|
294781
|
- |
|
irfanview
|
irfanview
|
Heap-based buffer overflow in IrfanView before 4.37 allows remote attackers to execute arbitrary code via the LZW code stream in a GIF file.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2013-5351
|
2024-11-21 10:57 |
2014-02-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294782
|
- |
|
ibm
|
platform_symphony
|
An unspecified servlet in IBM Platform Symphony Developer Edition (DE) 5.2 and 6.1.x through 6.1.1 has hardcoded credentials, which allows remote attackers to bypass authentication and obtain "local …
|
CWE-255
Credentials Management
|
CVE-2013-5400
|
2024-11-21 10:57 |
2014-02-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294783
|
- |
|
ibm
|
infosphere_master_data_management_server_for_product_information_management
infosphere_master_data_management_collaboration_server
|
Cross-site request forgery (CSRF) vulnerability in IBM InfoSphere Master Data Management - Collaborative Edition 10.x before 10.1 FP8 through 11.0 and InfoSphere Master Data Management Server for Pro…
|
CWE-352
Origin Validation Error
|
CVE-2013-5427
|
2024-11-21 10:57 |
2014-02-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294784
|
- |
|
mcafee
|
vulnerability_manager
|
Cross-site scripting (XSS) vulnerability in index.exp in McAfee Vulnerability Manager 7.5 allows remote attackers to inject arbitrary web script or HTML via the cert_cn cookie parameter.
|
CWE-79
Cross-site Scripting
|
CVE-2013-5094
|
2024-11-21 10:57 |
2014-01-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294785
|
- |
|
secunia
|
csi_agent
|
Secunia CSI Agent 6.0.0.15017 and earlier, 6.0.1.1007 and earlier, and 7.0.0.21 and earlier, when running on Red Hat Linux, uses world-readable and world-writable permissions for /etc/csia_config.xml…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2013-5364
|
2024-11-21 10:57 |
2014-01-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294786
|
- |
|
tejimaya
|
openpne
|
The "Remember me" feature in the opSecurityUser::getRememberLoginCookie function in lib/user/opSecurityUser.class.php in OpenPNE 3.6.13 before 3.6.13.1 and 3.8.9 before 3.8.9.1 does not properly vali…
|
CWE-20
Improper Input Validation
|
CVE-2013-5350
|
2024-11-21 10:57 |
2014-01-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294787
|
- |
|
thecus
|
n8800_nas_server_firmware
n8800_nas_server
|
The Thecus NAS server N8800 with firmware 5.03.01 uses cleartext credentials for administrative authentication, which allows remote attackers to obtain sensitive information by sniffing the network.
|
CWE-255
Credentials Management
|
CVE-2013-5669
|
2024-11-21 10:57 |
2014-01-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294788
|
- |
|
thecus
|
n8800_nas_server_firmware
n8800_nas_server
|
The ADS/NT Support page on the Thecus NAS server N8800 with firmware 5.03.01 allows remote attackers to discover the administrator credentials by reading this page's cleartext content.
|
CWE-255
Credentials Management
|
CVE-2013-5668
|
2024-11-21 10:57 |
2014-01-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294789
|
- |
|
thecus
|
n8800_nas_server_firmware
n8800_nas_server
|
The Thecus NAS server N8800 with firmware 5.03.01 allows remote attackers to execute arbitrary commands via a get_userid action with shell metacharacters in the username parameter.
|
CWE-78
OS Command
|
CVE-2013-5667
|
2024-11-21 10:57 |
2014-01-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294790
|
- |
|
ibm
|
tivoli_storage_manager
|
The client in IBM Tivoli Storage Manager (TSM) 6.3.1 and 6.4.0 on Windows does not preserve permissions of Resilient File System (ReFS) files across backup and restore operations, which allows local …
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2013-5371
|
2024-11-21 10:57 |
2014-01-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
