|
285511
|
- |
|
open-xchange
|
open-xchange_appsuite
|
Open-Xchange AppSuite before 7.0.2 rev14, 7.2.0 before rev11, 7.2.1 before rev10, and 7.2.2 before rev9 relies on user-supplied data to predict the IMAP server hostname for an external domain name, w…
|
CWE-255
Credentials Management
|
CVE-2013-4790
|
2024-11-21 10:56 |
2013-09-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
285512
|
- |
|
lockon
|
ec-cube
|
Multiple directory traversal vulnerabilities in the doApiAction function in data/class/api/SC_Api_Operation.php in LOCKON EC-CUBE 2.12.0 through 2.12.5 on Windows allow remote attackers to read arbit…
|
CWE-22
Path Traversal
|
CVE-2013-4702
|
2024-11-21 10:56 |
2013-08-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
285513
|
- |
|
strongswan
opensuse
|
strongswan
opensuse
|
The is_asn1 function in strongSwan 4.1.11 through 5.0.4 does not properly validate the return value of the asn1_length function, which allows remote attackers to cause a denial of service (segmentati…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2013-5018
|
2024-11-21 10:56 |
2013-08-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
285514
|
- |
|
realnetworks
|
realplayer
realplayer_sp
|
RealNetworks RealPlayer before 16.0.3.51, and RealPlayer SP 1.0 through 1.1.5, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a malformed RealM…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2013-4974
|
2024-11-21 10:56 |
2013-08-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
285515
|
- |
|
realnetworks
|
realplayer
realplayer_sp
|
Stack-based buffer overflow in RealNetworks RealPlayer before 16.0.3.51, and RealPlayer SP 1.0 through 1.1.5, allows remote attackers to execute arbitrary code via a crafted .rmp file.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2013-4973
|
2024-11-21 10:56 |
2013-08-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
285516
|
- |
|
janrain
|
php-openid
|
Auth/Yadis/XML.php in PHP OpenID Library 2.2.2 and earlier allows remote attackers to read arbitrary files, send HTTP requests to intranet servers, or cause a denial of service (CPU and memory consum…
|
NVD-CWE-noinfo
|
CVE-2013-4701
|
2024-11-21 10:56 |
2013-08-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
285517
|
- |
|
yahoo
|
japan_shopping
|
The Yahoo! Japan Shopping application 1.4 and earlier for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive i…
|
CWE-310
Cryptographic Issues
|
CVE-2013-4700
|
2024-11-21 10:56 |
2013-08-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
285518
|
- |
|
yahoo
|
yafuoku\!
|
The Yahoo! Japan Yafuoku! application 4.3.0 and earlier for iOS and Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain s…
|
CWE-310
Cryptographic Issues
|
CVE-2013-4699
|
2024-11-21 10:56 |
2013-08-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
285519
|
- |
|
puppet
|
puppet_enterprise
|
Puppet Enterprise before 3.0.1 allows remote attackers to obtain the database password via vectors related to how the password is "seeded as a console parameter," External Node Classifiers, and the l…
|
CWE-255
Credentials Management
|
CVE-2013-4967
|
2024-11-21 10:56 |
2013-08-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
285520
|
- |
|
puppet
|
puppet_enterprise
|
Puppet Enterprise before 3.0.1 does not set the secure flag for the session cookie in an https session, which makes it easier for remote attackers to capture this cookie by intercepting its transmiss…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2013-4964
|
2024-11-21 10:56 |
2013-08-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
