|
293591
|
- |
|
rubyonrails
debian
|
ruby_on_rails
rails
debian_linux
|
active_support/core_ext/hash/conversions.rb in Ruby on Rails before 2.3.15, 3.0.x before 3.0.19, 3.1.x before 3.1.10, and 3.2.x before 3.2.11 does not properly restrict casts of string values, which …
|
CWE-20
Improper Input Validation
|
CVE-2013-0156
|
2024-11-21 10:46 |
2013-01-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
293592
|
- |
|
rubyonrails
debian
|
ruby_on_rails
rails
debian_linux
|
Ruby on Rails 3.0.x before 3.0.19, 3.1.x before 3.1.10, and 3.2.x before 3.2.11 does not properly consider differences in parameter handling between the Active Record component and the JSON implement…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2013-0155
|
2024-11-21 10:46 |
2013-01-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
293593
|
- |
|
xen
|
xen
|
The get_page_type function in xen/arch/x86/mm.c in Xen 4.2, when debugging is enabled, allows local PV or HVM guest administrators to cause a denial of service (assertion failure and hypervisor crash…
|
NVD-CWE-noinfo
|
CVE-2013-0154
|
2024-11-21 10:46 |
2013-01-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
293594
|
- |
|
hp
|
pki_activex_control
|
The KillProcess method in the HP PKI ActiveX control (HPPKI.ocx) before 1.2.0.1 allows remote attackers to cause a denial of service (kill process) via the partial or full name of a process.
|
CWE-20
Improper Input Validation
|
CVE-2012-6501
|
2024-11-21 10:46 |
2013-01-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
293595
|
- |
|
pragyan_cms_project
|
pragyan_cms
|
Directory traversal vulnerability in download.lib.php in Pragyan CMS 3.0 and earlier allows remote attackers to read arbitrary files via a .. (dot dot) in the fileget parameter in a profile action to…
|
CWE-22
Path Traversal
|
CVE-2012-6500
|
2024-11-21 10:46 |
2013-01-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
293596
|
- |
|
age_verification_project
|
age_verification
|
Open redirect vulnerability in age-verification.php in the Age Verification plugin 0.4 and earlier for WordPress allows remote attackers to redirect users to arbitrary web sites and conduct phishing …
|
CWE-20
Improper Input Validation
|
CVE-2012-6499
|
2024-11-21 10:46 |
2013-01-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
293597
|
- |
|
microsoft
|
windows_server_2008
windows_rt
windows_8
windows_7
windows_vista
windows_server_2012
|
The SSL provider component in Microsoft Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, Windows 7 Gold and SP1, Windows 8, Windows Server 2012, and Windows RT does not properly handle enc…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2013-0013
|
2024-11-21 10:46 |
2013-01-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
293598
|
- |
|
microsoft
|
windows_server_2008
windows_7
|
The Print Spooler in Microsoft Windows Server 2008 R2 and R2 SP1 and Windows 7 Gold and SP1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a cr…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2013-0011
|
2024-11-21 10:46 |
2013-01-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
293599
|
- |
|
microsoft
|
system_center_operations_manager
|
Cross-site scripting (XSS) vulnerability in Microsoft System Center Operations Manager 2007 SP1 and R2 allows remote attackers to inject arbitrary web script or HTML via crafted input, aka "System Ce…
|
CWE-79
Cross-site Scripting
|
CVE-2013-0010
|
2024-11-21 10:46 |
2013-01-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
293600
|
- |
|
microsoft
|
system_center_operations_manager
|
Cross-site scripting (XSS) vulnerability in Microsoft System Center Operations Manager 2007 SP1 and R2 allows remote attackers to inject arbitrary web script or HTML via crafted input, aka "System Ce…
|
CWE-79
Cross-site Scripting
|
CVE-2013-0009
|
2024-11-21 10:46 |
2013-01-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
