|
290551
|
- |
|
canonical
|
ubuntu_linux
maas
|
Untrusted search path vulnerability in maas-import-pxe-files in MAAS before 13.10 allows local users to execute arbitrary code via a Trojan horse import_pxe_files configuration file in the current wo…
|
CWE-20
Improper Input Validation
|
CVE-2013-1057
|
2024-11-21 10:48 |
2013-11-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290552
|
- |
|
novell
|
zenworks_configuration_management
|
Directory traversal vulnerability in the GetFle method in the umaninv service in Novell ZENworks Configuration Management (ZCM) 11.2.3 allows remote attackers to read arbitrary files via a .. (dot do…
|
CWE-22
Path Traversal
|
CVE-2013-1084
|
2024-11-21 10:48 |
2013-11-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290553
|
- |
|
canonical
|
ubuntu_linux
|
X.org X server 1.13.3 and earlier, when not run as root, allows local users to cause a denial of service (crash) or possibly gain privileges via vectors involving cached xkb files.
|
NVD-CWE-noinfo
|
CVE-2013-1056
|
2024-11-21 10:48 |
2013-10-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290554
|
- |
|
canonical
|
ubuntu_linux
|
Apport 2.12.5 and earlier uses weak permissions for core dump files created by setuid binaries, which allows local users to obtain sensitive information by reading the file.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2013-1067
|
2024-11-21 10:48 |
2013-10-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290555
|
- |
|
cartpauj
|
mingle-forum
|
Multiple cross-site request forgery (CSRF) vulnerabilities in the Mingle Forum plugin 1.0.34 and possibly earlier for WordPress allow remote attackers to hijack the authentication of administrators f…
|
CWE-352
Origin Validation Error
|
CVE-2013-0736
|
2024-11-21 10:48 |
2013-10-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290556
|
- |
|
corel
|
pdf_fusion
|
Stack-based buffer overflow in Corel PDF Fusion 1.11 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a long ZIP directory entry name in an XPS f…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2013-0742
|
2024-11-21 10:48 |
2013-10-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290557
|
- |
|
ubuntu_developers
canonical
|
language-selector
ubuntu_linux
|
language-selector 0.110.x before 0.110.1, 0.90.x before 0.90.1, and 0.79.x before 0.79.4 does not properly use D-Bus for communication with a polkit authority, which allows local users to bypass inte…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2013-1066
|
2024-11-21 10:48 |
2013-10-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290558
|
- |
|
martin_pitt
canonical
|
jockey
ubuntu_linux
|
backend.py in Jockey before 0.9.7-0ubuntu7.11 does not properly use D-Bus for communication with a polkit authority, which allows local users to bypass intended access restrictions by leveraging a Po…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2013-1065
|
2024-11-21 10:48 |
2013-10-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290559
|
- |
|
canonical
|
apt-xapian-index
ubuntu_linux
|
apt-xapian-index before 0.45ubuntu2.1, 0.44ubuntu7.1, and 0.44ubuntu5.1 does not properly use D-Bus for communication with a polkit authority, which allows local users to bypass intended access restr…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2013-1064
|
2024-11-21 10:48 |
2013-10-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290560
|
- |
|
canonical
evan_dandrea
|
ubuntu_linux
usb-creator
|
usb-creator 0.2.47 before 0.2.47.1, 0.2.40 before 0.2.40ubuntu2, and 0.2.38 before 0.2.38.2 does not properly use D-Bus for communication with a polkit authority, which allows local users to bypass i…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2013-1063
|
2024-11-21 10:48 |
2013-10-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
