|
288771
|
- |
|
cartpauj
|
mingle-forum
|
Multiple cross-site scripting (XSS) vulnerabilities in the Mingle Forum plugin before 1.0.34 for WordPress allow remote attackers to inject arbitrary web script or HTML via the (1) search_words param…
|
CWE-79
Cross-site Scripting
|
CVE-2013-0734
|
2024-11-21 10:48 |
2014-03-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
288772
|
- |
|
nuance
|
pdf_reader
|
Heap-based buffer overflow in PDFCore8.dll in Nuance PDF Reader before 8.1 allows remote attackers to execute arbitrary code via crafted font table directory values in a TTF file, related to naming t…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2013-0732
|
2024-11-21 10:48 |
2014-03-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
288773
|
- |
|
combodo
|
itop
|
Multiple cross-site scripting (XSS) vulnerabilities in the search feature in iTop (aka IT Operations Portal) 2.0, 1.2.1, 1.2, and earlier allow remote attackers to inject arbitrary web script or HTML…
|
CWE-79
Cross-site Scripting
|
CVE-2013-0805
|
2024-11-21 10:48 |
2014-03-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
288774
|
- |
|
ubuntu
|
metal_as_a_service
|
Cross-site scripting (XSS) vulnerability in the API in Ubuntu Metal as a Service (MaaS) 1.2 and 1.4 allows remote attackers to inject arbitrary web script or HTML via the op parameter to nodes/.
|
CWE-79
Cross-site Scripting
|
CVE-2013-1070
|
2024-11-21 10:48 |
2014-02-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
288775
|
- |
|
ubuntu
|
metal_as_a_service
|
Ubuntu Metal as a Service (MaaS) 1.2 and 1.4 uses world-readable permissions for txlongpoll.yaml, which allows local users to obtain RabbitMQ authentication credentials by reading the file.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2013-1069
|
2024-11-21 10:48 |
2014-02-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
288776
|
- |
|
novell
|
identity_manager_roles_based_provisioning_module
|
Cross-site scripting (XSS) vulnerability in the Roles Based Provisioning Module 4.0.2 before Field Patch D for Novell Identity Manager (aka IDM) allows remote attackers to inject arbitrary web script…
|
CWE-79
Cross-site Scripting
|
CVE-2013-1096
|
2024-11-21 10:48 |
2013-12-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
288777
|
- |
|
ffmpeg
|
ffmpeg
|
The add_doubles_metadata function in libavcodec/tiff.c in FFmpeg before 1.1 allows remote attackers to have an unspecified impact via a negative or zero count value in a TIFF image, which triggers an…
|
CWE-189
Numeric Errors
|
CVE-2013-0859
|
2024-11-21 10:48 |
2013-12-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
288778
|
- |
|
debian
ffmpeg
|
debian_linux
ffmpeg
|
The atrac3_decode_init function in libavcodec/atrac3.c in FFmpeg before 1.0.4 allows remote attackers to have an unspecified impact via ATRAC3 data with the joint stereo coding mode set and fewer tha…
|
NVD-CWE-noinfo
|
CVE-2013-0858
|
2024-11-21 10:48 |
2013-12-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
288779
|
- |
|
ffmpeg
|
ffmpeg
|
The decode_frame_ilbm function in libavcodec/iff.c in FFmpeg before 1.1 allows remote attackers to have an unspecified impact via a crafted height value in IFF PBM/ILBM bitmap data.
|
CWE-20
Improper Input Validation
|
CVE-2013-0857
|
2024-11-21 10:48 |
2013-12-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
288780
|
- |
|
ffmpeg
|
ffmpeg
|
The lpc_prediction function in libavcodec/alac.c in FFmpeg before 1.1 allows remote attackers to have an unspecified impact via crafted Apple Lossless Audio Codec (ALAC) data, related to a large nb_s…
|
CWE-20
Improper Input Validation
|
CVE-2013-0856
|
2024-11-21 10:48 |
2013-12-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
