Cross-site scripting (XSS) vulnerability in IBM Sterling Control Center (SCC) 5.2 before 126.96.36.199, 5.3 before 188.8.131.52, and 5.4 through 184.108.40.206 allows remote authenticated users to inject arbitrary web script or HTML via vectors involving invalid characters.
An unspecified buffer-read method in IBM Sterling Control Center (SCC) 5.2 before 220.127.116.11, 5.3 before 18.104.22.168, and 5.4 through 22.214.171.124 allows remote authenticated users to cause a denial of service via a large file that lacks end-of-line characters.
The 3G Mobile Hotspot feature on the HTC Droid Incredible has a default WPA2 PSK passphrase of 1234567890, which makes it easier for remote attackers to obtain access by leveraging a position within the WLAN coverage area.
The server process in IBM Cognos TM1 10.1.x before 10.1.1 FP1 allows remote attackers to cause a denial of service (daemon crash) via an undocumented API call that triggers the transmission of unexpected data.
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier allows remote attackers to affect integrity via unknown vectors related to Deployment, a different vulnerability than CVE-2013-2400.