|
290061
|
- |
|
google
debian
opensuse
|
chrome
debian_linux
opensuse
|
Use-after-free vulnerability in the RenderSVGImage::paint function in core/rendering/svg/RenderSVGImage.cpp in Blink, as used in Google Chrome before 32.0.1700.102, allows remote attackers to cause a…
|
CWE-399
Resource Management Errors
|
CVE-2013-6649
|
2024-11-21 10:59 |
2014-01-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290062
|
- |
|
enghouseinteractive
|
ivr_pro
|
An unspecified Enghouse Interactive Professional Services "addon product" in Enghouse Interactive IVR Pro (VIP2000) 9.0.3 (rel903), when using OpenVZ and fallback customization, uses the same SSH pri…
|
CWE-310
Cryptographic Issues
|
CVE-2013-6838
|
2024-11-21 10:59 |
2014-01-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290063
|
- |
|
ibm
|
global_security_kit
tivoli_directory_server
security_directory_server
|
IBM GSKit 7.x before 7.0.4.48 and 8.x before 8.0.50.16, as used in IBM Security Directory Server (ISDS) and Tivoli Directory Server (TDS), allows remote attackers to cause a denial of service (applic…
|
CWE-20
Improper Input Validation
|
CVE-2013-6747
|
2024-11-21 10:59 |
2014-01-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290064
|
- |
|
libreswan
|
libreswan
|
Libreswan 3.7 and earlier allows remote attackers to cause a denial of service (NULL pointer dereference and IKE daemon restart) via IKEv2 packets that lack expected payloads.
|
NVD-CWE-Other
|
CVE-2013-6467
|
2024-11-21 10:59 |
2014-01-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290065
|
- |
|
xelerance
|
openswan
|
Openswan 2.6.39 and earlier allows remote attackers to cause a denial of service (NULL pointer dereference and IKE daemon restart) via IKEv2 packets that lack expected payloads.
|
NVD-CWE-Other
|
CVE-2013-6466
|
2024-11-21 10:59 |
2014-01-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290066
|
- |
|
pivotal_software
vmware
|
spring_framework
|
The SourceHttpMessageConverter in Spring MVC in Spring Framework before 3.2.5 and 4.0.0.M1 through 4.0.0.RC1 does not disable external entity resolution, which allows remote attackers to read arbitra…
|
CWE-352
CWE-611
Origin Validation Error
XXE
|
CVE-2013-6429
|
2024-11-21 10:59 |
2014-01-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290067
|
- |
|
apple
canonical
|
cups
ubuntu_linux
|
lppasswd in CUPS before 1.7.1, when running with setuid privileges, allows local users to read portions of arbitrary files via a modified HOME environment variable and a symlink attack involving .cup…
|
CWE-59
Link Following
|
CVE-2013-6891
|
2024-11-21 10:59 |
2014-01-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290068
|
- |
|
yahoo
|
toolbar
|
Cross-site scripting (XSS) vulnerability in clickstream.js in Y! Toolbar plugin for FireFox 3.1.0.20130813024103 for Mac, and 2.5.9.2013418100420 for Windows, allows remote attackers to inject arbitr…
|
CWE-79
Cross-site Scripting
|
CVE-2013-6853
|
2024-11-21 10:59 |
2014-01-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290069
|
- |
|
redhat
|
libvirt
|
Multiple race conditions in the (1) virDomainBlockStats, (2) virDomainGetBlockInf, (3) qemuDomainBlockJobImpl, and (4) virDomainGetBlockIoTune functions in libvirt before 1.2.1 do not properly verify…
|
CWE-362
Race Condition
|
CVE-2013-6458
|
2024-11-21 10:59 |
2014-01-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290070
|
- |
|
redhat
|
libvirt
|
The libxlDomainGetNumaParameters function in the libxl driver (libxl/libxl_driver.c) in libvirt before 1.2.1 does not properly initialize the nodemap, which allows local users to cause a denial of se…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2013-6457
|
2024-11-21 10:59 |
2014-01-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
