|
292881
|
- |
|
linux
|
linux_kernel
|
The rfcomm_sock_recvmsg function in net/bluetooth/rfcomm/sock.c in the Linux kernel before 3.9-rc7 does not initialize a certain length variable, which allows local users to obtain sensitive informat…
|
CWE-200
Information Exposure
|
CVE-2013-3225
|
2024-11-21 10:53 |
2013-04-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
292882
|
- |
|
linux
|
linux_kernel
|
The bt_sock_recvmsg function in net/bluetooth/af_bluetooth.c in the Linux kernel before 3.9-rc7 does not properly initialize a certain length variable, which allows local users to obtain sensitive in…
|
CWE-200
Information Exposure
|
CVE-2013-3224
|
2024-11-21 10:53 |
2013-04-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
292883
|
- |
|
linux
|
linux_kernel
|
The ax25_recvmsg function in net/ax25/af_ax25.c in the Linux kernel before 3.9-rc7 does not initialize a certain data structure, which allows local users to obtain sensitive information from kernel s…
|
CWE-200
Information Exposure
|
CVE-2013-3223
|
2024-11-21 10:53 |
2013-04-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
292884
|
- |
|
linux
|
linux_kernel
|
The vcc_recvmsg function in net/atm/common.c in the Linux kernel before 3.9-rc7 does not initialize a certain length variable, which allows local users to obtain sensitive information from kernel sta…
|
CWE-200
Information Exposure
|
CVE-2013-3222
|
2024-11-21 10:53 |
2013-04-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
292885
|
- |
|
rubyonrails
|
rails
ruby_on_rails
|
The Active Record component in Ruby on Rails 2.3.x, 3.0.x, 3.1.x, and 3.2.x does not ensure that the declared data type of a database column is used during comparisons of input values to stored value…
|
CWE-20
Improper Input Validation
|
CVE-2013-3221
|
2024-11-21 10:53 |
2013-04-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
292886
|
- |
|
opera
|
opera_browser
|
Unspecified vulnerability in Opera before 12.15 has unknown impact and attack vectors, related to a "moderately severe issue."
|
NVD-CWE-noinfo
|
CVE-2013-3211
|
2024-11-21 10:53 |
2013-04-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
292887
|
- |
|
opera
|
opera_browser
|
Opera before 12.15 does not properly block top-level domains in Set-Cookie headers, which allows remote attackers to obtain sensitive information by leveraging control of a different web site in the …
|
CWE-200
Information Exposure
|
CVE-2013-3210
|
2024-11-21 10:53 |
2013-04-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
292888
|
6.1 |
MEDIUM
Network
|
belkin
|
linksys_e4200_firmware
|
Multiple cross-site scripting (XSS) vulnerabilities in Cisco Linksys E4200 router with firmware 1.0.05 build 7 allow remote attackers to inject arbitrary web script or HTML via the (1) log_type, (2) …
|
CWE-79
Cross-site Scripting
|
CVE-2013-2679
|
2024-11-21 10:52 |
2020-02-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
292889
|
6.1 |
MEDIUM
Network
|
otrs
opensuse
|
otrs_itsm
faq
opensuse
|
A Cross-Site Scripting (XSS) Vulnerability exists in OTRS ITSM prior to 3.2.4, 3.1.8, and 3.0.7 and FAQ prior to 2.1.4 and 2.0.8 via changes, workorder items, and FAQ articles, which could let a remo…
|
CWE-79
Cross-site Scripting
|
CVE-2013-2637
|
2024-11-21 10:52 |
2020-02-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
292890
|
5.9 |
MEDIUM
Network
|
dlink
|
dir865l_firmware
|
D-Link DIR865L v1.03 suffers from an "Unauthenticated Hardware Linking" vulnerability.
|
CWE-287
Improper Authentication
|
CVE-2013-3096
|
2024-11-21 10:52 |
2020-02-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
