|
291231
|
- |
|
openafs
|
openafs
|
Integer overflow in ptserver in OpenAFS before 1.6.2 allows remote attackers to cause a denial of service (crash) via a large list from the IdToName RPC, which triggers a heap-based buffer overflow.
|
CWE-189
Numeric Errors
|
CVE-2013-1795
|
2024-11-21 10:50 |
2013-03-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291232
|
- |
|
openafs
|
openafs
|
Buffer overflow in certain client utilities in OpenAFS before 1.6.2 allows remote authenticated users to cause a denial of service (crash) and possibly execute arbitrary code via a long fileserver AC…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2013-1794
|
2024-11-21 10:50 |
2013-03-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291233
|
- |
|
perl
|
perl
|
The rehash mechanism in Perl 5.8.2 through 5.16.x allows context-dependent attackers to cause a denial of service (memory consumption and crash) via a crafted hash key.
|
CWE-399
Resource Management Errors
|
CVE-2013-1667
|
2024-11-21 10:50 |
2013-03-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291234
|
- |
|
apache
|
rave
|
The users/get program in the User RPC API in Apache Rave 0.11 through 0.20 allows remote authenticated users to obtain sensitive information about all user accounts via the offset parameter, as demon…
|
CWE-200
Information Exposure
|
CVE-2013-1814
|
2024-11-21 10:50 |
2013-03-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291235
|
- |
|
indusoft
advantech
|
web_studio
advantech_studio
|
Absolute path traversal vulnerability in NTWebServer.exe in Indusoft Studio 7.0 and earlier and Advantech Studio 7.0 and earlier allows remote attackers to read arbitrary files via a full pathname in…
|
CWE-22
Path Traversal
|
CVE-2013-1627
|
2024-11-21 10:50 |
2013-03-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291236
|
- |
|
stunnel
|
stunnel
|
stunnel 4.21 through 4.54, when CONNECT protocol negotiation and NTLM authentication are enabled, does not correctly perform integer conversion, which allows remote proxy servers to execute arbitrary…
|
CWE-94
Code Injection
|
CVE-2013-1762
|
2024-11-21 10:50 |
2013-03-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291237
|
- |
|
spreecommerce
|
spree
|
Spree Commerce 1.0.x through 1.3.2 allows remote authenticated administrators to instantiate arbitrary Ruby objects and execute arbitrary commands via the (1) payment_method parameter to core/app/con…
|
CWE-20
Improper Input Validation
|
CVE-2013-1656
|
2024-11-21 10:50 |
2013-03-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291238
|
- |
|
linux
|
linux_kernel
|
The _xfs_buf_find function in fs/xfs/xfs_buf.c in the Linux kernel before 3.7.6 does not validate block numbers, which allows local users to cause a denial of service (NULL pointer dereference and sy…
|
CWE-20
Improper Input Validation
|
CVE-2013-1819
|
2024-11-21 10:50 |
2013-03-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291239
|
- |
|
php
|
php
|
The SOAP parser in PHP before 5.3.23 and 5.4.x before 5.4.13 allows remote attackers to read arbitrary files via a SOAP WSDL file containing an XML external entity declaration in conjunction with an …
|
CWE-200
Information Exposure
|
CVE-2013-1643
|
2024-11-21 10:50 |
2013-03-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291240
|
- |
|
php
|
php
|
ext/soap/soap.c in PHP before 5.3.22 and 5.4.x before 5.4.13 does not validate the relationship between the soap.wsdl_cache_dir directive and the open_basedir directive, which allows remote attackers…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2013-1635
|
2024-11-21 10:50 |
2013-03-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
