|
289341
|
- |
|
ibm
|
db2_connect
db2
|
IBM DB2 and DB2 Connect 9.7 through FP8, 9.8 through FP5, 10.1 through FP2, and 10.5 through FP1 allow remote authenticated users to execute DML statements by leveraging EXPLAIN authority.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2013-4033
|
2024-11-21 10:54 |
2013-08-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
289342
|
- |
|
ibm
|
websphere_application_server
|
Cross-site scripting (XSS) vulnerability in the Administrative console in IBM WebSphere Application Server (WAS) 6.1 before 6.1.0.47, 7.0 before 7.0.0.31, 8.0 before 8.0.0.7, and 8.5 before 8.5.5.1 a…
|
CWE-79
Cross-site Scripting
|
CVE-2013-4005
|
2024-11-21 10:54 |
2013-08-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
289343
|
- |
|
ibm
|
websphere_application_server
|
Cross-site scripting (XSS) vulnerability in the Administrative console in IBM WebSphere Application Server (WAS) 8.0 before 8.0.0.7 and 8.5 before 8.5.5.1 allows remote authenticated users to inject …
|
CWE-79
Cross-site Scripting
|
CVE-2013-4004
|
2024-11-21 10:54 |
2013-08-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
289344
|
- |
|
openstack
|
swift
havana
grizzly
folsom
|
OpenStack Swift before 1.9.1 in Folsom, Grizzly, and Havana allows authenticated users to cause a denial of service ("superfluous" tombstone consumption and Swift cluster slowdown) via a DELETE reque…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2013-4155
|
2024-11-21 10:54 |
2013-08-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
289345
|
- |
|
spice_project
canonical
|
spice
ubuntu_linux
|
The (1) red_channel_pipes_add_type and (2) red_channel_pipes_add_empty_msg functions in server/red_channel.c in SPICE before 0.12.4 do not properly perform ring loops, which might allow remote attack…
|
CWE-399
Resource Management Errors
|
CVE-2013-4130
|
2024-11-21 10:54 |
2013-08-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
289346
|
- |
|
ruby-lang
|
ruby
|
The OpenSSL::SSL.verify_certificate_identity function in lib/openssl/ssl.rb in Ruby 1.8 before 1.8.7-p374, 1.9 before 1.9.3-p448, and 2.0 before 2.0.0-p247 does not properly handle a '\0' character i…
|
CWE-310
Cryptographic Issues
|
CVE-2013-4073
|
2024-11-21 10:54 |
2013-08-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
289347
|
- |
|
henri_wahl
|
nagstamon
|
The automatic update request in Nagstamont before 0.9.10 uses a cleartext base64 format for transmission of a username and password, which allows remote attackers to obtain sensitive information by s…
|
CWE-255
Credentials Management
|
CVE-2013-4114
|
2024-11-21 10:54 |
2013-08-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
289348
|
- |
|
redhat
|
jboss_enterprise_application_platform
|
Red Hat JBoss Enterprise Application Platform (EAP) 6.1.0 does not properly cache EJB invocations by remote-naming, which allows remote attackers to hijack sessions by using a remoting client.
|
CWE-16
Configuration
|
CVE-2013-4128
|
2024-11-21 10:54 |
2013-08-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
289349
|
- |
|
ibm
|
advanced_management_module
|
Cross-site scripting (XSS) vulnerability in adv_sw.php in the Advanced Management Module (AMM) with firmware BBET before BBET64G and BPET before BPET64G for IBM BladeCenter systems allows remote atta…
|
CWE-79
Cross-site Scripting
|
CVE-2013-4007
|
2024-11-21 10:54 |
2013-08-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
289350
|
- |
|
ibm
|
system_x3500_m3
flex_system_x440_compute_node
system_x3250_m4
system_x3550_m3
system_x3400_m2
bladecenter
system_x3550_m2
system_x3750_m4
system_x3650_m2
system_x3200_m3
The Intelligent Platform Management Interface (IPMI) implementation in Integrated Management Module (IMM) on IBM BladeCenter, Flex System, System x iDataPlex, and System x3### servers uses cleartext …
|
CWE-310
Cryptographic Issues
|
CVE-2013-4038
|
2024-11-21 10:54 |
2013-08-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
