|
287351
|
- |
|
perl
|
cgi_application_module
|
The CGI::Application module before 4.50_50 and 4.50_51 for Perl, when run modes are not specified, allows remote attackers to obtain sensitive information (web queries and environment details) via ve…
|
CWE-200
Information Exposure
|
CVE-2013-7329
|
2024-11-21 11:00 |
2014-10-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
287352
|
- |
|
linecorp
|
line
|
LINE 3.2.1.83 and earlier on Windows and 3.2.1 and earlier on OS X does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive …
|
CWE-310
Cryptographic Issues
|
CVE-2013-7144
|
2024-11-21 11:00 |
2014-08-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
287353
|
- |
|
cobham
|
aviator_300
sailor_fleetbroadband_150
sailor_900_vsat
aviator_350
sailor_fleetbroadband_250
explorer_bgan
aviator_200
sailor_fleetbroadband_500
aviator_700d
|
Cobham SAILOR 900 VSAT; SAILOR FleetBroadBand 150, 250, and 500; EXPLORER BGAN; and AVIATOR 200, 300, 350, and 700D devices do not properly restrict password recovery, which allows attackers to obtai…
|
NVD-CWE-Other
|
CVE-2013-7180
|
2024-11-21 11:00 |
2014-08-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
287354
|
- |
|
zoll
|
monitor\/defibrillator
|
ZOLL Defibrillator / Monitor X Series has a default (1) supervisor password and (2) service password, which allows physically proximate attackers to modify device configuration and cause a denial of …
|
CWE-255
Credentials Management
|
CVE-2013-7395
|
2024-11-21 11:00 |
2014-08-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
287355
|
- |
|
splunk
|
splunk
|
The "runshellscript echo.sh" script in Splunk before 5.0.5 allows remote authenticated users to execute arbitrary commands via a crafted string. NOTE: this issue was SPLIT from CVE-2013-6771 per ADT…
|
CWE-94
Code Injection
|
CVE-2013-7394
|
2024-11-21 11:00 |
2014-08-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
287356
|
- |
|
apache
|
subversion
|
The daemonize.py module in Subversion 1.8.0 before 1.8.2 allows local users to gain privileges via a symlink attack on the pid file created for (1) svnwcsub.py or (2) irkerbridge.py when the --pidfil…
|
CWE-59
Link Following
|
CVE-2013-7393
|
2024-11-21 11:00 |
2014-07-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
287357
|
- |
|
gitlist
|
gitlist
|
Gitlist allows remote attackers to execute arbitrary commands via shell metacharacters in a file name to Source/.
|
NVD-CWE-Other
|
CVE-2013-7392
|
2024-11-21 11:00 |
2014-07-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
287358
|
- |
|
entity_api_project
|
entity_api
|
The Entity API module 7.x-1.x before 7.x-1.2 for Drupal, when using the (a) Views field or (b) area plugins, allows remote attackers to read restricted entities via the (1) field, (2) header, or (3) …
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2013-7391
|
2024-11-21 11:00 |
2014-07-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
287359
|
- |
|
dlink
|
dir-645_firmware
dir-645
|
Multiple cross-site scripting (XSS) vulnerabilities in D-Link DIR-645 Router (Rev. A1) with firmware before 1.04B11 allow remote attackers to inject arbitrary web script or HTML via the (1) deviceid …
|
CWE-79
Cross-site Scripting
|
CVE-2013-7389
|
2024-11-21 11:00 |
2014-07-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
287360
|
- |
|
google
trimble
|
sketchup
|
Heap-based buffer overflow in paintlib, as used in Trimble SketchUp (formerly Google SketchUp) before 2013 (13.0.3689), allows remote attackers to execute arbitrary code via a crafted RLE4-compressed…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2013-7388
|
2024-11-21 11:00 |
2014-07-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
