|
286011
|
- |
|
emeric_vernat
|
javamelody
|
Cross-site scripting (XSS) vulnerability in HtmlSessionInformationsReport.java in JavaMelody 1.46 and earlier allows remote attackers to inject arbitrary web script or HTML via a crafted X-Forwarded-…
|
CWE-79
Cross-site Scripting
|
CVE-2013-4378
|
2024-11-21 10:55 |
2013-10-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
286012
|
- |
|
apache
oracle
|
struts
mysql_enterprise_monitor
flexcube_private_banking
webcenter_sites
|
Apache Struts 2.0.0 through 2.3.15.1 enables Dynamic Method Invocation by default, which has unknown impact and attack vectors.
|
CWE-16
NVD-CWE-noinfo
CWE-284
Configuration
Improper Access Control
|
CVE-2013-4316
|
2024-11-21 10:55 |
2013-10-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
286013
|
- |
|
jean-paul_calderone
canonical
|
pyopenssl
ubuntu_linux
|
The X509Extension in pyOpenSSL before 0.13.1 does not properly handle a '\0' character in a domain name in the Subject Alternative Name field of an X.509 certificate, which allows man-in-the-middle a…
|
CWE-20
Improper Input Validation
|
CVE-2013-4314
|
2024-11-21 10:55 |
2013-10-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
286014
|
- |
|
apache
|
struts
|
Apache Struts 2.0.0 through 2.3.15.1 allows remote attackers to bypass access controls via a crafted action: prefix.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2013-4310
|
2024-11-21 10:55 |
2013-10-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
286015
|
- |
|
redhat
|
libvirt
|
The virFileNBDDeviceAssociate function in util/virfile.c in libvirt 1.1.2 and earlier allows remote authenticated users to cause a denial of service (uninitialized pointer dereference and crash) via …
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2013-4297
|
2024-11-21 10:55 |
2013-10-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
286016
|
- |
|
redhat
canonical
|
libvirt
ubuntu_linux
enterprise_linux
|
The remoteDispatchDomainMemoryStats function in daemon/remote.c in libvirt 0.9.1 through 0.10.1.x, 0.10.2.x before 0.10.2.8, 1.0.x before 1.0.5.6, and 1.1.x before 1.1.2 allows remote authenticated u…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2013-4296
|
2024-11-21 10:55 |
2013-10-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
286017
|
- |
|
redhat
|
libvirt
|
libvirt 1.1.0 and 1.1.1 allows local users to cause a denial of service (memory consumption) via a large number of domain migrate parameters in certain RPC calls in (1) daemon/remote.c and (2) remote…
|
CWE-399
Resource Management Errors
|
CVE-2013-4292
|
2024-11-21 10:55 |
2013-10-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
286018
|
- |
|
redhat
|
libvirt
|
The virSecurityManagerSetProcessLabel function in libvirt 0.10.2.7, 1.0.5.5, and 1.1.1, when the domain has read an uid:gid label, does not properly set group memberships, which allows local users to…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2013-4291
|
2024-11-21 10:55 |
2013-10-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
286019
|
- |
|
redhat
|
libvirt
|
The xenDaemonListDefinedDomains function in xen/xend_internal.c in libvirt 1.1.1 allows remote authenticated users to cause a denial of service (memory corruption and crash) via vectors involving the…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2013-4239
|
2024-11-21 10:55 |
2013-10-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
286020
|
- |
|
redhat
|
jboss_a-mq
jboss_fuse
|
Multiple cross-site scripting (XSS) vulnerabilities in Fuse Management Console in Red Hat JBoss Fuse 6.0.0 before patch 3 and JBoss A-MQ 6.0.0 before patch 3 allow remote attackers to inject arbitrar…
|
CWE-79
Cross-site Scripting
|
CVE-2013-4372
|
2024-11-21 10:55 |
2013-10-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
