|
291781
|
- |
|
linux
|
linux_kernel
|
Buffer overflow in the exitcode_proc_write function in arch/um/kernel/exitcode.c in the Linux kernel before 3.12 allows local users to cause a denial of service or possibly have unspecified other imp…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2013-4512
|
2024-11-21 10:55 |
2013-11-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291782
|
- |
|
linux
|
linux_kernel
|
Multiple integer overflows in Alchemy LCD frame-buffer drivers in the Linux kernel before 3.12 allow local users to create a read-write memory mapping for the entirety of kernel memory, and consequen…
|
CWE-189
Numeric Errors
|
CVE-2013-4511
|
2024-11-21 10:55 |
2013-11-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291783
|
- |
|
openbsd
|
openssh
|
The mm_newkeys_from_blob function in monitor_wrap.c in sshd in OpenSSH 6.2 and 6.3, when an AES-GCM cipher is used, does not properly initialize memory for a MAC context data structure, which allows …
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2013-4548
|
2024-11-21 10:55 |
2013-11-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291784
|
7.5 |
HIGH
Network
|
lighttpd
debian
opensuse
|
lighttpd
debian_linux
opensuse
|
lighttpd before 1.4.34, when SNI is enabled, configures weak SSL ciphers, which makes it easier for remote attackers to hijack sessions by inserting packets into the client-server data stream or obta…
|
CWE-326
Inadequate Encryption Strength
|
CVE-2013-4508
|
2024-11-21 10:55 |
2013-11-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291785
|
- |
|
openstack
|
havana
grizzly
folsom
|
The XenAPI backend in OpenStack Compute (Nova) Folsom, Grizzly, and Havana before 2013.2 does not properly apply security groups (1) when resizing an image or (2) during live migration, which allows …
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2013-4497
|
2024-11-21 10:55 |
2013-11-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291786
|
- |
|
ldap-account-manager
|
ldap_account_manager
|
Cross-site scripting (XSS) vulnerability in templates/login.php in LDAP Account Manager (LAM) 4.3 and 4.2.1 allows remote attackers to inject arbitrary web script or HTML via the language parameter.
|
CWE-79
Cross-site Scripting
|
CVE-2013-4453
|
2024-11-21 10:55 |
2013-11-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291787
|
- |
|
libguestfs
suse
novell
|
libguestfs
suse_linux_enterprise_software_development_kit
suse_linux_enterprise_server
|
The guestfish command in libguestfs 1.20.12, 1.22.7, and earlier, when using the --remote or --listen option, does not properly check the ownership of /tmp/.guestfish-$UID/ when creating a temporary …
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2013-4419
|
2024-11-21 10:55 |
2013-11-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291788
|
- |
|
saltstack
|
salt
|
Salt (aka SaltStack) before 0.15.0 through 0.17.0 allows remote authenticated minions to impersonate arbitrary minions via a crafted minion with a valid key.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2013-4439
|
2024-11-21 10:55 |
2013-11-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291789
|
- |
|
saltstack
|
salt
|
Salt (aka SaltStack) before 0.17.1 allows remote attackers to execute arbitrary YAML code via unspecified vectors. NOTE: the vendor states that this might not be a vulnerability because the YAML to …
|
CWE-94
Code Injection
|
CVE-2013-4438
|
2024-11-21 10:55 |
2013-11-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291790
|
- |
|
saltstack
|
salt
|
Unspecified vulnerability in salt-ssh in Salt (aka SaltStack) 0.17.0 has unspecified impact and vectors related to "insecure Usage of /tmp."
|
NVD-CWE-noinfo
|
CVE-2013-4437
|
2024-11-21 10:55 |
2013-11-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
