|
283091
|
- |
|
linux
|
linux_kernel
|
The atalk_recvmsg function in net/appletalk/ddp.c in the Linux kernel before 3.12.4 updates a certain length value without ensuring that an associated data structure has been initialized, which allow…
|
CWE-20
Improper Input Validation
|
CVE-2013-7267
|
2024-11-21 11:00 |
2014-01-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
283092
|
- |
|
linux
|
linux_kernel
|
The mISDN_sock_recvmsg function in drivers/isdn/mISDN/socket.c in the Linux kernel before 3.12.4 does not ensure that a certain length value is consistent with the size of an associated data structur…
|
CWE-20
Improper Input Validation
|
CVE-2013-7266
|
2024-11-21 11:00 |
2014-01-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
283093
|
- |
|
linux
|
linux_kernel
|
The pn_recvmsg function in net/phonet/datagram.c in the Linux kernel before 3.12.4 updates a certain length value before ensuring that an associated data structure has been initialized, which allows …
|
CWE-20
Improper Input Validation
|
CVE-2013-7265
|
2024-11-21 11:00 |
2014-01-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
283094
|
- |
|
linux
|
linux_kernel
|
The l2tp_ip_recvmsg function in net/l2tp/l2tp_ip.c in the Linux kernel before 3.12.4 updates a certain length value before ensuring that an associated data structure has been initialized, which allow…
|
CWE-20
Improper Input Validation
|
CVE-2013-7264
|
2024-11-21 11:00 |
2014-01-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
283095
|
- |
|
linux
|
linux_kernel
|
The Linux kernel before 3.12.4 updates certain length values before ensuring that associated data structures have been initialized, which allows local users to obtain sensitive information from kerne…
|
CWE-20
Improper Input Validation
|
CVE-2013-7263
|
2024-11-21 11:00 |
2014-01-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
283096
|
- |
|
umn
osgeo
|
mapserver
|
SQL injection vulnerability in the msPostGISLayerSetTimeFilter function in mappostgis.c in MapServer before 6.4.1, when a WMS-Time service is used, allows remote attackers to execute arbitrary SQL co…
|
CWE-89
SQL Injection
|
CVE-2013-7262
|
2024-11-21 11:00 |
2014-01-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
283097
|
- |
|
realnetworks
|
realplayer
|
Multiple stack-based buffer overflows in RealNetworks RealPlayer before 17.0.4.61 on Windows, and Mac RealPlayer before 12.0.1.1738, allow remote attackers to execute arbitrary code via a long (1) ve…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2013-7260
|
2024-11-21 11:00 |
2014-01-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
283098
|
- |
|
dotnetblogengine
|
blogengine.net
|
BlogEngine.NET 2.8.0.0 and earlier allows remote attackers to read usernames and password hashes via a request for the sioc.axd file.
|
CWE-200
Information Exposure
|
CVE-2013-6953
|
2024-11-21 11:00 |
2014-01-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
283099
|
- |
|
web2ldap
|
web2ldap
|
Cross-site scripting (XSS) vulnerability in web2ldap 1.1.x before 1.1.49 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors related to "displaying group DN and ent…
|
CWE-79
Cross-site Scripting
|
CVE-2013-7258
|
2024-11-21 11:00 |
2014-01-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
283100
|
- |
|
codiad
|
codiad
|
Cross-site scripting (XSS) vulnerability in Codiad 2.0.7 allows remote attackers to inject arbitrary web script or HTML via the Project Name field.
|
CWE-79
Cross-site Scripting
|
CVE-2013-7257
|
2024-11-21 11:00 |
2014-01-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
