|
291771
|
- |
|
thecus
|
n8800_nas_server_firmware
n8800_nas_server
|
The Thecus NAS server N8800 with firmware 5.03.01 allows remote attackers to execute arbitrary commands via a get_userid action with shell metacharacters in the username parameter.
|
CWE-78
OS Command
|
CVE-2013-5667
|
2024-11-21 10:57 |
2014-01-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291772
|
- |
|
ibm
|
tivoli_storage_manager
|
The client in IBM Tivoli Storage Manager (TSM) 6.3.1 and 6.4.0 on Windows does not preserve permissions of Resilient File System (ReFS) files across backup and restore operations, which allows local …
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2013-5371
|
2024-11-21 10:57 |
2014-01-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291773
|
- |
|
ibm
|
tivoli_federated_identity_manager
|
The Risk Based Access functionality in IBM Tivoli Federated Identity Manager (TFIM) 6.2.2 before FP9 and Tivoli Federated Identity Manager Business Gateway (TFIMBG) 6.2.2 before FP9 does not prevent …
|
CWE-287
Improper Authentication
|
CVE-2013-5429
|
2024-11-21 10:57 |
2014-01-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291774
|
- |
|
google
|
picasa
|
Stack-based buffer overflow in Picasa3.exe in Google Picasa before 3.9.0 Build 137.69 might allow remote attackers to execute arbitrary code via a crafted RAW file, as demonstrated using a KDC file w…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2013-5359
|
2024-11-21 10:57 |
2014-01-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291775
|
- |
|
google
|
picasa
|
Picasa3.exe in Google Picasa before 3.9.0 Build 137.69 allows remote attackers to trigger memory corruption via a crafted TIFF tag, as demonstrated using a KDC file with a DSLR-A100 model and certain…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2013-5358
|
2024-11-21 10:57 |
2014-01-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291776
|
- |
|
google
|
picasa
|
Integer overflow in Picasa3.exe in Google Picasa before 3.9.0 Build 137.69 allows remote attackers to execute arbitrary code via a long TIFF tag that triggers a heap-based buffer overflow, as demonst…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2013-5357
|
2024-11-21 10:57 |
2014-01-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291777
|
- |
|
google
|
picasa
|
Integer underflow in Picasa3.exe in Google Picasa before 3.9.0 Build 137.69 allows remote attackers to execute arbitrary code via a crafted JPEG tag that triggers a heap-based buffer overflow, as dem…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2013-5349
|
2024-11-21 10:57 |
2014-01-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291778
|
- |
|
ibm
|
z\/os
i
|
The OSPF implementation in IBM i 6.1 and 7.1, in z/OS on zSeries servers, and in Networking Operating System (aka NOS, formerly BLADE Operating System) does not properly validate Link State Advertise…
|
CWE-20
Improper Input Validation
|
CVE-2013-5385
|
2024-11-21 10:57 |
2014-01-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291779
|
- |
|
opensuse
ntp
oracle
|
opensuse
ntp
linux
|
The monlist feature in ntp_request.c in ntpd in NTP before 4.2.7p26 allows remote attackers to cause a denial of service (traffic amplification) via forged (1) REQ_MON_GETLIST or (2) REQ_MON_GETLIST_…
|
CWE-20
Improper Input Validation
|
CVE-2013-5211
|
2024-11-21 10:57 |
2014-01-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291780
|
- |
|
jenkins
|
jenkins
|
Cross-site scripting (XSS) vulnerability in the default markup formatter in Jenkins 1.523 allows remote attackers to inject arbitrary web script or HTML via the Description field in the user configur…
|
CWE-79
Cross-site Scripting
|
CVE-2013-5573
|
2024-11-21 10:57 |
2014-01-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
