|
285821
|
- |
|
bean_project
|
bean
|
Cross-site scripting (XSS) vulnerability in the Bean module 7.x-1.x before 7.x-1.5 for Drupal allows remote attackers to inject arbitrary web script or HTML via the bean title.
|
CWE-79
Cross-site Scripting
|
CVE-2013-4499
|
2024-11-21 10:55 |
2014-02-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
285822
|
- |
|
redhat
suse
|
satellite
satellite_5_managed_db
spacewalk-java
spacewalk-web
manager
|
Multiple cross-site scripting (XSS) vulnerabilities in Spacewalk and Red Hat Network (RHN) Satellite 5.6 allow remote attackers to inject arbitrary web script or HTML via the (1) whereCriteria variab…
|
CWE-79
Cross-site Scripting
|
CVE-2013-4415
|
2024-11-21 10:55 |
2014-02-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
285823
|
- |
|
openstack
|
havana
grizzly
folsom
|
OpenStack Compute (Nova) Folsom, Grizzly, and Havana does not properly verify the virtual size of a QCOW2 image, which allows local users to cause a denial of service (host file system disk consumpti…
|
CWE-399
Resource Management Errors
|
CVE-2013-4463
|
2024-11-21 10:55 |
2014-02-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
285824
|
- |
|
debian
openldap
|
debian_linux
openldap
|
The rwm overlay in OpenLDAP 2.4.23, 2.4.36, and earlier does not properly count references, which allows remote attackers to cause a denial of service (slapd crash) by unbinding immediately after a s…
|
CWE-189
Numeric Errors
|
CVE-2013-4449
|
2024-11-21 10:55 |
2014-02-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
285825
|
- |
|
robert_ancell
|
lightdm
|
Light Display Manager (aka LightDM) 1.4.x before 1.4.3, 1.6.x before 1.6.2, and 1.7.x before 1.7.14 uses 0664 permissions for the temporary .Xauthority file, which allows local users to obtain sensit…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2013-4331
|
2024-11-21 10:55 |
2014-02-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
285826
|
- |
|
dennis_bruecke
|
jquery_countdown
|
Cross-site scripting (XSS) vulnerability in the jQuery Countdown module 7.x-1.x before 7.x-1.1 for Drupal allows remote authenticated users with the "access administration pages" permission to inject…
|
CWE-79
Cross-site Scripting
|
CVE-2013-4383
|
2024-11-21 10:55 |
2014-02-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
285827
|
- |
|
mediawiki
brion_vibber
|
mediawiki
centralauth_extension
|
The CentralAuth extension for MediaWiki 1.19.x before 1.19.8, 1.20.x before 1.20.7, and 1.21.x before 1.21.2 caches a valid CentralAuthUser object in the centralauth_User cookie even when a user has …
|
CWE-287
Improper Authentication
|
CVE-2013-4304
|
2024-11-21 10:55 |
2014-01-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
285828
|
- |
|
plone
|
plone
|
The isURLInPortal method in the URLTool class in in_portal.py in Plone 2.1 through 4.1, 4.2.x through 4.2.5, and 4.3.x through 4.3.1 treats URLs starting with a space as a relative URL, which allows …
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2013-4200
|
2024-11-21 10:55 |
2014-01-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
285829
|
- |
|
qemu
xen
|
qemu
xen
|
The qdisk PV disk backend in qemu-xen in Xen 4.2.x and 4.3.x before 4.3.1, and qemu 1.1 and other versions, allows local HVM guests to cause a denial of service (domain grant reference consumption) v…
|
CWE-399
Resource Management Errors
|
CVE-2013-4375
|
2024-11-21 10:55 |
2014-01-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
285830
|
- |
|
libtiff
|
libtiff
|
Multiple buffer overflows in libtiff before 4.0.3 allow remote attackers to cause a denial of service (out-of-bounds write) via a crafted (1) extension block in a GIF image or (2) GIF raster image to…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2013-4231
|
2024-11-21 10:55 |
2014-01-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
