|
298141
|
- |
|
linux
|
linux_kernel
|
Use-after-free vulnerability in the shmem_remount_fs function in mm/shmem.c in the Linux kernel before 3.7.10 allows local users to gain privileges or cause a denial of service (system crash) by remo…
|
CWE-399
Resource Management Errors
|
CVE-2013-1767
|
2024-11-21 10:50 |
2013-03-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
298142
|
- |
|
linux
|
linux_kernel
|
Array index error in the __sock_diag_rcv_msg function in net/core/sock_diag.c in the Linux kernel before 3.7.10 allows local users to gain privileges via a large family value in a Netlink message.
|
CWE-20
Improper Input Validation
|
CVE-2013-1763
|
2024-11-21 10:50 |
2013-03-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
298143
|
- |
|
vmware
|
vcenter_server
vcenter_server_appliance
esxi
|
VMware vCenter Server 4.0 before Update 4b, 5.0 before Update 2, and 5.1 before 5.1.0b; VMware ESXi 3.5 through 5.1; and VMware ESX 3.5 through 4.1 do not properly implement the Network File Copy (NF…
|
NVD-CWE-Other
|
CVE-2013-1659
|
2024-11-21 10:50 |
2013-02-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
298144
|
- |
|
bouncycastle
|
legion-of-the-bouncy-castle-java-crytography-api
legion-of-the-bouncy-castle-c\#-cryptography-api
|
The TLS implementation in the Bouncy Castle Java library before 1.48 and C# library before 1.8 does not properly consider timing side-channel attacks on a noncompliant MAC check operation during the …
|
CWE-310
Cryptographic Issues
|
CVE-2013-1624
|
2024-11-21 10:50 |
2013-02-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
298145
|
- |
|
yassl
|
cyassl
|
The TLS and DTLS implementations in wolfSSL CyaSSL before 2.5.0 do not properly consider timing side-channel attacks on a noncompliant MAC check operation during the processing of malformed CBC paddi…
|
CWE-310
Cryptographic Issues
|
CVE-2013-1623
|
2024-11-21 10:50 |
2013-02-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
298146
|
- |
|
polarssl
|
polarssl
|
Array index error in the SSL module in PolarSSL before 1.2.5 might allow remote attackers to cause a denial of service via vectors involving a crafted padding-length value during validation of CBC pa…
|
CWE-20
Improper Input Validation
|
CVE-2013-1621
|
2024-11-21 10:50 |
2013-02-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
298147
|
- |
|
mozilla
canonical
oracle
redhat
|
network_security_services
ubuntu_linux
glassfish_server
iplanet_web_proxy_server
traffic_director
iplanet_web_server
vm_server
glassfish_communications_server
enterprise_manag…
|
The TLS implementation in Mozilla Network Security Services (NSS) does not properly consider timing side-channel attacks on a noncompliant MAC check operation during the processing of malformed CBC p…
|
CWE-203
Information Exposure Through Discrepancy
|
CVE-2013-1620
|
2024-11-21 10:50 |
2013-02-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
298148
|
- |
|
gnu
|
gnutls
|
The TLS implementation in GnuTLS before 2.12.23, 3.0.x before 3.0.28, and 3.1.x before 3.1.7 does not properly consider timing side-channel attacks on a noncompliant MAC check operation during the pr…
|
CWE-310
Cryptographic Issues
|
CVE-2013-1619
|
2024-11-21 10:50 |
2013-02-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
298149
|
- |
|
opera
|
opera_browser
|
The TLS implementation in Opera before 12.13 does not properly consider timing side-channel attacks on a MAC check operation during the processing of malformed CBC padding, which allows remote attack…
|
CWE-310
Cryptographic Issues
|
CVE-2013-1618
|
2024-11-21 10:50 |
2013-02-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
298150
|
- |
|
opera
|
opera_browser
|
Opera before 12.13 does not send CORS preflight requests in all required cases, which allows remote attackers to bypass a CSRF protection mechanism via a crafted web site that triggers a CORS request.
|
CWE-352
Origin Validation Error
|
CVE-2013-1639
|
2024-11-21 10:50 |
2013-02-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
