|
291351
|
- |
|
open-xchange
|
open-xchange_server
|
OXUpdater in Open-Xchange Server before 6.20.7 rev14, 6.22.0 before rev13, and 6.22.1 before rev14 does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spo…
|
CWE-310
Cryptographic Issues
|
CVE-2013-1651
|
2024-11-21 10:50 |
2013-09-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291352
|
- |
|
open-xchange
|
open-xchange_server
|
Open-Xchange Server before 6.20.7 rev14, 6.22.0 before rev13, and 6.22.1 before rev14 uses weak permissions (group "other" readable) under opt/open-xchange/etc/, which allows local users to obtain se…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2013-1650
|
2024-11-21 10:50 |
2013-09-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291353
|
- |
|
open-xchange
|
open-xchange_server
|
Open-Xchange Server before 6.20.7 rev14, 6.22.0 before rev13, and 6.22.1 before rev14 uses the crypt and SHA-1 algorithms for password hashing, which makes it easier for context-dependent attackers t…
|
CWE-255
Credentials Management
|
CVE-2013-1649
|
2024-11-21 10:50 |
2013-09-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291354
|
- |
|
open-xchange
|
open-xchange_server
|
The Subscriptions feature in Open-Xchange Server before 6.20.7 rev14, 6.22.0 before rev13, and 6.22.1 before rev14 does not properly validate the publication-source URL, which allows remote authentic…
|
CWE-20
Improper Input Validation
|
CVE-2013-1648
|
2024-11-21 10:50 |
2013-09-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291355
|
- |
|
open-xchange
|
open-xchange_server
|
Multiple CRLF injection vulnerabilities in Open-Xchange Server before 6.20.7 rev14, 6.22.0 before rev13, and 6.22.1 before rev14 allow remote attackers to inject arbitrary HTTP headers and conduct HT…
|
CWE-94
Code Injection
|
CVE-2013-1647
|
2024-11-21 10:50 |
2013-09-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291356
|
- |
|
open-xchange
|
open-xchange_server
|
Multiple cross-site scripting (XSS) vulnerabilities in Open-Xchange Server before 6.20.7 rev14, 6.22.0 before rev13, and 6.22.1 before rev14 allow remote attackers to inject arbitrary web script or H…
|
CWE-79
Cross-site Scripting
|
CVE-2013-1646
|
2024-11-21 10:50 |
2013-09-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291357
|
- |
|
open-xchange
|
open-xchange_server
|
Directory traversal vulnerability in Open-Xchange Server before 6.20.7 rev14, 6.22.0 before rev13, and 6.22.1 before rev14 allows remote authenticated users to read arbitrary files via a .. (dot dot)…
|
CWE-22
Path Traversal
|
CVE-2013-1645
|
2024-11-21 10:50 |
2013-09-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291358
|
- |
|
vmware
|
esxi
esx
|
VMware ESXi 4.0 through 5.1, and ESX 4.0 and 4.1, does not properly implement the Network File Copy (NFC) protocol, which allows man-in-the-middle attackers to cause a denial of service (unhandled ex…
|
CWE-20
Improper Input Validation
|
CVE-2013-1661
|
2024-11-21 10:50 |
2013-09-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291359
|
- |
|
redhat
|
hawtjni
|
Race condition in hawtjni-runtime/src/main/java/org/fusesource/hawtjni/runtime/Library.java in HawtJNI before 1.8, when a custom library path is not specified, allows local users to execute arbitrary…
|
CWE-94
Code Injection
|
CVE-2013-2035
|
2024-11-21 10:50 |
2013-08-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291360
|
- |
|
xen
|
xen
|
Xen 4.0.x, 4.1.x, and 4.2.x does not properly restrict the contents of a XRSTOR, which allows local PV guest users to cause a denial of service (unhandled exception and hypervisor crash) via unspecif…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2013-2077
|
2024-11-21 10:50 |
2013-08-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
