|
291801
|
- |
|
thoughtbot
|
cocaine
|
The Cocaine gem 0.4.0 through 0.5.2 for Ruby allows context-dependent attackers to execute arbitrary commands via a crafted has object, related to recursive variable interpolation.
|
CWE-78
OS Command
|
CVE-2013-4457
|
2024-11-21 10:55 |
2013-11-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291802
|
- |
|
redhat
|
libvirt
|
The virConnectDomainXMLToNative API function in libvirt 1.1.0 through 1.1.3 checks for the connect:read permission instead of the connect:write permission, which allows attackers to gain domain:write…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2013-4401
|
2024-11-21 10:55 |
2013-11-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291803
|
- |
|
md-systems
|
simplenews
|
Cross-site scripting (XSS) vulnerability in the API in the Simplenews module 6.x-1.x before 6.x-1.5 and 7.x-1.x before 7.x-1.1 for Drupal allows remote attackers to inject arbitrary web script or HTM…
|
CWE-79
Cross-site Scripting
|
CVE-2013-4447
|
2024-11-21 10:55 |
2013-11-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291804
|
- |
|
varnish-cache
varnish_cache_project
|
varnish
varnish_cache
|
Varnish before 3.0.5 allows remote attackers to cause a denial of service (child-process crash and temporary caching outage) via a GET request with trailing whitespace characters and no URI.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2013-4484
|
2024-11-21 10:55 |
2013-11-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291805
|
- |
|
openstack
redhat
|
folsom
grizzly
openstack
|
OpenStack Compute (Nova) Folsom, Grizzly, and earlier, when using Apache Qpid for the RPC backend, does not properly handle errors that occur during messaging, which allows remote attackers to cause …
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2013-4261
|
2024-11-21 10:55 |
2013-10-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291806
|
- |
|
openstack
redhat
|
compute
openstack
|
Algorithmic complexity vulnerability in OpenStack Compute (Nova) before 2013.1.3 and Havana before havana-3 does not properly handle network source security group policy updates, which allows remote …
|
CWE-310
Cryptographic Issues
|
CVE-2013-4185
|
2024-11-21 10:55 |
2013-10-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291807
|
- |
|
gnupg
canonical
|
gnupg
ubuntu_linux
|
The compressed packet parser in GnuPG 1.4.x before 1.4.15 and 2.0.x before 2.0.22 allows remote attackers to cause a denial of service (infinite recursion) via a crafted OpenPGP message.
|
CWE-20
Improper Input Validation
|
CVE-2013-4402
|
2024-11-21 10:55 |
2013-10-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291808
|
- |
|
systemd_project
debian
|
systemd
debian_linux
|
The SetX11Keyboard function in systemd, when PolicyKit Local Authority (PKLA) is used to change the group permissions on the X Keyboard Extension (XKB) layouts description, allows local users in the …
|
CWE-276
Incorrect Default Permissions
|
CVE-2013-4394
|
2024-11-21 10:55 |
2013-10-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291809
|
- |
|
systemd_project
|
systemd
|
journald in systemd, when the origin of native messages is set to file, allows local users to cause a denial of service (logging service blocking) via a crafted file descriptor.
|
NVD-CWE-noinfo
|
CVE-2013-4393
|
2024-11-21 10:55 |
2013-10-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291810
|
- |
|
systemd_project
|
systemd
|
systemd, when updating file permissions, allows local users to change the permissions and SELinux security contexts for arbitrary files via a symlink attack on unspecified files.
|
CWE-59
Link Following
|
CVE-2013-4392
|
2024-11-21 10:55 |
2013-10-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
