|
293421
|
- |
|
ibm
|
smartcloud_analytics_log_analysis
|
Cross-site scripting (XSS) vulnerability in IBM SmartCloud Analytics Log Analysis 1.1 and 1.2 before 1.2.0.0-CSI-SCALA-IF0003 allows remote attackers to inject arbitrary web script or HTML via an inv…
|
CWE-79
Cross-site Scripting
|
CVE-2013-6738
|
2024-11-21 10:59 |
2014-04-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
293422
|
- |
|
redhat
|
jboss_fuse_service_works
jboss_overlord_run_time_governance
|
JBoss Overlord Run Time Governance (RTGov) 1.0 for JBossAS allows remote authenticated users to execute arbitrary Java code via an MVFLEX Expression Language (MVEL) expression. NOTE: some of these d…
|
CWE-94
Code Injection
|
CVE-2013-6469
|
2024-11-21 10:59 |
2014-04-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
293423
|
- |
|
json-c
fedoraproject
|
json-c
fedora
|
The hash functionality in json-c before 0.12 allows context-dependent attackers to cause a denial of service (CPU consumption) via crafted JSON data, involving collisions.
|
CWE-310
Cryptographic Issues
|
CVE-2013-6371
|
2024-11-21 10:59 |
2014-04-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
293424
|
- |
|
json-c
fedoraproject
|
json-c
fedora
|
Buffer overflow in the printbuf APIs in json-c before 0.12 allows remote attackers to cause a denial of service via unspecified vectors.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2013-6370
|
2024-11-21 10:59 |
2014-04-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
293425
|
- |
|
redhat
fedoraproject
|
libvirt
fedora
|
The LXC driver (lxc/lxc_driver.c) in libvirt 1.0.1 through 1.2.1 allows local users to (1) delete arbitrary host devices via the virDomainDeviceDettach API and a symlink attack on /dev in the contain…
|
CWE-59
Link Following
|
CVE-2013-6456
|
2024-11-21 10:59 |
2014-04-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
293426
|
- |
|
cambridge_enterprise
|
jbig-kit
|
Stack-based buffer overflow in the jbg_dec_in function in libjbig/jbig.c in JBIG-KIT before 2.1 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2013-6369
|
2024-11-21 10:59 |
2014-04-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
293427
|
- |
|
redhat
|
jboss_bpm_suite
jboss_enterprise_brms_platform
jboss_drools
|
JBoss Drools, Red Hat JBoss BRMS before 6.0.1, and Red Hat JBoss BPM Suite before 6.0.1 allows remote authenticated users to execute arbitrary Java code via a (1) MVFLEX Expression Language (MVEL) or…
|
CWE-94
Code Injection
|
CVE-2013-6468
|
2024-11-21 10:59 |
2014-04-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
293428
|
- |
|
chainfire
|
supersu
|
The Chainfire SuperSU package before 1.69 for Android allows attackers to gain privileges via the (1) backtick or (2) $() type of shell metacharacters in the -c option to /system/xbin/su.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2013-6775
|
2024-11-21 10:59 |
2014-03-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
293429
|
- |
|
koushik_dutta
|
superuser
|
The CyanogenMod/ClockWorkMod/Koush Superuser package 1.0.2.1 for Android allows attackers to gain privileges via shell metacharacters in the -c option to /system/xbin/su.
|
CWE-20
Improper Input Validation
|
CVE-2013-6769
|
2024-11-21 10:59 |
2014-03-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
293430
|
- |
|
koushik_dutta
google
|
superuser
android
|
The CyanogenMod/ClockWorkMod/Koush Superuser package 1.0.2.1 for Android 4.3 and 4.4 does not properly restrict the set of users who can execute /system/xbin/su with the --daemon option, which allows…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2013-6770
|
2024-11-21 10:59 |
2014-03-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
