|
295941
|
- |
|
digineo
|
thumbshooter
|
lib/thumbshooter.rb in the Thumbshooter 0.1.5 gem for Ruby allows remote attackers to execute arbitrary commands via shell metacharacters in a URL.
|
CWE-94
Code Injection
|
CVE-2013-1898
|
2024-11-21 10:50 |
2013-04-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
295942
|
- |
|
dan_kubb
|
extlib
|
The extlib gem 0.9.15 and earlier for Ruby does not properly restrict casts of string values, which might allow remote attackers to conduct object-injection attacks and execute arbitrary code, or cau…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2013-1802
|
2024-11-21 10:50 |
2013-04-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
295943
|
- |
|
john_nunemaker
|
httparty
|
The httparty gem 0.9.0 and earlier for Ruby does not properly restrict casts of string values, which might allow remote attackers to conduct object-injection attacks and execute arbitrary code, or ca…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2013-1801
|
2024-11-21 10:50 |
2013-04-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
295944
|
- |
|
john_nunemaker
|
crack
|
The crack gem 0.3.1 and earlier for Ruby does not properly restrict casts of string values, which might allow remote attackers to conduct object-injection attacks and execute arbitrary code, or cause…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2013-1800
|
2024-11-21 10:50 |
2013-04-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
295945
|
- |
|
freedesktop
|
poppler
|
poppler/Stream.cc in poppler before 0.22.1 allows context-dependent attackers to have an unspecified impact via vectors that trigger a read of uninitialized memory by the CCITTFaxStream::lookChar fun…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2013-1790
|
2024-11-21 10:50 |
2013-04-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
295946
|
- |
|
freedesktop
|
poppler
|
splash/Splash.cc in poppler before 0.22.1 allows context-dependent attackers to cause a denial of service (NULL pointer dereference and crash) via vectors related to the (1) Splash::arbitraryTransfor…
|
NVD-CWE-Other
|
CVE-2013-1789
|
2024-11-21 10:50 |
2013-04-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
295947
|
- |
|
freedesktop
|
poppler
|
poppler before 0.22.1 allows context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code via vectors that trigger an "invalid memory access" in (1) splash/Spl…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2013-1788
|
2024-11-21 10:50 |
2013-04-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
295948
|
- |
|
apple
todd_miller
|
mac_os_x
sudo
|
sudo 1.3.5 through 1.7.10 and 1.8.0 through 1.8.5, when the tty_tickets option is enabled, does not properly validate the controlling terminal device, which allows local users with sudo permissions t…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2013-1776
|
2024-11-21 10:50 |
2013-04-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
295949
|
- |
|
linux
|
linux_kernel
|
The clone system-call implementation in the Linux kernel before 3.8.3 does not properly handle a combination of the CLONE_NEWUSER and CLONE_FS flags, which allows local users to gain privileges by ca…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2013-1858
|
2024-11-21 10:50 |
2013-04-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
295950
|
- |
|
postgresql
|
postgresql
|
PostgreSQL, possibly 9.2.x before 9.2.4, 9.1.x before 9.1.9, 9.0.x before 9.0.13, 8.4.x before 8.4.17, and 8.3.x before 8.3.23 incorrectly provides the superuser password to scripts related to "graph…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2013-1903
|
2024-11-21 10:50 |
2013-04-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
