|
288351
|
- |
|
geeklog
|
geeklog
|
Cross-site scripting (XSS) vulnerability in calendar/index.php in the Calendar plugin in Geeklog before 1.8.2sr1 and 2.0.0 before 2.0.0rc2 allows remote attackers to inject arbitrary web script or HT…
|
CWE-79
Cross-site Scripting
|
CVE-2013-1470
|
2024-11-21 10:49 |
2014-02-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
288352
|
- |
|
glfusion
|
glfusion
|
Multiple cross-site scripting (XSS) vulnerabilities in glFusion before 1.2.2.pl4 allow remote attackers to inject arbitrary web script or HTML via the (1) subject parameter to profiles.php; (2) addre…
|
CWE-79
Cross-site Scripting
|
CVE-2013-1466
|
2024-11-21 10:49 |
2014-02-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
288353
|
- |
|
adobe
|
acrobat_reader
acrobat
|
Buffer overflow in Adobe Reader and Acrobat 9.x before 9.5.3, 10.x before 10.1.5, and 11.x before 11.0.1 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability …
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2013-1376
|
2024-11-21 10:49 |
2014-01-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
288354
|
- |
|
lenovo
|
thinkpad_bluetooth_with_enhanced_data_rate_software
|
Untrusted search path vulnerability in Lenovo Thinkpad Bluetooth with Enhanced Data Rate Software 6.4.0.2900 and earlier allows local users, and possibly remote attackers, to execute arbitrary code a…
|
NVD-CWE-Other
|
CVE-2013-1361
|
2024-11-21 10:49 |
2014-01-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
288355
|
- |
|
dave_coffin
|
dcraw
|
Unspecified vulnerability in dcraw 0.8.x through 0.8.9, as used in libraw, ufraw, shotwell, and other products, allows context-dependent attackers to cause a denial of service via a crafted photo fil…
|
NVD-CWE-noinfo
|
CVE-2013-1438
|
2024-11-21 10:49 |
2014-01-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
288356
|
- |
|
zabbix
|
zabbix
|
The user.login function in Zabbix before 1.8.16 and 2.x before 2.0.5rc1 allows remote attackers to override LDAP configuration via the cnf parameter.
|
CWE-287
Improper Authentication
|
CVE-2013-1364
|
2024-11-21 10:49 |
2013-12-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
288357
|
- |
|
uclouvain
|
openjpeg
|
OpenJPEG 1.3 and earlier allows remote attackers to cause a denial of service (memory consumption or crash) via unspecified vectors related to NULL pointer dereferences, division-by-zero, and other e…
|
NVD-CWE-noinfo
|
CVE-2013-1447
|
2024-11-21 10:49 |
2013-12-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
288358
|
- |
|
os4ed
|
opensis
|
Eval injection vulnerability in ajax.php in openSIS 4.5 through 5.2 allows remote attackers to execute arbitrary PHP code via the modname parameter.
|
CWE-94
Code Injection
|
CVE-2013-1349
|
2024-11-21 10:49 |
2013-12-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
288359
|
- |
|
mit
|
kerberos_5
|
do_tgs_req.c in the Key Distribution Center (KDC) in MIT Kerberos 5 (aka krb5) 1.11 before 1.11.4, when a single-component realm name is used, allows remote authenticated users to cause a denial of s…
|
CWE-20
Improper Input Validation
|
CVE-2013-1417
|
2024-11-21 10:49 |
2013-11-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
288360
|
- |
|
mit
debian
opensuse
|
kerberos_5
debian_linux
opensuse
|
The setup_server_realm function in main.c in the Key Distribution Center (KDC) in MIT Kerberos 5 (aka krb5) before 1.10.7, when multiple realms are configured, allows remote attackers to cause a deni…
|
CWE-476
NULL Pointer Dereference
|
CVE-2013-1418
|
2024-11-21 10:49 |
2013-11-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
