|
284731
|
- |
|
linux
|
linux_kernel
|
The scm_check_creds function in net/core/scm.c in the Linux kernel before 3.11 performs a capability check in an incorrect namespace, which allows local users to gain privileges via PID spoofing.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2013-4300
|
2024-11-21 10:55 |
2013-09-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
284732
|
- |
|
openstack
|
keystone
|
The (1) mamcache and (2) KVS token backends in OpenStack Identity (Keystone) Folsom 2012.2.x and Grizzly before 2013.1.4 do not properly compare the PKI token revocation list with PKI tokens, which a…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2013-4294
|
2024-11-21 10:55 |
2013-09-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
284733
|
- |
|
hp
|
linux_imaging_and_printing_project
|
The check_permission_v1 function in base/pkit.py in HP Linux Imaging and Printing (HPLIP) through 3.13.9 does not properly use D-Bus for communication with a polkit authority, which allows local user…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2013-4325
|
2024-11-21 10:55 |
2013-09-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
284734
|
- |
|
djangoproject
|
django
|
Directory traversal vulnerability in Django 1.4.x before 1.4.7, 1.5.x before 1.5.3, and 1.6.x before 1.6 beta 3 allows remote attackers to read arbitrary files via a file path in the ALLOWED_INCLUDE_…
|
CWE-22
Path Traversal
|
CVE-2013-4315
|
2024-11-21 10:55 |
2013-09-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
284735
|
- |
|
openstack
|
compute
|
The "create an instance" API in OpenStack Compute (Nova) Folsom, Grizzly, and Havana does not properly enforce the os-flavor-access:is_public property, which allows remote authenticated users to boot…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2013-4278
|
2024-11-21 10:55 |
2013-09-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
284736
|
- |
|
apache
|
subversion
|
Svnserve in Apache Subversion 1.4.0 through 1.7.12 and 1.8.0 through 1.8.1 allows local users to overwrite arbitrary files or kill arbitrary processes via a symlink attack on the file specified by th…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2013-4277
|
2024-11-21 10:55 |
2013-09-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
284737
|
- |
|
redhat
|
ansible
|
lib/ansible/playbook/__init__.py in Ansible 1.2.x before 1.2.3, when playbook does not run due to an error, allows local users to overwrite arbitrary files via a symlink attack on a retry file with a…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2013-4260
|
2024-11-21 10:55 |
2013-09-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
284738
|
- |
|
redhat
|
ansible
|
runner/connection_plugins/ssh.py in Ansible before 1.2.3, when using ControlPersist, allows local users to redirect a ssh session via a symlink attack on a socket file with a predictable name in /tmp…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2013-4259
|
2024-11-21 10:55 |
2013-09-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
284739
|
- |
|
konstanty_bialkowski
debian
|
libmodplug
debian_linux
|
Multiple heap-based buffer overflows in the (1) abc_MIDI_drum and (2) abc_MIDI_gchord functions in load_abc.cpp in libmodplug 0.8.8.4 and earlier allow remote attackers to cause a denial of service (…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2013-4234
|
2024-11-21 10:55 |
2013-09-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
284740
|
- |
|
konstanty_bialkowski
debian
|
libmodplug
debian_linux
|
Integer overflow in the abc_set_parts function in load_abc.cpp in libmodplug 0.8.8.4 and earlier allows remote attackers to cause a denial of service and possibly execute arbitrary code via a crafted…
|
CWE-189
Numeric Errors
|
CVE-2013-4233
|
2024-11-21 10:55 |
2013-09-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
