|
291131
|
- |
|
ibm
|
sametime
|
The Meeting Server in IBM Sametime 8.x through 8.5.2.1 and 9.x through 9.0.0.1 does not set the secure flag for an unspecified cookie in an https session, which makes it easier for remote attackers t…
|
CWE-200
Information Exposure
|
CVE-2013-3984
|
2024-11-21 10:54 |
2014-05-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291132
|
- |
|
ibm
|
sametime
|
The Meeting Server in IBM Sametime 8.x through 8.5.2.1 and 9.x through 9.0.0.1 allows remote attackers to obtain unspecified installation information and technical data via a request to a public page.
|
CWE-200
Information Exposure
|
CVE-2013-3982
|
2024-11-21 10:54 |
2014-05-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291133
|
- |
|
ibm
|
sametime
|
The Meeting Server in IBM Sametime 8.x through 8.5.2.1 and 9.x through 9.0.0.1 allows remote attackers to download avatar photos of arbitrary users via unspecified vectors.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2013-3981
|
2024-11-21 10:54 |
2014-05-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291134
|
- |
|
ibm
|
sametime
|
The Meeting Server in IBM Sametime 8.x through 8.5.2.1 and 9.x through 9.0.0.1 allows remote attackers to cause a denial of service (room unusability) by generating a large number of fictitious users…
|
CWE-20
Improper Input Validation
|
CVE-2013-3980
|
2024-11-21 10:54 |
2014-05-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291135
|
- |
|
ibm
|
sametime
|
The Meeting Server in IBM Sametime 8.x through 8.5.2.1 and 9.x through 9.0.0.1 allows remote attackers to determine which meeting rooms are owned by a user by leveraging knowledge of valid user names.
|
CWE-287
Improper Authentication
|
CVE-2013-3977
|
2024-11-21 10:54 |
2014-05-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291136
|
- |
|
ibm
|
sametime
|
Unspecified vulnerability in the Meeting Server in IBM Sametime 8.x through 8.5.2.1 and 9.x through 9.0.0.1 allows remote attackers to discover user names, full names, and e-mail addresses via a sear…
|
NVD-CWE-noinfo
|
CVE-2013-3975
|
2024-11-21 10:54 |
2014-05-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291137
|
- |
|
bestpractical
|
rt-extension-mobileui
request_tracker
|
Cross-site scripting (XSS) vulnerability in the MobileUI (aka RT-Extension-MobileUI) extension before 1.04 in Request Tracker (RT) 4.0.0 before 4.0.13 allows remote attackers to inject arbitrary web …
|
CWE-79
Cross-site Scripting
|
CVE-2013-3736
|
2024-11-21 10:54 |
2014-05-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291138
|
- |
|
node_packaged_modules_project
|
node_packaged_modules
|
lib/npm.js in Node Packaged Modules (npm) before 1.3.3 allows local users to overwrite arbitrary files via a symlink attack on temporary files with predictable names that are created when unpacking a…
|
CWE-59
Link Following
|
CVE-2013-4116
|
2024-11-21 10:54 |
2014-04-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291139
|
- |
|
coreftp
|
core_ftp
|
Stack-based buffer overflow in Core FTP before 2.2 build 1785 allows remote FTP servers to execute arbitrary code via a crafted directory name in a CWD command reply.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2013-3930
|
2024-11-21 10:54 |
2014-04-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291140
|
- |
|
ibm
|
infosphere_biginsights
|
CRLF injection vulnerability in the Web Application Enterprise Console in IBM InfoSphere BigInsights 1.1 and 2.x before 2.1 FP2 allows remote authenticated users to inject arbitrary HTTP headers and …
|
CWE-94
Code Injection
|
CVE-2013-3998
|
2024-11-21 10:54 |
2014-03-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
