|
288431
|
- |
|
libtiff
|
libtiff
|
The LZW decompressor in the gif2tiff tool in libtiff 4.0.3 and earlier allows context-dependent attackers to cause a denial of service (out-of-bounds write and crash) or possibly execute arbitrary co…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2013-4244
|
2024-11-21 10:55 |
2013-09-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
288432
|
- |
|
marketpress
|
backwpup_plugin
|
Cross-site scripting (XSS) vulnerability in the BackWPup plugin before 3.0.13 for WordPress allows remote attackers to inject arbitrary web script or HTML via the tab parameter to wp-admin/admin.php.
|
CWE-79
Cross-site Scripting
|
CVE-2013-4626
|
2024-11-21 10:55 |
2013-09-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
288433
|
- |
|
linux
|
linux_kernel
|
The IPv6 SCTP implementation in net/sctp/ipv6.c in the Linux kernel through 3.11.1 uses data structures and function calls that do not trigger an intended configuration of IPsec encryption, which all…
|
CWE-310
Cryptographic Issues
|
CVE-2013-4350
|
2024-11-21 10:55 |
2013-09-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
288434
|
- |
|
linux
canonical
|
linux_kernel
ubuntu_linux
|
Use-after-free vulnerability in drivers/net/tun.c in the Linux kernel through 3.11.1 allows local users to gain privileges by leveraging the CAP_NET_ADMIN capability and providing an invalid tuntap i…
|
CWE-399
Resource Management Errors
|
CVE-2013-4343
|
2024-11-21 10:55 |
2013-09-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
288435
|
- |
|
linux
|
linux_kernel
|
The scm_check_creds function in net/core/scm.c in the Linux kernel before 3.11 performs a capability check in an incorrect namespace, which allows local users to gain privileges via PID spoofing.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2013-4300
|
2024-11-21 10:55 |
2013-09-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
288436
|
- |
|
openstack
|
keystone
|
The (1) mamcache and (2) KVS token backends in OpenStack Identity (Keystone) Folsom 2012.2.x and Grizzly before 2013.1.4 do not properly compare the PKI token revocation list with PKI tokens, which a…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2013-4294
|
2024-11-21 10:55 |
2013-09-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
288437
|
- |
|
hp
|
linux_imaging_and_printing_project
|
The check_permission_v1 function in base/pkit.py in HP Linux Imaging and Printing (HPLIP) through 3.13.9 does not properly use D-Bus for communication with a polkit authority, which allows local user…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2013-4325
|
2024-11-21 10:55 |
2013-09-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
288438
|
- |
|
djangoproject
|
django
|
Directory traversal vulnerability in Django 1.4.x before 1.4.7, 1.5.x before 1.5.3, and 1.6.x before 1.6 beta 3 allows remote attackers to read arbitrary files via a file path in the ALLOWED_INCLUDE_…
|
CWE-22
Path Traversal
|
CVE-2013-4315
|
2024-11-21 10:55 |
2013-09-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
288439
|
- |
|
openstack
|
compute
|
The "create an instance" API in OpenStack Compute (Nova) Folsom, Grizzly, and Havana does not properly enforce the os-flavor-access:is_public property, which allows remote authenticated users to boot…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2013-4278
|
2024-11-21 10:55 |
2013-09-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
288440
|
- |
|
apache
|
subversion
|
Svnserve in Apache Subversion 1.4.0 through 1.7.12 and 1.8.0 through 1.8.1 allows local users to overwrite arbitrary files or kill arbitrary processes via a symlink attack on the file specified by th…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2013-4277
|
2024-11-21 10:55 |
2013-09-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
