|
296421
|
- |
|
python
|
setuptools
|
easy_install in setuptools before 0.7 uses HTTP to retrieve packages from the PyPI repository, and does not perform integrity checks on package contents, which allows man-in-the-middle attackers to e…
|
CWE-20
Improper Input Validation
|
CVE-2013-1633
|
2024-11-21 10:50 |
2013-08-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
296422
|
- |
|
guillaume_gauvrit
|
pyshop
|
pyshop before 0.7.1 uses HTTP to retrieve packages from the PyPI repository, and does not perform integrity checks on package contents, which allows man-in-the-middle attackers to execute arbitrary c…
|
CWE-20
Improper Input Validation
|
CVE-2013-1630
|
2024-11-21 10:50 |
2013-08-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
296423
|
- |
|
pypa
|
pip
|
pip before 1.3 uses HTTP to retrieve packages from the PyPI repository, and does not perform integrity checks on package contents, which allows man-in-the-middle attackers to execute arbitrary code v…
|
CWE-20
Improper Input Validation
|
CVE-2013-1629
|
2024-11-21 10:50 |
2013-08-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
296424
|
- |
|
symantec
|
web_gateway
web_gateway_appliance_8450
web_gateway_appliance_8490
|
Multiple SQL injection vulnerabilities in the management console on the Symantec Web Gateway (SWG) appliance before 5.1.1 allow remote authenticated administrators to execute arbitrary SQL commands v…
|
CWE-89
SQL Injection
|
CVE-2013-1617
|
2024-11-21 10:50 |
2013-08-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
296425
|
- |
|
symantec
|
web_gateway
web_gateway_appliance_8450
web_gateway_appliance_8490
|
The management console on the Symantec Web Gateway (SWG) appliance before 5.1.1 allows remote attackers to execute arbitrary commands by injecting a command into an application script.
|
CWE-78
OS Command
|
CVE-2013-1616
|
2024-11-21 10:50 |
2013-08-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
296426
|
- |
|
redhat
|
satellite
|
The Inter-Satellite Sync (ISS) operation in Red Hat Network (RHN) Satellite 5.3, 5.4, and 5.5 does not properly check client "authenticity," which allows remote attackers to obtain channel content by…
|
CWE-287
Improper Authentication
|
CVE-2013-2056
|
2024-11-21 10:50 |
2013-07-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
296427
|
- |
|
apache
collabnet
canonical
opensuse
|
subversion
ubuntu_linux
opensuse
|
Subversion before 1.6.23 and 1.7.x before 1.7.10 allows remote authenticated users to cause a denial of service (FSFS repository corruption) via a newline character in a file name.
|
NVD-CWE-noinfo
|
CVE-2013-1968
|
2024-11-21 10:50 |
2013-07-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
296428
|
- |
|
f5
debian
|
nginx
debian_linux
|
http/modules/ngx_http_proxy_module.c in nginx 1.1.4 through 1.2.8 and 1.3.0 through 1.4.0, when proxy_pass is used with untrusted HTTP servers, allows remote attackers to cause a denial of service (c…
|
NVD-CWE-noinfo
|
CVE-2013-2070
|
2024-11-21 10:50 |
2013-07-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
296429
|
- |
|
f5
fedoraproject
|
nginx
fedora
|
The ngx_http_parse_chunked function in http/ngx_http_parse.c in nginx 1.3.9 through 1.4.0 allows remote attackers to cause a denial of service (crash) and execute arbitrary code via a chunked Transfe…
|
CWE-787
Out-of-bounds Write
|
CVE-2013-2028
|
2024-11-21 10:50 |
2013-07-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
296430
|
- |
|
nashtech
|
easy_php_calendar
|
Multiple cross-site scripting (XSS) vulnerabilities in (1) index.php and (2) datePicker.php in Easy PHP Calendar 6.x and 7.x before 7.0.13 allow remote attackers to inject arbitrary web script or HTM…
|
CWE-79
Cross-site Scripting
|
CVE-2013-1955
|
2024-11-21 10:50 |
2013-07-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
