|
284851
|
- |
|
mediawiki
|
mediawiki
|
Cross-site request forgery (CSRF) vulnerability in api/ApiQueryCheckUser.php in the CheckUser extension for MediaWiki, possibly Checkuser before 2.3, allows remote attackers to hijack the authenticat…
|
CWE-352
Origin Validation Error
|
CVE-2013-4306
|
2024-11-21 10:55 |
2013-10-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
284852
|
- |
|
mediawiki
|
mediawiki
|
Cross-site scripting (XSS) vulnerability in contrib/example.php in the SyntaxHighlight GeSHi extension for MediaWiki, possibly as downloaded before September 2013, allows remote attackers to inject a…
|
CWE-79
Cross-site Scripting
|
CVE-2013-4305
|
2024-11-21 10:55 |
2013-10-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
284853
|
- |
|
x
|
x.org_x11
|
Use-after-free vulnerability in the doImageText function in dix/dixfonts.c in the xorg-server module before 1.14.4 in X.Org X11 allows remote authenticated users to cause a denial of service (daemon …
|
CWE-399
Resource Management Errors
|
CVE-2013-4396
|
2024-11-21 10:55 |
2013-10-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
284854
|
- |
|
linux
|
linux_kernel
|
net/ipv6/ip6_output.c in the Linux kernel through 3.11.4 does not properly determine the need for UDP Fragmentation Offload (UFO) processing of small packets after the UFO queueing of a large packet,…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2013-4387
|
2024-11-21 10:55 |
2013-10-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
284855
|
- |
|
linux
fedoraproject
redhat
|
linux_kernel
fedora
enterprise_linux
enterprise_mrg
|
Off-by-one error in the get_prng_bytes function in crypto/ansi_cprng.c in the Linux kernel through 3.11.4 makes it easier for context-dependent attackers to defeat cryptographic protection mechanisms…
|
CWE-189
Numeric Errors
|
CVE-2013-4345
|
2024-11-21 10:55 |
2013-10-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
284856
|
- |
|
gnupg
|
gnupg
|
GnuPG 1.4.x, 2.0.x, and 2.1.x treats a key flags subpacket with all bits cleared (no usage permitted) as if it has all bits set (all usage permitted), which might allow remote attackers to bypass int…
|
CWE-310
Cryptographic Issues
|
CVE-2013-4351
|
2024-11-21 10:55 |
2013-10-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
284857
|
- |
|
xinetd
redhat
|
xinetd
enterprise_linux
|
xinetd does not enforce the user and group configuration directives for TCPMUX services, which causes these services to be run as root and makes it easier for remote attackers to gain privileges by l…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2013-4342
|
2024-11-21 10:55 |
2013-10-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
284858
|
- |
|
restlet
|
restlet
|
The default configuration of the ObjectRepresentation class in Restlet before 2.1.4 deserializes objects from untrusted sources, which allows remote attackers to execute arbitrary Java code via a ser…
|
CWE-502
Deserialization of Untrusted Data
|
CVE-2013-4271
|
2024-11-21 10:55 |
2013-10-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
284859
|
- |
|
restlet
|
restlet
|
The default configuration of the ObjectRepresentation class in Restlet before 2.1.4 deserializes objects from untrusted sources using the Java XMLDecoder, which allows remote attackers to execute arb…
|
CWE-16
CWE-91
Configuration
Blind XPath Injection
|
CVE-2013-4221
|
2024-11-21 10:55 |
2013-10-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
284860
|
- |
|
xen
|
xen
|
Xen 4.3.x writes hypervisor mappings to certain shadow pagetables when live migration is performed on hosts with more than 5TB of RAM, which allows local 64-bit PV guests to read or write to invalid …
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2013-4356
|
2024-11-21 10:55 |
2013-10-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
