|
285281
|
8.8 |
HIGH
Network
|
cisco
|
linksys_wrt110_firmware
|
Cross-site request forgery (CSRF) vulnerability in Cisco Linksys WRT110 allows remote attackers to hijack the authentication of users for requests that have unspecified impact via unknown vectors.
|
CWE-352
Origin Validation Error
|
CVE-2013-3568
|
2024-11-21 10:53 |
2020-02-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
285282
|
5.3 |
MEDIUM
Network
|
videolan
|
vlc_media_player
|
The web interface in VideoLAN VLC media player before 2.0.7 has no access control which allows remote attackers to view directory listings via the 'dir' command or issue other commands without authen…
|
CWE-200
Information Exposure
|
CVE-2013-3564
|
2024-11-21 10:53 |
2020-02-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
285283
|
6.1 |
MEDIUM
Network
|
videolan
opensuse
|
vlc_media_player
opensuse
|
Multiple cross-site scripting (XSS) vulnerabilities in the HTTP Interface in VideoLAN VLC Media Player before 2.0.7 allow remote attackers to inject arbitrary web script or HTML via the (1) command p…
|
CWE-79
Cross-site Scripting
|
CVE-2013-3565
|
2024-11-21 10:53 |
2020-02-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
285284
|
7.8 |
HIGH
Local
|
mpc-hc
|
mpc-hc
|
Buffer overflow in Media Player Classic - Home Cinema (MPC-HC) before 1.7.0 allows remote attackers to execute arbitrary code via a crafted RealMedia .rm file
|
CWE-120
Classic Buffer Overflow
|
CVE-2013-3489
|
2024-11-21 10:53 |
2020-02-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
285285
|
7.8 |
HIGH
Local
|
mpc-hc
|
mpc-hc
|
Stack-based buffer overflow in Media Player Classic - Home Cinema (MPC-HC) before 1.7.0.7858 allows remote attackers to execute arbitrary code via a crafted MPEG-2 Transport Stream (M2TS) file.
|
CWE-120
Classic Buffer Overflow
|
CVE-2013-3488
|
2024-11-21 10:53 |
2020-02-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
285286
|
7.2 |
HIGH
Network
|
netapp
|
oncommand_system_manager
|
NetApp OnCommand System Manager 2.1 and earlier allows remote attackers to inject arbitrary commands in the Halt/Reboot interface.
|
CWE-78
OS Command
|
CVE-2013-3322
|
2024-11-21 10:53 |
2020-01-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
285287
|
7.5 |
HIGH
Network
|
netapp
|
oncommand_system_manager
|
NetApp OnCommand System Manager 2.1 and earlier allows remote attackers to include arbitrary files through specially crafted requests to the "diagnostic" page using the SnapMirror log path parameter.
|
CWE-829
Inclusion of Functionality from Untrusted Control Sphere
|
CVE-2013-3321
|
2024-11-21 10:53 |
2020-01-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
285288
|
6.1 |
MEDIUM
Network
|
netapp
|
oncommand_system_manager
|
Cross-site Scripting (XSS) vulnerability in NetApp OnCommand System Manager before 2.2 allows remote attackers to inject arbitrary web script or HTML via the 'full-name' and 'comment' fields.
|
CWE-79
Cross-site Scripting
|
CVE-2013-3320
|
2024-11-21 10:53 |
2020-01-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
285289
|
9.8 |
CRITICAL
Network
|
netgear
|
wnr1000_firmware
|
Netgear WNR1000v3 with firmware before 1.0.2.60 contains an Authentication Bypass via the NtgrBak key.
|
CWE-287
Improper Authentication
|
CVE-2013-3317
|
2024-11-21 10:53 |
2020-01-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
285290
|
9.8 |
CRITICAL
Network
|
netgear
|
wnr1000_firmware
|
Netgear WNR1000v3 with firmware before 1.0.2.60 contains an Authentication Bypass due to the server skipping checks for URLs containing a ".jpg".
|
CWE-287
Improper Authentication
|
CVE-2013-3316
|
2024-11-21 10:53 |
2020-01-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
