|
282971
|
- |
|
gehealthcare
|
centricity_dms
|
The Ad Hoc Reporting feature in GE Healthcare Centricity DMS 4.2 has a password of Never!Mind for the Administrator user, which has unspecified impact and attack vectors. NOTE: it is not clear wheth…
|
CWE-255
Credentials Management
|
CVE-2013-7405
|
2024-11-21 11:00 |
2015-08-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
282972
|
- |
|
gehealthcare
|
discovery_nm_750b
|
GE Healthcare Discovery NM 750b has a password of 2getin for the insite account for (1) Telnet and (2) FTP, which has unspecified impact and attack vectors. NOTE: it is not clear whether this passwo…
|
CWE-255
Credentials Management
|
CVE-2013-7404
|
2024-11-21 11:00 |
2015-08-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
282973
|
- |
|
async-http-client_project
redhat
|
async-http-client
jboss_fuse
|
main/java/com/ning/http/client/AsyncHttpClientConfig.java in Async Http Client (aka AHC or async-http-client) before 1.9.0 does not require a hostname match during verification of X.509 certificates,…
|
CWE-345
Insufficient Verification of Data Authenticity
|
CVE-2013-7398
|
2024-11-21 11:00 |
2015-06-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
282974
|
- |
|
redhat
async-http-client_project
|
jboss_fuse
async-http-client
|
Async Http Client (aka AHC or async-http-client) before 1.9.0 skips X.509 certificate verification unless both a keyStore location and a trustStore location are explicitly set, which allows man-in-th…
|
CWE-345
Insufficient Verification of Data Authenticity
|
CVE-2013-7397
|
2024-11-21 11:00 |
2015-06-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
282975
|
- |
|
kanaka
|
novnc
|
noVNC before 0.5 does not set the secure flag for a cookie in an https session, which makes it easier for remote attackers to capture this cookie by intercepting its transmission within an http sessi…
|
CWE-310
Cryptographic Issues
|
CVE-2013-7436
|
2024-11-21 11:00 |
2015-04-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
282976
|
- |
|
pbm212030_project
|
pbm212030
|
Multiple buffer overflows in pbm212030 allow remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted PBM image, related to (1) stream line data, which t…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2013-7438
|
2024-11-21 11:00 |
2015-03-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
282977
|
- |
|
icoasoft
|
potrace
|
Multiple integer overflows in potrace 1.11 allow remote attackers to cause a denial of service (crash) via large dimensions in a BMP image, which triggers a buffer overflow.
|
CWE-190
Integer Overflow or Wraparound
|
CVE-2013-7437
|
2024-11-21 11:00 |
2015-03-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
282978
|
- |
|
canonical
debian
linux
oracle
|
ubuntu_linux
debian_linux
linux_kernel
linux
|
The Crypto API in the Linux kernel before 3.18.5 allows local users to load arbitrary kernel modules via a bind system call for an AF_ALG socket with a module name in the salg_name field, a different…
|
CWE-269
Improper Privilege Management
|
CVE-2013-7421
|
2024-11-21 11:00 |
2015-03-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
282979
|
- |
|
redhat
canonical
opensuse
gnu
|
enterprise_linux_server_aus
ubuntu_linux
opensuse
glibc
|
The send_dg function in resolv/res_send.c in GNU C Library (aka glibc or libc6) before 2.20 does not properly reuse file descriptors, which allows remote attackers to send DNS queries to unintended l…
|
CWE-17
Code
|
CVE-2013-7423
|
2024-11-21 11:00 |
2015-02-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
282980
|
- |
|
kde
|
kde_applications
|
kwalletd in KWallet before KDE Applications 14.12.0 uses Blowfish with ECB mode instead of CBC mode when encrypting the password store, which makes it easier for attackers to guess passwords via a co…
|
CWE-310
Cryptographic Issues
|
CVE-2013-7252
|
2024-11-21 11:00 |
2015-01-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
