|
287311
|
- |
|
saltstack
|
salt
|
The salt master in Salt (aka SaltStack) 0.11.0 through 0.17.0 does not properly drop group privileges, which makes it easier for remote attackers to gain privileges.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2013-6617
|
2024-11-21 10:59 |
2013-11-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
287312
|
- |
|
vmware
|
hyperic_hq
|
The Groovy script console in VMware Hyperic HQ 4.6.6 allows remote authenticated administrators to execute arbitrary code via a Runtime.getRuntime().exec call.
|
CWE-94
Code Injection
|
CVE-2013-6366
|
2024-11-21 10:59 |
2013-11-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
287313
|
- |
|
wireshark
|
wireshark
|
epan/dissectors/packet-tcp.c in the TCP dissector in Wireshark 1.8.x before 1.8.11 and 1.10.x before 1.10.3 does not properly determine the amount of remaining data, which allows remote attackers to …
|
CWE-20
Improper Input Validation
|
CVE-2013-6340
|
2024-11-21 10:59 |
2013-11-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
287314
|
- |
|
wireshark
|
wireshark
|
The dissect_openwire_type function in epan/dissectors/packet-openwire.c in the OpenWire dissector in Wireshark 1.8.x before 1.8.11 and 1.10.x before 1.10.3 allows remote attackers to cause a denial o…
|
CWE-20
Improper Input Validation
|
CVE-2013-6339
|
2024-11-21 10:59 |
2013-11-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
287315
|
- |
|
wireshark
|
wireshark
|
The dissect_sip_common function in epan/dissectors/packet-sip.c in the SIP dissector in Wireshark 1.8.x before 1.8.11 and 1.10.x before 1.10.3 does not properly initialize a data structure, which all…
|
CWE-20
Improper Input Validation
|
CVE-2013-6338
|
2024-11-21 10:59 |
2013-11-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
287316
|
- |
|
wireshark
|
wireshark
|
Unspecified vulnerability in the NBAP dissector in Wireshark 1.8.x before 1.8.11 and 1.10.x before 1.10.3 allows remote attackers to cause a denial of service (application crash) via a crafted packet.
|
NVD-CWE-noinfo
|
CVE-2013-6337
|
2024-11-21 10:59 |
2013-11-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
287317
|
- |
|
wireshark
|
wireshark
|
The ieee802154_map_rec function in epan/dissectors/packet-ieee802154.c in the IEEE 802.15.4 dissector in Wireshark 1.8.x before 1.8.11 and 1.10.x before 1.10.3 uses an incorrect pointer chain, which …
|
CWE-20
Improper Input Validation
|
CVE-2013-6336
|
2024-11-21 10:59 |
2013-11-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
287318
|
- |
|
mcafee
|
email_gateway
|
McAfee Email Gateway (MEG) 7.0 before 7.0.4 and 7.5 before 7.5.1 allows remote authenticated users to execute arbitrary commands via unspecified vectors.
|
CWE-94
Code Injection
|
CVE-2013-6349
|
2024-11-21 10:59 |
2013-11-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
287319
|
- |
|
apache
|
struts
|
Multiple cross-site scripting (XSS) vulnerabilities in Apache Struts 2.3.15.3 allow remote attackers to inject arbitrary web script or HTML via the namespace parameter to (1) actionNames.action and (…
|
CWE-79
Cross-site Scripting
|
CVE-2013-6348
|
2024-11-21 10:59 |
2013-11-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
287320
|
- |
|
novell
|
zenworks_configuration_management
|
Session fixation vulnerability in Novell ZENworks Configuration Management (ZCM) before 11.2.4 allows remote attackers to hijack web sessions via unspecified vectors.
|
CWE-287
Improper Authentication
|
CVE-2013-6347
|
2024-11-21 10:59 |
2013-11-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
