|
293621
|
- |
|
nagios
|
nagios
|
status.cgi in Nagios 4.0 before 4.0 beta4 and 3.x before 3.5.1 does not properly restrict access to certain users that are a contact for a service, which allows remote authenticated users to obtain s…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2013-2214
|
2024-11-21 10:51 |
2014-02-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
293622
|
- |
|
python_bugzilla_project
fedoraproject
opensuse
|
python-bugzilla
fedora
opensuse
|
python-bugzilla before 0.9.0 does not validate X.509 certificates, which allows man-in-the-middle attackers to spoof Bugzilla servers via a crafted certificate.
|
CWE-20
Improper Input Validation
|
CVE-2013-2191
|
2024-11-21 10:51 |
2014-02-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
293623
|
- |
|
apache
|
hadoop
|
The RPC protocol implementation in Apache Hadoop 2.x before 2.0.6-alpha, 0.23.x before 0.23.9, and 1.x before 1.2.1, when the Kerberos security features are enabled, allows man-in-the-middle attacker…
|
CWE-287
Improper Authentication
|
CVE-2013-2192
|
2024-11-21 10:51 |
2014-01-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
293624
|
- |
|
redhat
|
enterprise_virtualization
|
Unquoted Windows search path vulnerability in the SPICE service, as used in Red Hat Enterprise Virtualization (RHEV) 3.2, allows local users to gain privileges via a crafted application in an unspeci…
|
NVD-CWE-Other
|
CVE-2013-2152
|
2024-11-21 10:51 |
2014-01-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
293625
|
- |
|
redhat
|
enterprise_virtualization
|
Unquoted Windows search path vulnerability in Red Hat Enterprise Virtualization (RHEV) 3 and 3.2 allows local users to gain privileges via a crafted application in an unspecified folder.
|
NVD-CWE-Other
|
CVE-2013-2151
|
2024-11-21 10:51 |
2014-01-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
293626
|
- |
|
openstack
|
python-keystoneclient
|
python-keystoneclient before 0.2.4, as used in OpenStack Keystone (Folsom), does not properly check expiry for PKI tokens, which allows remote authenticated users to (1) retain use of a token after i…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2013-2104
|
2024-11-21 10:51 |
2014-01-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
293627
|
- |
|
libimobiledevice
|
libimobiledevice
|
userpref.c in libimobiledevice 1.1.4, when $HOME and $XDG_CONFIG_HOME are not set, allows local users to overwrite arbitrary files via a symlink attack on (1) HostCertificate.pem, (2) HostPrivateKey.…
|
CWE-59
Link Following
|
CVE-2013-2142
|
2024-11-21 10:51 |
2014-01-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
293628
|
- |
|
redhat
apache
|
jboss_enterprise_portal_platform
jboss_enterprise_application_platform
tomcat
|
The readObject method in the DiskFileItem class in Apache Tomcat and JBoss Web, as used in Red Hat JBoss Enterprise Application Platform 6.1.0 and Red Hat JBoss Portal 6.0.0, allows remote attackers …
|
CWE-20
Improper Input Validation
|
CVE-2013-2185
|
2024-11-21 10:51 |
2014-01-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
293629
|
- |
|
fedoraproject
opensuse
cisco
|
fedora
opensuse
libsrtp
|
Buffer overflow in srtp.c in libsrtp in srtp 1.4.5 and earlier allows remote attackers to cause a denial of service (crash) via vectors related to a length inconsistency in the crypto_policy_set_from…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2013-2139
|
2024-11-21 10:51 |
2014-01-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
293630
|
- |
|
hp
|
storage_data_protector
|
Unspecified vulnerability in HP Storage Data Protector 6.2X allows remote attackers to execute arbitrary code or cause a denial of service via unknown vectors, aka ZDI-CAN-1897.
|
NVD-CWE-noinfo
|
CVE-2013-2350
|
2024-11-21 10:51 |
2014-01-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
