|
283321
|
7.5 |
HIGH
Network
|
aescrypt_project
|
aescrypt
|
The aescrypt gem 1.0.0 for Ruby does not randomize the CBC IV for use with the AESCrypt.encrypt and AESCrypt.decrypt functions, which allows attackers to defeat cryptographic protection mechanisms vi…
|
CWE-330
Use of Insufficiently Random Values
|
CVE-2013-7463
|
2024-11-21 11:01 |
2017-04-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
283322
|
7.5 |
HIGH
Network
|
pulpproject
|
pulp
|
Pulp before 2.3.0 uses the same the same certificate authority key and certificate for all installations.
|
CWE-295
Improper Certificate Validation
|
CVE-2013-7450
|
2024-11-21 11:01 |
2017-04-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
283323
|
6.5 |
MEDIUM
Network
|
cloudera
apache
|
cdh
hadoop
|
Apache Hadoop 0.23.x before 0.23.11 and 2.x before 2.4.1, as used in Cloudera CDH 5.0.x before 5.0.2, do not check authorization for the (1) refreshNamenodes, (2) deleteBlockPool, and (3) shutdownDat…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2014-0229
|
2024-11-21 11:01 |
2017-03-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
283324
|
7.5 |
HIGH
Network
|
mcafee
|
saas_control_console_platform
|
A directory traversal vulnerability in the web application in McAfee (now Intel Security) SaaS Control Console (SCC) Platform 6.14 before patch 1070, and 6.15 before patch 1076 allows unauthenticated…
|
CWE-22
Path Traversal
|
CVE-2013-7462
|
2024-11-21 11:01 |
2017-03-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
283325
|
5.5 |
MEDIUM
Local
|
mcafee
|
change_control
application_control
|
A write protection and execution bypass vulnerability in McAfee (now Intel Security) Change Control (MCC) 6.1.0 for Linux and earlier allows authenticated users to change files that are part of write…
|
CWE-284
Improper Access Control
|
CVE-2013-7461
|
2024-11-21 11:01 |
2017-03-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
283326
|
5.5 |
MEDIUM
Local
|
mcafee
|
change_control
application_control
|
A write protection and execution bypass vulnerability in McAfee (now Intel Security) Application Control (MAC) 6.1.0 for Linux and earlier allows authenticated users to change binaries that are part …
|
CWE-284
Improper Access Control
|
CVE-2013-7460
|
2024-11-21 11:01 |
2017-03-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
283327
|
9.8 |
CRITICAL
Network
|
dlitz
fedoraproject
|
pycrypto
fedora
|
Heap-based buffer overflow in the ALGnew function in block_templace.c in Python Cryptography Toolkit (aka pycrypto) allows remote attackers to execute arbitrary code as demonstrated by a crafted iv p…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2013-7459
|
2024-11-21 11:01 |
2017-02-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
283328
|
6.1 |
MEDIUM
Network
|
nodejs
|
node.js
|
The validator module before 1.1.0 for Node.js allows remote attackers to bypass the cross-site scripting (XSS) filter via nested forbidden strings.
|
CWE-79
Cross-site Scripting
|
CVE-2013-7454
|
2024-11-21 11:01 |
2017-01-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
283329
|
6.1 |
MEDIUM
Network
|
nodejs
|
node.js
|
The validator module before 1.1.0 for Node.js allows remote attackers to bypass the cross-site scripting (XSS) filter via vectors related to UI redressing.
|
CWE-79
Cross-site Scripting
|
CVE-2013-7453
|
2024-11-21 11:01 |
2017-01-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
283330
|
6.1 |
MEDIUM
Network
|
nodejs
|
node.js
|
The validator module before 1.1.0 for Node.js allows remote attackers to bypass the cross-site scripting (XSS) filter via a crafted javascript URI.
|
CWE-79
Cross-site Scripting
|
CVE-2013-7452
|
2024-11-21 11:01 |
2017-01-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
