|
297741
|
7.8 |
HIGH
Local
|
qemu
debian
novell
|
qemu
debian_linux
open_desktop_server
open_enterprise_server
|
A flaw was found in the way qemu v1.3.0 and later (virtio-rng) validates addresses when guest accesses the config space of a virtio device. If the virtio device has zero/small sized config space, suc…
|
CWE-269
Improper Privilege Management
|
CVE-2013-2016
|
2024-11-21 10:50 |
2019-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
297742
|
8.8 |
HIGH
Network
|
automattic
|
w3_super_cache
|
WordPress W3 Super Cache Plugin before 1.3.2 contains a PHP code-execution vulnerability which could allow remote attackers to inject arbitrary code. This issue exists because of an incomplete fix fo…
|
CWE-116
Improper Encoding or Escaping of Output
|
CVE-2013-2011
|
2024-11-21 10:50 |
2019-12-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
297743
|
6.5 |
MEDIUM
Network
|
mozilla
|
firefox
|
Mozilla Firefox 20.0a1 and earlier allows remote attackers to cause a denial of service (crash), related to event handling with frames.
|
CWE-20
Improper Input Validation
|
CVE-2013-1689
|
2024-11-21 10:50 |
2019-12-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
297744
|
7.5 |
HIGH
Network
|
redhat
|
openstack
openstack_essex
|
openstack-utils openstack-db has insecure password creation
|
CWE-306
Missing Authentication for Critical Function
|
CVE-2013-1793
|
2024-11-21 10:50 |
2019-12-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
297745
|
7.5 |
HIGH
Network
|
mediawiki
debian
redhat
fedoraproject
|
mediawiki
debian_linux
enterprise_linux
fedora
|
MediaWiki before 1.19.4 and 1.20.x before 1.20.3 contains an error in the api.php script which allows remote attackers to obtain sensitive information.
|
CWE-200
Information Exposure
|
CVE-2013-1817
|
2024-11-21 10:50 |
2019-11-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
297746
|
7.5 |
HIGH
Network
|
mediawiki
debian
redhat
fedoraproject
|
mediawiki
debian_linux
enterprise_linux
fedora
|
MediaWiki before 1.19.4 and 1.20.x before 1.20.3 allows remote attackers to cause a denial of service (application crash) by sending a specially crafted request.
|
CWE-20
Improper Input Validation
|
CVE-2013-1816
|
2024-11-21 10:50 |
2019-11-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
297747
|
7.5 |
HIGH
Network
|
mod_ruid2_project
|
mod_ruid2
|
mod_ruid2 before 0.9.8 improperly handles file descriptors which allows remote attackers to bypass security using a CGI script to break out of the chroot.
|
CWE-20
Improper Input Validation
|
CVE-2013-1889
|
2024-11-21 10:50 |
2019-11-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
297748
|
5.5 |
MEDIUM
Local
|
redhat
fedoraproject
|
tuned
fedora
|
tuned before 2.x allows local users to kill running processes due to insecure permissions with tuned's ktune service.
|
CWE-20
Improper Input Validation
|
CVE-2013-1820
|
2024-11-21 10:50 |
2019-11-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
297749
|
4.3 |
MEDIUM
Network
|
mantisbt
debian
|
mantisbt
debian_linux
|
An access control issue in MantisBT before 1.2.13 allows users with "Reporter" permissions to change any issue to "New".
|
CWE-20
Improper Input Validation
|
CVE-2013-1811
|
2024-11-21 10:50 |
2019-11-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
297750
|
7.5 |
HIGH
Network
|
gambas_project
debian
|
gambas
debian_linux
|
Gambas before 3.4.0 allows remote attackers to move or manipulate directory contents or perform symlink attacks due to the creation of insecure temporary directories.
|
CWE-59
Link Following
|
CVE-2013-1809
|
2024-11-21 10:50 |
2019-11-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
