|
291931
|
- |
|
enghouseinteractive
|
ivr_pro
|
An unspecified Enghouse Interactive Professional Services "addon product" in Enghouse Interactive IVR Pro (VIP2000) 9.0.3 (rel903), when using OpenVZ and fallback customization, uses the same SSH pri…
|
CWE-310
Cryptographic Issues
|
CVE-2013-6838
|
2024-11-21 10:59 |
2014-01-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291932
|
- |
|
ibm
|
global_security_kit
tivoli_directory_server
security_directory_server
|
IBM GSKit 7.x before 7.0.4.48 and 8.x before 8.0.50.16, as used in IBM Security Directory Server (ISDS) and Tivoli Directory Server (TDS), allows remote attackers to cause a denial of service (applic…
|
CWE-20
Improper Input Validation
|
CVE-2013-6747
|
2024-11-21 10:59 |
2014-01-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291933
|
- |
|
libreswan
|
libreswan
|
Libreswan 3.7 and earlier allows remote attackers to cause a denial of service (NULL pointer dereference and IKE daemon restart) via IKEv2 packets that lack expected payloads.
|
NVD-CWE-Other
|
CVE-2013-6467
|
2024-11-21 10:59 |
2014-01-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291934
|
- |
|
xelerance
|
openswan
|
Openswan 2.6.39 and earlier allows remote attackers to cause a denial of service (NULL pointer dereference and IKE daemon restart) via IKEv2 packets that lack expected payloads.
|
NVD-CWE-Other
|
CVE-2013-6466
|
2024-11-21 10:59 |
2014-01-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291935
|
- |
|
pivotal_software
vmware
|
spring_framework
|
The SourceHttpMessageConverter in Spring MVC in Spring Framework before 3.2.5 and 4.0.0.M1 through 4.0.0.RC1 does not disable external entity resolution, which allows remote attackers to read arbitra…
|
CWE-352
CWE-611
Origin Validation Error
XXE
|
CVE-2013-6429
|
2024-11-21 10:59 |
2014-01-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291936
|
- |
|
apple
canonical
|
cups
ubuntu_linux
|
lppasswd in CUPS before 1.7.1, when running with setuid privileges, allows local users to read portions of arbitrary files via a modified HOME environment variable and a symlink attack involving .cup…
|
CWE-59
Link Following
|
CVE-2013-6891
|
2024-11-21 10:59 |
2014-01-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291937
|
- |
|
yahoo
|
toolbar
|
Cross-site scripting (XSS) vulnerability in clickstream.js in Y! Toolbar plugin for FireFox 3.1.0.20130813024103 for Mac, and 2.5.9.2013418100420 for Windows, allows remote attackers to inject arbitr…
|
CWE-79
Cross-site Scripting
|
CVE-2013-6853
|
2024-11-21 10:59 |
2014-01-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291938
|
- |
|
redhat
|
libvirt
|
Multiple race conditions in the (1) virDomainBlockStats, (2) virDomainGetBlockInf, (3) qemuDomainBlockJobImpl, and (4) virDomainGetBlockIoTune functions in libvirt before 1.2.1 do not properly verify…
|
CWE-362
Race Condition
|
CVE-2013-6458
|
2024-11-21 10:59 |
2014-01-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291939
|
- |
|
redhat
|
libvirt
|
The libxlDomainGetNumaParameters function in the libxl driver (libxl/libxl_driver.c) in libvirt before 1.2.1 does not properly initialize the nodemap, which allows local users to cause a denial of se…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2013-6457
|
2024-11-21 10:59 |
2014-01-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291940
|
- |
|
redhat
|
enterprise_virtualization_manager
|
The remote-viewer in Red Hat Enterprise Virtualization Manager (RHEV-M) before 3.3, when using a native SPICE client invocation method, initially makes insecure connections to the SPICE server, which…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2013-6434
|
2024-11-21 10:59 |
2014-01-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
