|
289511
|
- |
|
apple
|
watchos
iphone_os
mac_os_x
|
sys/openbsd/stack_protector.c in libc in Apple iOS 6.1.3 and Mac OS X 10.8.x does not properly parse the Apple strings employed in the user-space stack-cookie implementation, which allows local users…
|
CWE-20
Improper Input Validation
|
CVE-2013-3951
|
2024-11-21 10:54 |
2013-06-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
289512
|
- |
|
apple
|
iphone_os
|
Stack-based buffer overflow in the openSharedCacheFile function in dyld.cpp in dyld in Apple iOS 5.1.x and 6.x through 6.1.3 makes it easier for attackers to conduct untethering attacks via a long st…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2013-3950
|
2024-11-21 10:54 |
2013-06-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
289513
|
- |
|
apple
|
mac_os_x
|
The posix_spawn system call in the XNU kernel in Apple Mac OS X 10.8.x does not prevent use of the _POSIX_SPAWN_DISABLE_ASLR and _POSIX_SPAWN_ALLOW_DATA_EXEC flags for setuid and setgid programs, whi…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2013-3949
|
2024-11-21 10:54 |
2013-06-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
289514
|
- |
|
apple
|
iphone_os
|
Apple iOS 6.1.3 does not follow redirects during determination of the hostname to display in an iOS Enterprise Deployment installation dialog, which makes it easier for remote attackers to trigger in…
|
CWE-20
Improper Input Validation
|
CVE-2013-3948
|
2024-11-21 10:54 |
2013-06-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
289515
|
- |
|
php
|
php
|
The Zend Engine in PHP before 5.4.16 RC1, and 5.5.0 before RC2, does not properly determine whether a parser error occurred, which allows context-dependent attackers to cause a denial of service (mem…
|
CWE-20
Improper Input Validation
|
CVE-2013-3735
|
2024-11-21 10:54 |
2013-06-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
289516
|
- |
|
psychostats
|
psychostats
|
SQL injection vulnerability in awards.php in PsychoStats 3.2.2b allows remote attackers to execute arbitrary SQL commands via the d parameter.
|
CWE-89
SQL Injection
|
CVE-2013-3721
|
2024-11-21 10:54 |
2013-05-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
289517
|
- |
|
feedweb
|
feedweb
|
Cross-site scripting (XSS) vulnerability in widget_remove.php in the Feedweb plugin before 1.9 for WordPress allows remote authenticated administrators to inject arbitrary web script or HTML via the …
|
CWE-79
Cross-site Scripting
|
CVE-2013-3720
|
2024-11-21 10:54 |
2013-05-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
289518
|
- |
|
algisinfo
|
aicontactsafe
|
Cross-site scripting (XSS) vulnerability in the aiContactSafe component before 2.0.21 for Joomla! allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
|
CWE-79
Cross-site Scripting
|
CVE-2013-3719
|
2024-11-21 10:54 |
2013-05-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
289519
|
- |
|
google
lg
|
android
optimus_g_e973
|
The LG Hidden Menu component for Android on the LG Optimus G E973 allows physically proximate attackers to execute arbitrary commands by entering USB Debugging mode, using Android Debug Bridge (adb) …
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2013-3666
|
2024-11-21 10:54 |
2013-05-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
289520
|
- |
|
microsoft
|
windows_rt
windows_xp
windows_7
windows_8
windows_server_2008
windows_server_2003
windows_vista
windows_server_2012
|
The EPATHOBJ::bFlatten function in win32k.sys in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows Se…
|
CWE-22
Path Traversal
|
CVE-2013-3661
|
2024-11-21 10:54 |
2013-05-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
