|
295771
|
- |
|
ldap-account-manager
|
ldap_account_manager
|
Cross-site scripting (XSS) vulnerability in templates/login.php in LDAP Account Manager (LAM) 4.3 and 4.2.1 allows remote attackers to inject arbitrary web script or HTML via the language parameter.
|
CWE-79
Cross-site Scripting
|
CVE-2013-4453
|
2024-11-21 10:55 |
2013-11-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
295772
|
- |
|
libguestfs
suse
novell
|
libguestfs
suse_linux_enterprise_software_development_kit
suse_linux_enterprise_server
|
The guestfish command in libguestfs 1.20.12, 1.22.7, and earlier, when using the --remote or --listen option, does not properly check the ownership of /tmp/.guestfish-$UID/ when creating a temporary …
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2013-4419
|
2024-11-21 10:55 |
2013-11-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
295773
|
- |
|
saltstack
|
salt
|
Salt (aka SaltStack) before 0.15.0 through 0.17.0 allows remote authenticated minions to impersonate arbitrary minions via a crafted minion with a valid key.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2013-4439
|
2024-11-21 10:55 |
2013-11-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
295774
|
- |
|
saltstack
|
salt
|
Salt (aka SaltStack) before 0.17.1 allows remote attackers to execute arbitrary YAML code via unspecified vectors. NOTE: the vendor states that this might not be a vulnerability because the YAML to …
|
CWE-94
Code Injection
|
CVE-2013-4438
|
2024-11-21 10:55 |
2013-11-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
295775
|
- |
|
saltstack
|
salt
|
Unspecified vulnerability in salt-ssh in Salt (aka SaltStack) 0.17.0 has unspecified impact and vectors related to "insecure Usage of /tmp."
|
NVD-CWE-noinfo
|
CVE-2013-4437
|
2024-11-21 10:55 |
2013-11-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
295776
|
- |
|
saltstack
|
salt
|
The default configuration for salt-ssh in Salt (aka SaltStack) 0.17.0 does not validate the SSH host key of requests, which allows remote attackers to have unspecified impact via a man-in-the-middle …
|
CWE-20
Improper Input Validation
|
CVE-2013-4436
|
2024-11-21 10:55 |
2013-11-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
295777
|
- |
|
saltstack
|
salt
|
Salt (aka SaltStack) 0.15.0 through 0.17.0 allows remote authenticated users who are using external authentication or client ACL to execute restricted routines by embedding the routine in another rou…
|
CWE-287
Improper Authentication
|
CVE-2013-4435
|
2024-11-21 10:55 |
2013-11-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
295778
|
- |
|
linux
|
linux_kernel
|
The ipc_rcu_putref function in ipc/util.c in the Linux kernel before 3.10 does not properly manage a reference count, which allows local users to cause a denial of service (memory consumption or syst…
|
CWE-189
Numeric Errors
|
CVE-2013-4483
|
2024-11-21 10:55 |
2013-11-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
295779
|
- |
|
linux
|
linux_kernel
|
The Linux kernel before 3.12, when UDP Fragmentation Offload (UFO) is enabled, does not properly initialize certain data structures, which allows local users to cause a denial of service (memory corr…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2013-4470
|
2024-11-21 10:55 |
2013-11-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
295780
|
- |
|
linux
canonical
|
linux_kernel
ubuntu_linux
|
The skb_flow_dissect function in net/core/flow_dissector.c in the Linux kernel through 3.12 allows remote attackers to cause a denial of service (infinite loop) via a small value in the IHL field of …
|
CWE-399
Resource Management Errors
|
CVE-2013-4348
|
2024-11-21 10:55 |
2013-11-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
