|
295861
|
- |
|
theforeman
|
foreman
|
The smart proxy Puppet run API in Foreman before 1.2.0 allows remote attackers to execute arbitrary commands via vectors related to escaping and Puppet commands.
|
CWE-94
Code Injection
|
CVE-2013-0210
|
2024-11-21 10:47 |
2014-05-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
295862
|
- |
|
theforeman
|
foreman
|
Foreman before 1.1 allows remote authenticated users to gain privileges via a (1) XMLHttpRequest or (2) AJAX request.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2013-0187
|
2024-11-21 10:47 |
2014-05-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
295863
|
- |
|
david_leonard
|
pkstat
|
tmp_smtp.c in pktstat 1.8.5 allows local users to overwrite arbitrary files via a symlink attack on /tmp/smtp.log.
|
CWE-59
Link Following
|
CVE-2013-0350
|
2024-11-21 10:47 |
2014-05-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
295864
|
- |
|
zlib
|
pigz
|
Race condition in pigz before 2.2.5 uses permissions derived from the umask when compressing a file before setting that file's permissions to match those of the original file, which might allow local…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2013-0296
|
2024-11-21 10:47 |
2014-04-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
295865
|
- |
|
schneider-electric
schneider_electric
|
somachine
concept
modbus_serial_driver
sft2841
somove
opc_factory_server
powersuite
pl7
modbuscommdtm_sl
unity_pro
twidosuite
unityloader
|
Multiple stack-based buffer overflows in ModbusDrv.exe in Schneider Electric Modbus Serial Driver 1.10 through 3.2 allow remote attackers to execute arbitrary code via a large buffer-size value in a …
|
CWE-787
Out-of-bounds Write
|
CVE-2013-0662
|
2024-11-21 10:47 |
2014-04-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
295866
|
- |
|
owncloud
|
owncloud
|
Unspecified vulnerability in core/ajax/translations.php in ownCloud before 4.0.12 and 4.5.x before 4.5.6 allows remote authenticated users to execute arbitrary PHP code via unknown vectors. NOTE: th…
|
NVD-CWE-noinfo
|
CVE-2013-0303
|
2024-11-21 10:47 |
2014-03-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
295867
|
- |
|
owncloud
|
owncloud
|
Multiple cross-site scripting (XSS) vulnerabilities in ownCloud 4.5.5, 4.0.10, and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) QUERY_STRING to core/lostpassword/…
|
CWE-79
Cross-site Scripting
|
CVE-2013-0201
|
2024-11-21 10:47 |
2014-03-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
295868
|
- |
|
owncloud
|
owncloud
|
Cross-site request forgery (CSRF) vulnerability in apps/calendar/ajax/settings/settimezone in ownCloud before 4.0.12 allows remote attackers to hijack the authentication of users for requests that ch…
|
CWE-352
Origin Validation Error
|
CVE-2013-0301
|
2024-11-21 10:47 |
2014-03-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
295869
|
- |
|
owncloud
|
owncloud
|
Multiple cross-site request forgery (CSRF) vulnerabilities in ownCloud 4.5.x before 4.5.7 allow remote attackers to hijack the authentication of users for requests that (1) change the default view vi…
|
CWE-352
Origin Validation Error
|
CVE-2013-0300
|
2024-11-21 10:47 |
2014-03-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
295870
|
- |
|
owncloud
|
owncloud
|
Multiple cross-site request forgery (CSRF) vulnerabilities in ownCloud before 4.0.12 and 4.5.x before 4.5.7 allow remote attackers to hijack the authentication of users for requests that (1) change t…
|
CWE-352
Origin Validation Error
|
CVE-2013-0299
|
2024-11-21 10:47 |
2014-03-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
