|
287541
|
- |
|
linux
|
linux_kernel
|
The l2tp_ip_recvmsg function in net/l2tp/l2tp_ip.c in the Linux kernel before 3.12.4 updates a certain length value before ensuring that an associated data structure has been initialized, which allow…
|
CWE-20
Improper Input Validation
|
CVE-2013-7264
|
2024-11-21 11:00 |
2014-01-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
287542
|
- |
|
linux
|
linux_kernel
|
The Linux kernel before 3.12.4 updates certain length values before ensuring that associated data structures have been initialized, which allows local users to obtain sensitive information from kerne…
|
CWE-20
Improper Input Validation
|
CVE-2013-7263
|
2024-11-21 11:00 |
2014-01-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
287543
|
- |
|
umn
osgeo
|
mapserver
|
SQL injection vulnerability in the msPostGISLayerSetTimeFilter function in mappostgis.c in MapServer before 6.4.1, when a WMS-Time service is used, allows remote attackers to execute arbitrary SQL co…
|
CWE-89
SQL Injection
|
CVE-2013-7262
|
2024-11-21 11:00 |
2014-01-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
287544
|
- |
|
realnetworks
|
realplayer
|
Multiple stack-based buffer overflows in RealNetworks RealPlayer before 17.0.4.61 on Windows, and Mac RealPlayer before 12.0.1.1738, allow remote attackers to execute arbitrary code via a long (1) ve…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2013-7260
|
2024-11-21 11:00 |
2014-01-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
287545
|
- |
|
dotnetblogengine
|
blogengine.net
|
BlogEngine.NET 2.8.0.0 and earlier allows remote attackers to read usernames and password hashes via a request for the sioc.axd file.
|
CWE-200
Information Exposure
|
CVE-2013-6953
|
2024-11-21 11:00 |
2014-01-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
287546
|
- |
|
web2ldap
|
web2ldap
|
Cross-site scripting (XSS) vulnerability in web2ldap 1.1.x before 1.1.49 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors related to "displaying group DN and ent…
|
CWE-79
Cross-site Scripting
|
CVE-2013-7258
|
2024-11-21 11:00 |
2014-01-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
287547
|
- |
|
codiad
|
codiad
|
Cross-site scripting (XSS) vulnerability in Codiad 2.0.7 allows remote attackers to inject arbitrary web script or HTML via the Project Name field.
|
CWE-79
Cross-site Scripting
|
CVE-2013-7257
|
2024-11-21 11:00 |
2014-01-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
287548
|
- |
|
opsview
|
opsview
|
Cross-site request forgery (CSRF) vulnerability in Opsview before 4.4.2 allows remote attackers to hijack the authentication of unspecified victims via unknown vectors.
|
CWE-352
Origin Validation Error
|
CVE-2013-7256
|
2024-11-21 11:00 |
2014-01-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
287549
|
- |
|
opsview
|
opsview
|
Open redirect vulnerability in Opsview before 4.4.2 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vectors.
|
CWE-20
Improper Input Validation
|
CVE-2013-7255
|
2024-11-21 11:00 |
2014-01-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
287550
|
- |
|
opsview
|
opsview
|
Cross-site scripting (XSS) vulnerability in Opsview before 4.4.2 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
|
CWE-79
Cross-site Scripting
|
CVE-2013-7254
|
2024-11-21 11:00 |
2014-01-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
