|
295781
|
- |
|
openstack
|
havana
grizzly
|
The LDAP backend in OpenStack Identity (Keystone) Grizzly and Havana, when removing a role on a tenant for a user who does not have that role, adds the role to the user, which allows local users to g…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2013-4477
|
2024-11-21 10:55 |
2013-11-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
295782
|
- |
|
xen
|
xen
|
The Ocaml xenstored implementation (oxenstored) in Xen 4.1.x, 4.2.x, and 4.3.x allows local guest domains to cause a denial of service (domain shutdown) via a large message reply.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2013-4416
|
2024-11-21 10:55 |
2013-11-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
295783
|
- |
|
spice_project
redhat
|
spice
enterprise_linux
enterprise_virtualization
|
Stack-based buffer overflow in the reds_handle_ticket function in server/reds.c in SPICE 0.12.0 allows remote attackers to cause a denial of service (crash) via a long password in a SPICE ticket.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2013-4282
|
2024-11-21 10:55 |
2013-11-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
295784
|
- |
|
xen
debian
|
xen
debian_linux
|
Xen before 4.1.x, 4.2.x, and 4.3.x does not take the page_alloc_lock and grant_table.lock in the same order, which allows local guest administrators with access to multiple vcpus to cause a denial of…
|
CWE-20
Improper Input Validation
|
CVE-2013-4494
|
2024-11-21 10:55 |
2013-11-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
295785
|
- |
|
openstack
|
havana
grizzly
folsom
|
OpenStack Compute (Nova) Folsom, Grizzly, and Havana, when use_cow_images is set to False, does not verify the virtual size of a QCOW2 image, which allows local users to cause a denial of service (ho…
|
CWE-399
Resource Management Errors
|
CVE-2013-4469
|
2024-11-21 10:55 |
2013-11-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
295786
|
- |
|
thoughtbot
|
cocaine
|
The Cocaine gem 0.4.0 through 0.5.2 for Ruby allows context-dependent attackers to execute arbitrary commands via a crafted has object, related to recursive variable interpolation.
|
CWE-78
OS Command
|
CVE-2013-4457
|
2024-11-21 10:55 |
2013-11-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
295787
|
- |
|
redhat
|
libvirt
|
The virConnectDomainXMLToNative API function in libvirt 1.1.0 through 1.1.3 checks for the connect:read permission instead of the connect:write permission, which allows attackers to gain domain:write…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2013-4401
|
2024-11-21 10:55 |
2013-11-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
295788
|
- |
|
md-systems
|
simplenews
|
Cross-site scripting (XSS) vulnerability in the API in the Simplenews module 6.x-1.x before 6.x-1.5 and 7.x-1.x before 7.x-1.1 for Drupal allows remote attackers to inject arbitrary web script or HTM…
|
CWE-79
Cross-site Scripting
|
CVE-2013-4447
|
2024-11-21 10:55 |
2013-11-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
295789
|
- |
|
varnish-cache
varnish_cache_project
|
varnish
varnish_cache
|
Varnish before 3.0.5 allows remote attackers to cause a denial of service (child-process crash and temporary caching outage) via a GET request with trailing whitespace characters and no URI.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2013-4484
|
2024-11-21 10:55 |
2013-11-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
295790
|
- |
|
openstack
redhat
|
folsom
grizzly
openstack
|
OpenStack Compute (Nova) Folsom, Grizzly, and earlier, when using Apache Qpid for the RPC backend, does not properly handle errors that occur during messaging, which allows remote attackers to cause …
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2013-4261
|
2024-11-21 10:55 |
2013-10-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
