|
291611
|
- |
|
bitrix
|
bitrix_e-store_module
|
The Bitrix e-Store module before 14.0.1 for Bitrix Site Manager uses sequential values for the BITRIX_SM_SALE_UID cookie, which makes it easier for remote attackers to guess the cookie value and bypa…
|
CWE-287
Improper Authentication
|
CVE-2013-6788
|
2024-11-21 10:59 |
2014-05-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291612
|
- |
|
ibm
|
tivoli_storage_flashcopy_manager
|
The FlashCopy Manager for VMware component in IBM Tivoli Storage FlashCopy Manager 3.1 through 4.1.0.1 does not properly check authorization for backup and restore operations, which allows local user…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2013-6714
|
2024-11-21 10:59 |
2014-05-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291613
|
- |
|
ibm
|
tivoli_storage_manager_for_virtual_environments
|
The Data Protection for VMware component in IBM Tivoli Storage Manager for Virtual Environments (TSMVE) 6.3 through 7.1.0.2 does not properly check authorization for backup and restore operations, wh…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2013-6713
|
2024-11-21 10:59 |
2014-05-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291614
|
- |
|
ibm
|
maximo_asset_management
change_and_configuration_management_database
tivoli_asset_management_for_it
tivoli_it_asset_management_for_it
tivoli_service_request_manager
maximo_service_desk…
|
IBM Maximo Asset Management 7.x before 7.1.1.7 LAFIX.20140319-0837 and 7.5.x before 7.5.0.5 IFIX006; SmartCloud Control Desk 7.x before 7.5.0.3 and 7.5.1.x before 7.5.1.2; and Tivoli IT Asset Managem…
|
CWE-200
Information Exposure
|
CVE-2013-6741
|
2024-11-21 10:59 |
2014-05-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291615
|
- |
|
opentext
|
exceed_ondemand
|
The client in OpenText Exceed OnDemand (EoD) 8 supports anonymous ciphers by default, which allows man-in-the-middle attackers to bypass server certificate validation, redirect a connection, and obta…
|
CWE-310
Cryptographic Issues
|
CVE-2013-6807
|
2024-11-21 10:59 |
2014-05-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291616
|
- |
|
opentext
|
exceed_ondemand
|
OpenText Exceed OnDemand (EoD) 8 allows man-in-the-middle attackers to disable bidirectional authentication and obtain sensitive information via a crafted string in a response, which triggers a downg…
|
CWE-287
Improper Authentication
|
CVE-2013-6806
|
2024-11-21 10:59 |
2014-05-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291617
|
- |
|
opentext
|
exceed_ondemand
|
OpenText Exceed OnDemand (EoD) 8 uses weak encryption for passwords, which makes it easier for (1) remote attackers to discover credentials by sniffing the network or (2) local users to discover cred…
|
CWE-310
Cryptographic Issues
|
CVE-2013-6805
|
2024-11-21 10:59 |
2014-05-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291618
|
- |
|
openvas
|
openvas_administrator
|
OpenVAS Administrator 1.2 before 1.2.2 and 1.3 before 1.3.2 allows remote attackers to bypass the OAP authentication restrictions and execute OAP commands via a crafted OAP request for version inform…
|
CWE-287
Improper Authentication
|
CVE-2013-6766
|
2024-11-21 10:59 |
2014-05-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291619
|
- |
|
openvas
|
openvas_manager
|
OpenVAS Manager 3.0 before 3.0.7 and 4.0 before 4.0.4 allows remote attackers to bypass the OMP authentication restrictions and execute OMP commands via a crafted OMP request for version information,…
|
CWE-287
Improper Authentication
|
CVE-2013-6765
|
2024-11-21 10:59 |
2014-05-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291620
|
- |
|
unrealircd
|
unrealircd
|
Use-after-free vulnerability in UnrealIRCd 3.2.10 before 3.2.10.2 allows remote attackers to cause a denial of service (crash) via unspecified vectors. NOTE: this identifier was SPLIT per ADT2 due t…
|
CWE-399
Resource Management Errors
|
CVE-2013-6413
|
2024-11-21 10:59 |
2014-05-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
