|
289811
|
- |
|
acquia
commons_wikis_project
|
commons
commons_wikis
|
The Commons Wikis module before 7.x-3.1 for Drupal, as used in the Commons module before 7.x-3.1, does not properly restrict access to groups, which allows remote attackers to post arbitrary content …
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2013-1908
|
2024-11-21 10:50 |
2013-07-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
289812
|
- |
|
acquia
|
commons
commons_group
|
The Commons Group module before 7.x-3.1 for Drupal, as used in the Commons module before 7.x-3.1, does not properly restrict access to groups, which allows remote attackers to post arbitrary content …
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2013-1907
|
2024-11-21 10:50 |
2013-07-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
289813
|
7.8 |
HIGH
Local
|
linux
redhat
canonical
|
linux_kernel
enterprise_linux
enterprise_linux_eus
ubuntu_linux
|
The KVM subsystem in the Linux kernel before 3.0 does not check whether kernel addresses are specified during allocation of memory slots for use in a guest's physical address space, which allows loca…
|
CWE-20
Improper Input Validation
|
CVE-2013-1943
|
2024-11-21 10:50 |
2013-07-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
289814
|
- |
|
redhat
|
enterprise_linux
|
A certain Red Hat patch to the KVM subsystem in the kernel package before 2.6.32-358.11.1.el6 on Red Hat Enterprise Linux (RHEL) 6 does not properly implement the PV EOI feature, which allows guest O…
|
CWE-362
Race Condition
|
CVE-2013-1935
|
2024-11-21 10:50 |
2013-07-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
289815
|
- |
|
ibm
apache
|
websphere_application_server
geronimo
|
The JMX Remoting functionality in Apache Geronimo 3.x before 3.0.1, as used in IBM WebSphere Application Server (WAS) Community Edition 3.0.0.3 and other products, does not properly implement the RMI…
|
CWE-94
Code Injection
|
CVE-2013-1777
|
2024-11-21 10:50 |
2013-07-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
289816
|
- |
|
apache
|
openjpa
|
The BrokerFactory functionality in Apache OpenJPA 1.x before 1.2.3 and 2.x before 2.2.2 creates local executable JSP files containing logging trace data produced during deserialization of certain cra…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2013-1768
|
2024-11-21 10:50 |
2013-07-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
289817
|
- |
|
apache
redhat
canonical
opensuse
|
http_server
jboss_enterprise_application_platform
enterprise_linux_server
enterprise_linux_workstation
enterprise_linux_server_aus
enterprise_linux_desktop
enterprise_linux_eus
u…
|
mod_dav.c in the Apache HTTP Server before 2.2.25 does not properly determine whether DAV is enabled for a URI, which allows remote attackers to cause a denial of service (segmentation fault) via a M…
|
NVD-CWE-noinfo
|
CVE-2013-1896
|
2024-11-21 10:50 |
2013-07-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
289818
|
- |
|
apache
|
struts
|
Apache Struts 2 before 2.3.14.2 allows remote attackers to execute arbitrary OGNL code via a crafted request that is not properly handled when using the includeParams attribute in the (1) URL or (2) …
|
CWE-94
Code Injection
|
CVE-2013-1966
|
2024-11-21 10:50 |
2013-07-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
289819
|
- |
|
apache
|
struts
struts2-showcase
|
Apache Struts Showcase App 2.0.0 through 2.3.13, as used in Struts 2 before 2.3.14.3, allows remote attackers to execute arbitrary OGNL code via a crafted parameter name that is not properly handled …
|
CWE-94
Code Injection
|
CVE-2013-1965
|
2024-11-21 10:50 |
2013-07-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
289820
|
- |
|
videolan
|
vlc_media_player
|
The ASF Demuxer (modules/demux/asf/asf.c) in VideoLAN VLC media player 2.0.5 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2013-1954
|
2024-11-21 10:50 |
2013-07-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
