|
290741
|
- |
|
gitlab
|
gitlab
gitlab-shell
|
GitLab 5.0 before 5.4.2, Community Edition before 6.2.4, Enterprise Edition before 6.2.1 and gitlab-shell before 1.7.8 allows remote attackers to execute arbitrary code via a crafted change using SSH.
|
CWE-94
Code Injection
|
CVE-2013-4581
|
2024-11-21 10:55 |
2014-05-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290742
|
- |
|
gitlab
|
gitlab
|
GitLab before 5.4.2, Community Edition before 6.2.4, and Enterprise Edition before 6.2.1, when using a MySQL backend, allows remote attackers to impersonate arbitrary users and bypass authentication …
|
CWE-287
Improper Authentication
|
CVE-2013-4580
|
2024-11-21 10:55 |
2014-05-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290743
|
- |
|
gnu
|
grub
|
A certain Debian patch for GNU GRUB uses world-readable permissions for grub.cfg, which allows local users to obtain password hashes, as demonstrated by reading the password_pbkdf2 directive in the f…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2013-4577
|
2024-11-21 10:55 |
2014-05-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290744
|
- |
|
mediawiki
|
mediawiki
|
Cross-site scripting (XSS) vulnerability in the TimeMediaHandler extension for MediaWiki before 1.19.10, 1.2x before 1.21.4, and 1.22.x before 1.22.1 allows remote attackers to inject arbitrary web s…
|
CWE-79
Cross-site Scripting
|
CVE-2013-4574
|
2024-11-21 10:55 |
2014-05-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290745
|
- |
|
mediawiki
|
mediawiki
|
Buffer overflow in php-luasandbox in the Scribuntu extension for MediaWiki before 1.19.10, 1.2x before 1.21.4, and 1.22.x before 1.22.1 has unspecified impact and remote vectors.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2013-4571
|
2024-11-21 10:55 |
2014-05-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290746
|
- |
|
mediawiki
|
mediawiki
|
The zend_inline_hash_func function in php-luasandbox in the Scribuntu extension for MediaWiki before 1.19.10, 1.2x before 1.21.4, and 1.22.x before 1.22.1 allows remote attackers to cause a denial of…
|
NVD-CWE-Other
|
CVE-2013-4570
|
2024-11-21 10:55 |
2014-05-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290747
|
- |
|
canonical
qemu
|
ubuntu_linux
qemu
|
hw/net/vmxnet3.c in QEMU 2.0.0-rc0, 1.7.1, and earlier allows local guest users to cause a denial of service or possibly execute arbitrary code via vectors related to (1) RX or (2) TX queue numbers o…
|
CWE-20
Improper Input Validation
|
CVE-2013-4544
|
2024-11-21 10:55 |
2014-05-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290748
|
- |
|
nagios
|
plugins
|
The IPXPING_COMMAND in contrib/check_ipxping.c in Nagios Plugins 1.4.16 allows local users to gain privileges via a symlink attack on /tmp/ipxping/ipxping.
|
CWE-59
Link Following
|
CVE-2013-4215
|
2024-11-21 10:55 |
2014-05-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290749
|
- |
|
dkorunic
|
pam_s\/key
|
A certain Gentoo patch for the PAM S/Key module does not properly clear credentials from memory, which allows local users to obtain sensitive information by reading system memory.
|
CWE-255
Credentials Management
|
CVE-2013-4285
|
2024-11-21 10:55 |
2014-04-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290750
|
- |
|
debian
|
ppthtml
|
Heap-based buffer overflow in the __OLEdecode function in ppthtml 0.5.1 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted .ppt…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2013-4565
|
2024-11-21 10:55 |
2014-04-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
