|
290801
|
- |
|
google
|
chrome
|
The XSSAuditor::init function in core/html/parser/XSSAuditor.cpp in the XSS auditor in Blink, as used in Google Chrome before 33.0.1750.117, processes POST requests by using the body of a redirecting…
|
CWE-200
Information Exposure
|
CVE-2013-6656
|
2024-11-21 10:59 |
2014-02-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290802
|
- |
|
google
|
chrome
|
Use-after-free vulnerability in Blink, as used in Google Chrome before 33.0.1750.117, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors relate…
|
CWE-399
Resource Management Errors
|
CVE-2013-6655
|
2024-11-21 10:59 |
2014-02-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290803
|
- |
|
google
|
chrome
|
The SVGAnimateElement::calculateAnimatedValue function in core/svg/SVGAnimateElement.cpp in Blink, as used in Google Chrome before 33.0.1750.117, does not properly handle unexpected data types, which…
|
CWE-20
Improper Input Validation
|
CVE-2013-6654
|
2024-11-21 10:59 |
2014-02-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290804
|
- |
|
google
|
chrome
|
Use-after-free vulnerability in the web contents implementation in Google Chrome before 33.0.1750.117 allows remote attackers to cause a denial of service or possibly have unspecified other impact vi…
|
CWE-399
Resource Management Errors
|
CVE-2013-6653
|
2024-11-21 10:59 |
2014-02-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290805
|
- |
|
google
|
chrome
|
Directory traversal vulnerability in sandbox/win/src/named_pipe_dispatcher.cc in Google Chrome before 33.0.1750.117 on Windows allows attackers to bypass intended named-pipe policy restrictions in th…
|
CWE-22
Path Traversal
|
CVE-2013-6652
|
2024-11-21 10:59 |
2014-02-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290806
|
- |
|
ibm
|
websphere_extreme_scale_client
|
IBM WebSphere eXtreme Scale Client 7.1 through 8.6.0.4 does not properly isolate the cached data of different users, which allows remote authenticated users to obtain sensitive information in opportu…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2013-6734
|
2024-11-21 10:59 |
2014-02-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290807
|
- |
|
ibm
|
cognos_business_intelligence
|
Cross-site scripting (XSS) vulnerability in the server in IBM Cognos Business Intelligence (BI) 8.4.1, 10.1 before IF6, 10.1.1 before IF5, 10.2 before IF7, 10.2.1 before IF4, and 10.2.1.1 before IF4 …
|
CWE-79
Cross-site Scripting
|
CVE-2013-6732
|
2024-11-21 10:59 |
2014-02-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290808
|
- |
|
openstack
|
swift
|
The OpenStack Python client library for Swift (python-swiftclient) 1.0 through 1.9.0 does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and…
|
CWE-310
Cryptographic Issues
|
CVE-2013-6396
|
2024-11-21 10:59 |
2014-02-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290809
|
- |
|
mozilla
|
seamonkey
thunderbird
thunderbird_esr
|
Cross-site scripting (XSS) vulnerability in Mozilla Thunderbird 17.x through 17.0.8, Thunderbird ESR 17.x through 17.0.10, and SeaMonkey before 2.20 allows user-assisted remote attackers to inject ar…
|
CWE-79
Cross-site Scripting
|
CVE-2013-6674
|
2024-11-21 10:59 |
2014-02-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290810
|
- |
|
ryan_ohara
|
piranha
|
The Piranha Configuration Tool in Piranha 0.8.6 does not properly restrict access to webpages, which allows remote attackers to bypass authentication and read or modify the LVS configuration via an H…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2013-6492
|
2024-11-21 10:59 |
2014-02-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
