|
290401
|
- |
|
matrix42
|
service_store
|
Cross-site scripting (XSS) vulnerability in SPS/Portal/default.aspx in Service Desk in Matrix42 Service Store 5.3 SP3 (aka 5.33.946.0) allows remote attackers to inject arbitrary web script or HTML v…
|
CWE-79
Cross-site Scripting
|
CVE-2013-2504
|
2024-11-21 10:51 |
2013-12-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290402
|
- |
|
x
|
x_display_manager
|
X.Org xdm 1.1.10, 1.1.11, and possibly other versions, when performing authentication using certain implementations of the crypt API function that can return NULL, allows remote attackers to cause a …
|
CWE-310
Cryptographic Issues
|
CVE-2013-2179
|
2024-11-21 10:51 |
2013-12-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290403
|
- |
|
redhat
|
jboss_enterprise_application_platform
enterprise_linux
|
The EJB invocation handler implementation in Red Hat JBossWS, as used in JBoss Enterprise Application Platform (EAP) before 6.2.0, does not properly enforce the method level restrictions for JAX-WS S…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2013-2133
|
2024-11-21 10:51 |
2013-12-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290404
|
- |
|
redhat
openfabrics
|
enterprise_linux
ibutils
|
OpenFabrics ibutils 1.5.7 allows local users to overwrite arbitrary files via a symlink attack on (1) ibdiagnet.db, (2) ibdiagnet.fdbs, (3) ibdiagnet_ibis.log, (4) ibdiagnet.log, (5) ibdiagnet.lst, (…
|
CWE-59
Link Following
|
CVE-2013-2561
|
2024-11-21 10:51 |
2013-11-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290405
|
- |
|
dlink
|
dsl-2740b_firmware
dsl-2740b
|
The D-Link DSL-2740B Gateway with firmware EU_1.0, when an active administrator session exists, allows remote attackers to bypass authentication and gain administrator access via a request to login.c…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2013-2271
|
2024-11-21 10:51 |
2013-11-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290406
|
- |
|
mediawiki
|
mediawiki
|
Unrestricted file upload vulnerability in the chunk upload API in MediaWiki 1.19 through 1.19.6 and 1.20.x before 1.20.6 allows remote attackers to execute arbitrary code by uploading a file with an …
|
NVD-CWE-Other
|
CVE-2013-2114
|
2024-11-21 10:51 |
2013-11-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290407
|
- |
|
openvz
|
vzkernel
|
vzkernel before 042stab080.2 in the OpenVZ modification for the Linux kernel 2.6.32 does not initialize certain length variables, which allows local users to obtain sensitive information from kernel …
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2013-2239
|
2024-11-21 10:51 |
2013-11-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290408
|
- |
|
andreas_krennmair
|
tpp
|
tpp 1.3.1 allows remote attackers to execute arbitrary commands via a --exec command in a TPP template file.
|
CWE-94
Code Injection
|
CVE-2013-2208
|
2024-11-21 10:51 |
2013-10-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290409
|
- |
|
redhat
ubuntu
|
jboss_enterprise_portal_platform
openshift
jboss_enterprise_brms_platform
jboss_enterprise_web_server
ubuntu
|
The DiskFileItem class in Apache Commons FileUpload, as used in Red Hat JBoss BRMS 5.3.1; JBoss Portal 4.3 CP07, 5.2.2, and 6.0.0; and Red Hat JBoss Web Server 1.0.2 allows remote attackers to write …
|
CWE-20
Improper Input Validation
|
CVE-2013-2186
|
2024-11-21 10:51 |
2013-10-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290410
|
- |
|
redhat
|
jboss_enterprise_portal_platform
|
The default configuration of Red Hat JBoss Portal before 6.1.0 enables the JGroups diagnostics service with no authentication when a JGroups channel is started, which allows remote attackers to obtai…
|
CWE-287
Improper Authentication
|
CVE-2013-2102
|
2024-11-21 10:51 |
2013-10-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
