|
289711
|
- |
|
linux
|
linux_kernel
|
Double free vulnerability in the ioctx_alloc function in fs/aio.c in the Linux kernel before 3.12.4 allows local users to cause a denial of service (system crash) or possibly have unspecified other i…
|
CWE-399
Resource Management Errors
|
CVE-2013-7348
|
2024-11-21 11:00 |
2014-04-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
289712
|
- |
|
raoul_proenca
|
gnew
|
Multiple SQL injection vulnerabilities in Gnew 2013.1 allow remote attackers to execute arbitrary SQL commands via the (1) news_id parameter to news/send.php, (2) thread_id parameter to posts/edit.ph…
|
CWE-89
SQL Injection
|
CVE-2013-7349
|
2024-11-21 11:00 |
2014-04-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
289713
|
- |
|
redhat
|
conga
enterprise_linux
|
Luci in Red Hat Conga does not properly enforce the user session timeout, which might allow attackers to gain access to the session by reading the __ac session cookie. NOTE: this issue has been SPLI…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2013-7347
|
2024-11-21 11:00 |
2014-03-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
289714
|
- |
|
getsymphony
|
symphony
|
Cross-site request forgery (CSRF) vulnerability in Symphony CMS before 2.3.2 allows remote attackers to hijack the authentication of administrators for requests that conduct SQL injection attacks via…
|
CWE-352
Origin Validation Error
|
CVE-2013-7346
|
2024-11-21 11:00 |
2014-03-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
289715
|
- |
|
linux
|
linux_kernel
|
The rds_ib_laddr_check function in net/rds/ib.c in the Linux kernel before 3.12.8 allows local users to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecif…
|
CWE-476
NULL Pointer Dereference
|
CVE-2013-7339
|
2024-11-21 11:00 |
2014-03-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
289716
|
- |
|
christos_zoulas
php
debian
|
file
php
debian_linux
|
The BEGIN regular expression in the awk script detector in magic/Magdir/commands in file before 5.15 uses multiple wildcards with unlimited repetitions, which allows context-dependent attackers to ca…
|
NVD-CWE-noinfo
|
CVE-2013-7345
|
2024-11-21 11:00 |
2014-03-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
289717
|
- |
|
owncloud
|
owncloud
|
Unspecified vulnerability in core/settings.php in ownCloud before 4.0.12 and 4.5.x before 4.5.6 allows remote authenticated users to execute arbitrary PHP code via unknown vectors. NOTE: this issue …
|
NVD-CWE-noinfo
|
CVE-2013-7344
|
2024-11-21 11:00 |
2014-03-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
289718
|
- |
|
flowplayer
|
flowplayer_html5
|
Cross-site scripting (XSS) vulnerability in flowplayer.swf in the Flash fallback feature in Flowplayer HTML5 5.4.1 allows remote attackers to inject arbitrary web script or HTML via the callback para…
|
CWE-79
Cross-site Scripting
|
CVE-2013-7342
|
2024-11-21 11:00 |
2014-03-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
289719
|
- |
|
flowplayer
|
flowplayer_html5
|
Cross-site scripting (XSS) vulnerability in flowplayer.swf in the Flash fallback feature in Flowplayer HTML5 5.4.3 allows remote attackers to inject arbitrary web script or HTML by using URL encoding…
|
CWE-79
Cross-site Scripting
|
CVE-2013-7343
|
2024-11-21 11:00 |
2014-03-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
289720
|
- |
|
flowplayer
moodle
|
flowplayer_flash
moodle
|
Multiple cross-site scripting (XSS) vulnerabilities in Flowplayer Flash before 3.2.17, as used in Moodle through 2.3.11, 2.4.x before 2.4.9, 2.5.x before 2.5.5, and 2.6.x before 2.6.2, allow remote a…
|
CWE-79
Cross-site Scripting
|
CVE-2013-7341
|
2024-11-21 11:00 |
2014-03-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
