|
293471
|
- |
|
linuxcontainers
|
lxc
|
The lxc-sshd template (templates/lxc-sshd.in) in LXC before 1.0.0.beta2 uses read-write permissions when mounting /sbin/init, which allows local users to gain privileges by modifying the init file.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2013-6441
|
2024-11-21 10:59 |
2014-02-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
293472
|
- |
|
shibboleth
internet2
|
opensaml
|
The (1) BasicParserPool, (2) StaticBasicParserPool, (3) XML Decrypter, and (4) SAML Decrypter in Shibboleth OpenSAML-Java before 2.6.1 set the expandEntityReferences property to true, which allows re…
|
CWE-200
Information Exposure
|
CVE-2013-6440
|
2024-11-21 10:59 |
2014-02-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
293473
|
- |
|
ibm
|
sametime
|
Cross-site scripting (XSS) vulnerability in the Meeting Server in IBM Sametime 8.5.2 through 8.5.2.1 and 9.x through 9.0.0.1 allows remote authenticated users to inject arbitrary web script or HTML v…
|
CWE-79
Cross-site Scripting
|
CVE-2013-6743
|
2024-11-21 10:59 |
2014-02-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
293474
|
- |
|
ibm
|
sametime
|
The Meeting Server in IBM Sametime 8.5.2 through 8.5.2.1 and 9.x through 9.0.0.1 do not have an off autocomplete attribute for a password field, which makes it easier for remote attackers to obtain a…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2013-6742
|
2024-11-21 10:59 |
2014-02-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
293475
|
- |
|
ibm
|
websphere_portal
|
Unrestricted file upload vulnerability in the Registration/Edit My Profile portlet in IBM WebSphere Portal 7.x before 7.0.0.2 CF27 and 8.x through 8.0.0.1 CF09 allows remote attackers to cause a deni…
|
NVD-CWE-Other
|
CVE-2013-6722
|
2024-11-21 10:59 |
2014-02-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
293476
|
- |
|
ibm
|
websphere_dashboard_framework
|
The charting component in IBM WebSphere Dashboard Framework (WDF) 6.1.5 and 7.0.1 allows remote attackers to view or delete image files by leveraging incorrect security constraints for a temporary di…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2013-6728
|
2024-11-21 10:59 |
2014-02-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
293477
|
- |
|
ibm
|
algo_one
|
Unrestricted file upload vulnerability in IBM Algo One UDS 4.7.0 through 5.0.0 allows remote authenticated users to execute arbitrary code by uploading a .jsp file and then launching it.
|
NVD-CWE-Other
|
CVE-2013-6332
|
2024-11-21 10:59 |
2014-02-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
293478
|
- |
|
pyyaml
canonical
redhat
debian
opensuse
|
libyaml
ubuntu_linux
openstack
debian_linux
opensuse
leap
|
The yaml_parser_scan_tag_uri function in scanner.c in LibYAML before 0.1.5 performs an incorrect cast, which allows remote attackers to cause a denial of service (application crash) and possibly exec…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2013-6393
|
2024-11-21 10:59 |
2014-02-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
293479
|
- |
|
pidgin
|
pidgin
|
The SIMPLE protocol functionality in Pidgin before 2.10.8 allows remote attackers to have an unspecified impact via a negative Content-Length header, which triggers a buffer overflow.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2013-6490
|
2024-11-21 10:59 |
2014-02-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
293480
|
- |
|
pidgin
|
pidgin
|
Integer signedness error in the MXit functionality in Pidgin before 2.10.8 allows remote attackers to cause a denial of service (segmentation fault) via a crafted emoticon value, which triggers an in…
|
CWE-189
Numeric Errors
|
CVE-2013-6489
|
2024-11-21 10:59 |
2014-02-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
