|
294131
|
- |
|
puppet
puppetlabs
canonical
|
puppet
puppet_enterprise
ubuntu_linux
|
Puppet before 2.6.18, 2.7.x before 2.7.21, and 3.1.x before 3.1.1, and Puppet Enterprise before 1.2.7 and 2.7.x before 2.7.2, when listening for incoming connections is enabled and allowing access to…
|
NVD-CWE-noinfo
|
CVE-2013-1653
|
2024-11-21 10:50 |
2013-03-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294132
|
- |
|
puppetlabs
puppet
canonical
|
puppet
puppet_enterprise
ubuntu_linux
|
Puppet before 2.6.18, 2.7.x before 2.7.21, and 3.1.x before 3.1.1, and Puppet Enterprise before 1.2.7 and 2.7.x before 2.7.2 allows remote authenticated users with a valid certificate and private key…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2013-1652
|
2024-11-21 10:50 |
2013-03-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294133
|
- |
|
puppet
canonical
|
puppet
puppet_enterprise
ubuntu_linux
|
The (1) template and (2) inline_template functions in the master server in Puppet before 2.6.18, 2.7.x before 2.7.21, and 3.1.x before 3.1.1, and Puppet Enterprise before 1.2.7 and 2.7.x before 2.7.2…
|
NVD-CWE-noinfo
|
CVE-2013-1640
|
2024-11-21 10:50 |
2013-03-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294134
|
- |
|
typo3
|
typo3
|
Open redirect vulnerability in the Access tracking mechanism in TYPO3 4.5.x before 4.5.24, 4.6.x before 4.6.17, 4.7.x before 4.7.9, and 6.0.x before 6.0.3 allows remote attackers to redirect users to…
|
CWE-399
Resource Management Errors
|
CVE-2013-1843
|
2024-11-21 10:50 |
2013-03-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294135
|
- |
|
typo3
|
typo3
|
SQL injection vulnerability in the Extbase Framework in TYPO3 4.5.x before 4.5.24, 4.6.x before 4.6.17, 4.7.x before 4.7.9, and 6.0.x before 6.0.3 allows remote attackers to execute arbitrary SQL com…
|
CWE-89
SQL Injection
|
CVE-2013-1842
|
2024-11-21 10:50 |
2013-03-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294136
|
- |
|
redhat
|
libvirt
|
libvirt 1.0.2 and earlier sets the group owner to kvm for device files, which allows local users to write to these files via unspecified vectors.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2013-1766
|
2024-11-21 10:50 |
2013-03-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294137
|
- |
|
redhat
rubyonrails
|
enterprise_linux
ruby_on_rails
rails
|
The sanitize helper in lib/action_controller/vendor/html-scanner/html/sanitizer.rb in the Action Pack component in Ruby on Rails before 2.3.18, 3.0.x and 3.1.x before 3.1.12, and 3.2.x before 3.2.13 …
|
CWE-79
Cross-site Scripting
|
CVE-2013-1857
|
2024-11-21 10:50 |
2013-03-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294138
|
- |
|
rubyonrails
|
ruby_on_rails
rails
|
The ActiveSupport::XmlMini_JDOM backend in lib/active_support/xml_mini/jdom.rb in the Active Support component in Ruby on Rails 3.0.x and 3.1.x before 3.1.12 and 3.2.x before 3.2.13, when JRuby is us…
|
CWE-20
Improper Input Validation
|
CVE-2013-1856
|
2024-11-21 10:50 |
2013-03-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294139
|
- |
|
rubyonrails
redhat
|
rails
ruby_on_rails
enterprise_linux
|
The sanitize_css method in lib/action_controller/vendor/html-scanner/html/sanitizer.rb in the Action Pack component in Ruby on Rails before 2.3.18, 3.0.x and 3.1.x before 3.1.12, and 3.2.x before 3.2…
|
CWE-79
Cross-site Scripting
|
CVE-2013-1855
|
2024-11-21 10:50 |
2013-03-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294140
|
- |
|
rubyonrails
redhat
|
ruby_on_rails
rails
enterprise_linux
|
The Active Record component in Ruby on Rails 2.3.x before 2.3.18, 3.1.x before 3.1.12, and 3.2.x before 3.2.13 processes certain queries by converting hash keys to symbols, which allows remote attack…
|
CWE-20
Improper Input Validation
|
CVE-2013-1854
|
2024-11-21 10:50 |
2013-03-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
