|
287531
|
- |
|
puppet
puppetlabs
|
puppet
puppet_enterprise
|
Puppet 2.7.x before 2.7.21 and 3.1.x before 3.1.1, when running Ruby 1.9.3 or later, allows remote attackers to execute arbitrary code via vectors related to "serialized attributes."
|
CWE-20
Improper Input Validation
|
CVE-2013-1655
|
2024-11-21 10:50 |
2013-03-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
287532
|
- |
|
puppetlabs
puppet
canonical
|
puppet
puppet_enterprise
ubuntu_linux
|
Puppet 2.7.x before 2.7.21 and 3.1.x before 3.1.1, and Puppet Enterprise 2.7.x before 2.7.2, does not properly negotiate the SSL protocol between client and master, which allows remote attackers to c…
|
NVD-CWE-noinfo
|
CVE-2013-1654
|
2024-11-21 10:50 |
2013-03-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
287533
|
- |
|
puppet
puppetlabs
canonical
|
puppet
puppet_enterprise
ubuntu_linux
|
Puppet before 2.6.18, 2.7.x before 2.7.21, and 3.1.x before 3.1.1, and Puppet Enterprise before 1.2.7 and 2.7.x before 2.7.2, when listening for incoming connections is enabled and allowing access to…
|
NVD-CWE-noinfo
|
CVE-2013-1653
|
2024-11-21 10:50 |
2013-03-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
287534
|
- |
|
puppetlabs
puppet
canonical
|
puppet
puppet_enterprise
ubuntu_linux
|
Puppet before 2.6.18, 2.7.x before 2.7.21, and 3.1.x before 3.1.1, and Puppet Enterprise before 1.2.7 and 2.7.x before 2.7.2 allows remote authenticated users with a valid certificate and private key…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2013-1652
|
2024-11-21 10:50 |
2013-03-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
287535
|
- |
|
puppet
canonical
|
puppet
puppet_enterprise
ubuntu_linux
|
The (1) template and (2) inline_template functions in the master server in Puppet before 2.6.18, 2.7.x before 2.7.21, and 3.1.x before 3.1.1, and Puppet Enterprise before 1.2.7 and 2.7.x before 2.7.2…
|
NVD-CWE-noinfo
|
CVE-2013-1640
|
2024-11-21 10:50 |
2013-03-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
287536
|
- |
|
typo3
|
typo3
|
Open redirect vulnerability in the Access tracking mechanism in TYPO3 4.5.x before 4.5.24, 4.6.x before 4.6.17, 4.7.x before 4.7.9, and 6.0.x before 6.0.3 allows remote attackers to redirect users to…
|
CWE-399
Resource Management Errors
|
CVE-2013-1843
|
2024-11-21 10:50 |
2013-03-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
287537
|
- |
|
typo3
|
typo3
|
SQL injection vulnerability in the Extbase Framework in TYPO3 4.5.x before 4.5.24, 4.6.x before 4.6.17, 4.7.x before 4.7.9, and 6.0.x before 6.0.3 allows remote attackers to execute arbitrary SQL com…
|
CWE-89
SQL Injection
|
CVE-2013-1842
|
2024-11-21 10:50 |
2013-03-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
287538
|
- |
|
redhat
|
libvirt
|
libvirt 1.0.2 and earlier sets the group owner to kvm for device files, which allows local users to write to these files via unspecified vectors.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2013-1766
|
2024-11-21 10:50 |
2013-03-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
287539
|
- |
|
redhat
rubyonrails
|
enterprise_linux
ruby_on_rails
rails
|
The sanitize helper in lib/action_controller/vendor/html-scanner/html/sanitizer.rb in the Action Pack component in Ruby on Rails before 2.3.18, 3.0.x and 3.1.x before 3.1.12, and 3.2.x before 3.2.13 …
|
CWE-79
Cross-site Scripting
|
CVE-2013-1857
|
2024-11-21 10:50 |
2013-03-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
287540
|
- |
|
rubyonrails
|
ruby_on_rails
rails
|
The ActiveSupport::XmlMini_JDOM backend in lib/active_support/xml_mini/jdom.rb in the Active Support component in Ruby on Rails 3.0.x and 3.1.x before 3.1.12 and 3.2.x before 3.2.13, when JRuby is us…
|
CWE-20
Improper Input Validation
|
CVE-2013-1856
|
2024-11-21 10:50 |
2013-03-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
