|
285971
|
- |
|
rubyonrails
opensuse
debian
|
rails
opensuse
debian_linux
|
Multiple format string vulnerabilities in log_subscriber.rb files in the log subscriber component in Action Mailer in Ruby on Rails 3.x before 3.2.15 allow remote attackers to cause a denial of servi…
|
CWE-134
Use of Externally-Controlled Format String
|
CVE-2013-4389
|
2024-11-21 10:55 |
2013-10-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
285972
|
- |
|
videolan
|
vlc_media_player
|
Buffer overflow in the mp4a packetizer (modules/packetizer/mpeg4audio.c) in VideoLAN VLC Media Player before 2.0.8 allows remote attackers to cause a denial of service (crash) and possibly execute ar…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2013-4388
|
2024-11-21 10:55 |
2013-10-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
285973
|
- |
|
qemu
|
qemu
|
Use-after-free vulnerability in the virtio-pci implementation in Qemu 1.4.0 through 1.6.0 allows local users to cause a denial of service (daemon crash) by "hot-unplugging" a virtio device.
|
CWE-399
Resource Management Errors
|
CVE-2013-4377
|
2024-11-21 10:55 |
2013-10-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
285974
|
- |
|
adaptivecomputing
|
torque_resource_manager
|
pbs_mom in Terascale Open-Source Resource and Queue Manager (aka TORQUE Resource Manager) 2.5.x, 4.x, and earlier does not properly restrict access by unprivileged ports, which allows remote authenti…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2013-4319
|
2024-11-21 10:55 |
2013-10-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
285975
|
- |
|
condor_project
redhat
|
condor
enterprise_mrg
|
The policy definition evaluator in Condor 7.5.4, 8.0.0, and earlier does not properly handle attributes in a (1) PREEMPT, (2) SUSPEND, (3) CONTINUE, (4) WANT_VACATE, or (5) KILL policy that evaluate …
|
CWE-20
Improper Input Validation
|
CVE-2013-4255
|
2024-11-21 10:55 |
2013-10-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
285976
|
- |
|
richard_cook
|
rgpg
|
The self.run_gpg function in lib/rgpg/gpg_helper.rb in the rgpg gem before 0.2.3 for Ruby allows remote attackers to execute arbitrary commands via shell metacharacters in unspecified vectors.
|
CWE-94
Code Injection
|
CVE-2013-4203
|
2024-11-21 10:55 |
2013-10-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
285977
|
- |
|
xymon
|
xymon
|
Directory traversal vulnerability in the trend-data daemon (xymond_rrd) in Xymon 4.x before 4.3.12 allows remote attackers to delete arbitrary files via a .. (dot dot) in the host name in a "drophost…
|
CWE-22
Path Traversal
|
CVE-2013-4173
|
2024-11-21 10:55 |
2013-10-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
285978
|
- |
|
cmsmadesimple
|
cms_made_simple
|
Cross-site scripting (XSS) vulnerability in CMS Made Simple (CMSMS) before 1.11.7 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
|
CWE-79
Cross-site Scripting
|
CVE-2013-4167
|
2024-11-21 10:55 |
2013-10-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
285979
|
- |
|
mediawiki
|
mediawiki
|
Cross-site request forgery (CSRF) vulnerability in api/ApiQueryCheckUser.php in the CheckUser extension for MediaWiki, possibly Checkuser before 2.3, allows remote attackers to hijack the authenticat…
|
CWE-352
Origin Validation Error
|
CVE-2013-4306
|
2024-11-21 10:55 |
2013-10-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
285980
|
- |
|
mediawiki
|
mediawiki
|
Cross-site scripting (XSS) vulnerability in contrib/example.php in the SyntaxHighlight GeSHi extension for MediaWiki, possibly as downloaded before September 2013, allows remote attackers to inject a…
|
CWE-79
Cross-site Scripting
|
CVE-2013-4305
|
2024-11-21 10:55 |
2013-10-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
