|
293601
|
- |
|
redhat
opensuse
|
libvirt
opensuse
|
The qemuMigrationWaitForSpice function in qemu/qemu_migration.c in libvirt before 1.1.3 does not properly enter a monitor when performing seamless SPICE migration, which allows local users to cause a…
|
NVD-CWE-Other
|
CVE-2013-7336
|
2024-11-21 11:00 |
2014-05-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
293602
|
- |
|
libpng
|
libpng
|
Multiple integer overflows in libpng before 1.5.14rc03 allow remote attackers to cause a denial of service (crash) via a crafted image to the (1) png_set_sPLT or (2) png_set_text_2 function, which tr…
|
CWE-189
Numeric Errors
|
CVE-2013-7354
|
2024-11-21 11:00 |
2014-05-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
293603
|
- |
|
libpng
|
libpng
|
Integer overflow in the png_set_unknown_chunks function in libpng/pngset.c in libpng before 1.5.14beta08 allows context-dependent attackers to cause a denial of service (segmentation fault and crash)…
|
CWE-189
Numeric Errors
|
CVE-2013-7353
|
2024-11-21 11:00 |
2014-05-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
293604
|
- |
|
php-fusion
|
php-fusion
|
SQL injection vulnerability in includes/classes/Authenticate.class.php in PHP-Fusion 7.02.01 through 7.02.05 allows remote attackers to execute arbitrary SQL commands via the user ID in a user cookie…
|
CWE-89
SQL Injection
|
CVE-2013-7375
|
2024-11-21 11:00 |
2014-05-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
293605
|
- |
|
livezilla
|
livezilla
|
The setCookieValue function in _lib/functions.global.inc.php in LiveZilla before 5.1.2.1 allows remote attackers to execute arbitrary PHP code via a serialized PHP object in a cookie.
|
CWE-94
Code Injection
|
CVE-2013-7034
|
2024-11-21 11:00 |
2014-05-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
293606
|
- |
|
livezilla
|
livezilla
|
Multiple cross-site scripting (XSS) vulnerabilities in LiveZilla before 5.1.2.0 allow remote attackers to inject arbitrary web script or HTML via the (1) full name field, (2) company field, or (3) fi…
|
CWE-79
Cross-site Scripting
|
CVE-2013-7003
|
2024-11-21 11:00 |
2014-05-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
293607
|
- |
|
plone
|
plone
|
Products/CMFPlone/CatalogTool.py in Plone 3.3 through 4.3.2 allows remote administrators to bypass restrictions and obtain sensitive information via an unspecified search API.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2013-7061
|
2024-11-21 11:00 |
2014-05-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
293608
|
- |
|
plone
|
plone
|
Products/CMFPlone/FactoryTool.py in Plone 3.3 through 4.3.2 allows remote attackers to obtain the installation path via vectors related to a file object for unspecified documentation which is initial…
|
CWE-200
Information Exposure
|
CVE-2013-7060
|
2024-11-21 11:00 |
2014-05-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
293609
|
- |
|
transifex
|
transifex
|
Transifex command-line client before 0.10 does not validate X.509 certificates for data transfer connections, which allows man-in-the-middle attackers to spoof a Transifex server via an arbitrary cer…
|
CWE-20
Improper Input Validation
|
CVE-2013-7110
|
2024-11-21 11:00 |
2014-05-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
293610
|
- |
|
canonical
|
ubuntu_linux
|
The Ubuntu Date and Time Indicator (aka indicator-datetime) 13.10.0+13.10.x before 13.10.0+13.10.20131023.2-0ubuntu1.1 does not properly restrict access to Evolution, which allows local users to bypa…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2013-7374
|
2024-11-21 11:00 |
2014-05-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
