|
289411
|
- |
|
openvas
|
openvas_administrator
|
OpenVAS Administrator 1.2 before 1.2.2 and 1.3 before 1.3.2 allows remote attackers to bypass the OAP authentication restrictions and execute OAP commands via a crafted OAP request for version inform…
|
CWE-287
Improper Authentication
|
CVE-2013-6766
|
2024-11-21 10:59 |
2014-05-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
289412
|
- |
|
openvas
|
openvas_manager
|
OpenVAS Manager 3.0 before 3.0.7 and 4.0 before 4.0.4 allows remote attackers to bypass the OMP authentication restrictions and execute OMP commands via a crafted OMP request for version information,…
|
CWE-287
Improper Authentication
|
CVE-2013-6765
|
2024-11-21 10:59 |
2014-05-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
289413
|
- |
|
unrealircd
|
unrealircd
|
Use-after-free vulnerability in UnrealIRCd 3.2.10 before 3.2.10.2 allows remote attackers to cause a denial of service (crash) via unspecified vectors. NOTE: this identifier was SPLIT per ADT2 due t…
|
CWE-399
Resource Management Errors
|
CVE-2013-6413
|
2024-11-21 10:59 |
2014-05-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
289414
|
- |
|
mediawiki
|
mediawiki
|
MediaWiki before 1.19.10, 1.2x before 1.21.4, and 1.22.x before 1.22.1 allows remote attackers to obtain information about deleted page via the (1) log API, (2) enhanced RecentChanges, and (3) user w…
|
CWE-200
Information Exposure
|
CVE-2013-6472
|
2024-11-21 10:59 |
2014-05-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
289415
|
- |
|
mediawiki
|
mediawiki
|
Cross-site scripting (XSS) vulnerability in MediaWiki before 1.19.10, 1.2x before 1.21.4, and 1.22.x before 1.22.1 allows remote attackers to inject arbitrary web script or HTML via a -o-link attribu…
|
CWE-79
Cross-site Scripting
|
CVE-2013-6454
|
2024-11-21 10:59 |
2014-05-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
289416
|
- |
|
mediawiki
|
mediawiki
|
MediaWiki before 1.19.10, 1.2x before 1.21.4, and 1.22.x before 1.22.1 does not properly sanitize SVG files, which allows remote attackers to have unspecified impact via invalid XML.
|
CWE-20
Improper Input Validation
|
CVE-2013-6453
|
2024-11-21 10:59 |
2014-05-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
289417
|
- |
|
mediawiki
|
mediawiki
|
Cross-site scripting (XSS) vulnerability in MediaWiki before 1.19.10, 1.2x before 1.21.4, and 1.22.x before 1.22.1 allows remote attackers to inject arbitrary web script or HTML via crafted XSL in an…
|
CWE-79
Cross-site Scripting
|
CVE-2013-6452
|
2024-11-21 10:59 |
2014-05-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
289418
|
- |
|
gnu
|
rush
|
GNU Rush 1.7 does not properly drop privileges, which allows local users to read arbitrary files via the --lint option.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2013-6889
|
2024-11-21 10:59 |
2014-05-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
289419
|
- |
|
jenkins-ci
|
subversion-plugin
|
The Subversion plugin before 1.54 for Jenkins stores credentials using base64 encoding, which allows local users to obtain passwords and SSH private keys by reading a subversion.credentials file.
|
CWE-255
Credentials Management
|
CVE-2013-6372
|
2024-11-21 10:59 |
2014-05-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
289420
|
- |
|
ibm
|
tririga_application_platform
|
Multiple cross-site scripting (XSS) vulnerabilities in WebProcess.srv in IBM TRIRIGA Application Platform 3.2.x and 3.3.x before 3.3.1.2 allow remote authenticated users to inject arbitrary web scrip…
|
CWE-79
Cross-site Scripting
|
CVE-2013-6726
|
2024-11-21 10:59 |
2014-05-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
