|
286791
|
- |
|
rrdtool_project
|
rrdtool
|
Format string vulnerability in the rrdtool module 1.4.7 for Python, as used in Zenoss, allows context-dependent attackers to cause a denial of service (crash) via format string specifiers to the rrdt…
|
CWE-134
Use of Externally-Controlled Format String
|
CVE-2013-2131
|
2024-11-21 10:51 |
2015-01-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
286792
|
- |
|
gentoo
|
portage
|
The urlopen function in pym/portage/util/_urlopen.py in Gentoo Portage 2.1.12, when using HTTPS, does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof…
|
CWE-310
Cryptographic Issues
|
CVE-2013-2100
|
2024-11-21 10:51 |
2014-09-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
286793
|
- |
|
monkey-project
|
monkey
|
The Mandril security plugin in Monkey HTTP Daemon (monkeyd) before 1.5.0 allows remote attackers to bypass access restrictions via a crafted URI, as demonstrated by an encoded forward slash.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2013-2182
|
2024-11-21 10:51 |
2014-06-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
286794
|
- |
|
monkey-project
|
monkey
|
Monkey HTTP Daemon (monkeyd) before 1.2.2 allows remote attackers to cause a denial of service (infinite loop) via an offset equal to the file size in the Range HTTP header.
|
CWE-20
Improper Input Validation
|
CVE-2013-2163
|
2024-11-21 10:51 |
2014-06-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
286795
|
- |
|
mambo-foundation
|
mambo_cms
|
Mambo CMS 4.6.5 allows remote attackers to cause a denial of service (memory and bandwidth consumption) by uploading a crafted file.
|
CWE-399
Resource Management Errors
|
CVE-2013-2564
|
2024-11-21 10:51 |
2014-06-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
286796
|
- |
|
mambo-foundation
|
mambo_cms
|
Mambo CMS 4.6.5 uses world-readable permissions on configuration.php, which allows local users to obtain the admin password hash by reading the file.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2013-2563
|
2024-11-21 10:51 |
2014-06-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
286797
|
- |
|
mambo-foundation
|
mambo_cms
|
Mambo CMS 4.6.5 stores the MySQL database password in cleartext in the document root, which allows local users to obtain sensitive information via unspecified vectors.
|
CWE-255
Credentials Management
|
CVE-2013-2562
|
2024-11-21 10:51 |
2014-06-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
286798
|
- |
|
znc
|
znc
|
ZNC 1.0 allows remote authenticated users to cause a denial of service (NULL pointer reference and crash) via a crafted request to the (1) editnetwork, (2) editchan, (3) addchan, or (4) delchan page …
|
NVD-CWE-Other
|
CVE-2013-2130
|
2024-11-21 10:51 |
2014-06-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
286799
|
- |
|
rom_walton
|
boinc
|
Multiple stack-based buffer overflows in the XML parser in BOINC 7.x allow attackers to have unspecified impact via a crafted XML file, related to the scheduler.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2013-2298
|
2024-11-21 10:51 |
2014-06-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
286800
|
- |
|
apache
|
hbase
|
Apache HBase 0.92.x before 0.92.3 and 0.94.x before 0.94.9, when the Kerberos features are enabled, allows man-in-the-middle attackers to disable bidirectional authentication and obtain sensitive inf…
|
CWE-287
Improper Authentication
|
CVE-2013-2193
|
2024-11-21 10:51 |
2014-05-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
