|
290471
|
- |
|
pypa
|
pip
|
pip before 1.3 uses HTTP to retrieve packages from the PyPI repository, and does not perform integrity checks on package contents, which allows man-in-the-middle attackers to execute arbitrary code v…
|
CWE-20
Improper Input Validation
|
CVE-2013-1629
|
2024-11-21 10:50 |
2013-08-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290472
|
- |
|
symantec
|
web_gateway
web_gateway_appliance_8450
web_gateway_appliance_8490
|
Multiple SQL injection vulnerabilities in the management console on the Symantec Web Gateway (SWG) appliance before 5.1.1 allow remote authenticated administrators to execute arbitrary SQL commands v…
|
CWE-89
SQL Injection
|
CVE-2013-1617
|
2024-11-21 10:50 |
2013-08-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290473
|
- |
|
symantec
|
web_gateway
web_gateway_appliance_8450
web_gateway_appliance_8490
|
The management console on the Symantec Web Gateway (SWG) appliance before 5.1.1 allows remote attackers to execute arbitrary commands by injecting a command into an application script.
|
CWE-78
OS Command
|
CVE-2013-1616
|
2024-11-21 10:50 |
2013-08-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290474
|
- |
|
redhat
|
satellite
|
The Inter-Satellite Sync (ISS) operation in Red Hat Network (RHN) Satellite 5.3, 5.4, and 5.5 does not properly check client "authenticity," which allows remote attackers to obtain channel content by…
|
CWE-287
Improper Authentication
|
CVE-2013-2056
|
2024-11-21 10:50 |
2013-07-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290475
|
- |
|
apache
collabnet
canonical
opensuse
|
subversion
ubuntu_linux
opensuse
|
Subversion before 1.6.23 and 1.7.x before 1.7.10 allows remote authenticated users to cause a denial of service (FSFS repository corruption) via a newline character in a file name.
|
NVD-CWE-noinfo
|
CVE-2013-1968
|
2024-11-21 10:50 |
2013-07-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290476
|
- |
|
f5
debian
|
nginx
debian_linux
|
http/modules/ngx_http_proxy_module.c in nginx 1.1.4 through 1.2.8 and 1.3.0 through 1.4.0, when proxy_pass is used with untrusted HTTP servers, allows remote attackers to cause a denial of service (c…
|
NVD-CWE-noinfo
|
CVE-2013-2070
|
2024-11-21 10:50 |
2013-07-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290477
|
- |
|
f5
fedoraproject
|
nginx
fedora
|
The ngx_http_parse_chunked function in http/ngx_http_parse.c in nginx 1.3.9 through 1.4.0 allows remote attackers to cause a denial of service (crash) and execute arbitrary code via a chunked Transfe…
|
CWE-787
Out-of-bounds Write
|
CVE-2013-2028
|
2024-11-21 10:50 |
2013-07-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290478
|
- |
|
nashtech
|
easy_php_calendar
|
Multiple cross-site scripting (XSS) vulnerabilities in (1) index.php and (2) datePicker.php in Easy PHP Calendar 6.x and 7.x before 7.0.13 allow remote attackers to inject arbitrary web script or HTM…
|
CWE-79
Cross-site Scripting
|
CVE-2013-1955
|
2024-11-21 10:50 |
2013-07-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290479
|
- |
|
apache
|
activemq
|
Cross-site scripting (XSS) vulnerability in scheduled.jsp in Apache ActiveMQ 5.8.0 and earlier allows remote attackers to inject arbitrary web script or HTML via vectors involving the "cron of a mess…
|
CWE-79
Cross-site Scripting
|
CVE-2013-1879
|
2024-11-21 10:50 |
2013-07-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290480
|
- |
|
chaos_tool_suite_project
|
ctools
|
The Chaos Tool Suite (ctools) module 7.x-1.x before 7.x-1.3 for Drupal does not properly restrict node access, which allows remote authenticated users with the "access content" permission to read res…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2013-1925
|
2024-11-21 10:50 |
2013-07-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
