|
287901
|
- |
|
cisco
|
webex_sales_center
|
Cross-site scripting (XSS) vulnerability in the product-creation administrative page in Cisco WebEx Sales Center allows remote attackers to inject arbitrary web script or HTML via a crafted URL, aka …
|
CWE-79
Cross-site Scripting
|
CVE-2013-6711
|
2024-11-21 10:59 |
2013-12-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
287902
|
- |
|
cisco
|
webex_training_center
|
Cross-site request forgery (CSRF) vulnerability in Cisco WebEx Training Center allows remote attackers to hijack the authentication of unspecified victims via unknown vectors, aka Bug ID CSCul25567.
|
CWE-352
Origin Validation Error
|
CVE-2013-6710
|
2024-11-21 10:59 |
2013-12-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
287903
|
- |
|
cisco
|
webex_training_center
|
The registration component in Cisco WebEx Training Center provides the training-session URL before payment is completed, which allows remote attackers to bypass intended access restrictions and join …
|
CWE-200
Information Exposure
|
CVE-2013-6709
|
2024-11-21 10:59 |
2013-12-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
287904
|
- |
|
linux
|
linux_kernel
|
The recalculate_apic_map function in arch/x86/kvm/lapic.c in the KVM subsystem in the Linux kernel through 3.12.5 allows guest OS users to cause a denial of service (host OS crash) via a crafted ICR …
|
CWE-189
Numeric Errors
|
CVE-2013-6376
|
2024-11-21 10:59 |
2013-12-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
287905
|
- |
|
linux
redhat
|
linux_kernel
enterprise_linux
|
The KVM subsystem in the Linux kernel through 3.12.5 allows local users to gain privileges or cause a denial of service (system crash) via a VAPIC synchronization operation involving a page-end addre…
|
CWE-20
Improper Input Validation
|
CVE-2013-6368
|
2024-11-21 10:59 |
2013-12-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
287906
|
- |
|
linux
|
linux_kernel
|
The apic_get_tmcct function in arch/x86/kvm/lapic.c in the KVM subsystem in the Linux kernel through 3.12.5 allows guest OS users to cause a denial of service (divide-by-zero error and host OS crash)…
|
CWE-189
Numeric Errors
|
CVE-2013-6367
|
2024-11-21 10:59 |
2013-12-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
287907
|
- |
|
openstack
|
heat
|
The ReST API in OpenStack Orchestration API (Heat) before Havana 2013.2.1 and Icehouse before icehouse-2 allows remote authenticated users to bypass the tenant scoping restrictions via a modified ten…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2013-6428
|
2024-11-21 10:59 |
2013-12-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
287908
|
- |
|
openstack
|
heat
|
The cloudformation-compatible API in OpenStack Orchestration API (Heat) before Havana 2013.2.1 and Icehouse before icehouse-2 does not properly enforce policy rules, which allows local in-instance us…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2013-6426
|
2024-11-21 10:59 |
2013-12-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
287909
|
- |
|
openttd
|
openttd
|
The HandleCrashedAircraft function in aircraft_cmd.cpp in OpenTTD 0.3.6 through 1.3.2 allows remote attackers to cause a denial of service (out-of-bounds read and crash) by crashing an aircraft outsi…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2013-6411
|
2024-11-21 10:59 |
2013-12-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
287910
|
- |
|
openstack
canonical
redhat
|
keystone
ubuntu_linux
openstack
|
The ec2tokens API in OpenStack Identity (Keystone) before Havana 2013.2.1 and Icehouse before icehouse-2 does not return a trust-scoped token when one is received, which allows remote trust users to …
|
CWE-269
Improper Privilege Management
|
CVE-2013-6391
|
2024-11-21 10:59 |
2013-12-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
