|
290301
|
6.1 |
MEDIUM
Network
|
quixplorer_project
|
quixplorer
|
Multiple cross-site scripting (XSS) vulnerabilities in QuiXplorer before 2.5.5 allow remote attackers to inject arbitrary web script or HTML via the (1) dir, (2) item, (3) order, (4) searchitem, (5) …
|
CWE-79
Cross-site Scripting
|
CVE-2013-1642
|
2024-11-21 10:50 |
2020-01-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290302
|
7.8 |
HIGH
Local
|
qemu
debian
novell
|
qemu
debian_linux
open_desktop_server
open_enterprise_server
|
A flaw was found in the way qemu v1.3.0 and later (virtio-rng) validates addresses when guest accesses the config space of a virtio device. If the virtio device has zero/small sized config space, suc…
|
CWE-269
Improper Privilege Management
|
CVE-2013-2016
|
2024-11-21 10:50 |
2019-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290303
|
8.8 |
HIGH
Network
|
automattic
|
w3_super_cache
|
WordPress W3 Super Cache Plugin before 1.3.2 contains a PHP code-execution vulnerability which could allow remote attackers to inject arbitrary code. This issue exists because of an incomplete fix fo…
|
CWE-116
Improper Encoding or Escaping of Output
|
CVE-2013-2011
|
2024-11-21 10:50 |
2019-12-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290304
|
6.5 |
MEDIUM
Network
|
mozilla
|
firefox
|
Mozilla Firefox 20.0a1 and earlier allows remote attackers to cause a denial of service (crash), related to event handling with frames.
|
CWE-20
Improper Input Validation
|
CVE-2013-1689
|
2024-11-21 10:50 |
2019-12-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290305
|
7.5 |
HIGH
Network
|
redhat
|
openstack
openstack_essex
|
openstack-utils openstack-db has insecure password creation
|
CWE-306
Missing Authentication for Critical Function
|
CVE-2013-1793
|
2024-11-21 10:50 |
2019-12-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290306
|
7.5 |
HIGH
Network
|
mediawiki
debian
redhat
fedoraproject
|
mediawiki
debian_linux
enterprise_linux
fedora
|
MediaWiki before 1.19.4 and 1.20.x before 1.20.3 contains an error in the api.php script which allows remote attackers to obtain sensitive information.
|
CWE-200
Information Exposure
|
CVE-2013-1817
|
2024-11-21 10:50 |
2019-11-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290307
|
7.5 |
HIGH
Network
|
mediawiki
debian
redhat
fedoraproject
|
mediawiki
debian_linux
enterprise_linux
fedora
|
MediaWiki before 1.19.4 and 1.20.x before 1.20.3 allows remote attackers to cause a denial of service (application crash) by sending a specially crafted request.
|
CWE-20
Improper Input Validation
|
CVE-2013-1816
|
2024-11-21 10:50 |
2019-11-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290308
|
7.5 |
HIGH
Network
|
mod_ruid2_project
|
mod_ruid2
|
mod_ruid2 before 0.9.8 improperly handles file descriptors which allows remote attackers to bypass security using a CGI script to break out of the chroot.
|
CWE-20
Improper Input Validation
|
CVE-2013-1889
|
2024-11-21 10:50 |
2019-11-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290309
|
5.5 |
MEDIUM
Local
|
redhat
fedoraproject
|
tuned
fedora
|
tuned before 2.x allows local users to kill running processes due to insecure permissions with tuned's ktune service.
|
CWE-20
Improper Input Validation
|
CVE-2013-1820
|
2024-11-21 10:50 |
2019-11-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290310
|
4.3 |
MEDIUM
Network
|
mantisbt
debian
|
mantisbt
debian_linux
|
An access control issue in MantisBT before 1.2.13 allows users with "Reporter" permissions to change any issue to "New".
|
CWE-20
Improper Input Validation
|
CVE-2013-1811
|
2024-11-21 10:50 |
2019-11-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
