|
289261
|
- |
|
drupal
|
drupal
|
Open redirect vulnerability in the Overlay module in Drupal 7.x before 7.24 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vectors.
|
CWE-20
Improper Input Validation
|
CVE-2013-6389
|
2024-11-21 10:59 |
2013-12-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
289262
|
- |
|
drupal
|
drupal
|
Drupal 6.x before 6.29 and 7.x before 7.24 uses the PHP mt_rand function to generate random numbers, which uses predictable seeds and allows remote attackers to predict security strings and bypass in…
|
CWE-310
Cryptographic Issues
|
CVE-2013-6386
|
2024-11-21 10:59 |
2013-12-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
289263
|
- |
|
drupal
|
drupal
|
The form API in Drupal 6.x before 6.29 and 7.x before 7.24, when used with unspecified third-party modules, performs form validation even when CSRF validation has failed, which might allow remote att…
|
CWE-94
Code Injection
|
CVE-2013-6385
|
2024-11-21 10:59 |
2013-12-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
289264
|
- |
|
wouter_verhelst
debian
canonical
|
nbd
debian_linux
ubuntu_linux
|
nbd-server in Network Block Device (nbd) before 3.5 does not properly check IP addresses, which might allow remote attackers to bypass intended access restrictions via an IP address that has a partia…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2013-6410
|
2024-11-21 10:59 |
2013-12-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
289265
|
- |
|
debian
|
adequate
|
Debian adequate before 0.8.1, when run by root with the --user option, allows local users to hijack the tty and possibly gain privileges via the TIOCSTI ioctl.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2013-6409
|
2024-11-21 10:59 |
2013-12-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
289266
|
- |
|
apache
|
solr
|
The DocumentAnalysisRequestHandler in Apache Solr before 4.3.1 does not properly use the EmptyEntityResolver, which allows remote attackers to have an unspecified impact via XML data containing an ex…
|
NVD-CWE-noinfo
|
CVE-2013-6408
|
2024-11-21 10:59 |
2013-12-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
289267
|
- |
|
apache
|
solr
|
The UpdateRequestHandler for XML in Apache Solr before 4.1 allows remote attackers to have an unspecified impact via XML data containing an external entity declaration in conjunction with an entity r…
|
NVD-CWE-noinfo
|
CVE-2013-6407
|
2024-11-21 10:59 |
2013-12-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
289268
|
- |
|
apache
|
solr
|
Directory traversal vulnerability in SolrResourceLoader in Apache Solr before 4.6 allows remote attackers to read arbitrary files via a .. (dot dot) or full pathname in the tr parameter to solr/selec…
|
CWE-22
Path Traversal
|
CVE-2013-6397
|
2024-11-21 10:59 |
2013-12-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
289269
|
- |
|
cisco
|
adaptive_security_appliance_software
|
Memory leak in the connection-manager implementation in Cisco Adaptive Security Appliance (ASA) Software 9.1(.3) and earlier allows remote attackers to cause a denial of service (multi-protocol manag…
|
CWE-772
Missing Release of Resource after Effective Lifetime
|
CVE-2013-6707
|
2024-11-21 10:59 |
2013-12-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
289270
|
- |
|
siemens
|
sinamics_s\/g_family_firmware
sinamics_g110
sinamics_g110d
sinamics_g120
sinamics_g120c
sinamics_g120d
sinamics_g120p
sinamics_g130
sinamics_g150
sinamics_g180
sinamics_…
|
Siemens SINAMICS S/G controllers with firmware before 4.6.11 do not require authentication for FTP and TELNET sessions, which allows remote attackers to bypass intended access restrictions via TCP tr…
|
CWE-287
Improper Authentication
|
CVE-2013-6920
|
2024-11-21 10:59 |
2013-12-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
