|
285091
|
- |
|
pywbem_project
|
pywbem
|
PyWBEM 0.7 and earlier uses a separate connection to validate X.509 certificates, which allows man-in-the-middle attackers to spoof a peer via an arbitrary certificate.
|
CWE-20
Improper Input Validation
|
CVE-2013-6418
|
2024-11-21 10:59 |
2014-05-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
285092
|
- |
|
ibm
|
websphere_virtual_enterprise
websphere_application_server
|
Cross-site scripting (XSS) vulnerability in the Administration Console in IBM WebSphere Application Server (WAS) 7.x before 7.0.0.33, 8.x before 8.0.0.9, and 8.5.x before 8.5.5.2, and WebSphere Virtu…
|
CWE-79
Cross-site Scripting
|
CVE-2013-6323
|
2024-11-21 10:59 |
2014-05-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
285093
|
- |
|
redhat
|
enterprise_mrg
|
Cumin (aka MRG Management Console), as used in Red Hat Enterprise MRG 2.5, uses the DES-based crypt function to hash passwords, which makes it easier for attackers to obtain sensitive information via…
|
CWE-310
Cryptographic Issues
|
CVE-2013-6445
|
2024-11-21 10:59 |
2014-04-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
285094
|
- |
|
uclouvain
|
openjpeg
|
OpenJPEG 1.5.1 allows remote attackers to cause a denial of service via unspecified vectors that trigger NULL pointer dereferences, division-by-zero, and other errors.
|
CWE-20
Improper Input Validation
|
CVE-2013-6887
|
2024-11-21 10:59 |
2014-04-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
285095
|
- |
|
ibm
|
smartcloud_analytics_log_analysis
|
Cross-site scripting (XSS) vulnerability in IBM SmartCloud Analytics Log Analysis 1.1 and 1.2 before 1.2.0.0-CSI-SCALA-IF0003 allows remote attackers to inject arbitrary web script or HTML via an inv…
|
CWE-79
Cross-site Scripting
|
CVE-2013-6738
|
2024-11-21 10:59 |
2014-04-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
285096
|
- |
|
redhat
|
jboss_fuse_service_works
jboss_overlord_run_time_governance
|
JBoss Overlord Run Time Governance (RTGov) 1.0 for JBossAS allows remote authenticated users to execute arbitrary Java code via an MVFLEX Expression Language (MVEL) expression. NOTE: some of these d…
|
CWE-94
Code Injection
|
CVE-2013-6469
|
2024-11-21 10:59 |
2014-04-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
285097
|
- |
|
json-c
fedoraproject
|
json-c
fedora
|
The hash functionality in json-c before 0.12 allows context-dependent attackers to cause a denial of service (CPU consumption) via crafted JSON data, involving collisions.
|
CWE-310
Cryptographic Issues
|
CVE-2013-6371
|
2024-11-21 10:59 |
2014-04-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
285098
|
- |
|
json-c
fedoraproject
|
json-c
fedora
|
Buffer overflow in the printbuf APIs in json-c before 0.12 allows remote attackers to cause a denial of service via unspecified vectors.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2013-6370
|
2024-11-21 10:59 |
2014-04-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
285099
|
- |
|
redhat
fedoraproject
|
libvirt
fedora
|
The LXC driver (lxc/lxc_driver.c) in libvirt 1.0.1 through 1.2.1 allows local users to (1) delete arbitrary host devices via the virDomainDeviceDettach API and a symlink attack on /dev in the contain…
|
CWE-59
Link Following
|
CVE-2013-6456
|
2024-11-21 10:59 |
2014-04-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
285100
|
- |
|
cambridge_enterprise
|
jbig-kit
|
Stack-based buffer overflow in the jbg_dec_in function in libjbig/jbig.c in JBIG-KIT before 2.1 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2013-6369
|
2024-11-21 10:59 |
2014-04-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
