|
285831
|
- |
|
apache
|
santuario_xml_security_for_java
|
Apache Santuario XML Security for Java before 1.5.6, when applying Transforms, allows remote attackers to cause a denial of service (memory consumption) via crafted Document Type Definitions (DTDs), …
|
CWE-399
Resource Management Errors
|
CVE-2013-4517
|
2024-11-21 10:55 |
2014-01-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
285832
|
- |
|
mantisbt
|
mantisbt
|
Cross-site scripting (XSS) vulnerability in account_sponsor_page.php in MantisBT 1.0.0 through 1.2.15 allows remote authenticated users to inject arbitrary web script or HTML via a project name.
|
CWE-79
Cross-site Scripting
|
CVE-2013-4460
|
2024-11-21 10:55 |
2014-01-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
285833
|
- |
|
openssl
|
openssl
|
The ssl3_take_mac function in ssl/s3_both.c in OpenSSL 1.0.1 before 1.0.1f allows remote TLS servers to cause a denial of service (NULL pointer dereference and application crash) via a crafted Next P…
|
CWE-20
Improper Input Validation
|
CVE-2013-4353
|
2024-11-21 10:55 |
2014-01-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
285834
|
- |
|
libreswan
|
libreswan
|
Libreswan 3.6 allows remote attackers to cause a denial of service (crash) via a small length value and (1) no version or (2) an invalid major number in an IKE packet.
|
CWE-189
Numeric Errors
|
CVE-2013-4564
|
2024-11-21 10:55 |
2014-01-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
285835
|
- |
|
xen
|
xen
|
Xen 3.0.3 through 4.1.x (possibly 4.1.6.1), 4.2.x (possibly 4.2.3), and 4.3.x (possibly 4.3.1) does not properly prevent access to hypercalls, which allows local guest users to gain privileges via a …
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2013-4554
|
2024-11-21 10:55 |
2013-12-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
285836
|
- |
|
xen
|
xen
|
The XEN_DOMCTL_getmemlist hypercall in Xen 3.4.x through 4.3.x (possibly 4.3.1) does not always obtain the page_alloc_lock and mm_rwlock in the same order, which allows local guest administrators to …
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2013-4553
|
2024-11-21 10:55 |
2013-12-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
285837
|
- |
|
redhat
|
jboss_operations_network
|
Red Hat JBoss Operations Network 3.1.2 uses world-readable permissions for the (1) server and (2) agent configuration files, which allows local users to obtain authentication credentials and other un…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2013-4452
|
2024-11-21 10:55 |
2013-12-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
285838
|
- |
|
ffmpeg
|
ffmpeg
|
libavcodec/h264.c in FFmpeg before 0.11.4 allows remote attackers to cause a denial of service (crash) via vectors related to alternating bit depths in H.264 data.
|
NVD-CWE-noinfo
|
CVE-2013-4358
|
2024-11-21 10:55 |
2013-12-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
285839
|
- |
|
fedoraproject
duckcorp
|
fedora
bip
|
Bip before 0.8.9, when running as a daemon, writes SSL handshake errors to an unexpected file descriptor that was previously associated with stderr before stderr has been closed, which allows remote …
|
CWE-310
Cryptographic Issues
|
CVE-2013-4550
|
2024-11-21 10:55 |
2013-12-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
285840
|
- |
|
redhat
|
jboss_enterprise_portal_platform
|
Multiple cross-site scripting (XSS) vulnerabilities in the GateIn Portal component in Red Hat JBoss Portal 6.1.0 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors.
|
CWE-79
Cross-site Scripting
|
CVE-2013-4424
|
2024-11-21 10:55 |
2013-12-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
