|
291581
|
- |
|
combodo
|
itop
|
Multiple cross-site scripting (XSS) vulnerabilities in the search feature in iTop (aka IT Operations Portal) 2.0, 1.2.1, 1.2, and earlier allow remote attackers to inject arbitrary web script or HTML…
|
CWE-79
Cross-site Scripting
|
CVE-2013-0805
|
2024-11-21 10:48 |
2014-03-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291582
|
- |
|
ubuntu
|
metal_as_a_service
|
Cross-site scripting (XSS) vulnerability in the API in Ubuntu Metal as a Service (MaaS) 1.2 and 1.4 allows remote attackers to inject arbitrary web script or HTML via the op parameter to nodes/.
|
CWE-79
Cross-site Scripting
|
CVE-2013-1070
|
2024-11-21 10:48 |
2014-02-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291583
|
- |
|
ubuntu
|
metal_as_a_service
|
Ubuntu Metal as a Service (MaaS) 1.2 and 1.4 uses world-readable permissions for txlongpoll.yaml, which allows local users to obtain RabbitMQ authentication credentials by reading the file.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2013-1069
|
2024-11-21 10:48 |
2014-02-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291584
|
- |
|
novell
|
identity_manager_roles_based_provisioning_module
|
Cross-site scripting (XSS) vulnerability in the Roles Based Provisioning Module 4.0.2 before Field Patch D for Novell Identity Manager (aka IDM) allows remote attackers to inject arbitrary web script…
|
CWE-79
Cross-site Scripting
|
CVE-2013-1096
|
2024-11-21 10:48 |
2013-12-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291585
|
- |
|
ffmpeg
|
ffmpeg
|
The add_doubles_metadata function in libavcodec/tiff.c in FFmpeg before 1.1 allows remote attackers to have an unspecified impact via a negative or zero count value in a TIFF image, which triggers an…
|
CWE-189
Numeric Errors
|
CVE-2013-0859
|
2024-11-21 10:48 |
2013-12-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291586
|
- |
|
debian
ffmpeg
|
debian_linux
ffmpeg
|
The atrac3_decode_init function in libavcodec/atrac3.c in FFmpeg before 1.0.4 allows remote attackers to have an unspecified impact via ATRAC3 data with the joint stereo coding mode set and fewer tha…
|
NVD-CWE-noinfo
|
CVE-2013-0858
|
2024-11-21 10:48 |
2013-12-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291587
|
- |
|
ffmpeg
|
ffmpeg
|
The decode_frame_ilbm function in libavcodec/iff.c in FFmpeg before 1.1 allows remote attackers to have an unspecified impact via a crafted height value in IFF PBM/ILBM bitmap data.
|
CWE-20
Improper Input Validation
|
CVE-2013-0857
|
2024-11-21 10:48 |
2013-12-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291588
|
- |
|
ffmpeg
|
ffmpeg
|
The lpc_prediction function in libavcodec/alac.c in FFmpeg before 1.1 allows remote attackers to have an unspecified impact via crafted Apple Lossless Audio Codec (ALAC) data, related to a large nb_s…
|
CWE-20
Improper Input Validation
|
CVE-2013-0856
|
2024-11-21 10:48 |
2013-12-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291589
|
- |
|
ffmpeg
|
ffmpeg
|
Integer overflow in the alac_decode_close function in libavcodec/alac.c in FFmpeg before 1.1 allows remote attackers to have an unspecified impact via a large number of samples per frame in Apple Los…
|
CWE-189
Numeric Errors
|
CVE-2013-0855
|
2024-11-21 10:48 |
2013-12-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291590
|
- |
|
ffmpeg
|
ffmpeg
|
The mjpeg_decode_scan_progressive_ac function in libavcodec/mjpegdec.c in FFmpeg before 1.1 allows remote attackers to have an unspecified impact via crafted MJPEG data.
|
CWE-20
Improper Input Validation
|
CVE-2013-0854
|
2024-11-21 10:48 |
2013-12-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
