|
295161
|
- |
|
asterisk
|
open_source
|
Stack-based buffer overflow in res/res_format_attr_h264.c in Asterisk Open Source 11.x before 11.2.2 allows remote attackers to execute arbitrary code via a long sprop-parameter-sets H.264 media attr…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2013-2685
|
2024-11-21 10:52 |
2013-04-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
295162
|
- |
|
synchroweb
|
synconnect
|
SQL injection vulnerability in index.php in Synchroweb Technology SynConnect 2.0 allows remote attackers to execute arbitrary SQL commands via the loginid parameter in a logoff action.
|
CWE-89
SQL Injection
|
CVE-2013-2690
|
2024-11-21 10:52 |
2013-03-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
295163
|
- |
|
emc
|
smarts_network_configuration_manager
|
Multiple unspecified vulnerabilities in the System Management (aka SysAdmin) Console in EMC Smarts Network Configuration Manager (NCM) through 9.2 have unknown impact and attack vectors, a different …
|
NVD-CWE-noinfo
|
CVE-2013-2717
|
2024-11-21 10:52 |
2013-03-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
295164
|
- |
|
thomas_seidl
|
search_api
|
Cross-site scripting (XSS) vulnerability in the admin view in the Search API (search_api) module 7.x-1.x before 7.x-1.4 for Drupal allows remote authenticated users with certain permissions to inject…
|
CWE-79
Cross-site Scripting
|
CVE-2013-2715
|
2024-11-21 10:52 |
2013-03-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
295165
|
- |
|
mailup
|
wp-mailup
|
ajax.functions.php in the MailUp plugin before 1.3.2 for WordPress does not properly restrict access to unspecified Ajax functions, which allows remote attackers to modify plugin settings and conduct…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2013-2640
|
2024-11-21 10:52 |
2013-03-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
295166
|
- |
|
linux
|
linux_kernel
|
net/bridge/br_mdb.c in the Linux kernel before 3.8.4 does not initialize certain structures, which allows local users to obtain sensitive information from kernel memory via a crafted application.
|
CWE-399
Resource Management Errors
|
CVE-2013-2636
|
2024-11-21 10:52 |
2013-03-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
295167
|
- |
|
linux
|
linux_kernel
|
The rtnl_fill_ifinfo function in net/core/rtnetlink.c in the Linux kernel before 3.8.4 does not initialize a certain structure member, which allows local users to obtain sensitive information from ke…
|
CWE-399
Resource Management Errors
|
CVE-2013-2635
|
2024-11-21 10:52 |
2013-03-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
295168
|
- |
|
linux
|
linux_kernel
|
net/dcb/dcbnl.c in the Linux kernel before 3.8.4 does not initialize certain structures, which allows local users to obtain sensitive information from kernel stack memory via a crafted application.
|
CWE-399
Resource Management Errors
|
CVE-2013-2634
|
2024-11-21 10:52 |
2013-03-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
295169
|
- |
|
matomo
|
matomo
|
Piwik before 1.11 accepts input from a POST request instead of a GET request in unspecified circumstances, which might allow attackers to obtain sensitive information by leveraging the logging of par…
|
CWE-20
Improper Input Validation
|
CVE-2013-2633
|
2024-11-21 10:52 |
2013-03-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
295170
|
- |
|
google
|
v8
chrome
|
Google V8 before 3.17.13, as used in Google Chrome before 27.0.1444.3, allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via crafted J…
|
NVD-CWE-Other
|
CVE-2013-2632
|
2024-11-21 10:52 |
2013-03-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
