|
288331
|
- |
|
openstack
|
havana
grizzly
folsom
|
The XenAPI backend in OpenStack Compute (Nova) Folsom, Grizzly, and Havana before 2013.2 does not properly apply security groups (1) when resizing an image or (2) during live migration, which allows …
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2013-4497
|
2024-11-21 10:55 |
2013-11-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
288332
|
- |
|
ldap-account-manager
|
ldap_account_manager
|
Cross-site scripting (XSS) vulnerability in templates/login.php in LDAP Account Manager (LAM) 4.3 and 4.2.1 allows remote attackers to inject arbitrary web script or HTML via the language parameter.
|
CWE-79
Cross-site Scripting
|
CVE-2013-4453
|
2024-11-21 10:55 |
2013-11-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
288333
|
- |
|
libguestfs
suse
novell
|
libguestfs
suse_linux_enterprise_software_development_kit
suse_linux_enterprise_server
|
The guestfish command in libguestfs 1.20.12, 1.22.7, and earlier, when using the --remote or --listen option, does not properly check the ownership of /tmp/.guestfish-$UID/ when creating a temporary …
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2013-4419
|
2024-11-21 10:55 |
2013-11-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
288334
|
- |
|
saltstack
|
salt
|
Salt (aka SaltStack) before 0.15.0 through 0.17.0 allows remote authenticated minions to impersonate arbitrary minions via a crafted minion with a valid key.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2013-4439
|
2024-11-21 10:55 |
2013-11-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
288335
|
- |
|
saltstack
|
salt
|
Salt (aka SaltStack) before 0.17.1 allows remote attackers to execute arbitrary YAML code via unspecified vectors. NOTE: the vendor states that this might not be a vulnerability because the YAML to …
|
CWE-94
Code Injection
|
CVE-2013-4438
|
2024-11-21 10:55 |
2013-11-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
288336
|
- |
|
saltstack
|
salt
|
Unspecified vulnerability in salt-ssh in Salt (aka SaltStack) 0.17.0 has unspecified impact and vectors related to "insecure Usage of /tmp."
|
NVD-CWE-noinfo
|
CVE-2013-4437
|
2024-11-21 10:55 |
2013-11-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
288337
|
- |
|
saltstack
|
salt
|
The default configuration for salt-ssh in Salt (aka SaltStack) 0.17.0 does not validate the SSH host key of requests, which allows remote attackers to have unspecified impact via a man-in-the-middle …
|
CWE-20
Improper Input Validation
|
CVE-2013-4436
|
2024-11-21 10:55 |
2013-11-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
288338
|
- |
|
saltstack
|
salt
|
Salt (aka SaltStack) 0.15.0 through 0.17.0 allows remote authenticated users who are using external authentication or client ACL to execute restricted routines by embedding the routine in another rou…
|
CWE-287
Improper Authentication
|
CVE-2013-4435
|
2024-11-21 10:55 |
2013-11-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
288339
|
- |
|
linux
|
linux_kernel
|
The ipc_rcu_putref function in ipc/util.c in the Linux kernel before 3.10 does not properly manage a reference count, which allows local users to cause a denial of service (memory consumption or syst…
|
CWE-189
Numeric Errors
|
CVE-2013-4483
|
2024-11-21 10:55 |
2013-11-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
288340
|
- |
|
linux
|
linux_kernel
|
The Linux kernel before 3.12, when UDP Fragmentation Offload (UFO) is enabled, does not properly initialize certain data structures, which allows local users to cause a denial of service (memory corr…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2013-4470
|
2024-11-21 10:55 |
2013-11-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
