|
289991
|
- |
|
websvn
debian
|
websvn
debian_linux
|
WebSVN 2.3.3 allows remote authenticated users to read arbitrary files via a symlink attack in a commit.
|
CWE-200
Information Exposure
|
CVE-2013-6892
|
2024-11-21 10:59 |
2015-01-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
289992
|
- |
|
phpthumb_project
|
phpthumb
|
The default configuration of phpThumb before 1.7.12 has a false value for the disable_debug option, which allows remote attackers to conduct Server-Side Request Forgery (SSRF) attacks via the src par…
|
NVD-CWE-Other
|
CVE-2013-6919
|
2024-11-21 10:59 |
2014-12-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
289993
|
- |
|
rpm
debian
|
rpm
debian_linux
|
Race condition in RPM 4.11.1 and earlier allows remote attackers to execute arbitrary code via a crafted RPM file whose installation extracts the contents to temporary files before validating the sig…
|
CWE-74
Injection
|
CVE-2013-6435
|
2024-11-21 10:59 |
2014-12-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
289994
|
- |
|
fedup_project
|
fedup
|
fedup 0.9.0 in Fedora 19, 20, and 21 uses a temporary directory with a static name for its download cache, which allows local users to cause a denial of service (prevention of system updates).
|
CWE-17
Code
|
CVE-2013-6494
|
2024-11-21 10:59 |
2014-12-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
289995
|
- |
|
clamav
|
clamav
|
clamscan in ClamAV before 0.98.5, when using -a option, allows remote attackers to cause a denial of service (crash) as demonstrated by the jwplayer.js file.
|
CWE-17
Code
|
CVE-2013-6497
|
2024-11-21 10:59 |
2014-12-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
289996
|
- |
|
qemu
|
qemu
|
Array index error in the virtio_load function in hw/virtio/virtio.c in QEMU before 1.7.2 allows remote attackers to execute arbitrary code via a crafted savevm image.
|
CWE-94
Code Injection
|
CVE-2013-6399
|
2024-11-21 10:59 |
2014-11-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
289997
|
- |
|
deeproot_linux
|
deepofix
|
The SMTP server in DeepOfix 3.3 and earlier allows remote attackers to bypass authentication via an empty password, which triggers an LDAP anonymous bind.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2013-6796
|
2024-11-21 10:59 |
2014-10-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
289998
|
- |
|
redhat
|
conga
|
Red Hat Conga 0.12.2 allows remote attackers to obtain sensitive information via a crafted request to the (1) homebase, (2) cluster, (3) storage, (4) portal_skins/custom, or (5) logs Luci extension.
|
CWE-200
Information Exposure
|
CVE-2013-6496
|
2024-11-21 10:59 |
2014-10-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
289999
|
- |
|
ibm
|
tivoli_storage_manager
|
The Backup-Archive client in IBM Tivoli Storage Manager (TSM) for Space Management 5.x and 6.x before 6.2.5.3, 6.3.x before 6.3.2, 6.4.x before 6.4.2, and 7.1.x before 7.1.0.3 on Linux and AIX, and 5…
|
CWE-281
Improper Preservation of Permissions
|
CVE-2013-6335
|
2024-11-21 10:59 |
2014-08-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290000
|
- |
|
splunk
|
splunk
|
Directory traversal vulnerability in the collect script in Splunk before 5.0.5 allows remote attackers to execute arbitrary commands via a .. (dot dot) in the file parameter. NOTE: this issue was SP…
|
CWE-22
Path Traversal
|
CVE-2013-6771
|
2024-11-21 10:59 |
2014-08-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
