|
291391
|
- |
|
redhat
|
satellite
|
The Inter-Satellite Sync (ISS) operation in Red Hat Network (RHN) Satellite 5.3, 5.4, and 5.5 does not properly check client "authenticity," which allows remote attackers to obtain channel content by…
|
CWE-287
Improper Authentication
|
CVE-2013-2056
|
2024-11-21 10:50 |
2013-07-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291392
|
- |
|
apache
collabnet
canonical
opensuse
|
subversion
ubuntu_linux
opensuse
|
Subversion before 1.6.23 and 1.7.x before 1.7.10 allows remote authenticated users to cause a denial of service (FSFS repository corruption) via a newline character in a file name.
|
NVD-CWE-noinfo
|
CVE-2013-1968
|
2024-11-21 10:50 |
2013-07-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291393
|
- |
|
f5
debian
|
nginx
debian_linux
|
http/modules/ngx_http_proxy_module.c in nginx 1.1.4 through 1.2.8 and 1.3.0 through 1.4.0, when proxy_pass is used with untrusted HTTP servers, allows remote attackers to cause a denial of service (c…
|
NVD-CWE-noinfo
|
CVE-2013-2070
|
2024-11-21 10:50 |
2013-07-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291394
|
- |
|
f5
fedoraproject
|
nginx
fedora
|
The ngx_http_parse_chunked function in http/ngx_http_parse.c in nginx 1.3.9 through 1.4.0 allows remote attackers to cause a denial of service (crash) and execute arbitrary code via a chunked Transfe…
|
CWE-787
Out-of-bounds Write
|
CVE-2013-2028
|
2024-11-21 10:50 |
2013-07-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291395
|
- |
|
nashtech
|
easy_php_calendar
|
Multiple cross-site scripting (XSS) vulnerabilities in (1) index.php and (2) datePicker.php in Easy PHP Calendar 6.x and 7.x before 7.0.13 allow remote attackers to inject arbitrary web script or HTM…
|
CWE-79
Cross-site Scripting
|
CVE-2013-1955
|
2024-11-21 10:50 |
2013-07-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291396
|
- |
|
apache
|
activemq
|
Cross-site scripting (XSS) vulnerability in scheduled.jsp in Apache ActiveMQ 5.8.0 and earlier allows remote attackers to inject arbitrary web script or HTML via vectors involving the "cron of a mess…
|
CWE-79
Cross-site Scripting
|
CVE-2013-1879
|
2024-11-21 10:50 |
2013-07-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291397
|
- |
|
chaos_tool_suite_project
|
ctools
|
The Chaos Tool Suite (ctools) module 7.x-1.x before 7.x-1.3 for Drupal does not properly restrict node access, which allows remote authenticated users with the "access content" permission to read res…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2013-1925
|
2024-11-21 10:50 |
2013-07-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291398
|
- |
|
acquia
commons_wikis_project
|
commons
commons_wikis
|
The Commons Wikis module before 7.x-3.1 for Drupal, as used in the Commons module before 7.x-3.1, does not properly restrict access to groups, which allows remote attackers to post arbitrary content …
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2013-1908
|
2024-11-21 10:50 |
2013-07-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291399
|
- |
|
acquia
|
commons
commons_group
|
The Commons Group module before 7.x-3.1 for Drupal, as used in the Commons module before 7.x-3.1, does not properly restrict access to groups, which allows remote attackers to post arbitrary content …
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2013-1907
|
2024-11-21 10:50 |
2013-07-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291400
|
7.8 |
HIGH
Local
|
linux
redhat
canonical
|
linux_kernel
enterprise_linux
enterprise_linux_eus
ubuntu_linux
|
The KVM subsystem in the Linux kernel before 3.0 does not check whether kernel addresses are specified during allocation of memory slots for use in a guest's physical address space, which allows loca…
|
CWE-20
Improper Input Validation
|
CVE-2013-1943
|
2024-11-21 10:50 |
2013-07-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
