|
296431
|
- |
|
apache
|
activemq
|
Cross-site scripting (XSS) vulnerability in scheduled.jsp in Apache ActiveMQ 5.8.0 and earlier allows remote attackers to inject arbitrary web script or HTML via vectors involving the "cron of a mess…
|
CWE-79
Cross-site Scripting
|
CVE-2013-1879
|
2024-11-21 10:50 |
2013-07-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
296432
|
- |
|
chaos_tool_suite_project
|
ctools
|
The Chaos Tool Suite (ctools) module 7.x-1.x before 7.x-1.3 for Drupal does not properly restrict node access, which allows remote authenticated users with the "access content" permission to read res…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2013-1925
|
2024-11-21 10:50 |
2013-07-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
296433
|
- |
|
acquia
commons_wikis_project
|
commons
commons_wikis
|
The Commons Wikis module before 7.x-3.1 for Drupal, as used in the Commons module before 7.x-3.1, does not properly restrict access to groups, which allows remote attackers to post arbitrary content …
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2013-1908
|
2024-11-21 10:50 |
2013-07-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
296434
|
- |
|
acquia
|
commons
commons_group
|
The Commons Group module before 7.x-3.1 for Drupal, as used in the Commons module before 7.x-3.1, does not properly restrict access to groups, which allows remote attackers to post arbitrary content …
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2013-1907
|
2024-11-21 10:50 |
2013-07-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
296435
|
7.8 |
HIGH
Local
|
linux
redhat
canonical
|
linux_kernel
enterprise_linux
enterprise_linux_eus
ubuntu_linux
|
The KVM subsystem in the Linux kernel before 3.0 does not check whether kernel addresses are specified during allocation of memory slots for use in a guest's physical address space, which allows loca…
|
CWE-20
Improper Input Validation
|
CVE-2013-1943
|
2024-11-21 10:50 |
2013-07-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
296436
|
- |
|
redhat
|
enterprise_linux
|
A certain Red Hat patch to the KVM subsystem in the kernel package before 2.6.32-358.11.1.el6 on Red Hat Enterprise Linux (RHEL) 6 does not properly implement the PV EOI feature, which allows guest O…
|
CWE-362
Race Condition
|
CVE-2013-1935
|
2024-11-21 10:50 |
2013-07-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
296437
|
- |
|
ibm
apache
|
websphere_application_server
geronimo
|
The JMX Remoting functionality in Apache Geronimo 3.x before 3.0.1, as used in IBM WebSphere Application Server (WAS) Community Edition 3.0.0.3 and other products, does not properly implement the RMI…
|
CWE-94
Code Injection
|
CVE-2013-1777
|
2024-11-21 10:50 |
2013-07-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
296438
|
- |
|
apache
|
openjpa
|
The BrokerFactory functionality in Apache OpenJPA 1.x before 1.2.3 and 2.x before 2.2.2 creates local executable JSP files containing logging trace data produced during deserialization of certain cra…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2013-1768
|
2024-11-21 10:50 |
2013-07-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
296439
|
- |
|
apache
redhat
canonical
opensuse
|
http_server
jboss_enterprise_application_platform
enterprise_linux_server
enterprise_linux_workstation
enterprise_linux_server_aus
enterprise_linux_desktop
enterprise_linux_eus
u…
|
mod_dav.c in the Apache HTTP Server before 2.2.25 does not properly determine whether DAV is enabled for a URI, which allows remote attackers to cause a denial of service (segmentation fault) via a M…
|
NVD-CWE-noinfo
|
CVE-2013-1896
|
2024-11-21 10:50 |
2013-07-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
296440
|
- |
|
apache
|
struts
|
Apache Struts 2 before 2.3.14.2 allows remote attackers to execute arbitrary OGNL code via a crafted request that is not properly handled when using the includeParams attribute in the (1) URL or (2) …
|
CWE-94
Code Injection
|
CVE-2013-1966
|
2024-11-21 10:50 |
2013-07-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
