|
288341
|
- |
|
openstack
|
keystone
|
OpenStack Keystone Folsom, Grizzly before 2013.1.3, and Havana, when using LDAP with Anonymous binding, allows remote attackers to bypass authentication via an empty password.
|
CWE-287
Improper Authentication
|
CVE-2013-2157
|
2024-11-21 10:51 |
2013-08-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
288342
|
- |
|
apache
|
xml_security_for_c\+\+
|
Heap-based buffer overflow in the Exclusive Canonicalization functionality (xsec/canon/XSECC14n20010315.cpp) in Apache Santuario XML Security for C++ (aka xml-security-c) before 1.7.1 allows remote a…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2013-2156
|
2024-11-21 10:51 |
2013-08-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
288343
|
- |
|
apache
|
xml_security_for_c\+\+
|
Apache Santuario XML Security for C++ (aka xml-security-c) before 1.7.1 does not properly validate length values, which allows remote attackers to cause a denial of service or bypass the CVE-2009-021…
|
CWE-20
Improper Input Validation
|
CVE-2013-2155
|
2024-11-21 10:51 |
2013-08-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
288344
|
- |
|
apache
|
xml_security_for_c\+\+
|
Stack-based buffer overflow in the XML Signature Reference functionality (xsec/dsig/DSIGReference.cpp) in Apache Santuario XML Security for C++ (aka xml-security-c) before 1.7.1 allows context-depend…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2013-2154
|
2024-11-21 10:51 |
2013-08-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
288345
|
- |
|
apache
|
xml_security_for_c\+\+
|
The XML digital signature functionality (xsec/dsig/DSIGReference.cpp) in Apache Santuario XML Security for C++ (aka xml-security-c) before 1.7.1 allows context-dependent attackers to reuse signatures…
|
CWE-310
Cryptographic Issues
|
CVE-2013-2153
|
2024-11-21 10:51 |
2013-08-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
288346
|
- |
|
apache
|
cxf
|
The streaming XML parser in Apache CXF 2.5.x before 2.5.10, 2.6.x before 2.6.7, and 2.7.x before 2.7.4 allows remote attackers to cause a denial of service (CPU and memory consumption) via crafted XM…
|
CWE-399
Resource Management Errors
|
CVE-2013-2160
|
2024-11-21 10:51 |
2013-08-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
288347
|
- |
|
canonical
opensuse
perlmonks
|
ubuntu_linux
opensuse
module\
|
The cpansign verify functionality in the Module::Signature module before 0.72 for Perl allows attackers to bypass the signature check and execute arbitrary code via a SIGNATURE file with a "special u…
|
CWE-20
Improper Input Validation
|
CVE-2013-2145
|
2024-11-21 10:51 |
2013-08-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
288348
|
- |
|
apache
|
cloudstack
|
Multiple cross-site scripting (XSS) vulnerabilities in Apache CloudStack before 4.1.1 allow remote attackers to inject arbitrary web script or HTML via the (1) Physical network name to the Zone wizar…
|
CWE-79
Cross-site Scripting
|
CVE-2013-2136
|
2024-11-21 10:51 |
2013-08-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
288349
|
- |
|
debian
canonical
redhat
haproxy
|
debian_linux
ubuntu_linux
enterprise_linux_load_balancer
haproxy
|
HAProxy 1.4 before 1.4.24 and 1.5 before 1.5-dev19, when configured to use hdr_ip or other "hdr_*" functions with a negative occurrence count, allows remote attackers to cause a denial of service (ne…
|
CWE-20
CWE-284
Improper Input Validation
Improper Access Control
|
CVE-2013-2175
|
2024-11-21 10:51 |
2013-08-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
288350
|
- |
|
canonical
|
ubuntu_linux
|
Race condition in the post-installation script (mysql-server-5.5.postinst) for MySQL Server 5.5 for Debian GNU/Linux and Ubuntu Linux creates a configuration file with world-readable permissions befo…
|
CWE-362
Race Condition
|
CVE-2013-2162
|
2024-11-21 10:51 |
2013-08-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
