|
287471
|
- |
|
haproxy
|
haproxy
|
Buffer overflow in HAProxy 1.4 through 1.4.22 and 1.5-dev through 1.5-dev17, when HTTP keep-alive is enabled, using HTTP keywords in TCP inspection rules, and running with rewrite rules that appends …
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2013-1912
|
2024-11-21 10:50 |
2013-04-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
287472
|
- |
|
redhat
|
packstack
openstack_folsom
openstack_essex
|
PackStack 2012.2.3 in Red Hat OpenStack Essex and Folsom can create the answer file in insecure directories such as /tmp or the current working directory, which allows local users to modify deployed …
|
CWE-255
Credentials Management
|
CVE-2013-1815
|
2024-11-21 10:50 |
2013-04-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
287473
|
- |
|
ruby-lang
|
ruby
|
lib/rexml/text.rb in the REXML parser in Ruby before 1.9.3-p392 allows remote attackers to cause a denial of service (memory consumption and crash) via crafted text nodes in an XML document, aka an X…
|
CWE-20
Improper Input Validation
|
CVE-2013-1821
|
2024-11-21 10:50 |
2013-04-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
287474
|
- |
|
digineo
|
thumbshooter
|
lib/thumbshooter.rb in the Thumbshooter 0.1.5 gem for Ruby allows remote attackers to execute arbitrary commands via shell metacharacters in a URL.
|
CWE-94
Code Injection
|
CVE-2013-1898
|
2024-11-21 10:50 |
2013-04-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
287475
|
- |
|
dan_kubb
|
extlib
|
The extlib gem 0.9.15 and earlier for Ruby does not properly restrict casts of string values, which might allow remote attackers to conduct object-injection attacks and execute arbitrary code, or cau…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2013-1802
|
2024-11-21 10:50 |
2013-04-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
287476
|
- |
|
john_nunemaker
|
httparty
|
The httparty gem 0.9.0 and earlier for Ruby does not properly restrict casts of string values, which might allow remote attackers to conduct object-injection attacks and execute arbitrary code, or ca…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2013-1801
|
2024-11-21 10:50 |
2013-04-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
287477
|
- |
|
john_nunemaker
|
crack
|
The crack gem 0.3.1 and earlier for Ruby does not properly restrict casts of string values, which might allow remote attackers to conduct object-injection attacks and execute arbitrary code, or cause…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2013-1800
|
2024-11-21 10:50 |
2013-04-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
287478
|
- |
|
freedesktop
|
poppler
|
poppler/Stream.cc in poppler before 0.22.1 allows context-dependent attackers to have an unspecified impact via vectors that trigger a read of uninitialized memory by the CCITTFaxStream::lookChar fun…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2013-1790
|
2024-11-21 10:50 |
2013-04-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
287479
|
- |
|
freedesktop
|
poppler
|
splash/Splash.cc in poppler before 0.22.1 allows context-dependent attackers to cause a denial of service (NULL pointer dereference and crash) via vectors related to the (1) Splash::arbitraryTransfor…
|
NVD-CWE-Other
|
CVE-2013-1789
|
2024-11-21 10:50 |
2013-04-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
287480
|
- |
|
freedesktop
|
poppler
|
poppler before 0.22.1 allows context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code via vectors that trigger an "invalid memory access" in (1) splash/Spl…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2013-1788
|
2024-11-21 10:50 |
2013-04-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
