|
298121
|
- |
|
redhat
|
libvirt
|
libvirt 1.0.2 and earlier sets the group owner to kvm for device files, which allows local users to write to these files via unspecified vectors.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2013-1766
|
2024-11-21 10:50 |
2013-03-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
298122
|
- |
|
redhat
rubyonrails
|
enterprise_linux
ruby_on_rails
rails
|
The sanitize helper in lib/action_controller/vendor/html-scanner/html/sanitizer.rb in the Action Pack component in Ruby on Rails before 2.3.18, 3.0.x and 3.1.x before 3.1.12, and 3.2.x before 3.2.13 …
|
CWE-79
Cross-site Scripting
|
CVE-2013-1857
|
2024-11-21 10:50 |
2013-03-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
298123
|
- |
|
rubyonrails
|
ruby_on_rails
rails
|
The ActiveSupport::XmlMini_JDOM backend in lib/active_support/xml_mini/jdom.rb in the Active Support component in Ruby on Rails 3.0.x and 3.1.x before 3.1.12 and 3.2.x before 3.2.13, when JRuby is us…
|
CWE-20
Improper Input Validation
|
CVE-2013-1856
|
2024-11-21 10:50 |
2013-03-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
298124
|
- |
|
rubyonrails
redhat
|
rails
ruby_on_rails
enterprise_linux
|
The sanitize_css method in lib/action_controller/vendor/html-scanner/html/sanitizer.rb in the Action Pack component in Ruby on Rails before 2.3.18, 3.0.x and 3.1.x before 3.1.12, and 3.2.x before 3.2…
|
CWE-79
Cross-site Scripting
|
CVE-2013-1855
|
2024-11-21 10:50 |
2013-03-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
298125
|
- |
|
rubyonrails
redhat
|
ruby_on_rails
rails
enterprise_linux
|
The Active Record component in Ruby on Rails 2.3.x before 2.3.18, 3.1.x before 3.1.12, and 3.2.x before 3.2.13 processes certain queries by converting hash keys to symbols, which allows remote attack…
|
CWE-20
Improper Input Validation
|
CVE-2013-1854
|
2024-11-21 10:50 |
2013-03-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
298126
|
- |
|
samba
|
samba
|
Samba 4.x before 4.0.4, when configured as an Active Directory domain controller, uses world-writable permissions on non-default CIFS shares, which allows remote authenticated users to read, modify, …
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2013-1863
|
2024-11-21 10:50 |
2013-03-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
298127
|
- |
|
openafs
|
openafs
|
Integer overflow in ptserver in OpenAFS before 1.6.2 allows remote attackers to cause a denial of service (crash) via a large list from the IdToName RPC, which triggers a heap-based buffer overflow.
|
CWE-189
Numeric Errors
|
CVE-2013-1795
|
2024-11-21 10:50 |
2013-03-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
298128
|
- |
|
openafs
|
openafs
|
Buffer overflow in certain client utilities in OpenAFS before 1.6.2 allows remote authenticated users to cause a denial of service (crash) and possibly execute arbitrary code via a long fileserver AC…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2013-1794
|
2024-11-21 10:50 |
2013-03-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
298129
|
- |
|
perl
|
perl
|
The rehash mechanism in Perl 5.8.2 through 5.16.x allows context-dependent attackers to cause a denial of service (memory consumption and crash) via a crafted hash key.
|
CWE-399
Resource Management Errors
|
CVE-2013-1667
|
2024-11-21 10:50 |
2013-03-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
298130
|
- |
|
apache
|
rave
|
The users/get program in the User RPC API in Apache Rave 0.11 through 0.20 allows remote authenticated users to obtain sensitive information about all user accounts via the offset parameter, as demon…
|
CWE-200
Information Exposure
|
CVE-2013-1814
|
2024-11-21 10:50 |
2013-03-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
