|
297041
|
9.8 |
CRITICAL
Network
|
redhat
|
openshift
|
The download_from_url function in OpenShift Origin allows remote attackers to execute arbitrary commands via shell metacharacters in the URL of a request to download a cart.
|
CWE-78
OS Command
|
CVE-2013-2060
|
2024-11-21 10:50 |
2020-01-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
297042
|
7.5 |
HIGH
Network
|
python
fedoraproject
|
py-bcrypt
fedora
|
The py-bcrypt module before 0.3 for Python does not properly handle concurrent memory access, which allows attackers to bypass authentication via multiple authentication requests, which trigger the p…
|
CWE-307
mproper Restriction of Excessive Authentication Attempts
|
CVE-2013-1895
|
2024-11-21 10:50 |
2020-01-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
297043
|
9.8 |
CRITICAL
Network
|
iris_citations_management_tool_project
|
iris_citations_management_tool
|
IRIS citations management tool through 1.3 allows remote attackers to execute arbitrary commands.
|
NVD-CWE-noinfo
|
CVE-2013-1744
|
2024-11-21 10:50 |
2020-01-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
297044
|
6.1 |
MEDIUM
Network
|
quixplorer_project
|
quixplorer
|
Multiple cross-site scripting (XSS) vulnerabilities in QuiXplorer before 2.5.5 allow remote attackers to inject arbitrary web script or HTML via the (1) dir, (2) item, (3) order, (4) searchitem, (5) …
|
CWE-79
Cross-site Scripting
|
CVE-2013-1642
|
2024-11-21 10:50 |
2020-01-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
297045
|
7.8 |
HIGH
Local
|
qemu
debian
novell
|
qemu
debian_linux
open_desktop_server
open_enterprise_server
|
A flaw was found in the way qemu v1.3.0 and later (virtio-rng) validates addresses when guest accesses the config space of a virtio device. If the virtio device has zero/small sized config space, suc…
|
CWE-269
Improper Privilege Management
|
CVE-2013-2016
|
2024-11-21 10:50 |
2019-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
297046
|
8.8 |
HIGH
Network
|
automattic
|
w3_super_cache
|
WordPress W3 Super Cache Plugin before 1.3.2 contains a PHP code-execution vulnerability which could allow remote attackers to inject arbitrary code. This issue exists because of an incomplete fix fo…
|
CWE-116
Improper Encoding or Escaping of Output
|
CVE-2013-2011
|
2024-11-21 10:50 |
2019-12-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
297047
|
6.5 |
MEDIUM
Network
|
mozilla
|
firefox
|
Mozilla Firefox 20.0a1 and earlier allows remote attackers to cause a denial of service (crash), related to event handling with frames.
|
CWE-20
Improper Input Validation
|
CVE-2013-1689
|
2024-11-21 10:50 |
2019-12-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
297048
|
7.5 |
HIGH
Network
|
redhat
|
openstack
openstack_essex
|
openstack-utils openstack-db has insecure password creation
|
CWE-306
Missing Authentication for Critical Function
|
CVE-2013-1793
|
2024-11-21 10:50 |
2019-12-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
297049
|
7.5 |
HIGH
Network
|
mediawiki
debian
redhat
fedoraproject
|
mediawiki
debian_linux
enterprise_linux
fedora
|
MediaWiki before 1.19.4 and 1.20.x before 1.20.3 contains an error in the api.php script which allows remote attackers to obtain sensitive information.
|
CWE-200
Information Exposure
|
CVE-2013-1817
|
2024-11-21 10:50 |
2019-11-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
297050
|
7.5 |
HIGH
Network
|
mediawiki
debian
redhat
fedoraproject
|
mediawiki
debian_linux
enterprise_linux
fedora
|
MediaWiki before 1.19.4 and 1.20.x before 1.20.3 allows remote attackers to cause a denial of service (application crash) by sending a specially crafted request.
|
CWE-20
Improper Input Validation
|
CVE-2013-1816
|
2024-11-21 10:50 |
2019-11-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
