|
286381
|
- |
|
vmware
|
esxi
esx
|
Directory traversal vulnerability in VMware ESXi 4.0 through 5.0, and ESX 4.0 and 4.1, allows remote attackers to delete arbitrary host OS files via unspecified vectors.
|
CWE-22
Path Traversal
|
CVE-2013-3658
|
2024-11-21 10:54 |
2013-09-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
286382
|
- |
|
vmware
|
esxi
esx
|
Buffer overflow in VMware ESXi 4.0 through 5.0, and ESX 4.0 and 4.1, allows remote attackers to execute arbitrary code or cause a denial of service via unspecified vectors.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2013-3657
|
2024-11-21 10:54 |
2013-09-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
286383
|
- |
|
ibm
|
rational_policy_tester
|
IBM Rational Policy Tester 8.5 before 8.5.0.5 does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof Jazz Team servers, obtain sensitive information, a…
|
CWE-310
Cryptographic Issues
|
CVE-2013-4062
|
2024-11-21 10:54 |
2013-09-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
286384
|
- |
|
ibm
|
rational_policy_tester
|
IBM Rational Policy Tester 8.5 before 8.5.0.5 does not properly check authorization for changes to the set of authentication hosts, which allows remote authenticated users to perform spoofing attacks…
|
CWE-287
Improper Authentication
|
CVE-2013-4061
|
2024-11-21 10:54 |
2013-09-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
286385
|
- |
|
ibm
|
tririga_application_platform
|
Multiple cross-site scripting (XSS) vulnerabilities in IBM TRIRIGA Application Platform 2.x and 3.x before 3.3.1.1, and 8, allow remote authenticated users to inject arbitrary web script or HTML via …
|
CWE-79
Cross-site Scripting
|
CVE-2013-4003
|
2024-11-21 10:54 |
2013-08-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
286386
|
- |
|
stage_file_proxy_project
|
stage_file_proxy
|
The Stage File Proxy module 7.x-1.x before 7.x-1.4 for Drupal allows remote attackers to cause a denial of service (file operations performance degradation and failure) via a large number of requests.
|
NVD-CWE-noinfo
|
CVE-2013-4139
|
2024-11-21 10:54 |
2013-08-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
286387
|
- |
|
alienwp
|
hatch
|
Cross-site scripting (XSS) vulnerability in the Hatch theme 7.x-1.x before 7.x-1.4 for Drupal allows remote authenticated users with the "Administer content," "Create new article," or "Edit any artic…
|
CWE-79
Cross-site Scripting
|
CVE-2013-4138
|
2024-11-21 10:54 |
2013-08-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
286388
|
- |
|
openstack
opensuse
|
python_glanceclient
opensuse
|
The Python client library for Glance (python-glanceclient) before 0.10.0 does not properly check the preverify_ok value, which prevents the server hostname from being verified with a domain name in t…
|
CWE-20
Improper Input Validation
|
CVE-2013-4111
|
2024-11-21 10:54 |
2013-08-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
286389
|
- |
|
ibm
|
websphere_extended_deployment_compute_grid
|
IBM WebSphere Extended Deployment Compute Grid 8.0 before 8.0.0.3 allows remote authenticated users to obtain sensitive information, and consequently bypass intended access restrictions on jobs, via …
|
CWE-200
Information Exposure
|
CVE-2013-4039
|
2024-11-21 10:54 |
2013-08-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
286390
|
- |
|
ibm
|
db2_connect
db2
|
IBM DB2 and DB2 Connect 9.7 through FP8, 9.8 through FP5, 10.1 through FP2, and 10.5 through FP1 allow remote authenticated users to execute DML statements by leveraging EXPLAIN authority.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2013-4033
|
2024-11-21 10:54 |
2013-08-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
