|
292541
|
- |
|
linux
|
linux_kernel
|
The ath9k_htc_set_bssid_mask function in drivers/net/wireless/ath/ath9k/htc_drv_main.c in the Linux kernel through 3.12 uses a BSSID masking approach to determine the set of MAC addresses on which a …
|
CWE-310
Cryptographic Issues
|
CVE-2013-4579
|
2024-11-21 10:55 |
2013-11-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
292542
|
- |
|
linux
canonical
|
linux_kernel
ubuntu_linux
|
The udp6_ufo_fragment function in net/ipv6/udp_offload.c in the Linux kernel through 3.12, when UDP Fragmentation Offload (UFO) is enabled, does not properly perform a certain size comparison before …
|
CWE-189
Numeric Errors
|
CVE-2013-4563
|
2024-11-21 10:55 |
2013-11-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
292543
|
- |
|
collectiveaccess
|
pawtucket
providence
|
Cross-site scripting (XSS) vulnerability in CollectiveAccess Providence and Pawtucket before 1.3.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
|
CWE-79
Cross-site Scripting
|
CVE-2013-4507
|
2024-11-21 10:55 |
2013-11-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
292544
|
- |
|
reviewboard
|
review_board
|
Multiple cross-site scripting (XSS) vulnerabilities in Review Board 1.6.x before 1.6.21 and 1.7.x before 1.7.17 allow remote attackers to inject arbitrary web script or HTML via the (1) Branch field …
|
CWE-79
Cross-site Scripting
|
CVE-2013-4519
|
2024-11-21 10:55 |
2013-11-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
292545
|
- |
|
spip
|
spip
|
The Security Screen (_core_/securite/ecran_securite.php) before 1.1.8 for SPIP, as used in SPIP 3.0.x before 3.0.12, allows remote attackers to execute arbitrary PHP via the connect parameter.
|
CWE-94
Code Injection
|
CVE-2013-4557
|
2024-11-21 10:55 |
2013-11-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
292546
|
- |
|
spip
|
spip
|
Cross-site scripting (XSS) vulnerability in the author page (prive/formulaires/editer_auteur.php) in SPIP before 2.1.24 and 3.0.x before 3.0.12 allows remote attackers to inject arbitrary web script …
|
CWE-79
Cross-site Scripting
|
CVE-2013-4556
|
2024-11-21 10:55 |
2013-11-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
292547
|
- |
|
spip
|
spip
|
Cross-site request forgery (CSRF) vulnerability in ecrire/action/logout.php in SPIP before 2.1.24 allows remote attackers to hijack the authentication of arbitrary users for requests that logout the …
|
CWE-352
Origin Validation Error
|
CVE-2013-4555
|
2024-11-21 10:55 |
2013-11-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
292548
|
- |
|
xen
|
xen
|
Xen 4.2.x and 4.3.x, when nested virtualization is disabled, does not properly check the emulation paths for (1) VMLAUNCH and (2) VMRESUME, which allows local HVM guest users to cause a denial of ser…
|
CWE-20
Improper Input Validation
|
CVE-2013-4551
|
2024-11-21 10:55 |
2013-11-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
292549
|
- |
|
tryton
|
tryton
|
Directory traversal vulnerability in the client in Tryton 3.0.0, as distributed before 20131104 and earlier, allows remote servers to write arbitrary files via path separators in the extension of a r…
|
CWE-22
Path Traversal
|
CVE-2013-4510
|
2024-11-21 10:55 |
2013-11-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
292550
|
- |
|
redhat
suse
|
network_satellite
satellite_with_embedded_oracle
satellite
manager
linux_enterprise
|
Red Hat Satellite 5.6 and earlier does not disable the web interface that is used to create the first user for a satellite, which allows remote attackers to create administrator accounts.
|
CWE-668
Exposure of Resource to Wrong Sphere
|
CVE-2013-4480
|
2024-11-21 10:55 |
2013-11-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
