|
290231
|
- |
|
cisco
|
secure_access_control_system
|
Cisco Secure Access Control System (ACS) does not properly handle requests to read from the TACACS+ socket, which allows remote attackers to cause a denial of service (process crash) via malformed TC…
|
CWE-20
Improper Input Validation
|
CVE-2013-5470
|
2024-11-21 10:57 |
2013-09-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290232
|
- |
|
paloaltonetworks
|
pan-os
|
Cross-site scripting (XSS) vulnerability in the web-based device-management API browser in Palo Alto Networks PAN-OS before 4.1.13 and 5.0.x before 5.0.6 allows remote attackers to inject arbitrary w…
|
CWE-79
Cross-site Scripting
|
CVE-2013-5664
|
2024-11-21 10:57 |
2013-09-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290233
|
- |
|
paloaltonetworks
|
pan-os
|
The App-ID cache feature in Palo Alto Networks PAN-OS before 4.0.14, 4.1.x before 4.1.11, and 5.0.x before 5.0.2 allows remote attackers to bypass intended security policies via crafted requests that…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2013-5663
|
2024-11-21 10:57 |
2013-09-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290234
|
- |
|
cisco
|
ios
|
The TCP implementation in Cisco IOS does not properly implement the transitions from the ESTABLISHED state to the CLOSED state, which allows remote attackers to cause a denial of service (flood of AC…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2013-5469
|
2024-11-21 10:57 |
2013-08-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290235
|
- |
|
id
|
id-software
libdigidoc
|
Absolute path traversal vulnerability in the handleStartDataFile function in DigiDocSAXParser.c in libdigidoc 3.6.0.0, as used in ID-software before 3.7.2 and other products, allows remote attackers …
|
CWE-22
Path Traversal
|
CVE-2013-5648
|
2024-11-21 10:57 |
2013-08-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290236
|
- |
|
adam_zaninovich
|
sounder
|
lib/sounder/sound.rb in the sounder gem 1.0.1 for Ruby allows remote attackers to execute arbitrary commands via shell metacharacters in a filename.
|
CWE-94
Code Injection
|
CVE-2013-5647
|
2024-11-21 10:57 |
2013-08-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290237
|
- |
|
roundcube
|
webmail
|
Cross-site scripting (XSS) vulnerability in Roundcube webmail 1.0-git allows remote authenticated users to inject arbitrary web script or HTML via the Name field of an addressbook group.
|
CWE-79
Cross-site Scripting
|
CVE-2013-5646
|
2024-11-21 10:57 |
2013-08-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290238
|
- |
|
roundcube
|
webmail
|
Multiple cross-site scripting (XSS) vulnerabilities in Roundcube webmail before 0.9.3 allow user-assisted remote attackers to inject arbitrary web script or HTML via the body of a message visited in …
|
CWE-79
Cross-site Scripting
|
CVE-2013-5645
|
2024-11-21 10:57 |
2013-08-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290239
|
- |
|
debian
cacti
opensuse
|
debian_linux
cacti
opensuse
|
SQL injection vulnerability in cacti/host.php in Cacti 0.8.8b and earlier allows remote attackers to execute arbitrary SQL commands via the id parameter.
|
CWE-89
SQL Injection
|
CVE-2013-5589
|
2024-11-21 10:57 |
2013-08-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290240
|
- |
|
cacti
opensuse
|
cacti
opensuse
|
Multiple cross-site scripting (XSS) vulnerabilities in Cacti 0.8.8b and earlier allow remote attackers to inject arbitrary web script or HTML via (1) the step parameter to install/index.php or (2) th…
|
CWE-79
Cross-site Scripting
|
CVE-2013-5588
|
2024-11-21 10:57 |
2013-08-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
