|
287451
|
- |
|
cambridge_enterprise
|
jbig-kit
|
Stack-based buffer overflow in the jbg_dec_in function in libjbig/jbig.c in JBIG-KIT before 2.1 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2013-6369
|
2024-11-21 10:59 |
2014-04-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
287452
|
- |
|
redhat
|
jboss_bpm_suite
jboss_enterprise_brms_platform
jboss_drools
|
JBoss Drools, Red Hat JBoss BRMS before 6.0.1, and Red Hat JBoss BPM Suite before 6.0.1 allows remote authenticated users to execute arbitrary Java code via a (1) MVFLEX Expression Language (MVEL) or…
|
CWE-94
Code Injection
|
CVE-2013-6468
|
2024-11-21 10:59 |
2014-04-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
287453
|
- |
|
chainfire
|
supersu
|
The Chainfire SuperSU package before 1.69 for Android allows attackers to gain privileges via the (1) backtick or (2) $() type of shell metacharacters in the -c option to /system/xbin/su.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2013-6775
|
2024-11-21 10:59 |
2014-03-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
287454
|
- |
|
koushik_dutta
|
superuser
|
The CyanogenMod/ClockWorkMod/Koush Superuser package 1.0.2.1 for Android allows attackers to gain privileges via shell metacharacters in the -c option to /system/xbin/su.
|
CWE-20
Improper Input Validation
|
CVE-2013-6769
|
2024-11-21 10:59 |
2014-03-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
287455
|
- |
|
koushik_dutta
google
|
superuser
android
|
The CyanogenMod/ClockWorkMod/Koush Superuser package 1.0.2.1 for Android 4.3 and 4.4 does not properly restrict the set of users who can execute /system/xbin/su with the --daemon option, which allows…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2013-6770
|
2024-11-21 10:59 |
2014-03-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
287456
|
- |
|
chainfire
androidsu
koushik_dutta
|
supersu
chainsdd_superuser
superuser
|
Untrusted search path vulnerability in the ChainsDD Superuser package 3.1.3 for Android 4.2.x and earlier, CyanogenMod/ClockWorkMod/Koush Superuser package 1.0.2.1 for Android 4.2.x and earlier, and …
|
NVD-CWE-Other
|
CVE-2013-6774
|
2024-11-21 10:59 |
2014-03-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
287457
|
- |
|
koushik_dutta
|
superuser
|
Untrusted search path vulnerability in the CyanogenMod/ClockWorkMod/Koush Superuser package 1.0.2.1 for Android 4.2.x and earlier allows attackers to trigger the launch of a Trojan horse app_process …
|
CWE-22
Path Traversal
|
CVE-2013-6768
|
2024-11-21 10:59 |
2014-03-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
287458
|
- |
|
ibm
|
quickfile
|
Cross-site scripting (XSS) vulnerability in IBM QuickFile 1.0.0.0 before iFix 4 and 1.1.0.1 before iFix 3 allows remote authenticated users to inject arbitrary web script or HTML via a crafted URL.
|
CWE-79
Cross-site Scripting
|
CVE-2013-6729
|
2024-11-21 10:59 |
2014-03-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
287459
|
- |
|
jansson_project
|
jansson
|
Jansson, possibly 2.4 and earlier, does not restrict the ability to trigger hash collisions predictably, which allows context-dependent attackers to cause a denial of service (CPU consumption) via a …
|
CWE-310
Cryptographic Issues
|
CVE-2013-6401
|
2024-11-21 10:59 |
2014-03-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
287460
|
- |
|
apache
oracle
canonical
|
http_server
ubuntu_linux
|
The dav_xml_get_cdata function in main/util.c in the mod_dav module in the Apache HTTP Server before 2.4.8 does not properly remove whitespace characters from CDATA sections, which allows remote atta…
|
NVD-CWE-noinfo
|
CVE-2013-6438
|
2024-11-21 10:59 |
2014-03-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
