|
297501
|
- |
|
redhat
canonical
opensuse
|
icedtea-web
ubuntu_linux
opensuse
|
The IcedTea-Web plugin before 1.2.3 and 1.3.x before 1.3.2 allows remote attackers to execute arbitrary code via a crafted file that validates as both a GIF and a Java JAR file, aka "GIFAR."
|
NVD-CWE-noinfo
|
CVE-2013-1927
|
2024-11-21 10:50 |
2013-04-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
297502
|
- |
|
redhat
canonical
opensuse
|
icedtea-web
ubuntu_linux
opensuse
|
The IcedTea-Web plugin before 1.2.3 and 1.3.x before 1.3.2 uses the same class loader for applets with the same codebase path but from different domains, which allows remote attackers to obtain sensi…
|
NVD-CWE-noinfo
|
CVE-2013-1926
|
2024-11-21 10:50 |
2013-04-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
297503
|
- |
|
gnu
|
glibc
|
Stack-based buffer overflow in the getaddrinfo function in sysdeps/posix/getaddrinfo.c in GNU C Library (aka glibc or libc6) 2.17 and earlier allows remote attackers to cause a denial of service (cra…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2013-1914
|
2024-11-21 10:50 |
2013-04-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
297504
|
- |
|
linux
redhat
|
linux_kernel
enterprise_linux
enterprise_mrg
|
The ext4_orphan_del function in fs/ext4/namei.c in the Linux kernel before 3.7.3 does not properly handle orphan-list entries for non-journal filesystems, which allows physically proximate attackers …
|
CWE-399
Resource Management Errors
|
CVE-2013-2015
|
2024-11-21 10:50 |
2013-04-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
297505
|
- |
|
linux
redhat
|
linux_kernel
enterprise_linux
|
The do_video_set_spu_palette function in fs/compat_ioctl.c in the Linux kernel before 3.6.5 on unspecified architectures lacks a certain error check, which might allow local users to obtain sensitive…
|
CWE-200
Information Exposure
|
CVE-2013-1928
|
2024-11-21 10:50 |
2013-04-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
297506
|
- |
|
xmlsoft
|
libxml2
|
Multiple use-after-free vulnerabilities in libxml2 2.9.0 and possibly other versions might allow context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code v…
|
CWE-399
Resource Management Errors
|
CVE-2013-1969
|
2024-11-21 10:50 |
2013-04-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
297507
|
- |
|
blinkwebeffects
|
social-media-widget
|
Social Media Widget (social-media-widget) plugin 4.0 for WordPress contains an externally introduced modification (Trojan Horse), which allows remote attackers to force the upload of arbitrary files.
|
NVD-CWE-noinfo
|
CVE-2013-1949
|
2024-11-21 10:50 |
2013-04-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
297508
|
- |
|
rob_westgeest
|
md2pdf
|
converter.rb in the md2pdf gem 0.0.1 for Ruby allows context-dependent attackers to execute arbitrary commands via shell metacharacters in a filename.
|
NVD-CWE-noinfo
|
CVE-2013-1948
|
2024-11-21 10:50 |
2013-04-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
297509
|
- |
|
kelly_d._redding
|
kelredd-pruview
|
kelredd-pruview gem 0.3.8 for Ruby allows context-dependent attackers to execute arbitrary commands via shell metacharacters in a filename argument to (1) document.rb, (2) video.rb, or (3) video_imag…
|
CWE-78
OS Command
|
CVE-2013-1947
|
2024-11-21 10:50 |
2013-04-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
297510
|
- |
|
documentcloud
|
karteek-docsplit
|
The extract_from_ocr function in lib/docsplit/text_extractor.rb in the Karteek Docsplit (karteek-docsplit) gem 0.5.4 for Ruby allows context-dependent attackers to execute arbitrary commands via shel…
|
CWE-78
OS Command
|
CVE-2013-1933
|
2024-11-21 10:50 |
2013-04-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
