155
|
2024-11-21 10:57 |
2013-09-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291088
|
- |
|
apple
|
iphone_os
|
The Sandbox subsystem in Apple iOS before 7 determines the sandboxing requirement for a #! application on the basis of the script interpreter instead of the script, which allows attackers to bypass i…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2013-5154
|
2024-11-21 10:57 |
2013-09-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291089
|
- |
|
apple
|
iphone_os
|
Springboard in Apple iOS before 7 does not properly manage the lock state in Lost Mode, which allows physically proximate attackers to read notifications via unspecified vectors.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2013-5153
|
2024-11-21 10:57 |
2013-09-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291090
|
- |
|
apple
|
iphone_os
|
Mobile Safari in Apple iOS before 7 allows remote attackers to spoof the URL bar via a crafted web site.
|
CWE-20
Improper Input Validation
|
CVE-2013-5152
|
2024-11-21 10:57 |
2013-09-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
