|
290171
|
- |
|
apache
|
sling_auth_core_component
sling
|
Open redirect vulnerability in the AbstractAuthenticationFormServlet in the Auth Core (org.apache.sling.auth.core) bundle before 1.1.4 in Apache Sling allows remote attackers to redirect users to arb…
|
CWE-20
Improper Input Validation
|
CVE-2013-4390
|
2024-11-21 10:55 |
2013-10-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290172
|
- |
|
redhat
|
jboss_operations_network
|
The storeFiles method in JPADriftServerBean in Red Hat JBoss Operations Network (JON) 3.1.2 allows local users to load arbitrary drift files into a server by writing the files to the temporary direct…
|
CWE-20
Improper Input Validation
|
CVE-2013-4373
|
2024-11-21 10:55 |
2013-10-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290173
|
- |
|
apache
|
shindig
|
The gadget renderer in Apache Shindig 2.5.0 for PHP allows remote attackers to obtain sensitive information via an XML document containing an external entity declaration in conjunction with an entity…
|
CWE-200
Information Exposure
|
CVE-2013-4295
|
2024-11-21 10:55 |
2013-10-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290174
|
- |
|
redhat
|
jboss_operations_network
|
The server in Red Hat JBoss Operations Network (JON) 3.1.2 logs passwords in plaintext, which allows local users to obtain sensitive information by reading the log files.
|
CWE-310
Cryptographic Issues
|
CVE-2013-4293
|
2024-11-21 10:55 |
2013-10-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290175
|
- |
|
quassel-irc
|
quassel_irc
|
SQL injection vulnerability in Quassel IRC before 0.9.1, when Qt 4.8.5 or later and PostgreSQL 8.2 or later are used, allows remote attackers to execute arbitrary SQL commands via a \ (backslash) in …
|
CWE-89
SQL Injection
|
CVE-2013-4422
|
2024-11-21 10:55 |
2013-10-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290176
|
- |
|
nodejs
|
nodejs
|
The HTTP server in Node.js 0.10.x before 0.10.21 and 0.8.x before 0.8.26 allows remote attackers to cause a denial of service (memory and CPU consumption) by sending a large number of pipelined reque…
|
CWE-20
Improper Input Validation
|
CVE-2013-4450
|
2024-11-21 10:55 |
2013-10-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290177
|
- |
|
redhat
feep
|
enterprise_linux
libtar
|
Multiple integer overflows in the th_read function in lib/block.c in libtar before 1.2.20 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long (1…
|
CWE-189
Numeric Errors
|
CVE-2013-4397
|
2024-11-21 10:55 |
2013-10-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290178
|
- |
|
xen
|
xen
|
Use-after-free vulnerability in the libxl_list_cpupool function in the libxl toolstack library in Xen 4.2.x and 4.3.x, when running "under memory pressure," returns the original pointer when the real…
|
CWE-399
Resource Management Errors
|
CVE-2013-4371
|
2024-11-21 10:55 |
2013-10-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290179
|
- |
|
xen
|
xen
|
The ocaml binding for the xc_vcpu_getaffinity function in Xen 4.2.x and 4.3.x frees certain memory that may still be intended for use, which allows local users to cause a denial of service (heap corr…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2013-4370
|
2024-11-21 10:55 |
2013-10-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290180
|
- |
|
xen
|
xen
|
The xlu_vif_parse_rate function in the libxlu library in Xen 4.2.x and 4.3.x allows local users to cause a denial of service (NULL pointer dereference) by using the "@" character as the VIF rate conf…
|
NVD-CWE-Other
|
CVE-2013-4369
|
2024-11-21 10:55 |
2013-10-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
