|
287441
|
- |
|
mozilla
|
network_security_services
|
The ssl_Do1stHandshake function in sslsecur.c in libssl in Mozilla Network Security Services (NSS) before 3.15.4, when the TLS False Start feature is enabled, allows man-in-the-middle attackers to sp…
|
CWE-310
Cryptographic Issues
|
CVE-2013-1740
|
2024-11-21 10:50 |
2014-01-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
287442
|
- |
|
canonical
httplib2_project
|
ubuntu_linux
httplib2
|
httplib2 0.7.2, 0.8, and earlier, after an initial connection is made, does not verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the …
|
CWE-20
Improper Input Validation
|
CVE-2013-2037
|
2024-11-21 10:50 |
2014-01-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
287443
|
- |
|
redhat
|
cloudforms_management_engine
manageiq_enterprise_virtualization_manager
|
SQL injection vulnerability in the miq_policy controller in Red Hat CloudForms 2.0 Management Engine (CFME) 5.1 and ManageIQ Enterprise Virtualization Manager 5.0 and earlier allows remote authentica…
|
CWE-89
SQL Injection
|
CVE-2013-2050
|
2024-11-21 10:50 |
2014-01-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
287444
|
- |
|
openstack
|
compute
grizzly
havana
folsom
|
keystone/middleware/auth_token.py in OpenStack Nova Folsom, Grizzly, and Havana uses an insecure temporary directory for storing signing certificates, which allows local users to spoof servers by pre…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2013-2030
|
2024-11-21 10:50 |
2013-12-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
287445
|
- |
|
gimp
redhat
|
gimp
enterprise_linux
|
Heap-based buffer overflow in the read_xwd_cols function in file-xwd.c in the X Window Dump (XWD) plug-in in GIMP 2.6.9 and earlier allows remote attackers to cause a denial of service (crash) and po…
|
CWE-787
Out-of-bounds Write
|
CVE-2013-1978
|
2024-11-21 10:50 |
2013-12-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
287446
|
- |
|
gimp
redhat
|
gimp
enterprise_linux
|
Integer overflow in the load_image function in file-xwd.c in the X Window Dump (XWD) plug-in in GIMP 2.6.9 and earlier, when used with glib before 2.24, allows remote attackers to cause a denial of s…
|
CWE-190
Integer Overflow or Wraparound
|
CVE-2013-1913
|
2024-11-21 10:50 |
2013-12-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
287447
|
- |
|
fedoraproject
janrain
|
fedora
ruby-openid
|
The ruby-openid gem before 2.2.2 for Ruby allows remote OpenID providers to cause a denial of service (CPU consumption) via (1) a large XRDS document or (2) an XML Entity Expansion (XEE) attack.
|
CWE-399
Resource Management Errors
|
CVE-2013-1812
|
2024-11-21 10:50 |
2013-12-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
287448
|
- |
|
autotrace_project
|
autotrace
|
Integer underflow in the input_bmp_reader function in input-bmp.c in AutoTrace 0.31.1 allows context-dependent attackers to have an unspecified impact via a small value in the biSize field in the hea…
|
CWE-189
Numeric Errors
|
CVE-2013-1953
|
2024-11-21 10:50 |
2013-12-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
287449
|
- |
|
redhat
|
openstack
|
nagios.upgrade_to_v3.sh, as distributed by Red Hat and possibly others for Nagios Core 3.4.4, 3.5.1, and earlier, allows local users to overwrite arbitrary files via a symlink attack on a temporary n…
|
CWE-59
Link Following
|
CVE-2013-2029
|
2024-11-21 10:50 |
2013-11-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
287450
|
- |
|
redhat
t-mobile
busybox
|
enterprise_linux
tm-ac1900
busybox
|
util-linux/mdev.c in BusyBox before 1.21.0 uses 0777 permissions for parent directories when creating nested directories under /dev/, which allows local users to have unknown impact and attack vector…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2013-1813
|
2024-11-21 10:50 |
2013-11-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
