|
286031
|
- |
|
openstack
|
compute
|
The "create an instance" API in OpenStack Compute (Nova) Folsom, Grizzly, and Havana does not properly enforce the os-flavor-access:is_public property, which allows remote authenticated users to boot…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2013-4278
|
2024-11-21 10:55 |
2013-09-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
286032
|
- |
|
apache
|
subversion
|
Svnserve in Apache Subversion 1.4.0 through 1.7.12 and 1.8.0 through 1.8.1 allows local users to overwrite arbitrary files or kill arbitrary processes via a symlink attack on the file specified by th…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2013-4277
|
2024-11-21 10:55 |
2013-09-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
286033
|
- |
|
redhat
|
ansible
|
lib/ansible/playbook/__init__.py in Ansible 1.2.x before 1.2.3, when playbook does not run due to an error, allows local users to overwrite arbitrary files via a symlink attack on a retry file with a…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2013-4260
|
2024-11-21 10:55 |
2013-09-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
286034
|
- |
|
redhat
|
ansible
|
runner/connection_plugins/ssh.py in Ansible before 1.2.3, when using ControlPersist, allows local users to redirect a ssh session via a symlink attack on a socket file with a predictable name in /tmp…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2013-4259
|
2024-11-21 10:55 |
2013-09-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
286035
|
- |
|
konstanty_bialkowski
debian
|
libmodplug
debian_linux
|
Multiple heap-based buffer overflows in the (1) abc_MIDI_drum and (2) abc_MIDI_gchord functions in load_abc.cpp in libmodplug 0.8.8.4 and earlier allow remote attackers to cause a denial of service (…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2013-4234
|
2024-11-21 10:55 |
2013-09-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
286036
|
- |
|
konstanty_bialkowski
debian
|
libmodplug
debian_linux
|
Integer overflow in the abc_set_parts function in load_abc.cpp in libmodplug 0.8.8.4 and earlier allows remote attackers to cause a denial of service and possibly execute arbitrary code via a crafted…
|
CWE-189
Numeric Errors
|
CVE-2013-4233
|
2024-11-21 10:55 |
2013-09-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
286037
|
- |
|
openstack
|
cinder
|
The clear_volume function in LVMVolumeDriver driver in OpenStack Cinder 2013.1.1 through 2013.1.2 does not properly clear data when deleting a snapshot, which allows local users to obtain sensitive i…
|
CWE-200
Information Exposure
|
CVE-2013-4183
|
2024-11-21 10:55 |
2013-09-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
286038
|
- |
|
openstack
canonical
|
cinder
ubuntu_linux
|
The (1) backup (api/contrib/backups.py) and (2) volume transfer (contrib/volume_transfer.py) APIs in OpenStack Cinder Grizzly 2013.1.3 and earlier allows remote attackers to cause a denial of service…
|
CWE-399
Resource Management Errors
|
CVE-2013-4202
|
2024-11-21 10:55 |
2013-09-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
286039
|
- |
|
redhat
|
enterprise_virtualization
|
Cross-site scripting (XSS) vulnerability in the addAlert function in the RedirectServlet servlet in oVirt Engine and Red Hat Enterprise Virtualization Manager (RHEV-M), as used in Red Hat Enterprise …
|
CWE-79
Cross-site Scripting
|
CVE-2013-4181
|
2024-11-21 10:55 |
2013-09-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
286040
|
- |
|
redhat
theforeman
|
openstack
foreman
|
app/controllers/api/v1/hosts_controller.rb in Foreman before 1.2.2 does not properly restrict access to hosts, which allows remote attackers to access arbitrary hosts via an API request.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2013-4182
|
2024-11-21 10:55 |
2013-09-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
