|
294811
|
- |
|
openstack
|
compute
grizzly
havana
folsom
|
keystone/middleware/auth_token.py in OpenStack Nova Folsom, Grizzly, and Havana uses an insecure temporary directory for storing signing certificates, which allows local users to spoof servers by pre…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2013-2030
|
2024-11-21 10:50 |
2013-12-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294812
|
- |
|
gimp
redhat
|
gimp
enterprise_linux
|
Heap-based buffer overflow in the read_xwd_cols function in file-xwd.c in the X Window Dump (XWD) plug-in in GIMP 2.6.9 and earlier allows remote attackers to cause a denial of service (crash) and po…
|
CWE-787
Out-of-bounds Write
|
CVE-2013-1978
|
2024-11-21 10:50 |
2013-12-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294813
|
- |
|
gimp
redhat
|
gimp
enterprise_linux
|
Integer overflow in the load_image function in file-xwd.c in the X Window Dump (XWD) plug-in in GIMP 2.6.9 and earlier, when used with glib before 2.24, allows remote attackers to cause a denial of s…
|
CWE-190
Integer Overflow or Wraparound
|
CVE-2013-1913
|
2024-11-21 10:50 |
2013-12-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294814
|
- |
|
fedoraproject
janrain
|
fedora
ruby-openid
|
The ruby-openid gem before 2.2.2 for Ruby allows remote OpenID providers to cause a denial of service (CPU consumption) via (1) a large XRDS document or (2) an XML Entity Expansion (XEE) attack.
|
CWE-399
Resource Management Errors
|
CVE-2013-1812
|
2024-11-21 10:50 |
2013-12-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294815
|
- |
|
autotrace_project
|
autotrace
|
Integer underflow in the input_bmp_reader function in input-bmp.c in AutoTrace 0.31.1 allows context-dependent attackers to have an unspecified impact via a small value in the biSize field in the hea…
|
CWE-189
Numeric Errors
|
CVE-2013-1953
|
2024-11-21 10:50 |
2013-12-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294816
|
- |
|
redhat
|
openstack
|
nagios.upgrade_to_v3.sh, as distributed by Red Hat and possibly others for Nagios Core 3.4.4, 3.5.1, and earlier, allows local users to overwrite arbitrary files via a symlink attack on a temporary n…
|
CWE-59
Link Following
|
CVE-2013-2029
|
2024-11-21 10:50 |
2013-11-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294817
|
- |
|
redhat
t-mobile
busybox
|
enterprise_linux
tm-ac1900
busybox
|
util-linux/mdev.c in BusyBox before 1.21.0 uses 0777 permissions for parent directories when creating nested directories under /dev/, which allows local users to have unknown impact and attack vector…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2013-1813
|
2024-11-21 10:50 |
2013-11-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294818
|
- |
|
mozilla
|
network_security_services
|
Integer overflow in Mozilla Network Security Services (NSS) 3.15 before 3.15.3 allows remote attackers to cause a denial of service or possibly have unspecified other impact via a large size value.
|
CWE-189
Numeric Errors
|
CVE-2013-1741
|
2024-11-21 10:50 |
2013-11-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294819
|
- |
|
openvpn
opensuse
|
openvpn
openvpn_access_server
opensuse
|
The openvpn_decrypt function in crypto.c in OpenVPN 2.3.0 and earlier, when running in UDP mode, allows remote attackers to obtain sensitive information via a timing attack involving an HMAC comparis…
|
CWE-200
Information Exposure
|
CVE-2013-2061
|
2024-11-21 10:50 |
2013-11-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294820
|
- |
|
mediawiki
fedoraproject
gentoo
|
mediawiki
fedora
linux
|
MediaWiki before 1.19.6 and 1.20.x before 1.20.5 does not allow extensions to prevent password changes without using both Special:PasswordReset and Special:ChangePassword, which allows remote attacke…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2013-2032
|
2024-11-21 10:50 |
2013-11-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
