|
285421
|
- |
|
puppetlabs
puppet
debian
canonical
|
puppet
puppet_enterprise
debian_linux
ubuntu_linux
|
Puppet before 3.3.3 and 3.4 before 3.4.1 and Puppet Enterprise (PE) before 2.8.4 and 3.1 before 3.1.1 allows local users to overwrite arbitrary files via a symlink attack on unspecified files.
|
CWE-59
Link Following
|
CVE-2013-4969
|
2024-11-21 10:56 |
2014-01-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
285422
|
- |
|
hot
|
hotbox_router_firmware
hotbox_router
|
Cross-site request forgery (CSRF) vulnerability in goform/wlanBasicSecurity on the HOT HOTBOX router with software 2.1.11 allows remote attackers to hijack the authentication of administrators for re…
|
CWE-352
Origin Validation Error
|
CVE-2013-5039
|
2024-11-21 10:56 |
2013-12-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
285423
|
- |
|
hot
|
hotbox_router_firmware
hotbox_router
|
The HOT HOTBOX router with software 2.1.11 allows remote attackers to bypass authentication by configuring a source IP address that had previously been used for an authenticated session.
|
CWE-287
Improper Authentication
|
CVE-2013-5038
|
2024-11-21 10:56 |
2013-12-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
285424
|
- |
|
hot
|
hotbox_router_firmware
hotbox_router
|
The HOT HOTBOX router with software 2.1.11 has a default WPS PIN of 12345670, which makes it easier for remote attackers to obtain the WPA or WPA2 pre-shared key via EAP messages.
|
CWE-255
Credentials Management
|
CVE-2013-5037
|
2024-11-21 10:56 |
2013-12-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
285425
|
- |
|
microsoft
|
windows_movie_maker
|
Microsoft Windows Movie Maker 2.1.4026.0 on Windows XP SP3 allows remote attackers to cause a denial of service (application crash) via a crafted .wav file, as demonstrated by movieMaker.wav.
|
CWE-20
Improper Input Validation
|
CVE-2013-4858
|
2024-11-21 10:56 |
2013-12-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
285426
|
- |
|
netgear
|
prosafe_firmware
prosafe_gs748t
prosafe_gs510tp
prosafe_gs724t
prosafe_s716t
|
NETGEAR ProSafe GS724Tv3 and GS716Tv2 with firmware 5.4.1.13 and earlier, GS748Tv4 5.4.1.14, and GS510TP 5.0.4.4 allows remote attackers to cause a denial of service (reboot or crash) via a crafted H…
|
NVD-CWE-noinfo
|
CVE-2013-4776
|
2024-11-21 10:56 |
2013-12-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
285427
|
- |
|
netgear
|
prosafe_firmware
prosafe_gs725ts
prosafe_gs728tps
prosafe_gs728ts
prosafe_gs752tps
prosafe_gs724t
prosafe_s716t
prosafe_gs728txs
prosafe_gs752txs
prosafe_gs748t
prosafe_…
|
NETGEAR ProSafe GS724Tv3 and GS716Tv2 with firmware 5.4.1.13 and earlier; GS748Tv4 with firmware 5.4.1.14; GS510TP with firmware 5.4.0.6; GS752TPS, GS728TPS, GS728TS, and GS725TS with firmware 5.3.0.…
|
CWE-200
Information Exposure
|
CVE-2013-4775
|
2024-11-21 10:56 |
2013-12-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
285428
|
- |
|
hp
|
officejet_pro_8500_firmware
officejet_pro_8500
|
Cross-site scripting (XSS) vulnerability on HP Officejet Pro 8500 (aka A909) All-in-One printers allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
|
CWE-79
Cross-site Scripting
|
CVE-2013-4845
|
2024-11-21 10:56 |
2013-12-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
285429
|
- |
|
icofx
|
icofx
|
Stack-based buffer overflow in IcoFX 2.5 and earlier allows remote attackers to execute arbitrary code via a long idCount value in an ICONDIR structure in an ICO file. NOTE: some of these details ar…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2013-4988
|
2024-11-21 10:56 |
2013-12-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
285430
|
- |
|
microsoft
|
exchange_server
|
Cross-site scripting (XSS) vulnerability in Outlook Web Access in Microsoft Exchange Server 2010 SP2 and SP3 and 2013 Cumulative Update 2 and 3 allows remote attackers to inject arbitrary web script …
|
CWE-79
Cross-site Scripting
|
CVE-2013-5072
|
2024-11-21 10:56 |
2013-12-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
