|
292931
|
- |
|
redhat
|
dogtag_certificate_system
certificate_system
|
Multiple cross-site scripting (XSS) vulnerabilities in the token processing system (pki-tps) in Red Hat Certificate System (RHCS) 8.1 and possibly Dogtag Certificate System 9 and 10 allow remote atta…
|
CWE-79
Cross-site Scripting
|
CVE-2013-1885
|
2024-11-21 10:50 |
2014-01-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
292932
|
- |
|
linux-nfs
|
nfs-utils
|
rpc-gssd in nfs-utils before 1.2.8 performs reverse DNS resolution for server names during GSSAPI authentication, which might allow remote attackers to read otherwise-restricted files via DNS spoofin…
|
CWE-200
Information Exposure
|
CVE-2013-1923
|
2024-11-21 10:50 |
2014-01-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
292933
|
- |
|
simon_mcvittie
|
telepathy_gabble
|
A certain hashing algorithm in Telepathy Gabble 0.16.x before 0.16.5 and 0.17.x before 0.17.3 allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via a crafted m…
|
CWE-310
Cryptographic Issues
|
CVE-2013-1769
|
2024-11-21 10:50 |
2014-01-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
292934
|
- |
|
mozilla
|
network_security_services
|
The ssl_Do1stHandshake function in sslsecur.c in libssl in Mozilla Network Security Services (NSS) before 3.15.4, when the TLS False Start feature is enabled, allows man-in-the-middle attackers to sp…
|
CWE-310
Cryptographic Issues
|
CVE-2013-1740
|
2024-11-21 10:50 |
2014-01-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
292935
|
- |
|
canonical
httplib2_project
|
ubuntu_linux
httplib2
|
httplib2 0.7.2, 0.8, and earlier, after an initial connection is made, does not verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the …
|
CWE-20
Improper Input Validation
|
CVE-2013-2037
|
2024-11-21 10:50 |
2014-01-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
292936
|
- |
|
redhat
|
cloudforms_management_engine
manageiq_enterprise_virtualization_manager
|
SQL injection vulnerability in the miq_policy controller in Red Hat CloudForms 2.0 Management Engine (CFME) 5.1 and ManageIQ Enterprise Virtualization Manager 5.0 and earlier allows remote authentica…
|
CWE-89
SQL Injection
|
CVE-2013-2050
|
2024-11-21 10:50 |
2014-01-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
292937
|
- |
|
openstack
|
compute
grizzly
havana
folsom
|
keystone/middleware/auth_token.py in OpenStack Nova Folsom, Grizzly, and Havana uses an insecure temporary directory for storing signing certificates, which allows local users to spoof servers by pre…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2013-2030
|
2024-11-21 10:50 |
2013-12-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
292938
|
- |
|
gimp
redhat
|
gimp
enterprise_linux
|
Heap-based buffer overflow in the read_xwd_cols function in file-xwd.c in the X Window Dump (XWD) plug-in in GIMP 2.6.9 and earlier allows remote attackers to cause a denial of service (crash) and po…
|
CWE-787
Out-of-bounds Write
|
CVE-2013-1978
|
2024-11-21 10:50 |
2013-12-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
292939
|
- |
|
gimp
redhat
|
gimp
enterprise_linux
|
Integer overflow in the load_image function in file-xwd.c in the X Window Dump (XWD) plug-in in GIMP 2.6.9 and earlier, when used with glib before 2.24, allows remote attackers to cause a denial of s…
|
CWE-190
Integer Overflow or Wraparound
|
CVE-2013-1913
|
2024-11-21 10:50 |
2013-12-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
292940
|
- |
|
fedoraproject
janrain
|
fedora
ruby-openid
|
The ruby-openid gem before 2.2.2 for Ruby allows remote OpenID providers to cause a denial of service (CPU consumption) via (1) a large XRDS document or (2) an XML Entity Expansion (XEE) attack.
|
CWE-399
Resource Management Errors
|
CVE-2013-1812
|
2024-11-21 10:50 |
2013-12-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
