|
294001
|
- |
|
redhat
|
icedtea-web
|
The LiveConnect implementation in plugin/icedteanp/IcedTeaNPPlugin.cc in IcedTea-Web before 1.4.2 allows local users to read the messages between a Java applet and a web browser by pre-creating a tem…
|
CWE-200
Information Exposure
|
CVE-2013-6493
|
2024-11-21 10:59 |
2014-03-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294002
|
- |
|
ibm
|
netezza_performance_portal
|
IBM Netezza Performance Portal 2.x before 2.0.0.3 allows remote authenticated users to change arbitrary passwords via an HTTP POST request.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2013-6731
|
2024-11-21 10:59 |
2014-02-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294003
|
- |
|
google
|
chrome
|
Multiple unspecified vulnerabilities in Google Chrome before 33.0.1750.117 allow attackers to bypass the sandbox protection mechanism after obtaining renderer access, or have other impact, via unknow…
|
NVD-CWE-noinfo
|
CVE-2013-6661
|
2024-11-21 10:59 |
2014-02-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294004
|
- |
|
google
|
chrome
|
The drag-and-drop implementation in Google Chrome before 33.0.1750.117 does not properly restrict the information in WebDropData data structures, which allows remote attackers to discover full pathna…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2013-6660
|
2024-11-21 10:59 |
2014-02-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294005
|
- |
|
google
|
chrome
|
The SSLClientSocketNSS::Core::OwnAuthCertHandler function in net/socket/ssl_client_socket_nss.cc in Google Chrome before 33.0.1750.117 does not prevent changes to server X.509 certificates during ren…
|
CWE-310
Cryptographic Issues
|
CVE-2013-6659
|
2024-11-21 10:59 |
2014-02-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294006
|
- |
|
google
|
chrome
|
Multiple use-after-free vulnerabilities in the layout implementation in Blink, as used in Google Chrome before 33.0.1750.117, allow remote attackers to cause a denial of service or possibly have unsp…
|
CWE-399
Resource Management Errors
|
CVE-2013-6658
|
2024-11-21 10:59 |
2014-02-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294007
|
- |
|
google
|
chrome
|
core/html/parser/XSSAuditor.cpp in the XSS auditor in Blink, as used in Google Chrome before 33.0.1750.117, inserts the about:blank URL during certain blocking of FORM elements within HTTP requests, …
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2013-6657
|
2024-11-21 10:59 |
2014-02-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294008
|
- |
|
google
|
chrome
|
The XSSAuditor::init function in core/html/parser/XSSAuditor.cpp in the XSS auditor in Blink, as used in Google Chrome before 33.0.1750.117, processes POST requests by using the body of a redirecting…
|
CWE-200
Information Exposure
|
CVE-2013-6656
|
2024-11-21 10:59 |
2014-02-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294009
|
- |
|
google
|
chrome
|
Use-after-free vulnerability in Blink, as used in Google Chrome before 33.0.1750.117, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors relate…
|
CWE-399
Resource Management Errors
|
CVE-2013-6655
|
2024-11-21 10:59 |
2014-02-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294010
|
- |
|
google
|
chrome
|
The SVGAnimateElement::calculateAnimatedValue function in core/svg/SVGAnimateElement.cpp in Blink, as used in Google Chrome before 33.0.1750.117, does not properly handle unexpected data types, which…
|
CWE-20
Improper Input Validation
|
CVE-2013-6654
|
2024-11-21 10:59 |
2014-02-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
