|
285611
|
- |
|
brocade
|
vyatta_vrouter_software
vyatta_vrouter
|
The OSPF implementation on the Brocade Vyatta vRouter with software before 6.6R1 does not consider the possibility of duplicate Link State ID values in Link State Advertisement (LSA) packets before p…
|
NVD-CWE-Other
|
CVE-2013-7307
|
2024-11-21 11:00 |
2014-01-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
285612
|
- |
|
brocade
|
icx
vyatta
mlx
bigiron_rx
netiron_ces
netiron_xmr
netiron_cer
vdx
adx
fastiron
turboiron
|
The OSPF implementation on Brocade routers does not consider the possibility of duplicate Link State ID values in Link State Advertisement (LSA) packets before performing operations on the LSA databa…
|
CWE-20
Improper Input Validation
|
CVE-2013-7306
|
2024-11-21 11:00 |
2014-01-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
285613
|
- |
|
e107
|
e107
|
fpw.php in e107 through 1.0.4 does not check the user_ban field, which makes it easier for remote attackers to reset passwords by sending a pwsubmit request and leveraging access to the e-mail accoun…
|
CWE-255
Credentials Management
|
CVE-2013-7305
|
2024-11-21 11:00 |
2014-01-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
285614
|
- |
|
checkpoint
|
endpoint_security_mi_server_r73
|
Check Point Endpoint Security MI Server through R73 3.0.0 HFA2.5 does not configure X.509 certificate validation for client devices, which allows man-in-the-middle attackers to spoof SSL servers by p…
|
CWE-310
Cryptographic Issues
|
CVE-2013-7304
|
2024-11-21 11:00 |
2014-01-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
285615
|
- |
|
2glux
|
com_sexypolling
|
SQL injection vulnerability in vote.php in the 2Glux Sexy Polling (com_sexypolling) component before 1.0.9 for Joomla! allows remote attackers to execute arbitrary SQL commands via the answer_id[] pa…
|
CWE-89
SQL Injection
|
CVE-2013-7219
|
2024-11-21 11:00 |
2014-01-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
285616
|
- |
|
typo3
|
typo3
|
Cross-site scripting (XSS) vulnerability in the errorAction method in the ActionController base class in the Extbase Framework in TYPO3 4.5.0 through 4.5.31, 4.7.0 through 4.7.16, 6.0.0 through 6.0.1…
|
CWE-79
Cross-site Scripting
|
CVE-2013-7078
|
2024-11-21 11:00 |
2014-01-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
285617
|
- |
|
torproject
|
tor
|
Tor before 0.2.4.20, when OpenSSL 1.x is used in conjunction with a certain HardwareAccel setting on Intel Sandy Bridge and Ivy Bridge platforms, does not properly generate random numbers for (1) rel…
|
CWE-310
Cryptographic Issues
|
CVE-2013-7295
|
2024-11-21 11:00 |
2014-01-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
285618
|
- |
|
get-simple
|
getsimple_cms
|
Multiple cross-site scripting (XSS) vulnerabilities in GetSimple CMS 3.1.2 and 3.2.3 allow remote attackers to inject arbitrary web script or HTML via the (1) post-menu field to edit.php or (2) Displ…
|
CWE-79
Cross-site Scripting
|
CVE-2013-7243
|
2024-11-21 11:00 |
2014-01-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
285619
|
- |
|
conceptronic
|
cipcamptiwl_1.0_firmware
cipcamptiwl
|
Cross-site request forgery (CSRF) vulnerability in set_users.cgi in Conceptronic CIPCAMPTIWL Camera 1.0 with firmware 21.37.2.49 allows remote attackers to hijack the authentication of administrators…
|
CWE-352
Origin Validation Error
|
CVE-2013-7204
|
2024-11-21 11:00 |
2014-01-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
285620
|
- |
|
libreswan
|
libreswan
|
The ikev2parent_inI1outR1 function in pluto/ikev2_parent.c in libreswan before 3.7 allows remote attackers to cause a denial of service (restart) via an IKEv2 I1 notification without a KE payload.
|
CWE-20
Improper Input Validation
|
CVE-2013-7294
|
2024-11-21 11:00 |
2014-01-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
