|
291211
|
- |
|
linux
|
linux_kernel
|
The ioapic_read_indirect function in virt/kvm/ioapic.c in the Linux kernel through 3.8.4 does not properly handle a certain combination of invalid IOAPIC_REG_SELECT and IOAPIC_REG_WINDOW operations, …
|
CWE-20
Improper Input Validation
|
CVE-2013-1798
|
2024-11-21 10:50 |
2013-03-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291212
|
- |
|
linux
|
linux_kernel
|
Use-after-free vulnerability in arch/x86/kvm/x86.c in the Linux kernel through 3.8.4 allows guest OS users to cause a denial of service (host OS memory corruption) or possibly have unspecified other …
|
CWE-399
Resource Management Errors
|
CVE-2013-1797
|
2024-11-21 10:50 |
2013-03-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291213
|
- |
|
linux
|
linux_kernel
|
The kvm_set_msr_common function in arch/x86/kvm/x86.c in the Linux kernel through 3.8.4 does not ensure a required time_page alignment during an MSR_KVM_SYSTEM_TIME operation, which allows guest OS u…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2013-1796
|
2024-11-21 10:50 |
2013-03-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291214
|
- |
|
linux
|
linux_kernel
|
Race condition in the install_user_keyrings function in security/keys/process_keys.c in the Linux kernel before 3.8.3 allows local users to cause a denial of service (NULL pointer dereference and sys…
|
CWE-362
Race Condition
|
CVE-2013-1792
|
2024-11-21 10:50 |
2013-03-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291215
|
- |
|
matomo
|
matomo
|
Cross-site scripting (XSS) vulnerability in Piwik before 1.11 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
|
CWE-79
Cross-site Scripting
|
CVE-2013-1844
|
2024-11-21 10:50 |
2013-03-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291216
|
- |
|
rubygems
|
command_wrap
|
command_wrap.rb in the command_wrap Gem for Ruby allows remote attackers to execute arbitrary commands via shell metacharacters in a URL or filename.
|
CWE-94
Code Injection
|
CVE-2013-1875
|
2024-11-21 10:50 |
2013-03-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291217
|
- |
|
realnetworks
|
realplayer
realplayer_sp
|
Heap-based buffer overflow in RealNetworks RealPlayer before 16.0.1.18 and RealPlayer SP 1.0 through 1.1.5 allows remote attackers to execute arbitrary code via a malformed MP4 file.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2013-1750
|
2024-11-21 10:50 |
2013-03-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291218
|
- |
|
puppet
puppetlabs
|
puppet
puppet_enterprise
|
Puppet 2.7.x before 2.7.21 and 3.1.x before 3.1.1, when running Ruby 1.9.3 or later, allows remote attackers to execute arbitrary code via vectors related to "serialized attributes."
|
CWE-20
Improper Input Validation
|
CVE-2013-1655
|
2024-11-21 10:50 |
2013-03-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291219
|
- |
|
puppetlabs
puppet
canonical
|
puppet
puppet_enterprise
ubuntu_linux
|
Puppet 2.7.x before 2.7.21 and 3.1.x before 3.1.1, and Puppet Enterprise 2.7.x before 2.7.2, does not properly negotiate the SSL protocol between client and master, which allows remote attackers to c…
|
NVD-CWE-noinfo
|
CVE-2013-1654
|
2024-11-21 10:50 |
2013-03-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291220
|
- |
|
puppet
puppetlabs
canonical
|
puppet
puppet_enterprise
ubuntu_linux
|
Puppet before 2.6.18, 2.7.x before 2.7.21, and 3.1.x before 3.1.1, and Puppet Enterprise before 1.2.7 and 2.7.x before 2.7.2, when listening for incoming connections is enabled and allowing access to…
|
NVD-CWE-noinfo
|
CVE-2013-1653
|
2024-11-21 10:50 |
2013-03-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
