|
291161
|
- |
|
ganglia
|
ganglia-web
|
Multiple cross-site scripting (XSS) vulnerabilities in Ganglia Web before 3.5.6 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors.
|
CWE-79
Cross-site Scripting
|
CVE-2013-0275
|
2024-11-21 10:47 |
2013-03-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291162
|
- |
|
fedoraproject
|
389_directory_server
|
389 Directory Server before 1.3.0.4 allows remote attackers to cause a denial of service (crash) via a zero length LDAP control sequence.
|
CWE-189
Numeric Errors
|
CVE-2013-0312
|
2024-11-21 10:47 |
2013-03-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291163
|
- |
|
adobe
|
flash_player
flash_player_for_android
adobe_air_sdk_and_compiler
adobe_air_sdk
adobe_air
|
Use-after-free vulnerability in Adobe Flash Player before 10.3.183.68 and 11.x before 11.6.602.180 on Windows and Mac OS X, before 10.3.183.68 and 11.x before 11.2.202.275 on Linux, before 11.1.111.4…
|
CWE-399
Resource Management Errors
|
CVE-2013-0650
|
2024-11-21 10:47 |
2013-03-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291164
|
- |
|
adobe
|
flash_player
flash_player_for_android
adobe_air_sdk_and_compiler
adobe_air_sdk
adobe_air
|
Integer overflow in Adobe Flash Player before 10.3.183.68 and 11.x before 11.6.602.180 on Windows and Mac OS X, before 10.3.183.68 and 11.x before 11.2.202.275 on Linux, before 11.1.111.44 on Android…
|
CWE-189
Numeric Errors
|
CVE-2013-0646
|
2024-11-21 10:47 |
2013-03-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291165
|
- |
|
apache
|
cxf
|
Apache CXF before 2.5.9, 2.6.x before 2.6.6, and 2.7.x before 2.7.3, when the plaintext UsernameToken WS-SecurityPolicy is enabled, allows remote attackers to bypass authentication via a security hea…
|
CWE-287
Improper Authentication
|
CVE-2013-0239
|
2024-11-21 10:47 |
2013-03-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291166
|
- |
|
boost
|
boost
|
boost::locale::utf::utf_traits in the Boost.Locale library in Boost 1.48 through 1.52 does not properly detect certain invalid UTF-8 sequences, which might allow remote attackers to bypass input vali…
|
CWE-20
Improper Input Validation
|
CVE-2013-0252
|
2024-11-21 10:47 |
2013-03-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291167
|
- |
|
haxx
canonical
|
libcurl
curl
ubuntu_linux
|
Stack-based buffer overflow in the Curl_sasl_create_digest_md5_message function in lib/curl_sasl.c in curl and libcurl 7.26.0 through 7.28.1, when negotiating SASL DIGEST-MD5 authentication, allows r…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2013-0249
|
2024-11-21 10:47 |
2013-03-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291168
|
- |
|
git-scm
|
git
|
The imap-send command in GIT before 1.8.1.4 does not verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate, which al…
|
CWE-20
Improper Input Validation
|
CVE-2013-0308
|
2024-11-21 10:47 |
2013-03-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291169
|
- |
|
openstack
|
essex
folsom
|
manifests/base.pp in the puppetlabs-cinder module, as used in PackStack, uses world-readable permissions for the (1) cinder.conf and (2) api-paste.ini configuration files, which allows local users to…
|
CWE-362
Race Condition
|
CVE-2013-0266
|
2024-11-21 10:47 |
2013-03-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291170
|
- |
|
openstack
|
essex
folsom
|
(1) installer/basedefs.py and (2) modules/ospluginutils.py in PackStack allows local users to overwrite arbitrary files via a symlink attack on a temporary file with a predictable name in /tmp.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2013-0261
|
2024-11-21 10:47 |
2013-03-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
