|
291021
|
- |
|
redhat
|
cloudforms_management_engine
|
The Red Hat CloudForms Management Engine 5.1 allow remote administrators to execute arbitrary Ruby code via unspecified vectors.
|
CWE-94
Code Injection
|
CVE-2013-4172
|
2024-11-21 10:55 |
2013-08-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291022
|
- |
|
monster_menus_module_project
|
monster_menus
|
The mm_webform submodule in the Monster Menus module 6.x-6.x before 6.x-6.61 and 7.x-1.x before 7.x-1.13 for Drupal does not properly restrict access to webform submissions, which allows remote authe…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2013-4230
|
2024-11-21 10:55 |
2013-08-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291023
|
- |
|
monster_menus_module_project
|
monster_menus
|
Cross-site scripting (XSS) vulnerability in the Monster Menus module 7.x-1.x before 7.x-1.12 for Drupal allows remote authenticated users with permissions to add pages to inject arbitrary web script …
|
CWE-79
Cross-site Scripting
|
CVE-2013-4229
|
2024-11-21 10:55 |
2013-08-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291024
|
- |
|
alcatel-lucent
|
omnitouch_8670_automated_delivery_message_delivery_system
omnitouch_8660_my_teamwork
omnitouch_8400_instant_communications_suite
omnitouch_8460_advanced_communication_server
|
Multiple cross-site scripting (XSS) vulnerabilities in the signin functionality of ics in MyTeamwork services in Alcatel-Lucent Omnitouch 8660 My Teamwork before 6.7, Omnitouch 8670 Automated Message…
|
CWE-79
Cross-site Scripting
|
CVE-2013-4653
|
2024-11-21 10:55 |
2013-08-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291025
|
- |
|
canonical
debian
gnupg
opensuse
|
ubuntu_linux
debian_linux
gnupg
libgcrypt
opensuse
|
GnuPG before 1.4.14, and Libgcrypt before 1.5.3 as used in GnuPG 2.0.x and possibly other products, allows local users to obtain private RSA keys via a cache side-channel attack involving the L3 cach…
|
CWE-200
Information Exposure
|
CVE-2013-4242
|
2024-11-21 10:55 |
2013-08-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291026
|
- |
|
redhat
|
enterprise_virtualization
|
VDSM in Red Hat Enterprise Virtualization 3 and 3.2 allows privileged guest users to cause the host to become "unavailable to the managment server" via invalid XML characters in a guest agent respons…
|
NVD-CWE-Other
|
CVE-2013-4236
|
2024-11-21 10:55 |
2013-08-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291027
|
- |
|
putty
simon_tatham
|
putty
|
The rsa_verify function in PuTTY before 0.63 (1) does not clear sensitive process memory after use and (2) does not free certain structures containing sensitive process memory, which might allow loca…
|
CWE-200
Information Exposure
|
CVE-2013-4208
|
2024-11-21 10:55 |
2013-08-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291028
|
- |
|
putty
simon_tatham
|
putty
|
Buffer overflow in sshbn.c in PuTTY before 0.63 allows remote SSH servers to cause a denial of service (crash) via an invalid DSA signature that is not properly handled during computation of a modula…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2013-4207
|
2024-11-21 10:55 |
2013-08-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291029
|
- |
|
putty
simon_tatham
|
putty
|
Heap-based buffer underflow in the modmul function in sshbn.c in PuTTY before 0.63 allows remote SSH servers to cause a denial of service (crash) and possibly trigger memory corruption or code execut…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2013-4206
|
2024-11-21 10:55 |
2013-08-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291030
|
- |
|
ows
|
scald
|
Multiple cross-site scripting (XSS) vulnerabilities in the Scald module 7.x-1.x before 7.x-1.1 for Drupal allow remote attackers to inject arbitrary web script or HTML via the (1) flash_uri, (2) flas…
|
CWE-79
Cross-site Scripting
|
CVE-2013-4174
|
2024-11-21 10:55 |
2013-08-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
