|
288791
|
- |
|
ibm
|
rational_policy_tester
|
IBM Rational Policy Tester 8.5 before 8.5.0.5 does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof Jazz Team servers, obtain sensitive information, a…
|
CWE-310
Cryptographic Issues
|
CVE-2013-4062
|
2024-11-21 10:54 |
2013-09-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
288792
|
- |
|
ibm
|
rational_policy_tester
|
IBM Rational Policy Tester 8.5 before 8.5.0.5 does not properly check authorization for changes to the set of authentication hosts, which allows remote authenticated users to perform spoofing attacks…
|
CWE-287
Improper Authentication
|
CVE-2013-4061
|
2024-11-21 10:54 |
2013-09-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
288793
|
- |
|
ibm
|
tririga_application_platform
|
Multiple cross-site scripting (XSS) vulnerabilities in IBM TRIRIGA Application Platform 2.x and 3.x before 3.3.1.1, and 8, allow remote authenticated users to inject arbitrary web script or HTML via …
|
CWE-79
Cross-site Scripting
|
CVE-2013-4003
|
2024-11-21 10:54 |
2013-08-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
288794
|
- |
|
stage_file_proxy_project
|
stage_file_proxy
|
The Stage File Proxy module 7.x-1.x before 7.x-1.4 for Drupal allows remote attackers to cause a denial of service (file operations performance degradation and failure) via a large number of requests.
|
NVD-CWE-noinfo
|
CVE-2013-4139
|
2024-11-21 10:54 |
2013-08-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
288795
|
- |
|
alienwp
|
hatch
|
Cross-site scripting (XSS) vulnerability in the Hatch theme 7.x-1.x before 7.x-1.4 for Drupal allows remote authenticated users with the "Administer content," "Create new article," or "Edit any artic…
|
CWE-79
Cross-site Scripting
|
CVE-2013-4138
|
2024-11-21 10:54 |
2013-08-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
288796
|
- |
|
openstack
opensuse
|
python_glanceclient
opensuse
|
The Python client library for Glance (python-glanceclient) before 0.10.0 does not properly check the preverify_ok value, which prevents the server hostname from being verified with a domain name in t…
|
CWE-20
Improper Input Validation
|
CVE-2013-4111
|
2024-11-21 10:54 |
2013-08-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
288797
|
- |
|
ibm
|
websphere_extended_deployment_compute_grid
|
IBM WebSphere Extended Deployment Compute Grid 8.0 before 8.0.0.3 allows remote authenticated users to obtain sensitive information, and consequently bypass intended access restrictions on jobs, via …
|
CWE-200
Information Exposure
|
CVE-2013-4039
|
2024-11-21 10:54 |
2013-08-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
288798
|
- |
|
ibm
|
db2_connect
db2
|
IBM DB2 and DB2 Connect 9.7 through FP8, 9.8 through FP5, 10.1 through FP2, and 10.5 through FP1 allow remote authenticated users to execute DML statements by leveraging EXPLAIN authority.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2013-4033
|
2024-11-21 10:54 |
2013-08-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
288799
|
- |
|
ibm
|
websphere_application_server
|
Cross-site scripting (XSS) vulnerability in the Administrative console in IBM WebSphere Application Server (WAS) 6.1 before 6.1.0.47, 7.0 before 7.0.0.31, 8.0 before 8.0.0.7, and 8.5 before 8.5.5.1 a…
|
CWE-79
Cross-site Scripting
|
CVE-2013-4005
|
2024-11-21 10:54 |
2013-08-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
288800
|
- |
|
ibm
|
websphere_application_server
|
Cross-site scripting (XSS) vulnerability in the Administrative console in IBM WebSphere Application Server (WAS) 8.0 before 8.0.0.7 and 8.5 before 8.5.5.1 allows remote authenticated users to inject …
|
CWE-79
Cross-site Scripting
|
CVE-2013-4004
|
2024-11-21 10:54 |
2013-08-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
