|
287461
|
4.3 |
MEDIUM
Network
|
apache
|
cloudstack
|
In Apache CloudStack 4.1.0 and 4.1.1, when calling the CloudStack API call listProjectAccounts as a regular, non-administrative user, the user is able to see information for accounts other than their…
|
CWE-200
Information Exposure
|
CVE-2013-4317
|
2024-11-21 10:55 |
2018-02-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
287462
|
7.8 |
HIGH
Local
|
redhat
|
openshift
|
(1) oo-analytics-export and (2) oo-analytics-import in the openshift-origin-broker-util package in Red Hat OpenShift Enterprise 1 and 2 allow local users to have unspecified impact via a symlink atta…
|
CWE-59
Link Following
|
CVE-2013-4364
|
2024-11-21 10:55 |
2018-01-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
287463
|
5.3 |
MEDIUM
Network
|
oracle
|
jre
jdk
|
jarsigner in OpenJDK and Oracle Java SE before 7u51 allows remote attackers to bypass a code-signing protection mechanism and inject unsigned bytecode into a signed JAR file by leveraging improper fi…
|
CWE-74
Injection
|
CVE-2013-4578
|
2024-11-21 10:55 |
2017-12-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
287464
|
9.8 |
CRITICAL
Network
|
apache
|
httpclient
|
http/impl/client/HttpClientBuilder.java in Apache HttpClient 4.3.x before 4.3.1 does not ensure that X509HostnameVerifier is not null, which allows attackers to have unspecified impact via vectors in…
|
CWE-20
Improper Input Validation
|
CVE-2013-4366
|
2024-11-21 10:55 |
2017-10-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
287465
|
8.8 |
HIGH
Network
|
apache
|
subversion
|
libsvn_fs_fs/fs_fs.c in Apache Subversion 1.8.x before 1.8.2 might allow remote authenticated users with commit access to corrupt FSFS repositories and cause a denial of service or obtain sensitive i…
|
CWE-284
Improper Access Control
|
CVE-2013-4246
|
2024-11-21 10:55 |
2017-10-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
287466
|
6.2 |
MEDIUM
Local
|
oracle
linux
|
linux
linux_kernel
|
The Linux kernel before 4.4.1 allows local users to bypass file-descriptor limits and cause a denial of service (memory consumption) by sending each descriptor over a UNIX socket before closing it, r…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2013-4312
|
2024-11-21 10:55 |
2016-02-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
287467
|
- |
|
pwgen_project
|
pwgen
|
Password Generator (aka Pwgen) before 2.07 uses weak pseudo generated numbers when /dev/urandom is unavailable, which makes it easier for context-dependent attackers to guess the numbers.
|
CWE-310
Cryptographic Issues
|
CVE-2013-4442
|
2024-11-21 10:55 |
2014-12-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
287468
|
- |
|
pwgen_project
|
pwgen
|
Password Generator (aka Pwgen) before 2.07 generates weak non-tty passwords, which makes it easier for context-dependent attackers to guess the password via a brute-force attack.
|
CWE-255
Credentials Management
|
CVE-2013-4440
|
2024-11-21 10:55 |
2014-12-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
287469
|
- |
|
redhat
|
libvirt
|
The remoteClientFreeFunc function in daemon/remote.c in libvirt before 1.1.3, when ACLs are used, does not set an identity, which causes event handler removal to be denied and remote attackers to cau…
|
NVD-CWE-Other
|
CVE-2013-4399
|
2024-11-21 10:55 |
2014-12-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
287470
|
- |
|
qemu
|
qemu
|
The virtio_scsi_load_request function in hw/scsi/scsi-bus.c in QEMU before 1.7.2 might allow remote attackers to execute arbitrary code via a crafted savevm image, which triggers an out-of-bounds arr…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2013-4542
|
2024-11-21 10:55 |
2014-11-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
