|
288541
|
- |
|
mark_burns
|
ldoce
|
lib/ldoce/word.rb in the ldoce 0.0.2 gem for Ruby allows remote attackers to execute arbitrary commands via shell metacharacters in (1) an mp3 URL or (2) file name.
|
CWE-20
Improper Input Validation
|
CVE-2013-1911
|
2024-11-21 10:50 |
2013-04-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
288542
|
- |
|
openstack
|
keystone_essex
folsom
|
The XML libraries for Python 3.4, 3.3, 3.2, 3.1, 2.7, and 2.6, as used in OpenStack Keystone Essex and Folsom, Django, and possibly other products allow remote attackers to read arbitrary files via a…
|
CWE-200
Information Exposure
|
CVE-2013-1665
|
2024-11-21 10:50 |
2013-04-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
288543
|
- |
|
openstack
|
cinder_folsom
keystone_essex
grizzly
folsom
compute_\(nova\)_essex
compute_\(nova\)_folsom
|
The XML libraries for Python 3.4, 3.3, 3.2, 3.1, 2.7, and 2.6, as used in OpenStack Keystone Essex, Folsom, and Grizzly; Compute (Nova) Essex and Folsom; Cinder Folsom; Django; and possibly other pro…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2013-1664
|
2024-11-21 10:50 |
2013-04-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
288544
|
- |
|
redhat
|
subscription_asset_manager
|
Cross-site scripting (XSS) vulnerability in the Notifications form in Red Hat Subscription Asset Manager before 1.2.1 allows remote attackers to inject arbitrary web script or HTML via the username f…
|
CWE-79
Cross-site Scripting
|
CVE-2013-1823
|
2024-11-21 10:50 |
2013-04-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
288545
|
- |
|
zeroclipboard_project
|
zeroclipboard
|
Cross-site scripting (XSS) vulnerability in ZeroClipboard.swf and ZeroClipboard10.swf in ZeroClipboard before 1.0.8, as used in em-shorty, RepRapCalculator, Fulcrum, Django, aCMS, and other products,…
|
CWE-79
Cross-site Scripting
|
CVE-2013-1808
|
2024-11-21 10:50 |
2013-04-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
288546
|
- |
|
gnome
canonical
|
gnome_online_accounts
ubuntu_linux
|
Gnome Online Accounts (GOA) 3.6.x before 3.6.3 and 3.7.x before 3.7.91, does not properly validate SSL certificates when creating accounts for providers who use the libsoup library, which allows man-…
|
CWE-310
Cryptographic Issues
|
CVE-2013-1799
|
2024-11-21 10:50 |
2013-04-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
288547
|
- |
|
mariadb
oracle
redhat
debian
canonical
suse
opensuse
|
mariadb
mysql
enterprise_linux
debian_linux
ubuntu_linux
linux_enterprise_desktop
linux_enterprise_server
opensuse
linux_enterprise_software_development_kit
|
MariaDB 5.5.x before 5.5.30, 5.3.x before 5.3.13, 5.2.x before 5.2.15, and 5.1.x before 5.1.68, and Oracle MySQL 5.1.69 and earlier, 5.5.31 and earlier, and 5.6.11 and earlier allows remote attackers…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2013-1861
|
2024-11-21 10:50 |
2013-03-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
288548
|
- |
|
ngircd
|
ngircd
|
channel.c in ngIRCd 20 and 20.1 allows remote attackers to cause a denial of service (assertion failure and crash) via a KICK command for a user who is not on the associated channel.
|
NVD-CWE-noinfo
|
CVE-2013-1747
|
2024-11-21 10:50 |
2013-03-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
288549
|
- |
|
views_project
|
views
|
Multiple cross-site scripting (XSS) vulnerabilities in the Views module 7.x-3.x before 7.x-3.6 for Drupal allow remote authenticated users with certain permissions to inject arbitrary web script or H…
|
CWE-79
Cross-site Scripting
|
CVE-2013-1887
|
2024-11-21 10:50 |
2013-03-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
288550
|
- |
|
chris_desautels
|
node_parameter_control
|
The Node Parameter Control module 6.x-1.x for Drupal does not properly restrict access to the configuration options, which allows remote attackers to read and edit configuration options via unspecifi…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2013-1859
|
2024-11-21 10:50 |
2013-03-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
