|
294301
|
- |
|
openstack
|
keystone
|
OpenStack Keystone Grizzly before 2013.1, Folsom 2012.1.3 and earlier, and Essex does not properly check if the (1) user, (2) tenant, or (3) domain is enabled when using EC2-style authentication, whi…
|
CWE-287
Improper Authentication
|
CVE-2013-0282
|
2024-11-21 10:47 |
2013-04-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294302
|
- |
|
ibm
|
cognos_disclosure_management
|
The EdrawSoft EDOFFICE.EDOfficeCtrl.1 ActiveX control, as used in Edraw Office Viewer Component, the client in IBM Cognos Disclosure Management (CDM) 10.2.0, and other products, allows remote attacke…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2013-0501
|
2024-11-21 10:47 |
2013-04-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294303
|
- |
|
nori_gem_project
|
nori_gem
|
The nori gem 2.0.x before 2.0.2, 1.1.x before 1.1.4, and 1.0.x before 1.0.3 for Ruby does not properly restrict casts of string values, which allows remote attackers to conduct object-injection attac…
|
CWE-20
Improper Input Validation
|
CVE-2013-0285
|
2024-11-21 10:47 |
2013-04-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294304
|
- |
|
newrelic
|
ruby_agent
|
Ruby agent 3.2.0 through 3.5.2 serializes sensitive data when communicating with servers operated by New Relic, which allows remote attackers to obtain sensitive information (database credentials and…
|
CWE-200
Information Exposure
|
CVE-2013-0284
|
2024-11-21 10:47 |
2013-04-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294305
|
- |
|
apache
|
maven
|
The default configuration of Apache Maven 3.0.4, when using Maven Wagon 2.1, disables SSL certificate checks, which allows remote attackers to spoof servers via a man-in-the-middle (MITM) attack.
|
CWE-16
Configuration
|
CVE-2013-0253
|
2024-11-21 10:47 |
2013-04-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294306
|
- |
|
cogentdatahub
|
cogent_datahub
opc_datahub
cascade_datahub
datahub_quicktrend
|
Stack-based buffer overflow in the web server in Cogent Real-Time Systems Cogent DataHub before 7.3.0, OPC DataHub before 6.4.22, Cascade DataHub before 6.4.22 on Windows, and DataHub QuickTrend befo…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2013-0680
|
2024-11-21 10:47 |
2013-04-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294307
|
- |
|
ibm
|
ims_enterprise_suite
|
The login component in SOAP Gateway in IBM IMS Enterprise Suite 1.1, 2.1, and 2.2 uses cleartext credentials, which allows remote attackers to obtain sensitive information by sniffing the network.
|
CWE-310
Cryptographic Issues
|
CVE-2013-0483
|
2024-11-21 10:47 |
2013-04-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294308
|
- |
|
ibm
|
netezza_performance_portal
|
HTTPD in IBM Netezza Performance Portal 1.0.2 allows remote authenticated users to list application directories containing asset files via a direct request to a directory URI, as demonstrated by list…
|
CWE-16
Configuration
|
CVE-2013-0470
|
2024-11-21 10:47 |
2013-04-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294309
|
- |
|
schneider-electric
|
modicon_quantum_plc
modicon_m340
modicon_premium
|
The FactoryCast service on the Schneider Electric Quantum 140NOE77111 and 140NWM10000, M340 BMXNOE0110x, and Premium TSXETY5103 PLC modules allows remote authenticated users to send Modbus messages, …
|
NVD-CWE-noinfo
|
CVE-2013-0664
|
2024-11-21 10:47 |
2013-04-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294310
|
- |
|
schneider-electric
|
modicon_quantum_plc
modicon_m340
modicon_premium
|
Cross-site request forgery (CSRF) vulnerability on the Schneider Electric Quantum 140NOE77111, 140NOE77101, and 140NWM10000; M340 BMXNOC0401, BMXNOE0100x, and BMXNOE011xx; and Premium TSXETY4103, TSX…
|
CWE-352
Origin Validation Error
|
CVE-2013-0663
|
2024-11-21 10:47 |
2013-04-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
