|
295691
|
- |
|
redhat
|
enterprise_mrg
|
Multiple cross-site request forgery (CSRF) vulnerabilities in the web interface for cumin in Red Hat Enterprise MRG Grid 2.4 allow remote attackers to hijack the authentication of cumin users for uns…
|
CWE-352
Origin Validation Error
|
CVE-2013-4405
|
2024-11-21 10:55 |
2013-12-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
295692
|
- |
|
redhat
|
enterprise_mrg
|
cumin in Red Hat Enterprise MRG Grid 2.4 does not properly enforce user roles, which allows remote authenticated users to bypass intended role restrictions and obtain sensitive information or perform…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2013-4404
|
2024-11-21 10:55 |
2013-12-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
295693
|
- |
|
gnupg
|
gnupg
|
GnuPG 1.x before 1.4.16 generates RSA keys using sequences of introductions with certain patterns that introduce a side channel, which allows physically proximate attackers to extract RSA keys via a …
|
CWE-255
Credentials Management
|
CVE-2013-4576
|
2024-11-21 10:55 |
2013-12-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
295694
|
- |
|
xmlsoft
|
libxslt
|
xslt.c in libxslt before 1.1.25 allows context-dependent attackers to cause a denial of service (crash) via a stylesheet that embeds a DTD, which causes a structure to be accessed as a different type…
|
NVD-CWE-Other
|
CVE-2013-4520
|
2024-11-21 10:55 |
2013-12-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
295695
|
- |
|
linux
opensuse
|
linux_kernel
opensuse
|
Array index error in the kvm_vm_ioctl_create_vcpu function in virt/kvm/kvm_main.c in the KVM subsystem in the Linux kernel through 3.12.5 allows local users to gain privileges via a large id value.
|
CWE-20
Improper Input Validation
|
CVE-2013-4587
|
2024-11-21 10:55 |
2013-12-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
295696
|
- |
|
mediawiki
|
mediawiki
|
The CleanChanges extension for MediaWiki before 1.19.9, 1.20.x before 1.20.8, and 1.21.x before 1.21.3, when "Group changes by page in recent changes and watchlist" is enabled, allows remote attacker…
|
CWE-200
Information Exposure
|
CVE-2013-4569
|
2024-11-21 10:55 |
2013-12-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
295697
|
- |
|
mediawiki
|
mediawiki
|
Incomplete blacklist vulnerability in Sanitizer::checkCss in MediaWiki before 1.19.9, 1.20.x before 1.20.8, and 1.21.x before 1.21.3 allows remote attackers to conduct cross-site scripting (XSS) atta…
|
NVD-CWE-Other
|
CVE-2013-4568
|
2024-11-21 10:55 |
2013-12-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
295698
|
- |
|
mediawiki
|
mediawiki
|
Incomplete blacklist vulnerability in Sanitizer::checkCss in MediaWiki before 1.19.9, 1.20.x before 1.20.8, and 1.21.x before 1.21.3 allows remote attackers to conduct cross-site scripting (XSS) atta…
|
NVD-CWE-Other
|
CVE-2013-4567
|
2024-11-21 10:55 |
2013-12-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
295699
|
- |
|
mod_nss_project
redhat
|
mod_nss
enterprise_linux
|
mod_nss 1.0.8 and earlier, when NSSVerifyClient is set to none for the server/vhost context, does not enforce the NSSVerifyClient setting in the directory context, which allows remote attackers to by…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2013-4566
|
2024-11-21 10:55 |
2013-12-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
295700
|
- |
|
gnu
suse
|
glibc
linux_enterprise_debuginfo
linux_enterprise_server
|
Stack-based buffer overflow in the getaddrinfo function in sysdeps/posix/getaddrinfo.c in GNU C Library (aka glibc or libc6) 2.18 and earlier allows remote attackers to cause a denial of service (cra…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2013-4458
|
2024-11-21 10:55 |
2013-12-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
