|
295321
|
8.8 |
HIGH
Network
|
call-cc
debian
|
chicken
debian_linux
|
OS command injection vulnerability in the "qs" procedure from the "utils" module in Chicken before 4.9.0.
|
CWE-78
OS Command
|
CVE-2013-2024
|
2024-11-21 10:50 |
2019-11-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
295322
|
7.3 |
HIGH
Local
|
autojump_project
debian
|
autojump
debian_linux
|
autojump before 21.5.8 allows local users to gain privileges via a Trojan horse custom_install directory in the current working directory.
|
CWE-269
Improper Privilege Management
|
CVE-2013-2012
|
2024-11-21 10:50 |
2019-11-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
295323
|
6.1 |
MEDIUM
Network
|
mediawiki
debian
|
mediawiki
debian_linux
|
A cross-site scripting (XSS) vulnerability in MediaWiki before 1.19.5 and 1.20.x before 1.20.4 and allows remote attackers to inject arbitrary web script or HTML via Lua function names.
|
CWE-79
Cross-site Scripting
|
CVE-2013-1951
|
2024-11-21 10:50 |
2019-11-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
295324
|
3.3 |
LOW
Local
|
ruby-lang
|
ruby193
|
ruby193 uses an insecure LD_LIBRARY_PATH setting.
|
CWE-829
Inclusion of Functionality from Untrusted Control Sphere
|
CVE-2013-1945
|
2024-11-21 10:50 |
2019-11-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
295325
|
5.4 |
MEDIUM
Network
|
mantisbt
debian
|
mantisbt
debian_linux
|
A cross-site scripting (XSS) vulnerability in the configuration report page (adm_config_report.php) in MantisBT 1.2.0rc1 before 1.2.14 allows remote authenticated users to inject arbitrary web script…
|
CWE-79
Cross-site Scripting
|
CVE-2013-1934
|
2024-11-21 10:50 |
2019-11-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
295326
|
5.4 |
MEDIUM
Network
|
mantisbt
|
mantisbt
|
A cross-site scripting (XSS) vulnerability in the configuration report page (adm_config_report.php) in MantisBT 1.2.13 allows remote authenticated users to inject arbitrary web script or HTML via a p…
|
CWE-79
Cross-site Scripting
|
CVE-2013-1932
|
2024-11-21 10:50 |
2019-11-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
295327
|
6.1 |
MEDIUM
Network
|
mantisbt
fedoraproject
|
mantisbt
fedora
|
A cross-site scripting (XSS) vulnerability in MantisBT 1.2.14 allows remote attackers to inject arbitrary web script or HTML via a version, related to deleting a version.
|
CWE-79
Cross-site Scripting
|
CVE-2013-1931
|
2024-11-21 10:50 |
2019-11-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
295328
|
4.3 |
MEDIUM
Network
|
mantisbt
fedoraproject
|
mantisbt
fedora
|
MantisBT 1.2.12 before 1.2.15 allows authenticated users to by the workflow restriction and close issues.
|
CWE-20
Improper Input Validation
|
CVE-2013-1930
|
2024-11-21 10:50 |
2019-11-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
295329
|
9.8 |
CRITICAL
Network
|
baseurl
debian
|
yum
debian_linux
|
yum does not properly handle bad metadata, which allows an attacker to cause a denial of service and possibly have other unspecified impact via a Trojan horse file in the metadata of a remote reposit…
|
CWE-20
Improper Input Validation
|
CVE-2013-1910
|
2024-11-21 10:50 |
2019-11-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
295330
|
7.5 |
HIGH
Network
|
redhat
|
cloudforms_management_engine
|
Red Hat CloudForms 2 Management Engine (CFME) allows remote attackers to conduct session tampering attacks by leveraging use of a static secret_token.rb secret.
|
CWE-384
Session Fixation
|
CVE-2013-2049
|
2024-11-21 10:50 |
2018-05-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
