|
284901
|
- |
|
hp
|
linux_imaging_and_printing_project
|
The check_permission_v1 function in base/pkit.py in HP Linux Imaging and Printing (HPLIP) through 3.13.9 does not properly use D-Bus for communication with a polkit authority, which allows local user…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2013-4325
|
2024-11-21 10:55 |
2013-09-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
284902
|
- |
|
djangoproject
|
django
|
Directory traversal vulnerability in Django 1.4.x before 1.4.7, 1.5.x before 1.5.3, and 1.6.x before 1.6 beta 3 allows remote attackers to read arbitrary files via a file path in the ALLOWED_INCLUDE_…
|
CWE-22
Path Traversal
|
CVE-2013-4315
|
2024-11-21 10:55 |
2013-09-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
284903
|
- |
|
openstack
|
compute
|
The "create an instance" API in OpenStack Compute (Nova) Folsom, Grizzly, and Havana does not properly enforce the os-flavor-access:is_public property, which allows remote authenticated users to boot…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2013-4278
|
2024-11-21 10:55 |
2013-09-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
284904
|
- |
|
apache
|
subversion
|
Svnserve in Apache Subversion 1.4.0 through 1.7.12 and 1.8.0 through 1.8.1 allows local users to overwrite arbitrary files or kill arbitrary processes via a symlink attack on the file specified by th…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2013-4277
|
2024-11-21 10:55 |
2013-09-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
284905
|
- |
|
redhat
|
ansible
|
lib/ansible/playbook/__init__.py in Ansible 1.2.x before 1.2.3, when playbook does not run due to an error, allows local users to overwrite arbitrary files via a symlink attack on a retry file with a…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2013-4260
|
2024-11-21 10:55 |
2013-09-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
284906
|
- |
|
redhat
|
ansible
|
runner/connection_plugins/ssh.py in Ansible before 1.2.3, when using ControlPersist, allows local users to redirect a ssh session via a symlink attack on a socket file with a predictable name in /tmp…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2013-4259
|
2024-11-21 10:55 |
2013-09-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
284907
|
- |
|
konstanty_bialkowski
debian
|
libmodplug
debian_linux
|
Multiple heap-based buffer overflows in the (1) abc_MIDI_drum and (2) abc_MIDI_gchord functions in load_abc.cpp in libmodplug 0.8.8.4 and earlier allow remote attackers to cause a denial of service (…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2013-4234
|
2024-11-21 10:55 |
2013-09-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
284908
|
- |
|
konstanty_bialkowski
debian
|
libmodplug
debian_linux
|
Integer overflow in the abc_set_parts function in load_abc.cpp in libmodplug 0.8.8.4 and earlier allows remote attackers to cause a denial of service and possibly execute arbitrary code via a crafted…
|
CWE-189
Numeric Errors
|
CVE-2013-4233
|
2024-11-21 10:55 |
2013-09-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
284909
|
- |
|
openstack
|
cinder
|
The clear_volume function in LVMVolumeDriver driver in OpenStack Cinder 2013.1.1 through 2013.1.2 does not properly clear data when deleting a snapshot, which allows local users to obtain sensitive i…
|
CWE-200
Information Exposure
|
CVE-2013-4183
|
2024-11-21 10:55 |
2013-09-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
284910
|
- |
|
openstack
canonical
|
cinder
ubuntu_linux
|
The (1) backup (api/contrib/backups.py) and (2) volume transfer (contrib/volume_transfer.py) APIs in OpenStack Cinder Grizzly 2013.1.3 and earlier allows remote attackers to cause a denial of service…
|
CWE-399
Resource Management Errors
|
CVE-2013-4202
|
2024-11-21 10:55 |
2013-09-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
