|
291891
|
- |
|
google
|
chrome
|
core/html/parser/XSSAuditor.cpp in the XSS auditor in Blink, as used in Google Chrome before 33.0.1750.117, inserts the about:blank URL during certain blocking of FORM elements within HTTP requests, …
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2013-6657
|
2024-11-21 10:59 |
2014-02-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291892
|
- |
|
google
|
chrome
|
The XSSAuditor::init function in core/html/parser/XSSAuditor.cpp in the XSS auditor in Blink, as used in Google Chrome before 33.0.1750.117, processes POST requests by using the body of a redirecting…
|
CWE-200
Information Exposure
|
CVE-2013-6656
|
2024-11-21 10:59 |
2014-02-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291893
|
- |
|
google
|
chrome
|
Use-after-free vulnerability in Blink, as used in Google Chrome before 33.0.1750.117, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors relate…
|
CWE-399
Resource Management Errors
|
CVE-2013-6655
|
2024-11-21 10:59 |
2014-02-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291894
|
- |
|
google
|
chrome
|
The SVGAnimateElement::calculateAnimatedValue function in core/svg/SVGAnimateElement.cpp in Blink, as used in Google Chrome before 33.0.1750.117, does not properly handle unexpected data types, which…
|
CWE-20
Improper Input Validation
|
CVE-2013-6654
|
2024-11-21 10:59 |
2014-02-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291895
|
- |
|
google
|
chrome
|
Use-after-free vulnerability in the web contents implementation in Google Chrome before 33.0.1750.117 allows remote attackers to cause a denial of service or possibly have unspecified other impact vi…
|
CWE-399
Resource Management Errors
|
CVE-2013-6653
|
2024-11-21 10:59 |
2014-02-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291896
|
- |
|
google
|
chrome
|
Directory traversal vulnerability in sandbox/win/src/named_pipe_dispatcher.cc in Google Chrome before 33.0.1750.117 on Windows allows attackers to bypass intended named-pipe policy restrictions in th…
|
CWE-22
Path Traversal
|
CVE-2013-6652
|
2024-11-21 10:59 |
2014-02-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291897
|
- |
|
ibm
|
websphere_extreme_scale_client
|
IBM WebSphere eXtreme Scale Client 7.1 through 8.6.0.4 does not properly isolate the cached data of different users, which allows remote authenticated users to obtain sensitive information in opportu…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2013-6734
|
2024-11-21 10:59 |
2014-02-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291898
|
- |
|
ibm
|
cognos_business_intelligence
|
Cross-site scripting (XSS) vulnerability in the server in IBM Cognos Business Intelligence (BI) 8.4.1, 10.1 before IF6, 10.1.1 before IF5, 10.2 before IF7, 10.2.1 before IF4, and 10.2.1.1 before IF4 …
|
CWE-79
Cross-site Scripting
|
CVE-2013-6732
|
2024-11-21 10:59 |
2014-02-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291899
|
- |
|
openstack
|
swift
|
The OpenStack Python client library for Swift (python-swiftclient) 1.0 through 1.9.0 does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and…
|
CWE-310
Cryptographic Issues
|
CVE-2013-6396
|
2024-11-21 10:59 |
2014-02-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291900
|
- |
|
mozilla
|
seamonkey
thunderbird
thunderbird_esr
|
Cross-site scripting (XSS) vulnerability in Mozilla Thunderbird 17.x through 17.0.8, Thunderbird ESR 17.x through 17.0.10, and SeaMonkey before 2.20 allows user-assisted remote attackers to inject ar…
|
CWE-79
Cross-site Scripting
|
CVE-2013-6674
|
2024-11-21 10:59 |
2014-02-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
