|
293801
|
- |
|
openstack
|
ceilometer
|
(1) impl_db2.py and (2) impl_mongodb.py in OpenStack Ceilometer 2013.2 and earlier, when the logging level is set to INFO, logs the connection string from ceilometer.conf, which allows local users to…
|
CWE-532
Inclusion of Sensitive Information in Log Files
|
CVE-2013-6384
|
2024-11-21 10:59 |
2013-11-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
293802
|
- |
|
openstack
opensuse
canonical
|
horizon
opensuse
ubuntu_linux
|
Multiple cross-site scripting (XSS) vulnerabilities in OpenStack Dashboard (Horizon) 2013.2 and earlier allow local users to inject arbitrary web script or HTML via an instance name to (1) "Volumes" …
|
CWE-79
Cross-site Scripting
|
CVE-2013-6858
|
2024-11-21 10:59 |
2013-11-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
293803
|
- |
|
xen
opensuse
|
xen
opensuse
|
Xen 4.2.x and 4.3.x, when using Intel VT-d for PCI passthrough, does not properly flush the TLB after clearing a present translation table entry, which allows local guest administrators to cause a de…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2013-6375
|
2024-11-21 10:59 |
2013-11-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
293804
|
- |
|
tweet-blender
|
tweet-blender
|
Cross-site scripting (XSS) vulnerability in the Tweet Blender plugin before 4.0.2 for WordPress allows remote attackers to inject arbitrary web script or HTML via the tb_tab_index parameter to wp-adm…
|
CWE-79
Cross-site Scripting
|
CVE-2013-6342
|
2024-11-21 10:59 |
2013-11-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
293805
|
- |
|
cisco
|
wireless_lan_controller
|
The Control and Provisioning of Wireless Access Points (CAPWAP) protocol implementation on Cisco Wireless LAN Controller (WLC) devices allows remote attackers to cause a denial of service via a craft…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2013-6699
|
2024-11-21 10:59 |
2013-11-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
293806
|
- |
|
cisco
|
wireless_lan_controller
|
The web interface on Cisco Wireless LAN Controller (WLC) devices does not properly restrict use of IFRAME elements, which makes it easier for remote attackers to conduct clickjacking attacks and unsp…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2013-6698
|
2024-11-21 10:59 |
2013-11-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
293807
|
- |
|
cisco
|
ios
|
The IPSec implementation in Cisco IOS allows remote attackers to cause a denial of service (MTU change and tunnel-session drop) via crafted ICMP packets, aka Bug ID CSCul29918.
|
CWE-20
Improper Input Validation
|
CVE-2013-6694
|
2024-11-21 10:59 |
2013-11-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
293808
|
- |
|
hp
|
2620-24-poe\+_switch
|
Cross-site request forgery (CSRF) vulnerability in html/json.html on HP 2620 switches allows remote attackers to hijack the authentication of administrators for requests that change an administrative…
|
CWE-352
Origin Validation Error
|
CVE-2013-6852
|
2024-11-21 10:59 |
2013-11-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
293809
|
- |
|
cisco
|
ios
7600_router
|
The MLDP implementation in Cisco IOS 15.3(3)S and earlier on 7600 routers, when many VRFs are configured, allows remote attackers to cause a denial of service (chunk corruption and device reload) by …
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2013-6693
|
2024-11-21 10:59 |
2013-11-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
293810
|
- |
|
cisco
|
ios_xe
|
Cisco IOS XE 3.8S(.2) and earlier does not properly use a DHCP pool during assignment of an IP address, which allows remote authenticated users to cause a denial of service (device reload) via an AAA…
|
CWE-399
Resource Management Errors
|
CVE-2013-6692
|
2024-11-21 10:59 |
2013-11-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
