|
291491
|
- |
|
google
|
chrome
|
Unspecified vulnerability in the MathML implementation in WebKit in Google Chrome before 25.0.1364.97 on Windows and Linux, and before 25.0.1364.99 on Mac OS X, has unknown impact and remote attack v…
|
NVD-CWE-noinfo
|
CVE-2013-2268
|
2024-11-21 10:51 |
2013-02-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291492
|
8.8 |
HIGH
Network
|
user_photo_project
|
user_photo
|
In WordPress Plugin User Photo 0.9.4, when a photo is uploaded, it is only partially validated and it is possible to upload a backdoor on the server hosting WordPress. This backdoor can be called (ex…
|
CWE-434
Unrestricted Upload of File with Dangerous Type
|
CVE-2013-1916
|
2024-11-21 10:50 |
2022-06-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291493
|
6.5 |
MEDIUM
Network
|
opencart
|
opencart
|
In OpenCart 1.4.7 to 1.5.5.1, implemented anti-traversal code in filemanager.php is ineffective and can be bypassed.
|
CWE-22
Path Traversal
|
CVE-2013-1891
|
2024-11-21 10:50 |
2022-06-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291494
|
9.8 |
CRITICAL
Network
|
starwindsoftware
|
iscsi_san
|
A flaw was found in StarWind iSCSI target. StarWind service does not limit client connections and allocates memory on each connection attempt. An attacker could create a denial of service state by tr…
|
CWE-400
Uncontrolled Resource Consumption
|
CVE-2013-20004
|
2024-11-21 10:50 |
2022-02-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291495
|
8.3 |
HIGH
Adjacent
|
silabs
|
zgm130s037hgn_firmware
zm5202_firmware
zm5101_firmware
zgm2305a27hgn_firmware
zgm230sb27hgn_firmware
|
Z-Wave devices from Sierra Designs (circa 2013) and Silicon Labs (using S0 security) may use a known, shared network key of all zeros, allowing an attacker within radio range to spoof Z-Wave traffic.
|
CWE-338
Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG)
|
CVE-2013-20003
|
2024-11-21 10:50 |
2022-02-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291496
|
9.8 |
CRITICAL
Network
|
themify
|
framework
|
Elemin allows remote attackers to upload and execute arbitrary PHP code via the Themify framework (before 1.2.2) wp-content/themes/elemin/themify/themify-ajax.php file.
|
CWE-434
Unrestricted Upload of File with Dangerous Type
|
CVE-2013-20002
|
2024-11-21 10:50 |
2021-06-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291497
|
7.5 |
HIGH
Network
|
openzfs
|
openzfs
|
An issue was discovered in OpenZFS through 2.0.3. When an NFS share is exported to IPv6 addresses via the sharenfs feature, there is a silent failure to parse the IPv6 address data, and access is all…
|
NVD-CWE-noinfo
|
CVE-2013-20001
|
2024-11-21 10:50 |
2021-02-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291498
|
7.5 |
HIGH
Network
|
python
|
python
|
The gzip_decode function in the xmlrpc client library in Python 3.4 and earlier allows remote attackers to cause a denial of service (memory consumption) via a crafted HTTP request.
|
NVD-CWE-noinfo
|
CVE-2013-1753
|
2024-11-21 10:50 |
2020-03-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291499
|
9.8 |
CRITICAL
Network
|
berkeley
|
boinc
|
Multiple SQL injection vulnerabilities in BOINC allow remote attackers to execute arbitrary SQL commands via unspecified vectors.
|
CWE-89
SQL Injection
|
CVE-2013-2018
|
2024-11-21 10:50 |
2020-02-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291500
|
7.5 |
HIGH
Network
|
intel
|
82574l_controller_firmware
|
A denial of service vulnerability exists in some motherboard implementations of Intel e1000e/82574L network controller devices through 2013-02-06 where the device can be brought into a non-processing…
|
CWE-665
Improper Initialization
|
CVE-2013-1634
|
2024-11-21 10:50 |
2020-02-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
