|
288151
|
- |
|
moodle
|
moodle
|
Moodle through 2.1.10, 2.2.x before 2.2.10, 2.3.x before 2.3.7, and 2.4.x before 2.4.4 does not consider "don't send" attributes during hub registration, which allows remote hubs to obtain sensitive …
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2013-2081
|
2024-11-21 10:50 |
2013-05-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
288152
|
- |
|
moodle
|
moodle
|
The core_grade component in Moodle through 2.2.10, 2.3.x before 2.3.7, and 2.4.x before 2.4.4 does not properly consider the existence of hidden grades, which allows remote authenticated users to obt…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2013-2080
|
2024-11-21 10:50 |
2013-05-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
288153
|
- |
|
moodle
|
moodle
|
mod/assign/locallib.php in the assignment module in Moodle 2.3.x before 2.3.7 and 2.4.x before 2.4.4 does not consider capability requirements during the processing of ZIP assignment-archive download…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2013-2079
|
2024-11-21 10:50 |
2013-05-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
288154
|
- |
|
openstack
|
keystone
|
OpenStack Identity (Keystone) Folsom 2012.2.4 and earlier, Grizzly before 2013.1.1, and Havana does not immediately revoke the authentication token when deleting a user through the Keystone v2 API, w…
|
CWE-287
Improper Authentication
|
CVE-2013-2059
|
2024-11-21 10:50 |
2013-05-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
288155
|
- |
|
qemu
|
qemu
|
The qemu guest agent in Qemu 1.4.1 and earlier, as used by Xen, when started in daemon mode, uses weak permissions for certain files, which allows local users to read and write to these files.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2013-2007
|
2024-11-21 10:50 |
2013-05-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
288156
|
- |
|
openstack
|
keystone
|
OpenStack Identity (Keystone) Grizzly 2013.1.1, when DEBUG mode logging is enabled, logs the (1) admin_token and (2) LDAP password in plaintext, which allows local users to obtain sensitive by readin…
|
CWE-200
Information Exposure
|
CVE-2013-2006
|
2024-11-21 10:50 |
2013-05-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
288157
|
- |
|
openstack
|
devstack
|
OpenStack devstack uses world-readable permissions for keystone.conf, which allows local users to obtain sensitive information such as the LDAP password and admin_token secret by reading the file.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2013-1977
|
2024-11-21 10:50 |
2013-05-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
288158
|
- |
|
xen
|
xen
|
Xen 4.0.x and 4.1.x incorrectly releases a grant reference when releasing a non-v1, non-transitive grant, which allows local guest administrators to cause a denial of service (host crash), obtain sen…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2013-1964
|
2024-11-21 10:50 |
2013-05-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
288159
|
- |
|
mozilla
|
firefox
thunderbird
thunderbird_esr
|
Use-after-free vulnerability in the nsContentUtils::RemoveScriptBlocker function in Mozilla Firefox before 21.0, Firefox ESR 17.x before 17.0.6, Thunderbird before 17.0.6, and Thunderbird ESR 17.x be…
|
CWE-399
Resource Management Errors
|
CVE-2013-1681
|
2024-11-21 10:50 |
2013-05-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
288160
|
- |
|
mozilla
|
firefox
thunderbird
thunderbird_esr
|
Use-after-free vulnerability in the nsFrameList::FirstChild function in Mozilla Firefox before 21.0, Firefox ESR 17.x before 17.0.6, Thunderbird before 17.0.6, and Thunderbird ESR 17.x before 17.0.6 …
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2013-1680
|
2024-11-21 10:50 |
2013-05-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
