|
293451
|
- |
|
erik_michaels-ober
grape_project
|
multi_xml
grape
|
multi_xml gem 0.5.2 for Ruby, as used in Grape before 0.2.6 and possibly other products, does not properly restrict casts of string values, which allows remote attackers to conduct object-injection a…
|
CWE-20
Improper Input Validation
|
CVE-2013-0175
|
2024-11-21 10:46 |
2013-04-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
293452
|
- |
|
bitberry_software
|
bitzipper
|
BitZipper 2013 before Update 1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted ZIP archive.
|
NVD-CWE-Other
|
CVE-2013-0138
|
2024-11-21 10:46 |
2013-04-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
293453
|
- |
|
avast
|
avast\!_mobile_security
|
The avast! Mobile Security application before 2.0.4400 for Android allows attackers to cause a denial of service (application crash) via a crafted application that sends an intent to com.avast.androi…
|
CWE-20
Improper Input Validation
|
CVE-2013-0122
|
2024-11-21 10:46 |
2013-04-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
293454
|
- |
|
apache
|
activemq
|
The default configuration of Apache ActiveMQ before 5.8.0 enables a sample web application, which allows remote attackers to cause a denial of service (broker resource consumption) via HTTP requests.
|
CWE-399
Resource Management Errors
|
CVE-2012-6551
|
2024-11-21 10:46 |
2013-04-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
293455
|
- |
|
pd-admin
|
pd-admin
|
Multiple cross-site scripting (XSS) vulnerabilities in pd-admin before 4.17 allow remote authenticated users to inject arbitrary web script or HTML via (1) the WebFTP Overview "Create new directory" …
|
CWE-79
Cross-site Scripting
|
CVE-2013-0129
|
2024-11-21 10:46 |
2013-04-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
293456
|
- |
|
arecont
|
vision_av1355dn_megadome_camera
|
The Arecont Vision AV1355DN MegaDome camera allows remote attackers to cause a denial of service (video-capture outage) via a packet to UDP port 69.
|
NVD-CWE-noinfo
|
CVE-2013-0139
|
2024-11-21 10:46 |
2013-04-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
293457
|
- |
|
parallels
|
parallels_plesk_panel
|
Untrusted search path vulnerability in /usr/local/psa/admin/sbin/wrapper in Parallels Plesk Panel 11.0.9 allows local users to gain privileges via a crafted PATH environment variable.
|
NVD-CWE-Other
|
CVE-2013-0133
|
2024-11-21 10:46 |
2013-04-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
293458
|
- |
|
parallels
|
parallels_plesk_panel
|
The suexec implementation in Parallels Plesk Panel 11.0.9 contains a cgi-wrapper whitelist entry, which allows user-assisted remote attackers to execute arbitrary PHP code via a request containing cr…
|
CWE-94
Code Injection
|
CVE-2013-0132
|
2024-11-21 10:46 |
2013-04-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
293459
|
- |
|
microsoft
|
windows_defender
|
The Microsoft Antimalware Client in Windows Defender on Windows 8 and Windows RT uses an incorrect pathname for MsMpEng.exe, which allows local users to gain privileges via a crafted application, aka…
|
CWE-20
Improper Input Validation
|
CVE-2013-0078
|
2024-11-21 10:46 |
2013-04-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
293460
|
- |
|
airdroid
|
airdroid
|
Cross-site scripting (XSS) vulnerability in the web interface in AirDroid allows remote attackers to inject arbitrary web script or HTML via a crafted text message that is transmitted by a managed ph…
|
CWE-79
Cross-site Scripting
|
CVE-2013-0134
|
2024-11-21 10:46 |
2013-04-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
