|
288411
|
- |
|
puppet
|
puppet_enterprise
|
Puppet Enterprise before 3.1.0 does not properly restrict the number of authentication attempts by a console account, which makes it easier for remote attackers to bypass intended access restrictions…
|
CWE-287
Improper Authentication
|
CVE-2013-4965
|
2024-11-21 10:56 |
2013-10-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
288412
|
- |
|
puppet
|
puppet_enterprise
|
The dashboard report in Puppet Enterprise before 3.0.1 allows attackers to execute arbitrary YAML code via a crafted report-specific type.
|
CWE-94
Code Injection
|
CVE-2013-4957
|
2024-11-21 10:56 |
2013-10-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
288413
|
- |
|
iodata
|
hdl2-a\/e
hdl2-ah
hdl2-a_firmware
hdl-a\/e
hdl-ah
hdl-as
hdl-a_firmware
|
I-O DATA DEVICE HDL-A and HDL2-A devices with firmware 1.07 and earlier do not properly manage sessions, which allows remote attackers to obtain sensitive information or modify data via unspecified v…
|
CWE-399
Resource Management Errors
|
CVE-2013-4712
|
2024-11-21 10:56 |
2013-10-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
288414
|
- |
|
juniper
|
junos
|
J-Web in Juniper Junos before 10.4R13, 11.4 before 11.4R7, 12.1R before 12.1R6, 12.1X44 before 12.1X44-D15, 12.1x45 before 12.1X45-D10, 12.2 before 12.2R3, 12.3 before 12.3R2, and 13.1 before 13.1R3 …
|
CWE-352
Origin Validation Error
|
CVE-2013-4689
|
2024-11-21 10:56 |
2013-10-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
288415
|
- |
|
ruckuswireless
|
zoneflex_2942__firmware
zoneflex_2942
|
Ruckus Wireless Zoneflex 2942 devices with firmware 9.6.0.0.267 allow remote attackers to bypass authentication, and subsequently access certain configuration/ and maintenance/ scripts, by constructi…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2013-5030
|
2024-11-21 10:56 |
2013-10-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
288416
|
- |
|
hp
|
service_manager
|
Cross-site scripting (XSS) vulnerability in HP Service Manager 9.30 through 9.32 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
|
CWE-79
Cross-site Scripting
|
CVE-2013-4833
|
2024-11-21 10:56 |
2013-10-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
288417
|
- |
|
hp
|
service_manager
|
HP Service Manager 9.30 through 9.32 allows remote authenticated users to obtain sensitive information via unspecified vectors.
|
CWE-200
Information Exposure
|
CVE-2013-4832
|
2024-11-21 10:56 |
2013-10-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
288418
|
- |
|
hp
|
service_manager
|
HP Service Manager 9.30 through 9.32 does not properly manage privileges, which allows remote authenticated users to obtain sensitive information or modify data via unspecified vectors.
|
NVD-CWE-noinfo
|
CVE-2013-4831
|
2024-11-21 10:56 |
2013-10-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
288419
|
- |
|
hp
|
service_manager
|
HP Service Manager 9.30 through 9.32 allows remote attackers to execute arbitrary code via an unspecified "injection" approach.
|
CWE-94
Code Injection
|
CVE-2013-4830
|
2024-11-21 10:56 |
2013-10-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
288420
|
- |
|
hp
|
intelligent_management_center
imc_service_operation_management_software_module
|
SQL injection vulnerability in HP Intelligent Management Center (iMC) and HP IMC Service Operation Management Software Module allows remote attackers to execute arbitrary SQL commands via unspecified…
|
CWE-89
SQL Injection
|
CVE-2013-4827
|
2024-11-21 10:56 |
2013-10-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
