|
290891
|
- |
|
spice_project
redhat
|
spice
enterprise_linux
enterprise_virtualization
|
Stack-based buffer overflow in the reds_handle_ticket function in server/reds.c in SPICE 0.12.0 allows remote attackers to cause a denial of service (crash) via a long password in a SPICE ticket.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2013-4282
|
2024-11-21 10:55 |
2013-11-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290892
|
- |
|
xen
debian
|
xen
debian_linux
|
Xen before 4.1.x, 4.2.x, and 4.3.x does not take the page_alloc_lock and grant_table.lock in the same order, which allows local guest administrators with access to multiple vcpus to cause a denial of…
|
CWE-20
Improper Input Validation
|
CVE-2013-4494
|
2024-11-21 10:55 |
2013-11-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290893
|
- |
|
openstack
|
havana
grizzly
folsom
|
OpenStack Compute (Nova) Folsom, Grizzly, and Havana, when use_cow_images is set to False, does not verify the virtual size of a QCOW2 image, which allows local users to cause a denial of service (ho…
|
CWE-399
Resource Management Errors
|
CVE-2013-4469
|
2024-11-21 10:55 |
2013-11-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290894
|
- |
|
thoughtbot
|
cocaine
|
The Cocaine gem 0.4.0 through 0.5.2 for Ruby allows context-dependent attackers to execute arbitrary commands via a crafted has object, related to recursive variable interpolation.
|
CWE-78
OS Command
|
CVE-2013-4457
|
2024-11-21 10:55 |
2013-11-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290895
|
- |
|
redhat
|
libvirt
|
The virConnectDomainXMLToNative API function in libvirt 1.1.0 through 1.1.3 checks for the connect:read permission instead of the connect:write permission, which allows attackers to gain domain:write…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2013-4401
|
2024-11-21 10:55 |
2013-11-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290896
|
- |
|
md-systems
|
simplenews
|
Cross-site scripting (XSS) vulnerability in the API in the Simplenews module 6.x-1.x before 6.x-1.5 and 7.x-1.x before 7.x-1.1 for Drupal allows remote attackers to inject arbitrary web script or HTM…
|
CWE-79
Cross-site Scripting
|
CVE-2013-4447
|
2024-11-21 10:55 |
2013-11-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290897
|
- |
|
varnish-cache
varnish_cache_project
|
varnish
varnish_cache
|
Varnish before 3.0.5 allows remote attackers to cause a denial of service (child-process crash and temporary caching outage) via a GET request with trailing whitespace characters and no URI.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2013-4484
|
2024-11-21 10:55 |
2013-11-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290898
|
- |
|
openstack
redhat
|
folsom
grizzly
openstack
|
OpenStack Compute (Nova) Folsom, Grizzly, and earlier, when using Apache Qpid for the RPC backend, does not properly handle errors that occur during messaging, which allows remote attackers to cause …
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2013-4261
|
2024-11-21 10:55 |
2013-10-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290899
|
- |
|
openstack
redhat
|
compute
openstack
|
Algorithmic complexity vulnerability in OpenStack Compute (Nova) before 2013.1.3 and Havana before havana-3 does not properly handle network source security group policy updates, which allows remote …
|
CWE-310
Cryptographic Issues
|
CVE-2013-4185
|
2024-11-21 10:55 |
2013-10-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290900
|
- |
|
gnupg
canonical
|
gnupg
ubuntu_linux
|
The compressed packet parser in GnuPG 1.4.x before 1.4.15 and 2.0.x before 2.0.22 allows remote attackers to cause a denial of service (infinite recursion) via a crafted OpenPGP message.
|
CWE-20
Improper Input Validation
|
CVE-2013-4402
|
2024-11-21 10:55 |
2013-10-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
