|
287951
|
- |
|
suse
novell
|
studio_onsite
suse_lifecycle_management_server
webyast
|
WebYaST 1.3 uses weak permissions for config/initializers/secret_token.rb, which allows local users to gain privileges by reading the Rails secret token from this file.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2013-3709
|
2024-11-21 10:54 |
2013-12-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
287952
|
- |
|
ibm
|
websphere_portal
|
IBM WebSphere Portal 8.0.0.x before 8.0.0.1 CF09, when Content Template Catalog 4.0 is used, does not require administrative privileges for Portal Application Archive (PAA) file installation, which a…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2013-4012
|
2024-11-21 10:54 |
2013-12-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
287953
|
- |
|
novell
|
client
|
The VBA32 AntiRootKit component for Novell Client 2 SP3 before IR5 on Windows allows local users to cause a denial of service (bugcheck and BSOD) via an IOCTL call for an invalid IOCTL.
|
CWE-20
Improper Input Validation
|
CVE-2013-3705
|
2024-11-21 10:54 |
2013-12-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
287954
|
- |
|
ibm
|
spss_collaboration_and_deployment_services
|
The Portal application in IBM SPSS Collaboration and Deployment Services 4.2.1 before 4.2.1.3 IF3 and 5.0 before FP3 allows remote attackers to discover an internal password via unspecified vectors.
|
CWE-200
Information Exposure
|
CVE-2013-4070
|
2024-11-21 10:54 |
2013-12-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
287955
|
- |
|
ibm
|
spss_collaboration_and_deployment_services
|
The Portal application in IBM SPSS Collaboration and Deployment Services 4.2.1 before 4.2.1.3 IF3 and 5.0 before FP3 allows remote attackers to read arbitrary files via an XML external entity declara…
|
CWE-200
Information Exposure
|
CVE-2013-4069
|
2024-11-21 10:54 |
2013-12-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
287956
|
- |
|
ibm
|
lotus_domino
lotus_inotes
|
Cross-site scripting (XSS) vulnerability in iNotes in IBM Domino 8.5.x before 8.5.3 FP6 and 9.0.x before 9.0.1, when ultra-light mode is enabled, allows remote attackers to inject arbitrary web scrip…
|
CWE-79
Cross-site Scripting
|
CVE-2013-4065
|
2024-11-21 10:54 |
2013-12-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
287957
|
- |
|
ibm
|
lotus_domino
lotus_inotes
|
Cross-site scripting (XSS) vulnerability in iNotes in IBM Domino 8.5.x before 8.5.3 FP6 and 9.0.x before 9.0.1, when ultra-light mode is enabled, allows remote authenticated users to inject arbitrary…
|
CWE-79
Cross-site Scripting
|
CVE-2013-4064
|
2024-11-21 10:54 |
2013-12-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
287958
|
- |
|
ibm
|
lotus_domino
lotus_inotes
|
Cross-site scripting (XSS) vulnerability in iNotes in IBM Domino 8.5.x before 8.5.3 FP6 and 9.0.x before 9.0.1 allows remote attackers to inject arbitrary web script or HTML via active content in an …
|
CWE-79
Cross-site Scripting
|
CVE-2013-4063
|
2024-11-21 10:54 |
2013-12-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
287959
|
- |
|
ibm
|
spss_collaboration_and_deployment_services
|
Open redirect vulnerability in IBM SPSS Collaboration and Deployment Services 4.2.1 before 4.2.1.3 IF3 and 5.0 before FP3 allows remote attackers to redirect users to arbitrary web sites and conduct …
|
CWE-20
Improper Input Validation
|
CVE-2013-4046
|
2024-11-21 10:54 |
2013-12-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
287960
|
- |
|
ibm
|
spss_collaboration_and_deployment_services
|
Cross-site scripting (XSS) vulnerability in the Portal application in IBM SPSS Collaboration and Deployment Services 4.2.1 before 4.2.1.3 IF3 and 5.0 before FP3 allows remote attackers to inject arbi…
|
CWE-79
Cross-site Scripting
|
CVE-2013-4045
|
2024-11-21 10:54 |
2013-12-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
