|
296911
|
- |
|
redhat
apple
php
|
enterprise_linux
mac_os_x
php
|
The SOAP parser in PHP before 5.3.22 and 5.4.x before 5.4.12 allows remote attackers to read arbitrary files via a SOAP WSDL file containing an XML external entity declaration in conjunction with an …
|
CWE-611
XXE
|
CVE-2013-1824
|
2024-11-21 10:50 |
2013-09-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
296912
|
- |
|
open-xchange
|
open-xchange_server
|
OXUpdater in Open-Xchange Server before 6.20.7 rev14, 6.22.0 before rev13, and 6.22.1 before rev14 does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spo…
|
CWE-310
Cryptographic Issues
|
CVE-2013-1651
|
2024-11-21 10:50 |
2013-09-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
296913
|
- |
|
open-xchange
|
open-xchange_server
|
Open-Xchange Server before 6.20.7 rev14, 6.22.0 before rev13, and 6.22.1 before rev14 uses weak permissions (group "other" readable) under opt/open-xchange/etc/, which allows local users to obtain se…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2013-1650
|
2024-11-21 10:50 |
2013-09-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
296914
|
- |
|
open-xchange
|
open-xchange_server
|
Open-Xchange Server before 6.20.7 rev14, 6.22.0 before rev13, and 6.22.1 before rev14 uses the crypt and SHA-1 algorithms for password hashing, which makes it easier for context-dependent attackers t…
|
CWE-255
Credentials Management
|
CVE-2013-1649
|
2024-11-21 10:50 |
2013-09-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
296915
|
- |
|
open-xchange
|
open-xchange_server
|
The Subscriptions feature in Open-Xchange Server before 6.20.7 rev14, 6.22.0 before rev13, and 6.22.1 before rev14 does not properly validate the publication-source URL, which allows remote authentic…
|
CWE-20
Improper Input Validation
|
CVE-2013-1648
|
2024-11-21 10:50 |
2013-09-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
296916
|
- |
|
open-xchange
|
open-xchange_server
|
Multiple CRLF injection vulnerabilities in Open-Xchange Server before 6.20.7 rev14, 6.22.0 before rev13, and 6.22.1 before rev14 allow remote attackers to inject arbitrary HTTP headers and conduct HT…
|
CWE-94
Code Injection
|
CVE-2013-1647
|
2024-11-21 10:50 |
2013-09-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
296917
|
- |
|
open-xchange
|
open-xchange_server
|
Multiple cross-site scripting (XSS) vulnerabilities in Open-Xchange Server before 6.20.7 rev14, 6.22.0 before rev13, and 6.22.1 before rev14 allow remote attackers to inject arbitrary web script or H…
|
CWE-79
Cross-site Scripting
|
CVE-2013-1646
|
2024-11-21 10:50 |
2013-09-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
296918
|
- |
|
open-xchange
|
open-xchange_server
|
Directory traversal vulnerability in Open-Xchange Server before 6.20.7 rev14, 6.22.0 before rev13, and 6.22.1 before rev14 allows remote authenticated users to read arbitrary files via a .. (dot dot)…
|
CWE-22
Path Traversal
|
CVE-2013-1645
|
2024-11-21 10:50 |
2013-09-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
296919
|
- |
|
vmware
|
esxi
esx
|
VMware ESXi 4.0 through 5.1, and ESX 4.0 and 4.1, does not properly implement the Network File Copy (NFC) protocol, which allows man-in-the-middle attackers to cause a denial of service (unhandled ex…
|
CWE-20
Improper Input Validation
|
CVE-2013-1661
|
2024-11-21 10:50 |
2013-09-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
296920
|
- |
|
redhat
|
hawtjni
|
Race condition in hawtjni-runtime/src/main/java/org/fusesource/hawtjni/runtime/Library.java in HawtJNI before 1.8, when a custom library path is not specified, allows local users to execute arbitrary…
|
CWE-94
Code Injection
|
CVE-2013-2035
|
2024-11-21 10:50 |
2013-08-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
