|
291211
|
- |
|
apache
|
xml_security_for_c\+\+
|
Apache Santuario XML Security for C++ (aka xml-security-c) before 1.7.1 does not properly validate length values, which allows remote attackers to cause a denial of service or bypass the CVE-2009-021…
|
CWE-20
Improper Input Validation
|
CVE-2013-2155
|
2024-11-21 10:51 |
2013-08-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291212
|
- |
|
apache
|
xml_security_for_c\+\+
|
Stack-based buffer overflow in the XML Signature Reference functionality (xsec/dsig/DSIGReference.cpp) in Apache Santuario XML Security for C++ (aka xml-security-c) before 1.7.1 allows context-depend…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2013-2154
|
2024-11-21 10:51 |
2013-08-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291213
|
- |
|
apache
|
xml_security_for_c\+\+
|
The XML digital signature functionality (xsec/dsig/DSIGReference.cpp) in Apache Santuario XML Security for C++ (aka xml-security-c) before 1.7.1 allows context-dependent attackers to reuse signatures…
|
CWE-310
Cryptographic Issues
|
CVE-2013-2153
|
2024-11-21 10:51 |
2013-08-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291214
|
- |
|
apache
|
cxf
|
The streaming XML parser in Apache CXF 2.5.x before 2.5.10, 2.6.x before 2.6.7, and 2.7.x before 2.7.4 allows remote attackers to cause a denial of service (CPU and memory consumption) via crafted XM…
|
CWE-399
Resource Management Errors
|
CVE-2013-2160
|
2024-11-21 10:51 |
2013-08-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291215
|
- |
|
canonical
opensuse
perlmonks
|
ubuntu_linux
opensuse
module\
|
The cpansign verify functionality in the Module::Signature module before 0.72 for Perl allows attackers to bypass the signature check and execute arbitrary code via a SIGNATURE file with a "special u…
|
CWE-20
Improper Input Validation
|
CVE-2013-2145
|
2024-11-21 10:51 |
2013-08-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291216
|
- |
|
apache
|
cloudstack
|
Multiple cross-site scripting (XSS) vulnerabilities in Apache CloudStack before 4.1.1 allow remote attackers to inject arbitrary web script or HTML via the (1) Physical network name to the Zone wizar…
|
CWE-79
Cross-site Scripting
|
CVE-2013-2136
|
2024-11-21 10:51 |
2013-08-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291217
|
- |
|
debian
canonical
redhat
haproxy
|
debian_linux
ubuntu_linux
enterprise_linux_load_balancer
haproxy
|
HAProxy 1.4 before 1.4.24 and 1.5 before 1.5-dev19, when configured to use hdr_ip or other "hdr_*" functions with a negative occurrence count, allows remote attackers to cause a denial of service (ne…
|
CWE-20
CWE-284
Improper Input Validation
Improper Access Control
|
CVE-2013-2175
|
2024-11-21 10:51 |
2013-08-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291218
|
- |
|
canonical
|
ubuntu_linux
|
Race condition in the post-installation script (mysql-server-5.5.postinst) for MySQL Server 5.5 for Debian GNU/Linux and Ubuntu Linux creates a configuration file with world-readable permissions befo…
|
CWE-362
Race Condition
|
CVE-2013-2162
|
2024-11-21 10:51 |
2013-08-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291219
|
- |
|
mongodb
canonical
opensuse
|
mongodb
ubuntu_linux
opensuse
|
bson/_cbsonmodule.c in the mongo-python-driver (aka. pymongo) before 2.5.2, as used in MongoDB, allows context-dependent attackers to cause a denial of service (NULL pointer dereference and crash) vi…
|
NVD-CWE-Other
|
CVE-2013-2132
|
2024-11-21 10:51 |
2013-08-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291220
|
- |
|
apache
|
ofbiz
|
Apache Open For Business Project (aka OFBiz) 10.04.01 through 10.04.05, 11.04.01 through 11.04.02, and 12.04.01 allows remote attackers to execute arbitrary Unified Expression Language (UEL) function…
|
CWE-20
Improper Input Validation
|
CVE-2013-2250
|
2024-11-21 10:51 |
2013-08-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
