|
291651
|
- |
|
open-xchange
|
open-xchange_server
|
Multiple CRLF injection vulnerabilities in Open-Xchange Server before 6.20.7 rev14, 6.22.0 before rev13, and 6.22.1 before rev14 allow remote attackers to inject arbitrary HTTP headers and conduct HT…
|
CWE-94
Code Injection
|
CVE-2013-1647
|
2024-11-21 10:50 |
2013-09-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291652
|
- |
|
open-xchange
|
open-xchange_server
|
Multiple cross-site scripting (XSS) vulnerabilities in Open-Xchange Server before 6.20.7 rev14, 6.22.0 before rev13, and 6.22.1 before rev14 allow remote attackers to inject arbitrary web script or H…
|
CWE-79
Cross-site Scripting
|
CVE-2013-1646
|
2024-11-21 10:50 |
2013-09-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291653
|
- |
|
open-xchange
|
open-xchange_server
|
Directory traversal vulnerability in Open-Xchange Server before 6.20.7 rev14, 6.22.0 before rev13, and 6.22.1 before rev14 allows remote authenticated users to read arbitrary files via a .. (dot dot)…
|
CWE-22
Path Traversal
|
CVE-2013-1645
|
2024-11-21 10:50 |
2013-09-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291654
|
- |
|
vmware
|
esxi
esx
|
VMware ESXi 4.0 through 5.1, and ESX 4.0 and 4.1, does not properly implement the Network File Copy (NFC) protocol, which allows man-in-the-middle attackers to cause a denial of service (unhandled ex…
|
CWE-20
Improper Input Validation
|
CVE-2013-1661
|
2024-11-21 10:50 |
2013-09-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291655
|
- |
|
redhat
|
hawtjni
|
Race condition in hawtjni-runtime/src/main/java/org/fusesource/hawtjni/runtime/Library.java in HawtJNI before 1.8, when a custom library path is not specified, allows local users to execute arbitrary…
|
CWE-94
Code Injection
|
CVE-2013-2035
|
2024-11-21 10:50 |
2013-08-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291656
|
- |
|
xen
|
xen
|
Xen 4.0.x, 4.1.x, and 4.2.x does not properly restrict the contents of a XRSTOR, which allows local PV guest users to cause a denial of service (unhandled exception and hypervisor crash) via unspecif…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2013-2077
|
2024-11-21 10:50 |
2013-08-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291657
|
- |
|
xen
|
xen
|
Xen 4.0.x, 4.1.x, and 4.2.x, when running on AMD64 processors, only save/restore the FOP, FIP, and FDP x87 registers in FXSAVE/FXRSTOR when an exception is pending, which allows one domain to determi…
|
CWE-200
Information Exposure
|
CVE-2013-2076
|
2024-11-21 10:50 |
2013-08-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291658
|
- |
|
xen
debian
|
xen
debian_linux
|
Buffer overflow in the Python bindings for the xc_vcpu_setaffinity call in Xen 4.0.x, 4.1.x, and 4.2.x allows local administrators with permissions to configure VCPU affinity to cause a denial of ser…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2013-2072
|
2024-11-21 10:50 |
2013-08-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291659
|
- |
|
vmware
|
workstation
player
|
vmware-mount in VMware Workstation 8.x and 9.x and VMware Player 4.x and 5.x, on systems based on Debian GNU/Linux, allows host OS users to gain host OS privileges via a crafted lsb_release binary in…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2013-1662
|
2024-11-21 10:50 |
2013-08-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291660
|
- |
|
redhat
apache
|
enterprise_mrg
qpid
|
The Python client in Apache Qpid before 2.2 does not verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate, which al…
|
CWE-20
Improper Input Validation
|
CVE-2013-1909
|
2024-11-21 10:50 |
2013-08-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
