|
289131
|
- |
|
redhat
|
enterprise_mrg
|
Cumin, as used in Red Hat Enterprise MRG 2.4, allows remote attackers to cause a denial of service (CPU and memory consumption) via a crafted Ajax update request.
|
CWE-399
Resource Management Errors
|
CVE-2013-4284
|
2024-11-21 10:55 |
2013-10-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
289132
|
- |
|
radscan
|
network_audio_system
|
Format string vulnerability in the osLogMsg function in server/os/aulog.c in Network Audio System (NAS) 1.9.3 allows remote attackers to cause a denial of service (crash) and possibly execute arbitra…
|
CWE-134
Use of Externally-Controlled Format String
|
CVE-2013-4258
|
2024-11-21 10:55 |
2013-10-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
289133
|
- |
|
canonical
radscan
|
ubuntu_linux
network_audio_system
|
Multiple stack-based and heap-based buffer overflows in Network Audio System (NAS) 1.9.3 allow local users to cause a denial of service (crash) or possibly execute arbitrary code via the (1) display …
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2013-4256
|
2024-11-21 10:55 |
2013-10-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
289134
|
- |
|
qemu
opensuse
redhat
canonical
|
qemu
opensuse
enterprise_linux_desktop
enterprise_linux_server
enterprise_linux_workstation
virtualization
ubuntu_linux
|
Buffer overflow in the SCSI implementation in QEMU, as used in Xen, when a SCSI controller has more than 256 attached devices, allows local users to gain privileges via a small transfer buffer in a R…
|
CWE-120
Classic Buffer Overflow
|
CVE-2013-4344
|
2024-11-21 10:55 |
2013-10-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
289135
|
- |
|
apache
|
camel
|
Apache Camel before 2.9.7, 2.10.0 before 2.10.7, 2.11.0 before 2.11.2, and 2.12.0 allows remote attackers to execute arbitrary simple language expressions by including "$simple{}" in a CamelFileName …
|
CWE-94
Code Injection
|
CVE-2013-4330
|
2024-11-21 10:55 |
2013-10-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
289136
|
- |
|
djangoproject
|
django
|
Cross-site scripting (XSS) vulnerability in the AdminURLFieldWidget widget in contrib/admin/widgets.py in Django 1.5.x before 1.5.2 and 1.6.x before 1.6 beta 2 allows remote attackers to inject arbit…
|
CWE-79
Cross-site Scripting
|
CVE-2013-4249
|
2024-11-21 10:55 |
2013-10-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
289137
|
- |
|
systemd_project
debian
canonical
|
systemd
debian_linux
ubuntu_linux
|
systemd does not properly use D-Bus for communication with a polkit authority, which allows local users to bypass intended access restrictions by leveraging a PolkitUnixProcess PolkitSubject race con…
|
CWE-362
Race Condition
|
CVE-2013-4327
|
2024-11-21 10:55 |
2013-10-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
289138
|
- |
|
lennart_poettering
redhat
|
rkit
enterprise_linux
|
RealtimeKit (aka rtkit) 0.5 does not properly use D-Bus for communication with a polkit authority, which allows local users to bypass intended access restrictions by leveraging a PolkitUnixProcess Po…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2013-4326
|
2024-11-21 10:55 |
2013-10-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
289139
|
- |
|
spice-gtk_project
redhat
|
spice-gtk
enterprise_linux
|
spice-gtk 0.14, and possibly other versions, invokes the polkit authority using the insecure polkit_unix_process_new API function, which allows local users to bypass intended access restrictions by l…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2013-4324
|
2024-11-21 10:55 |
2013-10-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
289140
|
- |
|
redhat
canonical
|
libvirt
ubuntu_linux
enterprise_linux
|
libvirt 1.0.5.x before 1.0.5.6, 0.10.2.x before 0.10.2.8, and 0.9.12.x before 0.9.12.2 allows local users to bypass intended access restrictions by leveraging a PolkitUnixProcess PolkitSubject race c…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2013-4311
|
2024-11-21 10:55 |
2013-10-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
