|
294601
|
7.0 |
HIGH
Local
|
linux
canonical
|
linux_kernel
ubuntu_linux
|
Multiple stack-based buffer overflows in net/netfilter/ipvs/ip_vs_ctl.c in the Linux kernel before 2.6.33, when CONFIG_IP_VS is used, allow local users to gain privileges by leveraging the CAP_NET_AD…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2013-4588
|
2024-11-21 10:55 |
2013-11-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294602
|
- |
|
linux
|
linux_kernel
|
The ath9k_htc_set_bssid_mask function in drivers/net/wireless/ath/ath9k/htc_drv_main.c in the Linux kernel through 3.12 uses a BSSID masking approach to determine the set of MAC addresses on which a …
|
CWE-310
Cryptographic Issues
|
CVE-2013-4579
|
2024-11-21 10:55 |
2013-11-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294603
|
- |
|
linux
canonical
|
linux_kernel
ubuntu_linux
|
The udp6_ufo_fragment function in net/ipv6/udp_offload.c in the Linux kernel through 3.12, when UDP Fragmentation Offload (UFO) is enabled, does not properly perform a certain size comparison before …
|
CWE-189
Numeric Errors
|
CVE-2013-4563
|
2024-11-21 10:55 |
2013-11-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294604
|
- |
|
collectiveaccess
|
pawtucket
providence
|
Cross-site scripting (XSS) vulnerability in CollectiveAccess Providence and Pawtucket before 1.3.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
|
CWE-79
Cross-site Scripting
|
CVE-2013-4507
|
2024-11-21 10:55 |
2013-11-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294605
|
- |
|
reviewboard
|
review_board
|
Multiple cross-site scripting (XSS) vulnerabilities in Review Board 1.6.x before 1.6.21 and 1.7.x before 1.7.17 allow remote attackers to inject arbitrary web script or HTML via the (1) Branch field …
|
CWE-79
Cross-site Scripting
|
CVE-2013-4519
|
2024-11-21 10:55 |
2013-11-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294606
|
- |
|
spip
|
spip
|
The Security Screen (_core_/securite/ecran_securite.php) before 1.1.8 for SPIP, as used in SPIP 3.0.x before 3.0.12, allows remote attackers to execute arbitrary PHP via the connect parameter.
|
CWE-94
Code Injection
|
CVE-2013-4557
|
2024-11-21 10:55 |
2013-11-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294607
|
- |
|
spip
|
spip
|
Cross-site scripting (XSS) vulnerability in the author page (prive/formulaires/editer_auteur.php) in SPIP before 2.1.24 and 3.0.x before 3.0.12 allows remote attackers to inject arbitrary web script …
|
CWE-79
Cross-site Scripting
|
CVE-2013-4556
|
2024-11-21 10:55 |
2013-11-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294608
|
- |
|
spip
|
spip
|
Cross-site request forgery (CSRF) vulnerability in ecrire/action/logout.php in SPIP before 2.1.24 allows remote attackers to hijack the authentication of arbitrary users for requests that logout the …
|
CWE-352
Origin Validation Error
|
CVE-2013-4555
|
2024-11-21 10:55 |
2013-11-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294609
|
- |
|
xen
|
xen
|
Xen 4.2.x and 4.3.x, when nested virtualization is disabled, does not properly check the emulation paths for (1) VMLAUNCH and (2) VMRESUME, which allows local HVM guest users to cause a denial of ser…
|
CWE-20
Improper Input Validation
|
CVE-2013-4551
|
2024-11-21 10:55 |
2013-11-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294610
|
- |
|
tryton
|
tryton
|
Directory traversal vulnerability in the client in Tryton 3.0.0, as distributed before 20131104 and earlier, allows remote servers to write arbitrary files via path separators in the extension of a r…
|
CWE-22
Path Traversal
|
CVE-2013-4510
|
2024-11-21 10:55 |
2013-11-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
