|
292061
|
6.5 |
MEDIUM
Network
|
opensuse
|
open_build_service
|
The controller of the Open Build Service API prior to version 2.4.4 is missing a write permission check, allowing an authenticated attacker to add or remove user roles from packages and/or project me…
|
CWE-275
Permission Issues
|
CVE-2013-3703
|
2024-11-21 10:54 |
2018-06-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
292062
|
5.5 |
MEDIUM
Local
|
ibm
|
tivoli_application_dependency_discovery_manager
|
IBM Tivoli Application Dependency Discovery Manager (TADDM) 7.1.2.x before 7.2.1.5 and 7.2.x before 7.2.2.0 on Unix use weak permissions (755) for unspecified configuration and log files, which allow…
|
CWE-275
Permission Issues
|
CVE-2013-4040
|
2024-11-21 10:54 |
2018-05-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
292063
|
7.3 |
HIGH
Adjacent
|
ibm
|
sterling_connect
|
IBM Sterling Connect:Direct for OpenVMS 3.4.00, 3.4.01, 3.5.00, 3.6.0, and 3.6.0.1 allow remote attackers to have unspecified impact by leveraging failure to reject client requests for an unencrypted…
|
CWE-310
Cryptographic Issues
|
CVE-2013-4035
|
2024-11-21 10:54 |
2018-05-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
292064
|
7.8 |
HIGH
Local
|
ahnlab
|
v3_internet_security
|
Buffer overflow in MedCoreD.sys in AhnLab V3 Internet Security 8.0.7.5 (Build 1373) allows local users to gain privileges via a crafted 0xA3350014 IOCTL call.
|
CWE-264
CWE-119
Permissions, Privileges, and Access Controls
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2013-3947
|
2024-11-21 10:54 |
2018-04-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
292065
|
6.6 |
MEDIUM
Network
|
redhat
|
jboss_application_server
|
The Embedded Jopr component in JBoss Application Server includes the cleartext datasource password in unspecified HTML responses, which might allow (1) man-in-the-middle attackers to obtain sensitive…
|
CWE-255
Credentials Management
|
CVE-2013-3734
|
2024-11-21 10:54 |
2017-10-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
292066
|
7.5 |
HIGH
Network
|
freerdp
|
freerdp
|
FreeRDP before 1.1.0-beta+2013071101 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) by disconnecting before authentication has finished.
|
CWE-476
NULL Pointer Dereference
|
CVE-2013-4119
|
2024-11-21 10:54 |
2016-10-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
292067
|
7.5 |
HIGH
Network
|
freerdp
opensuse
|
freerdp
leap
opensuse
|
FreeRDP before 1.1.0-beta1 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via unspecified vectors.
|
CWE-476
NULL Pointer Dereference
|
CVE-2013-4118
|
2024-11-21 10:54 |
2016-10-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
292068
|
- |
|
sap
|
governance_risk_and_compliance
|
Multiple unspecified vulnerabilities in SAP Governance, Risk, and Compliance (GRC) allow remote authenticated users to gain privileges and execute arbitrary programs via a crafted (1) RFC or (2) SOAP…
|
NVD-CWE-noinfo
|
CVE-2013-3678
|
2024-11-21 10:54 |
2014-11-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
292069
|
- |
|
bestpractical
|
request_tracker
|
The MobileUI (aka RT-Extension-MobileUI) extension before 1.04 in Request Tracker (RT) 4.0.0 before 4.0.13, when using the file-based session store (Apache::Session::File) and certain authentication …
|
CWE-200
Information Exposure
|
CVE-2013-3737
|
2024-11-21 10:54 |
2014-11-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
292070
|
- |
|
qemu
|
qemu
|
The virtio_load function in virtio/virtio.c in QEMU 1.x before 1.7.2 allows remote attackers to execute arbitrary code via a crafted savevm image, which triggers an out-of-bounds write.
|
CWE-94
Code Injection
|
CVE-2013-4151
|
2024-11-21 10:54 |
2014-11-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
