|
291811
|
- |
|
redhat
canonical
opensuse
|
icedtea-web
ubuntu_linux
opensuse
|
The IcedTea-Web plugin before 1.2.3 and 1.3.x before 1.3.2 uses the same class loader for applets with the same codebase path but from different domains, which allows remote attackers to obtain sensi…
|
NVD-CWE-noinfo
|
CVE-2013-1926
|
2024-11-21 10:50 |
2013-04-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291812
|
- |
|
gnu
|
glibc
|
Stack-based buffer overflow in the getaddrinfo function in sysdeps/posix/getaddrinfo.c in GNU C Library (aka glibc or libc6) 2.17 and earlier allows remote attackers to cause a denial of service (cra…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2013-1914
|
2024-11-21 10:50 |
2013-04-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291813
|
- |
|
linux
redhat
|
linux_kernel
enterprise_linux
enterprise_mrg
|
The ext4_orphan_del function in fs/ext4/namei.c in the Linux kernel before 3.7.3 does not properly handle orphan-list entries for non-journal filesystems, which allows physically proximate attackers …
|
CWE-399
Resource Management Errors
|
CVE-2013-2015
|
2024-11-21 10:50 |
2013-04-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291814
|
- |
|
linux
redhat
|
linux_kernel
enterprise_linux
|
The do_video_set_spu_palette function in fs/compat_ioctl.c in the Linux kernel before 3.6.5 on unspecified architectures lacks a certain error check, which might allow local users to obtain sensitive…
|
CWE-200
Information Exposure
|
CVE-2013-1928
|
2024-11-21 10:50 |
2013-04-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291815
|
- |
|
xmlsoft
|
libxml2
|
Multiple use-after-free vulnerabilities in libxml2 2.9.0 and possibly other versions might allow context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code v…
|
CWE-399
Resource Management Errors
|
CVE-2013-1969
|
2024-11-21 10:50 |
2013-04-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291816
|
- |
|
blinkwebeffects
|
social-media-widget
|
Social Media Widget (social-media-widget) plugin 4.0 for WordPress contains an externally introduced modification (Trojan Horse), which allows remote attackers to force the upload of arbitrary files.
|
NVD-CWE-noinfo
|
CVE-2013-1949
|
2024-11-21 10:50 |
2013-04-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291817
|
- |
|
rob_westgeest
|
md2pdf
|
converter.rb in the md2pdf gem 0.0.1 for Ruby allows context-dependent attackers to execute arbitrary commands via shell metacharacters in a filename.
|
NVD-CWE-noinfo
|
CVE-2013-1948
|
2024-11-21 10:50 |
2013-04-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291818
|
- |
|
kelly_d._redding
|
kelredd-pruview
|
kelredd-pruview gem 0.3.8 for Ruby allows context-dependent attackers to execute arbitrary commands via shell metacharacters in a filename argument to (1) document.rb, (2) video.rb, or (3) video_imag…
|
CWE-78
OS Command
|
CVE-2013-1947
|
2024-11-21 10:50 |
2013-04-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291819
|
- |
|
documentcloud
|
karteek-docsplit
|
The extract_from_ocr function in lib/docsplit/text_extractor.rb in the Karteek Docsplit (karteek-docsplit) gem 0.5.4 for Ruby allows context-dependent attackers to execute arbitrary commands via shel…
|
CWE-78
OS Command
|
CVE-2013-1933
|
2024-11-21 10:50 |
2013-04-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291820
|
- |
|
trustwave
opensuse
fedoraproject
debian
|
modsecurity
opensuse
fedora
debian_linux
|
ModSecurity before 2.7.3 allows remote attackers to read arbitrary files, send HTTP requests to intranet servers, or cause a denial of service (CPU and memory consumption) via an XML external entity …
|
CWE-611
XXE
|
CVE-2013-1915
|
2024-11-21 10:50 |
2013-04-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
