|
288971
|
- |
|
linux
|
linux_kernel
|
The clone system-call implementation in the Linux kernel before 3.8.3 does not properly handle a combination of the CLONE_NEWUSER and CLONE_FS flags, which allows local users to gain privileges by ca…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2013-1858
|
2024-11-21 10:50 |
2013-04-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
288972
|
- |
|
postgresql
|
postgresql
|
PostgreSQL, possibly 9.2.x before 9.2.4, 9.1.x before 9.1.9, 9.0.x before 9.0.13, 8.4.x before 8.4.17, and 8.3.x before 8.3.23 incorrectly provides the superuser password to scripts related to "graph…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2013-1903
|
2024-11-21 10:50 |
2013-04-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
288973
|
- |
|
postgresql
|
postgresql
|
PostgreSQL, 9.2.x before 9.2.4, 9.1.x before 9.1.9, 9.0.x before 9.0.13, 8.4.x before 8.4.17, and 8.3.x before 8.3.23 generates insecure temporary files with predictable filenames, which has unspecif…
|
NVD-CWE-Other
|
CVE-2013-1902
|
2024-11-21 10:50 |
2013-04-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
288974
|
- |
|
postgresql
canonical
|
postgresql
ubuntu_linux
|
PostgreSQL 9.2.x before 9.2.4 and 9.1.x before 9.1.9 does not properly check REPLICATION privileges, which allows remote authenticated users to bypass intended backup restrictions by calling the (1) …
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2013-1901
|
2024-11-21 10:50 |
2013-04-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
288975
|
- |
|
postgresql
canonical
|
postgresql
ubuntu_linux
|
PostgreSQL 9.2.x before 9.2.4, 9.1.x before 9.1.9, 9.0.x before 9.0.13, and 8.4.x before 8.4.17, when using OpenSSL, generates insufficiently random numbers, which might allow remote authenticated us…
|
CWE-189
Numeric Errors
|
CVE-2013-1900
|
2024-11-21 10:50 |
2013-04-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
288976
|
- |
|
postgresql
canonical
|
postgresql
ubuntu_linux
|
Argument injection vulnerability in PostgreSQL 9.2.x before 9.2.4, 9.1.x before 9.1.9, and 9.0.x before 9.0.13 allows remote attackers to cause a denial of service (file corruption), and allows remot…
|
CWE-94
Code Injection
|
CVE-2013-1899
|
2024-11-21 10:50 |
2013-04-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
288977
|
- |
|
mark_burns
|
ldoce
|
lib/ldoce/word.rb in the ldoce 0.0.2 gem for Ruby allows remote attackers to execute arbitrary commands via shell metacharacters in (1) an mp3 URL or (2) file name.
|
CWE-20
Improper Input Validation
|
CVE-2013-1911
|
2024-11-21 10:50 |
2013-04-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
288978
|
- |
|
openstack
|
keystone_essex
folsom
|
The XML libraries for Python 3.4, 3.3, 3.2, 3.1, 2.7, and 2.6, as used in OpenStack Keystone Essex and Folsom, Django, and possibly other products allow remote attackers to read arbitrary files via a…
|
CWE-200
Information Exposure
|
CVE-2013-1665
|
2024-11-21 10:50 |
2013-04-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
288979
|
- |
|
openstack
|
cinder_folsom
keystone_essex
grizzly
folsom
compute_\(nova\)_essex
compute_\(nova\)_folsom
|
The XML libraries for Python 3.4, 3.3, 3.2, 3.1, 2.7, and 2.6, as used in OpenStack Keystone Essex, Folsom, and Grizzly; Compute (Nova) Essex and Folsom; Cinder Folsom; Django; and possibly other pro…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2013-1664
|
2024-11-21 10:50 |
2013-04-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
288980
|
- |
|
redhat
|
subscription_asset_manager
|
Cross-site scripting (XSS) vulnerability in the Notifications form in Red Hat Subscription Asset Manager before 1.2.1 allows remote attackers to inject arbitrary web script or HTML via the username f…
|
CWE-79
Cross-site Scripting
|
CVE-2013-1823
|
2024-11-21 10:50 |
2013-04-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
