|
289871
|
- |
|
json-c
fedoraproject
|
json-c
fedora
|
Buffer overflow in the printbuf APIs in json-c before 0.12 allows remote attackers to cause a denial of service via unspecified vectors.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2013-6370
|
2024-11-21 10:59 |
2014-04-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
289872
|
- |
|
redhat
fedoraproject
|
libvirt
fedora
|
The LXC driver (lxc/lxc_driver.c) in libvirt 1.0.1 through 1.2.1 allows local users to (1) delete arbitrary host devices via the virDomainDeviceDettach API and a symlink attack on /dev in the contain…
|
CWE-59
Link Following
|
CVE-2013-6456
|
2024-11-21 10:59 |
2014-04-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
289873
|
- |
|
cambridge_enterprise
|
jbig-kit
|
Stack-based buffer overflow in the jbg_dec_in function in libjbig/jbig.c in JBIG-KIT before 2.1 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2013-6369
|
2024-11-21 10:59 |
2014-04-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
289874
|
- |
|
redhat
|
jboss_bpm_suite
jboss_enterprise_brms_platform
jboss_drools
|
JBoss Drools, Red Hat JBoss BRMS before 6.0.1, and Red Hat JBoss BPM Suite before 6.0.1 allows remote authenticated users to execute arbitrary Java code via a (1) MVFLEX Expression Language (MVEL) or…
|
CWE-94
Code Injection
|
CVE-2013-6468
|
2024-11-21 10:59 |
2014-04-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
289875
|
- |
|
chainfire
|
supersu
|
The Chainfire SuperSU package before 1.69 for Android allows attackers to gain privileges via the (1) backtick or (2) $() type of shell metacharacters in the -c option to /system/xbin/su.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2013-6775
|
2024-11-21 10:59 |
2014-03-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
289876
|
- |
|
koushik_dutta
|
superuser
|
The CyanogenMod/ClockWorkMod/Koush Superuser package 1.0.2.1 for Android allows attackers to gain privileges via shell metacharacters in the -c option to /system/xbin/su.
|
CWE-20
Improper Input Validation
|
CVE-2013-6769
|
2024-11-21 10:59 |
2014-03-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
289877
|
- |
|
koushik_dutta
google
|
superuser
android
|
The CyanogenMod/ClockWorkMod/Koush Superuser package 1.0.2.1 for Android 4.3 and 4.4 does not properly restrict the set of users who can execute /system/xbin/su with the --daemon option, which allows…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2013-6770
|
2024-11-21 10:59 |
2014-03-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
289878
|
- |
|
chainfire
androidsu
koushik_dutta
|
supersu
chainsdd_superuser
superuser
|
Untrusted search path vulnerability in the ChainsDD Superuser package 3.1.3 for Android 4.2.x and earlier, CyanogenMod/ClockWorkMod/Koush Superuser package 1.0.2.1 for Android 4.2.x and earlier, and …
|
NVD-CWE-Other
|
CVE-2013-6774
|
2024-11-21 10:59 |
2014-03-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
289879
|
- |
|
koushik_dutta
|
superuser
|
Untrusted search path vulnerability in the CyanogenMod/ClockWorkMod/Koush Superuser package 1.0.2.1 for Android 4.2.x and earlier allows attackers to trigger the launch of a Trojan horse app_process …
|
CWE-22
Path Traversal
|
CVE-2013-6768
|
2024-11-21 10:59 |
2014-03-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
289880
|
- |
|
ibm
|
quickfile
|
Cross-site scripting (XSS) vulnerability in IBM QuickFile 1.0.0.0 before iFix 4 and 1.1.0.1 before iFix 3 allows remote authenticated users to inject arbitrary web script or HTML via a crafted URL.
|
CWE-79
Cross-site Scripting
|
CVE-2013-6729
|
2024-11-21 10:59 |
2014-03-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
