|
287991
|
- |
|
mediawiki
fedoraproject
gentoo
|
mediawiki
fedora
linux
|
MediaWiki before 1.19.6 and 1.20.x before 1.20.5 does not allow extensions to prevent password changes without using both Special:PasswordReset and Special:ChangePassword, which allows remote attacke…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2013-2032
|
2024-11-21 10:50 |
2013-11-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
287992
|
- |
|
gentoo
mediawiki
|
linux
mediawiki
|
MediaWiki before 1.19.6 and 1.20.x before 1.20.5 allows remote attackers to conduct cross-site scripting (XSS) attacks, as demonstrated by a CDATA section containing valid UTF-7 encoded sequences in …
|
CWE-79
Cross-site Scripting
|
CVE-2013-2031
|
2024-11-21 10:50 |
2013-11-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
287993
|
- |
|
linux
|
linux_kernel
|
The host_start function in drivers/usb/chipidea/host.c in the Linux kernel before 3.7.4 does not properly support a certain non-streaming option, which allows local users to cause a denial of service…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2013-2058
|
2024-11-21 10:50 |
2013-11-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
287994
|
- |
|
opensuse
ruby-lang
|
opensuse
ruby
|
(1) DL and (2) Fiddle in Ruby 1.9 before 1.9.3 patchlevel 426, and 2.0 before 2.0.0 patchlevel 195, do not perform taint checking for native functions, which allows context-dependent attackers to byp…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2013-2065
|
2024-11-21 10:50 |
2013-11-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
287995
|
- |
|
mozilla
|
bugzilla
|
Multiple cross-site scripting (XSS) vulnerabilities in report.cgi in Bugzilla 4.1.x and 4.2.x before 4.2.7 and 4.3.x and 4.4.x before 4.4.1 allow remote attackers to inject arbitrary web script or HT…
|
CWE-79
Cross-site Scripting
|
CVE-2013-1743
|
2024-11-21 10:50 |
2013-10-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
287996
|
- |
|
mozilla
|
bugzilla
|
Multiple cross-site scripting (XSS) vulnerabilities in editflagtypes.cgi in Bugzilla 2.x, 3.x, and 4.0.x before 4.0.11; 4.1.x and 4.2.x before 4.2.7; and 4.3.x and 4.4.x before 4.4.1 allow remote att…
|
CWE-79
Cross-site Scripting
|
CVE-2013-1742
|
2024-11-21 10:50 |
2013-10-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
287997
|
- |
|
mozilla
|
bugzilla
|
Cross-site request forgery (CSRF) vulnerability in attachment.cgi in Bugzilla 2.x, 3.x, and 4.0.x before 4.0.11; 4.1.x and 4.2.x before 4.2.7; and 4.3.x and 4.4.x before 4.4.1 allows remote attackers…
|
CWE-352
Origin Validation Error
|
CVE-2013-1734
|
2024-11-21 10:50 |
2013-10-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
287998
|
- |
|
mozilla
|
bugzilla
|
Cross-site request forgery (CSRF) vulnerability in process_bug.cgi in Bugzilla 4.4.x before 4.4.1 allows remote attackers to hijack the authentication of arbitrary users for requests that modify bugs…
|
CWE-352
Origin Validation Error
|
CVE-2013-1733
|
2024-11-21 10:50 |
2013-10-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
287999
|
- |
|
mozilla
|
network_security_services
|
Mozilla Network Security Services (NSS) before 3.15.2 does not ensure that data structures are initialized before read operations, which allows remote attackers to cause a denial of service or possib…
|
NVD-CWE-noinfo
|
CVE-2013-1739
|
2024-11-21 10:50 |
2013-10-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
288000
|
- |
|
gnome
|
librsvg
|
GNOME libsvg before 2.39.0 allows remote attackers to read arbitrary files via an XML document containing an external entity declaration in conjunction with an entity reference, related to an XML Ext…
|
CWE-20
Improper Input Validation
|
CVE-2013-1881
|
2024-11-21 10:50 |
2013-10-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
