261191
|
- |
|
opera
|
opera_browser
|
Opera before 12.13 allows remote attackers to execute arbitrary code via vectors involving DOM events.
|
CWE-94
Code Injection
|
CVE-2013-1637
|
2013-03-8 13:12 |
2013-02-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
261192
|
- |
|
opera
|
opera_browser
|
Opera before 12.13 allows remote attackers to execute arbitrary code via crafted clipPaths in an SVG document.
|
CWE-94
Code Injection
|
CVE-2013-1638
|
2013-03-8 13:12 |
2013-02-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
261193
|
- |
|
opera
|
opera_browser
|
Opera before 12.13 does not send CORS preflight requests in all required cases, which allows remote attackers to bypass a CSRF protection mechanism via a crafted web site that triggers a CORS request.
|
CWE-352
Origin Validation Error
|
CVE-2013-1639
|
2013-03-8 13:12 |
2013-02-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
261194
|
- |
|
linux
|
linux_kernel
|
The xen_failsafe_callback function in Xen for the Linux kernel 2.6.23 and other versions, when running a 32-bit PVOPS guest, allows local users to cause a denial of service (guest crash) by triggerin…
|
CWE-20
Improper Input Validation
|
CVE-2013-0190
|
2013-03-8 13:11 |
2013-02-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
261195
|
- |
|
fedoraproject
|
389_directory_server
|
389 Directory Server 1.2.10 does not properly update the ACL when a DN entry is moved by a modrdn operation, which allows remote authenticated users with certain permissions to bypass ACL restriction…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2012-4450
|
2013-03-8 13:09 |
2012-10-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
261196
|
- |
|
redhat
|
certificate_system
|
Multiple cross-site scripting (XSS) vulnerabilities in Red Hat Certificate System (RHCS) before 8.1.3 allow remote attackers to inject arbitrary web script or HTML via the (1) pageStart or (2) pageSi…
|
CWE-79
Cross-site Scripting
|
CVE-2012-4543
|
2013-03-8 13:09 |
2013-01-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
261197
|
- |
|
cisco
|
wireless_lan_controller_software wireless_lan_controller
|
The mDNS snooping functionality on Cisco Wireless LAN Controller (WLC) devices with software 7.4.1.54 and earlier does not properly manage buffers, which allows remote authenticated users to cause a …
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2013-1141
|
2013-03-7 14:00 |
2013-03-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
261198
|
- |
|
dovecot
|
dovecot
|
Dovecot 2.0.x before 2.0.16, when ssl or starttls is enabled and hostname is used to define the proxy destination, does not verify that the server hostname matches a domain name in the subject's Comm…
|
CWE-20
Improper Input Validation
|
CVE-2011-4318
|
2013-03-7 14:00 |
2013-03-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
261199
|
- |
|
cisco
|
security_monitoring_analysis_and_response_system
|
The XML parser in Cisco Security Monitoring, Analysis, and Response System (MARS) allows remote attackers to read arbitrary files via an external entity declaration in conjunction with an entity refe…
|
CWE-200
Information Exposure
|
CVE-2013-1140
|
2013-03-7 02:22 |
2013-03-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
261200
|
- |
|
debian
|
apache2
|
The Debian apache2ctl script in the apache2 package squeeze before 2.2.16-6+squeeze11, wheezy before 2.2.22-13, and sid before 2.2.22-13 for the Apache HTTP Server on Debian GNU/Linux does not proper…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2013-1048
|
2013-03-7 01:50 |
2013-03-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|