|
288361
|
- |
|
simplemachines
|
simple_machines_forum
|
Unrestricted file upload vulnerability in the avatar upload functionality in Simple Machines Forum before 2.0.6 and 2.1 allows remote authenticated users to execute arbitrary code by uploading a file…
|
NVD-CWE-Other
|
CVE-2013-4465
|
2024-11-21 10:55 |
2013-10-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
288362
|
- |
|
dropbear_ssh_project
|
dropbear_ssh
|
Dropbear SSH Server before 2013.59 generates error messages for a failed logon attempt with different time delays depending on whether the user account exists, which allows remote attackers to discov…
|
CWE-189
Numeric Errors
|
CVE-2013-4434
|
2024-11-21 10:55 |
2013-10-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
288363
|
- |
|
dropbear_ssh_project
|
dropbear_ssh
|
The buf_decompress function in packet.c in Dropbear SSH Server before 2013.59 allows remote attackers to cause a denial of service (memory consumption) via a compressed packet that has a large size w…
|
CWE-189
Numeric Errors
|
CVE-2013-4421
|
2024-11-21 10:55 |
2013-10-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
288364
|
- |
|
linux
redhat
|
linux_kernel
enterprise_linux
|
Interpretation conflict in drivers/md/dm-snap-persistent.c in the Linux kernel through 3.11.6 allows remote authenticated users to obtain sensitive information or modify data via a crafted mapping to…
|
CWE-264
CWE-200
Permissions, Privileges, and Access Controls
Information Exposure
|
CVE-2013-4299
|
2024-11-21 10:55 |
2013-10-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
288365
|
- |
|
apache
|
sling_auth_core_component
sling
|
Open redirect vulnerability in the AbstractAuthenticationFormServlet in the Auth Core (org.apache.sling.auth.core) bundle before 1.1.4 in Apache Sling allows remote attackers to redirect users to arb…
|
CWE-20
Improper Input Validation
|
CVE-2013-4390
|
2024-11-21 10:55 |
2013-10-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
288366
|
- |
|
redhat
|
jboss_operations_network
|
The storeFiles method in JPADriftServerBean in Red Hat JBoss Operations Network (JON) 3.1.2 allows local users to load arbitrary drift files into a server by writing the files to the temporary direct…
|
CWE-20
Improper Input Validation
|
CVE-2013-4373
|
2024-11-21 10:55 |
2013-10-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
288367
|
- |
|
apache
|
shindig
|
The gadget renderer in Apache Shindig 2.5.0 for PHP allows remote attackers to obtain sensitive information via an XML document containing an external entity declaration in conjunction with an entity…
|
CWE-200
Information Exposure
|
CVE-2013-4295
|
2024-11-21 10:55 |
2013-10-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
288368
|
- |
|
redhat
|
jboss_operations_network
|
The server in Red Hat JBoss Operations Network (JON) 3.1.2 logs passwords in plaintext, which allows local users to obtain sensitive information by reading the log files.
|
CWE-310
Cryptographic Issues
|
CVE-2013-4293
|
2024-11-21 10:55 |
2013-10-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
288369
|
- |
|
quassel-irc
|
quassel_irc
|
SQL injection vulnerability in Quassel IRC before 0.9.1, when Qt 4.8.5 or later and PostgreSQL 8.2 or later are used, allows remote attackers to execute arbitrary SQL commands via a \ (backslash) in …
|
CWE-89
SQL Injection
|
CVE-2013-4422
|
2024-11-21 10:55 |
2013-10-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
288370
|
- |
|
nodejs
|
nodejs
|
The HTTP server in Node.js 0.10.x before 0.10.21 and 0.8.x before 0.8.26 allows remote attackers to cause a denial of service (memory and CPU consumption) by sending a large number of pipelined reque…
|
CWE-20
Improper Input Validation
|
CVE-2013-4450
|
2024-11-21 10:55 |
2013-10-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
