Lista CVE - 2013 / Agosto
Visualizzazione 301 - 357 di 357 CVE per Agosto 2013 (Pagina 4 di 4)
| ID CVE | Data | Titolo |
|---|---|---|
| CVE-2013-4138 | 2013-08-28 | Cross-site scripting (XSS) vulnerability in the Hatch theme 7.x-1.x before 7.x-1.4 for Drupal allows remote authenticated users with the "Administer content," "Create new article," or "Edit any article type content"... |
| CVE-2013-4139 | 2013-08-28 | The Stage File Proxy module 7.x-1.x before 7.x-1.4 for Drupal allows remote attackers to cause a denial of service (file operations performance degradation and failure) via a large number of... |
| CVE-2013-4272 | 2013-08-28 | The BOTCHA Spam Prevention module 7.x-1.x before 7.x-1.6, 7.x-2.x before 7.x-2.1, and 7.x-3.x before 7.x-3.3 for Drupal, when the debugging level is set to 5 or 6, logs the content... |
| CVE-2013-4274 | 2013-08-28 | Cross-site scripting (XSS) vulnerability in the password_policy_admin_view function in password_policy.admin.inc in the Password Policy module 6.x-1.x before 6.x-1.6 and 7.x-1.x before 7.x-1.5 for Drupal allows remote authenticated users with the... |
| CVE-2013-1432 | 2013-08-28 | Xen 4.1.x and 4.2.x, when the XSA-45 patch is in place, does not properly maintain references on pages stored for deferred cleanup, which allows local PV guest kernels to cause... |
| CVE-2013-2072 | 2013-08-28 | Buffer overflow in the Python bindings for the xc_vcpu_setaffinity call in Xen 4.0.x, 4.1.x, and 4.2.x allows local administrators with permissions to configure VCPU affinity to cause a denial of... |
| CVE-2013-2076 | 2013-08-28 | Xen 4.0.x, 4.1.x, and 4.2.x, when running on AMD64 processors, only save/restore the FOP, FIP, and FDP x87 registers in FXSAVE/FXRSTOR when an exception is pending, which allows one domain... |
| CVE-2013-2077 | 2013-08-28 | Xen 4.0.x, 4.1.x, and 4.2.x does not properly restrict the contents of a XRSTOR, which allows local PV guest users to cause a denial of service (unhandled exception and hypervisor... |
| CVE-2013-2211 | 2013-08-28 | The libxenlight (libxl) toolstack library in Xen 4.0.x, 4.1.x, and 4.2.x uses weak permissions for xenstore keys for paravirtualised and emulated serial console devices, which allows local guest administrators to... |
| CVE-2013-2212 | 2013-08-28 | The vmx_set_uc_mode function in Xen 3.3 through 4.3, when disabling caches, allows local HVM guests with access to memory mapped I/O regions to cause a denial of service (CPU consumption... |
| CVE-2013-3495 | 2013-08-28 | The Intel VT-d Interrupt Remapping engine in Xen 3.3.x through 4.3.x allows local guests to cause a denial of service (kernel panic) via a malformed Message Signaled Interrupt (MSI) from... |
| CVE-2013-4111 | 2013-08-28 | The Python client library for Glance (python-glanceclient) before 0.10.0 does not properly check the preverify_ok value, which prevents the server hostname from being verified with a domain name in the... |
| CVE-2013-2176 | 2013-08-28 | Unquoted Windows search path vulnerability in the Red Hat Enterprise Virtualization Application Provisioning Tool (RHEV-APT) in the rhev-guest-tools-iso package 3.2 allows local users to gain privileges via a Trojan horse... |
| CVE-2013-2035 | 2013-08-28 | Race condition in hawtjni-runtime/src/main/java/org/fusesource/hawtjni/runtime/Library.java in HawtJNI before 1.8, when a custom library path is not specified, allows local users to execute arbitrary Java code by overwriting a temporary JAR file... |
| CVE-2013-2178 | 2013-08-28 | The apache-auth.conf, apache-nohome.conf, apache-noscript.conf, and apache-overflows.conf files in Fail2ban before 0.8.10 do not properly validate log messages, which allows remote attackers to block arbitrary IP addresses via certain messages in... |
| CVE-2013-5018 | 2013-08-28 | The is_asn1 function in strongSwan 4.1.11 through 5.0.4 does not properly validate the return value of the asn1_length function, which allows remote attackers to cause a denial of service (segmentation... |
| CVE-2013-3466 | 2013-08-29 | The EAP-FAST authentication module in Cisco Secure Access Control Server (ACS) 4.x before 4.2.1.15.11, when a RADIUS server configuration is enabled, does not properly parse user identities, which allows remote... |
| CVE-2013-3468 | 2013-08-29 | The Cisco Unified IP Phone 8945 with software 9.3(2) allows remote attackers to cause a denial of service (device hang) via a malformed PNG file, aka Bug ID CSCud04270. |
| CVE-2013-3471 | 2013-08-29 | The captive portal application in Cisco Identity Services Engine (ISE) allows remote attackers to discover cleartext usernames and passwords by leveraging unspecified use of hidden form fields in an HTML... |
| CVE-2013-3472 | 2013-08-29 | Cross-site request forgery (CSRF) vulnerability in the Enterprise License Manager (ELM) in Cisco Unified Communications Manager (CM) allows remote attackers to hijack the authentication of arbitrary users for requests that... |
| CVE-2013-4003 | 2013-08-29 | Multiple cross-site scripting (XSS) vulnerabilities in IBM TRIRIGA Application Platform 2.x and 3.x before 3.3.1.1, and 8, allow remote authenticated users to inject arbitrary web script or HTML via (1)... |
| CVE-2013-5209 | 2013-08-29 | The sctp_send_initiate_ack function in sys/netinet/sctp_output.c in the SCTP implementation in the kernel in FreeBSD 8.3 through 9.2-PRERELEASE does not properly initialize the state-cookie data structure, which allows remote attackers to... |
| CVE-2013-5588 | 2013-08-29 | Multiple cross-site scripting (XSS) vulnerabilities in Cacti 0.8.8b and earlier allow remote attackers to inject arbitrary web script or HTML via (1) the step parameter to install/index.php or (2) the... |
| CVE-2013-5589 | 2013-08-29 | SQL injection vulnerability in cacti/host.php in Cacti 0.8.8b and earlier allows remote attackers to execute arbitrary SQL commands via the id parameter. |
| CVE-2013-5645 | 2013-08-29 | Multiple cross-site scripting (XSS) vulnerabilities in Roundcube webmail before 0.9.3 allow user-assisted remote attackers to inject arbitrary web script or HTML via the body of a message visited in (1)... |
| CVE-2013-5646 | 2013-08-29 | Cross-site scripting (XSS) vulnerability in Roundcube webmail 1.0-git allows remote authenticated users to inject arbitrary web script or HTML via the Name field of an addressbook group. |
| CVE-2013-5647 | 2013-08-29 | lib/sounder/sound.rb in the sounder gem 1.0.1 for Ruby allows remote attackers to execute arbitrary commands via shell metacharacters in a filename. |
| CVE-2013-5648 | 2013-08-29 | Absolute path traversal vulnerability in the handleStartDataFile function in DigiDocSAXParser.c in libdigidoc 3.6.0.0, as used in ID-software before 3.7.2 and other products, allows remote attackers to overwrite arbitrary files via... |
| CVE-2013-3463 | 2013-08-30 | The protocol-inspection feature on Cisco Adaptive Security Appliances (ASA) devices does not properly implement the idle timeout, which allows remote attackers to cause a denial of service (connection-table exhaustion) via... |
| CVE-2013-3467 | 2013-08-30 | Memory leak in the CLI component on Cisco Unified Computing System (UCS) 6100 Fabric Interconnect devices, in certain situations that lack a SPAN session, allows local users to cause a... |
| CVE-2013-3470 | 2013-08-30 | The RIP process in Cisco IOS XR allows remote attackers to cause a denial of service (process crash) via a crafted version-2 RIP packet, aka Bug ID CSCue46731. |
| CVE-2012-5744 | 2013-08-30 | Multiple cross-site scripting (XSS) vulnerabilities in the guest portal in Cisco Identity Services Engine (ISE) Software allow remote attackers to inject arbitrary web script or HTML via unspecified vectors, aka... |
| CVE-2013-3474 | 2013-08-30 | The Web Administrator Interface on Cisco Wireless LAN Controller (WLC) devices allows remote authenticated users to cause a denial of service (device crash) by leveraging membership in the Full Manager... |
| CVE-2013-5469 | 2013-08-30 | The TCP implementation in Cisco IOS does not properly implement the transitions from the ESTABLISHED state to the CLOSED state, which allows remote attackers to cause a denial of service... |
| CVE-2013-3346 | 2013-08-30 | Adobe Reader and Acrobat 9.x before 9.5.5, 10.x before 10.1.7, and 11.x before 11.0.03 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified... |
| CVE-2013-4702 | 2013-08-30 | Multiple directory traversal vulnerabilities in the doApiAction function in data/class/api/SC_Api_Operation.php in LOCKON EC-CUBE 2.12.0 through 2.12.5 on Windows allow remote attackers to read arbitrary files via vectors involving a (1)... |
| CVE-2013-3485 | 2013-08-30 | Multiple untrusted search path vulnerabilities in Soda PDF 5.1.183.10520 allow local users to gain privileges via a Trojan horse (1) dwmapi.dll or (2) api-ms-win-core-localregistry-l1-1-0.dll file in the current working directory. |
| CVE-2012-6590 | 2013-08-31 | The web-based management UI in Palo Alto Networks PAN-OS 4.0.x before 4.0.8 allows remote attackers to obtain verbose error information via crafted input, aka Ref ID 33139. |
| CVE-2012-6591 | 2013-08-31 | The device-management command-line interface in Palo Alto Networks PAN-OS before 3.1.10 and 4.0.x before 4.0.5 allows remote authenticated administrators to execute arbitrary commands via unspecified vectors, aka Ref ID 31116. |
| CVE-2012-6592 | 2013-08-31 | Palo Alto Networks PAN-OS before 3.1.10 and 4.0.x before 4.0.5 allows remote attackers to execute arbitrary commands via unspecified vectors, aka Ref ID 31091. |
| CVE-2012-6593 | 2013-08-31 | Palo Alto Networks PAN-OS before 3.1.10 and 4.0.x before 4.0.4 allows remote attackers to execute arbitrary commands via unspecified vectors, aka Ref ID 30088. |
| CVE-2012-6594 | 2013-08-31 | The device-management command-line interface in Palo Alto Networks PAN-OS before 3.1.11, 4.0.x before 4.0.8, and 4.1.x before 4.1.1 allows remote authenticated administrators to execute arbitrary commands via unspecified vectors, aka... |
| CVE-2012-6595 | 2013-08-31 | The device-management command-line interface in Palo Alto Networks PAN-OS 4.0.x before 4.0.9 and 4.1.x before 4.1.2 allows remote authenticated administrators to execute arbitrary commands via unspecified vectors, aka Ref ID... |
| CVE-2012-6596 | 2013-08-31 | Palo Alto Networks PAN-OS 4.0.x before 4.0.9 and 4.1.x before 4.1.3 stores cleartext LDAP bind passwords in authd.log, which allows context-dependent attackers to obtain sensitive information by reading this file,... |
| CVE-2012-6597 | 2013-08-31 | Palo Alto Networks PAN-OS before 3.1.11 and 4.0.x before 4.0.9 allows remote authenticated users to cause a denial of service (management-server crash) by using the command-line interface for a crafted... |
| CVE-2012-6598 | 2013-08-31 | The device-management command-line interface in Palo Alto Networks PAN-OS 4.0.x before 4.0.8 allows remote authenticated users to execute arbitrary commands via unspecified vectors, aka Ref ID 33080. |
| CVE-2012-6599 | 2013-08-31 | The device-management command-line interface in Palo Alto Networks PAN-OS 4.0.x before 4.0.8 and 4.1.x before 4.1.1 allows remote authenticated users to execute arbitrary commands via unspecified vectors, aka Ref ID... |
| CVE-2012-6600 | 2013-08-31 | The device-management command-line interface in Palo Alto Networks PAN-OS 4.0.x before 4.0.9 and 4.1.x before 4.1.2 allows remote authenticated users to execute arbitrary commands via unspecified vectors, aka Ref ID... |
| CVE-2012-6601 | 2013-08-31 | The device-management command-line interface in Palo Alto Networks PAN-OS before 3.1.12, 4.0.x before 4.0.10, and 4.1.x before 4.1.4 allows remote attackers to execute arbitrary code via unspecified vectors, aka Ref... |
| CVE-2012-6602 | 2013-08-31 | The device-management command-line interface in Palo Alto Networks PAN-OS before 3.1.10 and 4.0.x before 4.0.4 allows remote authenticated users to execute arbitrary commands via unspecified vectors, aka Ref ID 30122. |
| CVE-2012-6603 | 2013-08-31 | The web management UI in Palo Alto Networks PAN-OS before 3.1.12, 4.0.x before 4.0.10, and 4.1.x before 4.1.4 allows remote attackers to bypass authentication and obtain administrator privileges via unspecified... |
| CVE-2012-6604 | 2013-08-31 | The device-management command-line interface in Palo Alto Networks PAN-OS before 3.1.11 and 4.0.x before 4.0.9 allows remote authenticated users to execute arbitrary code via unspecified vectors, aka Ref ID 35249. |
| CVE-2012-6605 | 2013-08-31 | The device-management command-line interface in Palo Alto Networks PAN-OS before 3.1.11 and 4.0.x before 4.0.9 allows remote authenticated users to execute arbitrary code via unspecified vectors, aka Ref ID 34896. |
| CVE-2012-6606 | 2013-08-31 | Palo Alto Networks GlobalProtect before 1.1.7, and NetConnect, does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof portal servers and obtain sensitive information via a... |
| CVE-2013-5663 | 2013-08-31 | The App-ID cache feature in Palo Alto Networks PAN-OS before 4.0.14, 4.1.x before 4.1.11, and 5.0.x before 5.0.2 allows remote attackers to bypass intended security policies via crafted requests that... |
| CVE-2013-5664 | 2013-08-31 | Cross-site scripting (XSS) vulnerability in the web-based device-management API browser in Palo Alto Networks PAN-OS before 4.1.13 and 5.0.x before 5.0.6 allows remote attackers to inject arbitrary web script or... |
| CVE-2013-3469 | 2013-09-04 | Cisco Mobility Services Engine does not properly set up the Oracle SSL service, which allows remote attackers to obtain an unauthenticated session to the database-replication port, and consequently obtain sensitive... |
| CVE-2013-5470 | 2013-09-04 | Cisco Secure Access Control System (ACS) does not properly handle requests to read from the TACACS+ socket, which allows remote attackers to cause a denial of service (process crash) via... |
| CVE-2013-1661 | 2013-09-04 | VMware ESXi 4.0 through 5.1, and ESX 4.0 and 4.1, does not properly implement the Network File Copy (NFC) protocol, which allows man-in-the-middle attackers to cause a denial of service... |
| CVE-2013-5471 | 2013-09-05 | Cross-site request forgery (CSRF) vulnerability in the web framework in Cisco Global Site Selector (GSS) allows remote attackers to hijack the authentication of arbitrary users, aka Bug ID CSCuh42164. |
| CVE-2013-3479 | 2013-09-05 | Cross-site request forgery (CSRF) vulnerability in the ShareThis plugin before 7.0.6 for WordPress allows remote attackers to hijack the authentication of administrators for requests that modify this plugin's settings. |
| CVE-2013-1645 | 2013-09-05 | Directory traversal vulnerability in Open-Xchange Server before 6.20.7 rev14, 6.22.0 before rev13, and 6.22.1 before rev14 allows remote authenticated users to read arbitrary files via a .. (dot dot) in... |
| CVE-2013-1646 | 2013-09-05 | Multiple cross-site scripting (XSS) vulnerabilities in Open-Xchange Server before 6.20.7 rev14, 6.22.0 before rev13, and 6.22.1 before rev14 allow remote attackers to inject arbitrary web script or HTML via (1)... |
| CVE-2013-1647 | 2013-09-05 | Multiple CRLF injection vulnerabilities in Open-Xchange Server before 6.20.7 rev14, 6.22.0 before rev13, and 6.22.1 before rev14 allow remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting... |
| CVE-2013-1648 | 2013-09-05 | The Subscriptions feature in Open-Xchange Server before 6.20.7 rev14, 6.22.0 before rev13, and 6.22.1 before rev14 does not properly validate the publication-source URL, which allows remote authenticated users to trigger... |
| CVE-2013-1649 | 2013-09-05 | Open-Xchange Server before 6.20.7 rev14, 6.22.0 before rev13, and 6.22.1 before rev14 uses the crypt and SHA-1 algorithms for password hashing, which makes it easier for context-dependent attackers to obtain... |
| CVE-2013-1650 | 2013-09-05 | Open-Xchange Server before 6.20.7 rev14, 6.22.0 before rev13, and 6.22.1 before rev14 uses weak permissions (group "other" readable) under opt/open-xchange/etc/, which allows local users to obtain sensitive information via standard... |
| CVE-2013-1651 | 2013-09-05 | OXUpdater in Open-Xchange Server before 6.20.7 rev14, 6.22.0 before rev13, and 6.22.1 before rev14 does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof update servers... |
| CVE-2013-2582 | 2013-09-05 | CRLF injection vulnerability in the redirect servlet in Open-Xchange AppSuite and Server before 6.22.0 rev15, 6.22.1 before rev17, 7.0.1 before rev6, and 7.0.2 before rev7 allows remote attackers to inject... |
| CVE-2013-2583 | 2013-09-05 | Multiple cross-site scripting (XSS) vulnerabilities in Open-Xchange AppSuite and Server before 6.20.7 rev16, 6.22.0 before rev15, 6.22.1 before rev17, 7.0.1 before rev6, and 7.0.2 before rev7 allow remote attackers to... |
| CVE-2013-3106 | 2013-09-05 | Multiple cross-site scripting (XSS) vulnerabilities in Open-Xchange AppSuite and Server before 6.20.7 rev18, 6.22.0 before rev16, 6.22.1 before rev19, 7.0.1 before rev7, 7.0.2 before rev11, and 7.2.0 before rev8 allow... |
| CVE-2013-3276 | 2013-09-05 | EMC RSA Archer GRC 5.x before 5.4 allows remote authenticated users to bypass intended access restrictions and complete a login by leveraging a deactivated account. |
| CVE-2013-3277 | 2013-09-05 | Open redirect vulnerability in EMC RSA Archer GRC 5.x before 5.4 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vectors. |
| CVE-2013-4790 | 2013-09-05 | Open-Xchange AppSuite before 7.0.2 rev14, 7.2.0 before rev11, 7.2.1 before rev10, and 7.2.2 before rev9 relies on user-supplied data to predict the IMAP server hostname for an external domain name,... |
| CVE-2013-5035 | 2013-09-05 | Multiple race conditions in HtmlCleaner before 2.6, as used in Open-Xchange AppSuite 7.2.2 before rev13 and other products, allow remote authenticated users to read the private e-mail of other persons... |
| CVE-2013-5698 | 2013-09-05 | Cross-site scripting (XSS) vulnerability in Open-Xchange AppSuite and Server before 6.22.0 rev16, 6.22.1 before rev19, 7.0.1 before rev7, 7.0.2 before rev11, and 7.2.0 before rev8 allows remote authenticated users to... |
| CVE-2012-5990 | 2013-09-06 | Multiple cross-site scripting (XSS) vulnerabilities in Health Monitor Login pages in Cisco Prime Network Control System (NCS) and Wireless Control System (WCS) allow remote attackers to inject arbitrary web script... |
| CVE-2013-1115 | 2013-09-06 | Buffer overflow in Cisco WebEx Advanced Recording Format (ARF) player T27 LD before SP32 EP16, T27 L10N before SP32_ORION111, and T28 before T28.8 allows remote attackers to execute arbitrary code... |
| CVE-2013-1116 | 2013-09-06 | Buffer overflow in Cisco WebEx Advanced Recording Format (ARF) player T27 LD before SP32 EP16, T27 L10N before SP32_ORION111, and T28 before T28.8 allows remote attackers to execute arbitrary code... |
| CVE-2013-1117 | 2013-09-06 | Buffer overflow in the exception handler in Cisco WebEx Recording Format (WRF) player T27 LD before SP32 EP16, T27 L10N before SP32_ORION111, and T28 before T28.8 allows remote attackers to... |
| CVE-2013-1118 | 2013-09-06 | Stack-based buffer overflow in Cisco WebEx Recording Format (WRF) player T27 LD before SP32 EP16, T27 L10N before SP32_ORION111, and T28 before T28.8 allows remote attackers to execute arbitrary code... |
| CVE-2013-1119 | 2013-09-06 | Buffer overflow in Cisco WebEx Recording Format (WRF) player T27 LD before SP32 EP16, T27 L10N before SP32_ORION111, and T28 before T28.8 allows remote attackers to execute arbitrary code or... |
| CVE-2013-1228 | 2013-09-06 | Cisco Jabber on Windows does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and modify the client-server data stream via a crafted certificate, aka... |
| CVE-2013-3599 | 2013-09-06 | userlogin.jsp in Coursemill Learning Management System (LMS) 6.6 and 6.8 allows remote attackers to gain privileges via a modified user-role value to home.html. |
| CVE-2013-3600 | 2013-09-06 | Coursemill Learning Management System (LMS) 6.6 allows remote authenticated users to gain privileges via a modified userid value to unspecified functions. |
| CVE-2013-3601 | 2013-09-06 | Coursemill Learning Management System (LMS) 6.6 does not properly restrict JSP function calls, which allows remote authenticated users to perform arbitrary JSP operations by leveraging the Student role and providing... |
| CVE-2013-3602 | 2013-09-06 | SQL injection vulnerability in admindocumentworker.jsp in Coursemill Learning Management System (LMS) 6.6 allows remote authenticated users to execute arbitrary SQL commands via the docID parameter. |
| CVE-2013-3603 | 2013-09-06 | Cross-site scripting (XSS) vulnerability in Coursemill Learning Management System (LMS) 6.6 allows remote attackers to inject arbitrary web script or HTML via vectors related to error messages. |
| CVE-2013-3604 | 2013-09-06 | Multiple cross-site scripting (XSS) vulnerabilities in Coursemill Learning Management System (LMS) 6.6 allow remote attackers to inject arbitrary web script or HTML via crafted input. |
| CVE-2013-3605 | 2013-09-06 | Cross-site request forgery (CSRF) vulnerability in Coursemill Learning Management System (LMS) 6.6 allows remote attackers to hijack the authentication of arbitrary users via vectors related to cookies. |
| CVE-2013-5706 | 2013-09-06 | Multiple cross-site scripting (XSS) vulnerabilities in Coursemill Learning Management System (LMS) 6.8 allow remote attackers to inject arbitrary web script or HTML via vectors related to error messages and (1)... |
| CVE-2013-5707 | 2013-09-06 | Multiple cross-site scripting (XSS) vulnerabilities in Coursemill Learning Management System (LMS) 6.8 allow remote attackers to inject arbitrary web script or HTML via crafted input containing a %22 sequence, a... |
| CVE-2013-5708 | 2013-09-06 | Coursemill Learning Management System (LMS) 6.8 constructs secret tokens based on time values, which makes it easier for remote attackers to conduct cross-site request forgery (CSRF) attacks via vectors related... |
| CVE-2013-3607 | 2013-09-08 | Multiple stack-based buffer overflows in the web interface in the Intelligent Platform Management Interface (IPMI) implementation on Supermicro H8DC*, H8DG*, H8SCM-F, H8SGL-F, H8SM*, X7SP*, X8DT*, X8SI*, X9DAX-*, X9DB*, X9DR*, X9QR*,... |
| CVE-2013-3608 | 2013-09-08 | The web interface in the Intelligent Platform Management Interface (IPMI) implementation on Supermicro H8DC*, H8DG*, H8SCM-F, H8SGL-F, H8SM*, X7SP*, X8DT*, X8SI*, X9DAX-*, X9DB*, X9DR*, X9QR*, X9SBAA-F, X9SC*, X9SPU-F, and X9SR*... |
| CVE-2013-3609 | 2013-09-08 | The web interface in the Intelligent Platform Management Interface (IPMI) implementation on Supermicro H8DC*, H8DG*, H8SCM-F, H8SGL-F, H8SM*, X7SP*, X8DT*, X8SI*, X9DAX-*, X9DB*, X9DR*, X9QR*, X9SBAA-F, X9SC*, X9SPU-F, and X9SR*... |
| CVE-2013-5483 | 2013-09-08 | Cross-site scripting (XSS) vulnerability in bookmarklet.jsp in Cisco SocialMiner allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, aka Bug ID CSCuh73868. |
| CVE-2013-3458 | 2013-09-08 | Cisco Adaptive Security Appliances (ASA) devices, when SMP is used, do not properly process X.509 certificates, which allows remote attackers to cause a denial of service (device crash) via a... |
| CVE-2013-5132 | 2013-09-08 | Apple AirPort Base Station Firmware before 7.6.4 does not properly handle incorrect frame lengths, which allows remote attackers to cause a denial of service (device crash) by associating with the... |
| CVE-2013-0531 | 2013-09-08 | The SSL implementation in IBM Security AppScan Enterprise before 8.7.0.1 enables cipher suites with weak encryption algorithms, which makes it easier for remote attackers to obtain sensitive information by sniffing... |