|
295011
|
9.8 |
CRITICAL
Network
|
xnview
|
xnview
|
Xjp2.dll in XnView before 2.13 allows remote attackers to execute arbitrary code via (1) the Csiz parameter in a SIZ marker, which triggers an incorrect memory allocation, or (2) the lqcd field in a …
|
CWE-787
Out-of-bounds Write
|
CVE-2013-3941
|
2024-11-21 10:54 |
2020-01-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
295012
|
7.8 |
HIGH
Local
|
xnview
|
xnview
|
xnview.exe in XnView before 2.13 does not properly handle RLE strip lengths during processing of RGB files, which allows remote attackers to execute arbitrary code via the RLE strip size field in a R…
|
CWE-787
Out-of-bounds Write
|
CVE-2013-3939
|
2024-11-21 10:54 |
2020-01-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
295013
|
7.8 |
HIGH
Local
|
xnview
|
xnview
|
Heap-based buffer overflow in xnview.exe in XnView before 2.13 allows remote attackers to execute arbitrary code via the biBitCount field in a BMP file.
|
CWE-787
Out-of-bounds Write
|
CVE-2013-3937
|
2024-11-21 10:54 |
2020-01-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
295014
|
8.8 |
HIGH
Network
|
jomres
|
jomres
|
SQL injection vulnerability in the Jomres (com_jomres) component before 7.3.1 for Joomla! allows remote authenticated users with the "Business Manager" permission to execute arbitrary SQL commands vi…
|
CWE-89
SQL Injection
|
CVE-2013-3932
|
2024-11-21 10:54 |
2020-01-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
295015
|
5.4 |
MEDIUM
Network
|
jomres
|
jomres
|
Cross-site scripting (XSS) vulnerability in the Jomres (com_jomres) component before 7.3.1 for Joomla! allows remote authenticated users with the "Business Manager" permission to inject arbitrary web…
|
CWE-79
Cross-site Scripting
|
CVE-2013-3931
|
2024-11-21 10:54 |
2020-01-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
295016
|
7.8 |
HIGH
Local
|
extensis
|
mrsid
|
Heap-based buffer overflow in the MrSID plugin (MrSID.dll) before 4.37 for IrfanView allows remote attackers to execute arbitrary code via a levels header.
|
CWE-787
Out-of-bounds Write
|
CVE-2013-3946
|
2024-11-21 10:54 |
2020-01-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
295017
|
7.8 |
HIGH
Local
|
extensis
|
mrsid
|
The MrSID plugin (MrSID.dll) before 4.37 for IrfanView allows remote attackers to execute arbitrary code via a nband tag.
|
CWE-20
Improper Input Validation
|
CVE-2013-3945
|
2024-11-21 10:54 |
2020-01-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
295018
|
7.8 |
HIGH
Local
|
extensis
|
mrsid
|
Stack-based buffer overflow in the MrSID plugin (MrSID.dll) before 4.37 for IrfanView allows remote attackers to execute arbitrary code via an IMAGE tag.
|
CWE-787
Out-of-bounds Write
|
CVE-2013-3944
|
2024-11-21 10:54 |
2020-01-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
295019
|
7.5 |
HIGH
Network
|
supermicro
citrix
|
smt_x9_firmware
smt_x8_firmware
netscaler_sdx_firmware
netscaler_firmware
netscaler_sd-wan_firmware
|
Hardcoded WSMan credentials in Intelligent Platform Management Interface (IPMI) with firmware for Supermicro X9 generation motherboards before 3.15 (SMT_X9_315) and firmware for Supermicro X8 generat…
|
CWE-522
Insufficiently Protected Credentials
|
CVE-2013-3620
|
2024-11-21 10:54 |
2020-01-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
295020
|
6.1 |
MEDIUM
Network
|
opsview
|
opsview
opsview_core
|
Multiple cross-site scripting (XSS) vulnerabilities in Opsview before 4.4.1 and Opsview Core before 20130522 allow remote attackers to inject arbitrary web script or HTML.
|
CWE-79
Cross-site Scripting
|
CVE-2013-3936
|
2024-11-21 10:54 |
2020-01-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
