|
284831
|
7.8 |
HIGH
Local
|
xnview
|
xnview
|
Heap-based buffer overflow in xnview.exe in XnView before 2.13 allows remote attackers to execute arbitrary code via the biBitCount field in a BMP file.
|
CWE-787
Out-of-bounds Write
|
CVE-2013-3937
|
2024-11-21 10:54 |
2020-01-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
284832
|
8.8 |
HIGH
Network
|
jomres
|
jomres
|
SQL injection vulnerability in the Jomres (com_jomres) component before 7.3.1 for Joomla! allows remote authenticated users with the "Business Manager" permission to execute arbitrary SQL commands vi…
|
CWE-89
SQL Injection
|
CVE-2013-3932
|
2024-11-21 10:54 |
2020-01-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
284833
|
5.4 |
MEDIUM
Network
|
jomres
|
jomres
|
Cross-site scripting (XSS) vulnerability in the Jomres (com_jomres) component before 7.3.1 for Joomla! allows remote authenticated users with the "Business Manager" permission to inject arbitrary web…
|
CWE-79
Cross-site Scripting
|
CVE-2013-3931
|
2024-11-21 10:54 |
2020-01-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
284834
|
7.8 |
HIGH
Local
|
extensis
|
mrsid
|
Heap-based buffer overflow in the MrSID plugin (MrSID.dll) before 4.37 for IrfanView allows remote attackers to execute arbitrary code via a levels header.
|
CWE-787
Out-of-bounds Write
|
CVE-2013-3946
|
2024-11-21 10:54 |
2020-01-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
284835
|
7.8 |
HIGH
Local
|
extensis
|
mrsid
|
The MrSID plugin (MrSID.dll) before 4.37 for IrfanView allows remote attackers to execute arbitrary code via a nband tag.
|
CWE-20
Improper Input Validation
|
CVE-2013-3945
|
2024-11-21 10:54 |
2020-01-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
284836
|
7.8 |
HIGH
Local
|
extensis
|
mrsid
|
Stack-based buffer overflow in the MrSID plugin (MrSID.dll) before 4.37 for IrfanView allows remote attackers to execute arbitrary code via an IMAGE tag.
|
CWE-787
Out-of-bounds Write
|
CVE-2013-3944
|
2024-11-21 10:54 |
2020-01-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
284837
|
7.5 |
HIGH
Network
|
supermicro
citrix
|
smt_x9_firmware
smt_x8_firmware
netscaler_sdx_firmware
netscaler_firmware
netscaler_sd-wan_firmware
|
Hardcoded WSMan credentials in Intelligent Platform Management Interface (IPMI) with firmware for Supermicro X9 generation motherboards before 3.15 (SMT_X9_315) and firmware for Supermicro X8 generat…
|
CWE-522
Insufficiently Protected Credentials
|
CVE-2013-3620
|
2024-11-21 10:54 |
2020-01-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
284838
|
6.1 |
MEDIUM
Network
|
opsview
|
opsview
opsview_core
|
Multiple cross-site scripting (XSS) vulnerabilities in Opsview before 4.4.1 and Opsview Core before 20130522 allow remote attackers to inject arbitrary web script or HTML.
|
CWE-79
Cross-site Scripting
|
CVE-2013-3936
|
2024-11-21 10:54 |
2020-01-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
284839
|
8.8 |
HIGH
Network
|
opsview
|
opsview
opsview_core
|
Cross-site request forgery (CSRF) vulnerability in Opsview before 4.4.1 and Opsview Core before 20130522 allows remote attackers to hijack the authentication of administrators for requests that chang…
|
CWE-352
Origin Validation Error
|
CVE-2013-3935
|
2024-11-21 10:54 |
2020-01-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
284840
|
7.8 |
HIGH
Local
|
gksu-polkit_project
fedoraproject
|
gksu-polkit
fedora
|
gksu-polkit-0.0.3-6.fc18 was reported as fixing the issue in CVE-2012-5617 but the patch was improperly applied and it did not fixed the security issue.
|
CWE-269
Improper Privilege Management
|
CVE-2013-4161
|
2024-11-21 10:54 |
2020-01-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
