259711
|
- |
|
redhat
|
jboss_enterprise_portal_platform
|
The default configuration of Red Hat JBoss Portal before 6.1.0 enables the JGroups diagnostics service with no authentication when a JGroups channel is started, which allows remote attackers to obtai…
|
CWE-287
Improper Authentication
|
CVE-2013-2102
|
2013-10-30 23:46 |
2013-10-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
259712
|
- |
|
redhat
|
jboss_enterprise_portal_platform
|
AV:A per https://bugzilla.redhat.com/show_bug.cgi?id=963984
|
CWE-287
Improper Authentication
|
CVE-2013-2102
|
2013-10-30 23:46 |
2013-10-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
259713
|
- |
|
andreas_krennmair
|
tpp
|
tpp 1.3.1 allows remote attackers to execute arbitrary commands via a --exec command in a TPP template file.
|
CWE-94
Code Injection
|
CVE-2013-2208
|
2013-10-30 23:39 |
2013-10-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
259714
|
- |
|
openstack redhat
|
folsom grizzly openstack
|
OpenStack Compute (Nova) Folsom, Grizzly, and earlier, when using Apache Qpid for the RPC backend, does not properly handle errors that occur during messaging, which allows remote attackers to cause …
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2013-4261
|
2013-10-30 22:53 |
2013-10-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
259715
|
- |
|
fengoffice
|
feng_office
|
Cross-site scripting (XSS) vulnerability in Feng Office 2.3.2-rc and earlier allows remote attackers to inject arbitrary web script or HTML via an arbitrary ref_XXX parameter.
|
CWE-79
Cross-site Scripting
|
CVE-2013-5744
|
2013-10-30 06:04 |
2013-10-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
259716
|
- |
|
triplc
|
nano-10_plc_firmware nano-10_plc
|
Triangle Research International (aka Tri) Nano-10 PLC devices with firmware r81 and earlier do not properly handle large length values in MODBUS data, which allows remote attackers to cause a denial …
|
CWE-20
Improper Input Validation
|
CVE-2013-5741
|
2013-10-30 05:56 |
2013-10-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
259717
|
- |
|
aircrack-ng gentoo
|
aircrack-ng linux
|
Multiple heap-based buffer overflows in Aircrack-ng before 1.1 allow remote attackers to cause a denial of service (crash) and execute arbitrary code via a (1) large length value in an EAPOL packet o…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2010-1159
|
2013-10-30 05:53 |
2013-10-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
259718
|
- |
|
novell
|
libzypp
|
The RPM GPG key import and handling feature in libzypp 12.15.0 and earlier reports a different key fingerprint than the one used to sign a repository when multiple key blobs are used, which might all…
|
CWE-310
Cryptographic Issues
|
CVE-2013-3704
|
2013-10-30 01:08 |
2013-10-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
259719
|
- |
|
drupal
|
drupal
|
The File module in Drupal 7.x before 7.11, when using unspecified field access modules, allows remote authenticated users to read arbitrary private files that are associated with restricted fields vi…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2012-0827
|
2013-10-30 00:19 |
2013-10-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
259720
|
- |
|
canonical
|
ubuntu_linux
|
X.org X server 1.13.3 and earlier, when not run as root, allows local users to cause a denial of service (crash) or possibly gain privileges via vectors involving cached xkb files.
|
NVD-CWE-noinfo
|
CVE-2013-1056
|
2013-10-29 23:18 |
2013-10-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|