|
291741
|
- |
|
freedesktop
|
poppler
|
poppler before 0.22.1 allows context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code via vectors that trigger an "invalid memory access" in (1) splash/Spl…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2013-1788
|
2024-11-21 10:50 |
2013-04-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291742
|
- |
|
apple
todd_miller
|
mac_os_x
sudo
|
sudo 1.3.5 through 1.7.10 and 1.8.0 through 1.8.5, when the tty_tickets option is enabled, does not properly validate the controlling terminal device, which allows local users with sudo permissions t…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2013-1776
|
2024-11-21 10:50 |
2013-04-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291743
|
- |
|
linux
|
linux_kernel
|
The clone system-call implementation in the Linux kernel before 3.8.3 does not properly handle a combination of the CLONE_NEWUSER and CLONE_FS flags, which allows local users to gain privileges by ca…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2013-1858
|
2024-11-21 10:50 |
2013-04-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291744
|
- |
|
postgresql
|
postgresql
|
PostgreSQL, possibly 9.2.x before 9.2.4, 9.1.x before 9.1.9, 9.0.x before 9.0.13, 8.4.x before 8.4.17, and 8.3.x before 8.3.23 incorrectly provides the superuser password to scripts related to "graph…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2013-1903
|
2024-11-21 10:50 |
2013-04-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291745
|
- |
|
postgresql
|
postgresql
|
PostgreSQL, 9.2.x before 9.2.4, 9.1.x before 9.1.9, 9.0.x before 9.0.13, 8.4.x before 8.4.17, and 8.3.x before 8.3.23 generates insecure temporary files with predictable filenames, which has unspecif…
|
NVD-CWE-Other
|
CVE-2013-1902
|
2024-11-21 10:50 |
2013-04-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291746
|
- |
|
postgresql
canonical
|
postgresql
ubuntu_linux
|
PostgreSQL 9.2.x before 9.2.4 and 9.1.x before 9.1.9 does not properly check REPLICATION privileges, which allows remote authenticated users to bypass intended backup restrictions by calling the (1) …
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2013-1901
|
2024-11-21 10:50 |
2013-04-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291747
|
- |
|
postgresql
canonical
|
postgresql
ubuntu_linux
|
PostgreSQL 9.2.x before 9.2.4, 9.1.x before 9.1.9, 9.0.x before 9.0.13, and 8.4.x before 8.4.17, when using OpenSSL, generates insufficiently random numbers, which might allow remote authenticated us…
|
CWE-189
Numeric Errors
|
CVE-2013-1900
|
2024-11-21 10:50 |
2013-04-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291748
|
- |
|
postgresql
canonical
|
postgresql
ubuntu_linux
|
Argument injection vulnerability in PostgreSQL 9.2.x before 9.2.4, 9.1.x before 9.1.9, and 9.0.x before 9.0.13 allows remote attackers to cause a denial of service (file corruption), and allows remot…
|
CWE-94
Code Injection
|
CVE-2013-1899
|
2024-11-21 10:50 |
2013-04-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291749
|
- |
|
mark_burns
|
ldoce
|
lib/ldoce/word.rb in the ldoce 0.0.2 gem for Ruby allows remote attackers to execute arbitrary commands via shell metacharacters in (1) an mp3 URL or (2) file name.
|
CWE-20
Improper Input Validation
|
CVE-2013-1911
|
2024-11-21 10:50 |
2013-04-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291750
|
- |
|
openstack
|
keystone_essex
folsom
|
The XML libraries for Python 3.4, 3.3, 3.2, 3.1, 2.7, and 2.6, as used in OpenStack Keystone Essex and Folsom, Django, and possibly other products allow remote attackers to read arbitrary files via a…
|
CWE-200
Information Exposure
|
CVE-2013-1665
|
2024-11-21 10:50 |
2013-04-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
