|
287491
|
- |
|
mambo-foundation
|
mambo_cms
|
Mambo CMS 4.6.5 allows remote attackers to cause a denial of service (memory and bandwidth consumption) by uploading a crafted file.
|
CWE-399
Resource Management Errors
|
CVE-2013-2564
|
2024-11-21 10:51 |
2014-06-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
287492
|
- |
|
mambo-foundation
|
mambo_cms
|
Mambo CMS 4.6.5 uses world-readable permissions on configuration.php, which allows local users to obtain the admin password hash by reading the file.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2013-2563
|
2024-11-21 10:51 |
2014-06-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
287493
|
- |
|
mambo-foundation
|
mambo_cms
|
Mambo CMS 4.6.5 stores the MySQL database password in cleartext in the document root, which allows local users to obtain sensitive information via unspecified vectors.
|
CWE-255
Credentials Management
|
CVE-2013-2562
|
2024-11-21 10:51 |
2014-06-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
287494
|
- |
|
znc
|
znc
|
ZNC 1.0 allows remote authenticated users to cause a denial of service (NULL pointer reference and crash) via a crafted request to the (1) editnetwork, (2) editchan, (3) addchan, or (4) delchan page …
|
NVD-CWE-Other
|
CVE-2013-2130
|
2024-11-21 10:51 |
2014-06-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
287495
|
- |
|
rom_walton
|
boinc
|
Multiple stack-based buffer overflows in the XML parser in BOINC 7.x allow attackers to have unspecified impact via a crafted XML file, related to the scheduler.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2013-2298
|
2024-11-21 10:51 |
2014-06-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
287496
|
- |
|
apache
|
hbase
|
Apache HBase 0.92.x before 0.92.3 and 0.94.x before 0.94.9, when the Kerberos features are enabled, allows man-in-the-middle attackers to disable bidirectional authentication and obtain sensitive inf…
|
CWE-287
Improper Authentication
|
CVE-2013-2193
|
2024-11-21 10:51 |
2014-05-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
287497
|
- |
|
glpi-project
|
glpi
|
inc/ticket.class.php in GLPI 0.83.9 and earlier allows remote attackers to unserialize arbitrary PHP objects via the _predefined_fields parameter to front/ticket.form.php.
|
NVD-CWE-Other
|
CVE-2013-2225
|
2024-11-21 10:51 |
2014-05-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
287498
|
- |
|
openbsd
|
opensmtpd
|
OpenSMTPD before 5.3.2 does not properly handle SSL sessions, which allows remote attackers to cause a denial of service (connection blocking) by keeping a connection open.
|
CWE-310
Cryptographic Issues
|
CVE-2013-2125
|
2024-11-21 10:51 |
2014-05-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
287499
|
- |
|
libguestfs
|
libguestfs
|
Double free vulnerability in inspect-fs.c in LibguestFS 1.20.x before 1.20.7, 1.21.x, 1.22.0, and 1.23.0 allows remote attackers to cause a denial of service (crash) via empty guest files.
|
NVD-CWE-Other
|
CVE-2013-2124
|
2024-11-21 10:51 |
2014-05-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
287500
|
- |
|
dovecot
|
dovecot
|
The IMAP functionality in Dovecot before 2.2.2 allows remote attackers to cause a denial of service (infinite loop and CPU consumption) via invalid APPEND parameters.
|
CWE-20
Improper Input Validation
|
CVE-2013-2111
|
2024-11-21 10:51 |
2014-05-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
