|
287901
|
5.5 |
MEDIUM
Local
|
redhat
fedoraproject
|
tuned
fedora
|
tuned before 2.x allows local users to kill running processes due to insecure permissions with tuned's ktune service.
|
CWE-20
Improper Input Validation
|
CVE-2013-1820
|
2024-11-21 10:50 |
2019-11-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
287902
|
4.3 |
MEDIUM
Network
|
mantisbt
debian
|
mantisbt
debian_linux
|
An access control issue in MantisBT before 1.2.13 allows users with "Reporter" permissions to change any issue to "New".
|
CWE-20
Improper Input Validation
|
CVE-2013-1811
|
2024-11-21 10:50 |
2019-11-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
287903
|
7.5 |
HIGH
Network
|
gambas_project
debian
|
gambas
debian_linux
|
Gambas before 3.4.0 allows remote attackers to move or manipulate directory contents or perform symlink attacks due to the creation of insecure temporary directories.
|
CWE-59
Link Following
|
CVE-2013-1809
|
2024-11-21 10:50 |
2019-11-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
287904
|
7.5 |
HIGH
Network
|
monkey-project
|
monkey
|
The web server Monkeyd produces a world-readable log (/var/log/monkeyd/master.log) on gentoo.
|
CWE-532
Inclusion of Sensitive Information in Log Files
|
CVE-2013-1771
|
2024-11-21 10:50 |
2019-11-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
287905
|
9.8 |
CRITICAL
Network
|
twiki
|
twiki
|
TWiki before 5.1.4 allows remote attackers to execute arbitrary shell commands by sending a crafted '%MAKETEXT{}%' parameter value containing Perl backtick characters.
|
CWE-20
Improper Input Validation
|
CVE-2013-1751
|
2024-11-21 10:50 |
2019-11-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
287906
|
9.8 |
CRITICAL
Network
|
foswiki
|
foswiki
|
Foswiki before 1.1.8 contains a code injection vulnerability in the MAKETEXT macro.
|
CWE-94
Code Injection
|
CVE-2013-1666
|
2024-11-21 10:50 |
2019-11-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
287907
|
8.8 |
HIGH
Network
|
call-cc
|
chicken
|
Multiple buffer overflows in the (1) R5RS char-ready, (2) tcp-accept-ready, and (3) file-select procedures in Chicken through 4.8.0.3 allows attackers to cause a denial of service (crash) by opening …
|
CWE-120
Classic Buffer Overflow
|
CVE-2013-2075
|
2024-11-21 10:50 |
2019-11-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
287908
|
8.8 |
HIGH
Network
|
call-cc
debian
|
chicken
debian_linux
|
OS command injection vulnerability in the "qs" procedure from the "utils" module in Chicken before 4.9.0.
|
CWE-78
OS Command
|
CVE-2013-2024
|
2024-11-21 10:50 |
2019-11-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
287909
|
7.3 |
HIGH
Local
|
autojump_project
debian
|
autojump
debian_linux
|
autojump before 21.5.8 allows local users to gain privileges via a Trojan horse custom_install directory in the current working directory.
|
CWE-269
Improper Privilege Management
|
CVE-2013-2012
|
2024-11-21 10:50 |
2019-11-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
287910
|
6.1 |
MEDIUM
Network
|
mediawiki
debian
|
mediawiki
debian_linux
|
A cross-site scripting (XSS) vulnerability in MediaWiki before 1.19.5 and 1.20.x before 1.20.4 and allows remote attackers to inject arbitrary web script or HTML via Lua function names.
|
CWE-79
Cross-site Scripting
|
CVE-2013-1951
|
2024-11-21 10:50 |
2019-11-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
