|
293241
|
- |
|
spreecommerce
|
spree
|
Spree Commerce 1.0.x through 1.3.2 allows remote authenticated administrators to instantiate arbitrary Ruby objects and execute arbitrary commands via the (1) payment_method parameter to core/app/con…
|
CWE-20
Improper Input Validation
|
CVE-2013-1656
|
2024-11-21 10:50 |
2013-03-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
293242
|
- |
|
linux
|
linux_kernel
|
The _xfs_buf_find function in fs/xfs/xfs_buf.c in the Linux kernel before 3.7.6 does not validate block numbers, which allows local users to cause a denial of service (NULL pointer dereference and sy…
|
CWE-20
Improper Input Validation
|
CVE-2013-1819
|
2024-11-21 10:50 |
2013-03-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
293243
|
- |
|
php
|
php
|
The SOAP parser in PHP before 5.3.23 and 5.4.x before 5.4.13 allows remote attackers to read arbitrary files via a SOAP WSDL file containing an XML external entity declaration in conjunction with an …
|
CWE-200
Information Exposure
|
CVE-2013-1643
|
2024-11-21 10:50 |
2013-03-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
293244
|
- |
|
php
|
php
|
ext/soap/soap.c in PHP before 5.3.22 and 5.4.x before 5.4.13 does not validate the relationship between the soap.wsdl_cache_dir directive and the open_basedir directive, which allows remote attackers…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2013-1635
|
2024-11-21 10:50 |
2013-03-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
293245
|
- |
|
todd_miller
apple
|
sudo
mac_os_x
|
sudo 1.6.0 through 1.7.10p6 and sudo 1.8.0 through 1.8.6p6 allows local users or physically proximate attackers to bypass intended time restrictions and retain privileges without re-authenticating by…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2013-1775
|
2024-11-21 10:50 |
2013-03-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
293246
|
- |
|
linux
redhat
|
linux_kernel
enterprise_linux
enterprise_mrg
|
The chase_port function in drivers/usb/serial/io_ti.c in the Linux kernel before 3.7.4 allows local users to cause a denial of service (NULL pointer dereference and system crash) via an attempted /de…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2013-1774
|
2024-11-21 10:50 |
2013-03-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
293247
|
- |
|
linux
redhat
|
linux_kernel
enterprise_linux
enterprise_mrg
|
Buffer overflow in the VFAT filesystem implementation in the Linux kernel before 3.3 allows local users to gain privileges or cause a denial of service (system crash) via a VFAT write operation on a …
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2013-1773
|
2024-11-21 10:50 |
2013-03-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
293248
|
- |
|
linux
|
linux_kernel
|
The log_prefix function in kernel/printk.c in the Linux kernel 3.x before 3.4.33 does not properly remove a prefix string from a syslog header, which allows local users to cause a denial of service (…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2013-1772
|
2024-11-21 10:50 |
2013-03-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
293249
|
- |
|
linux
|
linux_kernel
|
Use-after-free vulnerability in the shmem_remount_fs function in mm/shmem.c in the Linux kernel before 3.7.10 allows local users to gain privileges or cause a denial of service (system crash) by remo…
|
CWE-399
Resource Management Errors
|
CVE-2013-1767
|
2024-11-21 10:50 |
2013-03-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
293250
|
- |
|
linux
|
linux_kernel
|
Array index error in the __sock_diag_rcv_msg function in net/core/sock_diag.c in the Linux kernel before 3.7.10 allows local users to gain privileges via a large family value in a Netlink message.
|
CWE-20
Improper Input Validation
|
CVE-2013-1763
|
2024-11-21 10:50 |
2013-03-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
