|
291121
|
- |
|
openmediavault
|
openmediavault
|
The Cron service in rpc.php in OpenMediaVault allows remote authenticated users to execute cron jobs as arbitrary users and execute arbitrary commands via the username parameter.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2013-3632
|
2024-11-21 10:54 |
2014-09-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291122
|
- |
|
ctdb_project
opensuse
mageia
|
ctdb
opensuse
mageia
|
ctdb before 2.3 in OpenSUSE 12.3 and 13.1 does not create temporary files securely, which has unspecified impact related to "several temp file vulnerabilities" in (1) tcp/tcp_connect.c, (2) server/ev…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2013-4159
|
2024-11-21 10:54 |
2014-08-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291123
|
- |
|
google
trimble
|
sketchup
|
Trimble SketchUp (formerly Google SketchUp) before 2013 (13.0.3689) allows remote attackers to execute arbitrary code via a crafted color palette table in a MAC Pict texture, which triggers an out-of…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2013-3664
|
2024-11-21 10:54 |
2014-07-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291124
|
- |
|
google
|
sketchup
|
Timbre SketchUp (formerly Google SketchUp) before 8 Maintenance 2 allows remote attackers to execute arbitrary code via a crafted color palette table in a MAC Pict texture, which triggers a stack-bas…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2013-3662
|
2024-11-21 10:54 |
2014-07-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291125
|
- |
|
jogamp
|
jogamp
joal
|
Multiple unspecified vulnerabilities in OpenAL32.dll in JOAL 2.0-rc11, as used in JOGAMP, allow context-dependent attackers to execute arbitrary code via a crafted parameter to the (1) alAuxiliaryEff…
|
NVD-CWE-noinfo
|
CVE-2013-4099
|
2024-11-21 10:54 |
2014-06-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291126
|
- |
|
monkey-project
|
monkey
|
Stack-based buffer overflow in the mk_request_header_process function in mk_request.c in Monkey HTTP Daemon (monkeyd) before 1.2.1 allows remote attackers to cause a denial of service (crash) and pos…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2013-3843
|
2024-11-21 10:54 |
2014-06-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291127
|
- |
|
google
|
sketchup
|
Heap-based buffer overflow in paintlib, as used in Trimble SketchUp (formerly Google SketchUp) before 8 Maintenance 3, allows remote attackers to execute arbitrary code via a crafted RLE8 compressed …
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2013-3663
|
2024-11-21 10:54 |
2014-06-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291128
|
- |
|
network-weathermap
|
.network_weathermap
|
Directory traversal vulnerability in editor.php in Network Weathermap 0.97c and earlier allows remote attackers to read arbitrary files via a .. (dot dot) in the mapname parameter in a show_config ac…
|
CWE-22
Path Traversal
|
CVE-2013-3739
|
2024-11-21 10:54 |
2014-06-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291129
|
- |
|
david_bagley
|
xlockmore
|
The (1) checkPasswd and (2) checkGroupXlockPasswds functions in xlockmore before 5.43 do not properly handle when a NULL value is returned upon an error by the crypt or dispcrypt function as implemen…
|
NVD-CWE-Other
|
CVE-2013-4143
|
2024-11-21 10:54 |
2014-05-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291130
|
- |
|
ibm
|
change_and_configuration_management_database
maximo_service_desk
tivoli_service_request_manager
tivoli_it_asset_management_for_it
tivoli_asset_management_for_it
smartcloud_control_desk…
|
SQL injection vulnerability in IBM Maximo Asset Management 7.x before 7.1.1.7 LAFIX.20140319-0837, 7.1.1.11 before IFIX.20140323-0749, 7.1.1.12 before IFIX.20140321-1336, 7.5.x before 7.5.0.3 IFIX027…
|
CWE-89
SQL Injection
|
CVE-2013-4016
|
2024-11-21 10:54 |
2014-05-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
