|
291381
|
- |
|
ibm
|
tivoli_federated_identity_manager
|
The Risk Based Access functionality in IBM Tivoli Federated Identity Manager (TFIM) 6.2.2 before FP9 and Tivoli Federated Identity Manager Business Gateway (TFIMBG) 6.2.2 before FP9 does not prevent …
|
CWE-287
Improper Authentication
|
CVE-2013-5429
|
2024-11-21 10:57 |
2014-01-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291382
|
- |
|
google
|
picasa
|
Stack-based buffer overflow in Picasa3.exe in Google Picasa before 3.9.0 Build 137.69 might allow remote attackers to execute arbitrary code via a crafted RAW file, as demonstrated using a KDC file w…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2013-5359
|
2024-11-21 10:57 |
2014-01-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291383
|
- |
|
google
|
picasa
|
Picasa3.exe in Google Picasa before 3.9.0 Build 137.69 allows remote attackers to trigger memory corruption via a crafted TIFF tag, as demonstrated using a KDC file with a DSLR-A100 model and certain…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2013-5358
|
2024-11-21 10:57 |
2014-01-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291384
|
- |
|
google
|
picasa
|
Integer overflow in Picasa3.exe in Google Picasa before 3.9.0 Build 137.69 allows remote attackers to execute arbitrary code via a long TIFF tag that triggers a heap-based buffer overflow, as demonst…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2013-5357
|
2024-11-21 10:57 |
2014-01-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291385
|
- |
|
google
|
picasa
|
Integer underflow in Picasa3.exe in Google Picasa before 3.9.0 Build 137.69 allows remote attackers to execute arbitrary code via a crafted JPEG tag that triggers a heap-based buffer overflow, as dem…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2013-5349
|
2024-11-21 10:57 |
2014-01-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291386
|
- |
|
ibm
|
z\/os
i
|
The OSPF implementation in IBM i 6.1 and 7.1, in z/OS on zSeries servers, and in Networking Operating System (aka NOS, formerly BLADE Operating System) does not properly validate Link State Advertise…
|
CWE-20
Improper Input Validation
|
CVE-2013-5385
|
2024-11-21 10:57 |
2014-01-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291387
|
- |
|
opensuse
ntp
oracle
|
opensuse
ntp
linux
|
The monlist feature in ntp_request.c in ntpd in NTP before 4.2.7p26 allows remote attackers to cause a denial of service (traffic amplification) via forged (1) REQ_MON_GETLIST or (2) REQ_MON_GETLIST_…
|
CWE-20
Improper Input Validation
|
CVE-2013-5211
|
2024-11-21 10:57 |
2014-01-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291388
|
- |
|
jenkins
|
jenkins
|
Cross-site scripting (XSS) vulnerability in the default markup formatter in Jenkins 1.523 allows remote attackers to inject arbitrary web script or HTML via the Description field in the user configur…
|
CWE-79
Cross-site Scripting
|
CVE-2013-5573
|
2024-11-21 10:57 |
2014-01-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291389
|
- |
|
esri
|
arcgis_server
|
Multiple cross-site scripting (XSS) vulnerabilities in ESRI ArcGIS for Server 10.1 allow remote authenticated users to inject arbitrary web script or HTML via unspecified vectors.
|
CWE-79
Cross-site Scripting
|
CVE-2013-5222
|
2024-11-21 10:57 |
2013-12-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291390
|
- |
|
hot
|
hotbox_router_firmware
hotbox_router
|
goform/login on the HOT HOTBOX router with software 2.1.11 allows remote attackers to cause a denial of service (device crash) via crafted HTTP POST data.
|
CWE-20
Improper Input Validation
|
CVE-2013-5220
|
2024-11-21 10:57 |
2013-12-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
