|
286941
|
7.5 |
HIGH
Network
|
cryptocat_project
|
cryptocat
|
Cryptocat strophe.js before 2.0.22 has information disclosure
|
CWE-200
Information Exposure
|
CVE-2013-2262
|
2024-11-21 10:51 |
2019-11-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
286942
|
7.5 |
HIGH
Network
|
cryptocat_project
|
cryptocat
|
Cryptocat before 2.0.22 Chrome Extension 'img/keygen.gif' has Information Disclosure
|
CWE-200
Information Exposure
|
CVE-2013-2261
|
2024-11-21 10:51 |
2019-11-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
286943
|
5.9 |
MEDIUM
Network
|
redhat
openstack
debian
|
openstack
compute
keystone
debian_linux
|
HTTPSConnections in OpenStack Keystone 2013, OpenStack Compute 2013.1, and possibly other OpenStack components, fail to validate server-side SSL certificates.
|
CWE-295
Improper Certificate Validation
|
CVE-2013-2255
|
2024-11-21 10:51 |
2019-11-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
286944
|
7.5 |
HIGH
Network
|
glpi-project
debian
|
glpi
debian_linux
|
GLPI 0.83.7 has Local File Inclusion in common.tabs.php.
|
CWE-20
Improper Input Validation
|
CVE-2013-2227
|
2024-11-21 10:51 |
2019-11-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
286945
|
5.3 |
MEDIUM
Network
|
mambo-foundation
|
mambo_cms
|
A vulnerability in Mambo CMS v4.6.5 where the scripts thumbs.php, editorFrame.php, editor.php, images.php, manager.php discloses the root path of the webserver.
|
CWE-22
Path Traversal
|
CVE-2013-2565
|
2024-11-21 10:51 |
2019-02-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
286946
|
8.8 |
HIGH
Network
|
fileutils_project
|
fileutils
|
Vulnerability in FileUtils v0.7, Ruby Gem Fileutils <= v0.7 Command Injection vulnerability in user supplied url variable that is passed to the shell.
|
CWE-77
Command Injection
|
CVE-2013-2516
|
2024-11-21 10:51 |
2019-02-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
286947
|
7.4 |
HIGH
Network
|
redhat
|
ansible
|
Ansible before 1.2.1 makes it easier for remote attackers to conduct man-in-the-middle attacks by leveraging failure to cache SSH host keys.
|
CWE-320
Key Management Errors
|
CVE-2013-2233
|
2024-11-21 10:51 |
2018-05-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
286948
|
- |
|
sixapart
|
movable_type
|
Movable Type before 5.2.6 does not properly use the Storable::thaw function, which allows remote attackers to execute arbitrary code via the comment_state parameter.
|
CWE-17
Code
|
CVE-2013-2184
|
2024-11-21 10:51 |
2015-03-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
286949
|
- |
|
rrdtool_project
|
rrdtool
|
Format string vulnerability in the rrdtool module 1.4.7 for Python, as used in Zenoss, allows context-dependent attackers to cause a denial of service (crash) via format string specifiers to the rrdt…
|
CWE-134
Use of Externally-Controlled Format String
|
CVE-2013-2131
|
2024-11-21 10:51 |
2015-01-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
286950
|
- |
|
gentoo
|
portage
|
The urlopen function in pym/portage/util/_urlopen.py in Gentoo Portage 2.1.12, when using HTTPS, does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof…
|
CWE-310
Cryptographic Issues
|
CVE-2013-2100
|
2024-11-21 10:51 |
2014-09-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
