|
291801
|
- |
|
linux
redhat
|
linux_kernel
enterprise_linux
enterprise_mrg
|
The ext4_orphan_del function in fs/ext4/namei.c in the Linux kernel before 3.7.3 does not properly handle orphan-list entries for non-journal filesystems, which allows physically proximate attackers …
|
CWE-399
Resource Management Errors
|
CVE-2013-2015
|
2024-11-21 10:50 |
2013-04-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291802
|
- |
|
linux
redhat
|
linux_kernel
enterprise_linux
|
The do_video_set_spu_palette function in fs/compat_ioctl.c in the Linux kernel before 3.6.5 on unspecified architectures lacks a certain error check, which might allow local users to obtain sensitive…
|
CWE-200
Information Exposure
|
CVE-2013-1928
|
2024-11-21 10:50 |
2013-04-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291803
|
- |
|
xmlsoft
|
libxml2
|
Multiple use-after-free vulnerabilities in libxml2 2.9.0 and possibly other versions might allow context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code v…
|
CWE-399
Resource Management Errors
|
CVE-2013-1969
|
2024-11-21 10:50 |
2013-04-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291804
|
- |
|
blinkwebeffects
|
social-media-widget
|
Social Media Widget (social-media-widget) plugin 4.0 for WordPress contains an externally introduced modification (Trojan Horse), which allows remote attackers to force the upload of arbitrary files.
|
NVD-CWE-noinfo
|
CVE-2013-1949
|
2024-11-21 10:50 |
2013-04-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291805
|
- |
|
rob_westgeest
|
md2pdf
|
converter.rb in the md2pdf gem 0.0.1 for Ruby allows context-dependent attackers to execute arbitrary commands via shell metacharacters in a filename.
|
NVD-CWE-noinfo
|
CVE-2013-1948
|
2024-11-21 10:50 |
2013-04-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291806
|
- |
|
kelly_d._redding
|
kelredd-pruview
|
kelredd-pruview gem 0.3.8 for Ruby allows context-dependent attackers to execute arbitrary commands via shell metacharacters in a filename argument to (1) document.rb, (2) video.rb, or (3) video_imag…
|
CWE-78
OS Command
|
CVE-2013-1947
|
2024-11-21 10:50 |
2013-04-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291807
|
- |
|
documentcloud
|
karteek-docsplit
|
The extract_from_ocr function in lib/docsplit/text_extractor.rb in the Karteek Docsplit (karteek-docsplit) gem 0.5.4 for Ruby allows context-dependent attackers to execute arbitrary commands via shel…
|
CWE-78
OS Command
|
CVE-2013-1933
|
2024-11-21 10:50 |
2013-04-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291808
|
- |
|
trustwave
opensuse
fedoraproject
debian
|
modsecurity
opensuse
fedora
debian_linux
|
ModSecurity before 2.7.3 allows remote attackers to read arbitrary files, send HTTP requests to intranet servers, or cause a denial of service (CPU and memory consumption) via an XML external entity …
|
CWE-611
XXE
|
CVE-2013-1915
|
2024-11-21 10:50 |
2013-04-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291809
|
- |
|
linux
|
linux_kernel
|
The scm_check_creds function in net/core/scm.c in the Linux kernel before 3.8.6 does not properly enforce capability requirements for controlling the PID value associated with a UNIX domain socket, w…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2013-1958
|
2024-11-21 10:50 |
2013-04-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291810
|
- |
|
linux
|
linux_kernel
|
The clone_mnt function in fs/namespace.c in the Linux kernel before 3.8.6 does not properly restrict changes to the MNT_READONLY flag, which allows local users to bypass an intended read-only propert…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2013-1957
|
2024-11-21 10:50 |
2013-04-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
