|
283651
|
7.8 |
HIGH
Local
|
google
|
android
|
Unspecified vulnerability in the Qualcomm components in Android before 2016-07-05 allows attackers to gain privileges via a crafted application.
|
NVD-CWE-noinfo
|
CVE-2013-7457
|
2024-11-21 11:01 |
2016-07-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
283652
|
5.9 |
MEDIUM
Network
|
python
|
python
|
The ssl.match_hostname function in CPython (aka Python) before 2.7.9 and 3.x before 3.3.3 does not properly handle wildcards in hostnames, which might allow man-in-the-middle attackers to spoof serve…
|
CWE-19
Data Processing Errors
|
CVE-2013-7440
|
2024-11-21 11:01 |
2016-06-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
283653
|
7.5 |
HIGH
Network
|
php
|
php
|
file before 5.18, as used in the Fileinfo component in PHP before 5.6.0, allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a zero root_storage …
|
NVD-CWE-Other
|
CVE-2014-0236
|
2024-11-21 11:01 |
2016-05-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
283654
|
9.8 |
CRITICAL
Network
|
littlecms
|
little_cms_color_engine
|
Double free vulnerability in the DefaultICCintents function in cmscnvrt.c in liblcms2 in Little CMS 2.x before 2.6 allows remote attackers to execute arbitrary code via a malformed ICC profile that t…
|
NVD-CWE-Other
|
CVE-2013-7455
|
2024-11-21 11:01 |
2016-05-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
283655
|
6.5 |
MEDIUM
Network
|
canonical
xchat
hexchat_project
|
ubuntu_linux
xchat
xchat_gnome
hexchat
|
The ssl_do_connect function in common/server.c in HexChat before 2.10.2, XChat, and XChat-GNOME does not verify that the server hostname matches a domain name in the X.509 certificate, which allows m…
|
CWE-310
Cryptographic Issues
|
CVE-2013-7449
|
2024-11-21 11:01 |
2016-04-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
283656
|
7.5 |
HIGH
Network
|
debian
didiwiki_project
|
debian_linux
didiwiki
|
Directory traversal vulnerability in wiki.c in didiwiki allows remote attackers to read arbitrary files via the page parameter to api/page/get.
|
CWE-22
Path Traversal
|
CVE-2013-7448
|
2024-11-21 11:01 |
2016-02-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
283657
|
6.5 |
MEDIUM
Network
|
canonical
samsung
|
ubuntu_linux
x14j_firmware
|
Integer overflow in the gdk_cairo_set_source_pixbuf function in gdk/gdkcairo.c in GTK+ before 3.9.8, as used in eom, gnome-photos, eog, gambas3, thunar, pinpoint, and possibly other applications, all…
|
NVD-CWE-Other
|
CVE-2013-7447
|
2024-11-21 11:01 |
2016-02-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
283658
|
5.3 |
MEDIUM
Local
|
linux
|
linux_kernel
|
Use-after-free vulnerability in net/unix/af_unix.c in the Linux kernel before 4.3.3 allows local users to bypass intended AF_UNIX socket permissions or cause a denial of service (panic) via crafted e…
|
NVD-CWE-Other
|
CVE-2013-7446
|
2024-11-21 11:01 |
2015-12-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
283659
|
- |
|
linux
|
linux_kernel
|
The Direct Rendering Manager (DRM) subsystem in the Linux kernel through 4.x mishandles requests for Graphics Execution Manager (GEM) objects, which allows context-dependent attackers to cause a deni…
|
CWE-399
Resource Management Errors
|
CVE-2013-7445
|
2024-11-21 11:01 |
2015-10-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
283660
|
- |
|
mediawiki
|
mediawiki
|
The Special:Contributions page in MediaWiki before 1.22.0 allows remote attackers to determine if an IP is autoblocked via the "Change block" text.
|
CWE-200
Information Exposure
|
CVE-2013-7444
|
2024-11-21 11:01 |
2015-09-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
