Total
10130 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2013-1930 | 2 Fedoraproject, Mantisbt | 2 Fedora, Mantisbt | 2024-11-21 | 4.0 MEDIUM | 4.3 MEDIUM |
| MantisBT 1.2.12 before 1.2.15 allows authenticated users to by the workflow restriction and close issues. | |||||
| CVE-2013-1910 | 2 Baseurl, Debian | 2 Yum, Debian Linux | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| yum does not properly handle bad metadata, which allows an attacker to cause a denial of service and possibly have other unspecified impact via a Trojan horse file in the metadata of a remote repository. | |||||
| CVE-2013-1889 | 1 Mod Ruid2 Project | 1 Mod Ruid2 | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| mod_ruid2 before 0.9.8 improperly handles file descriptors which allows remote attackers to bypass security using a CGI script to break out of the chroot. | |||||
| CVE-2013-1820 | 2 Fedoraproject, Redhat | 2 Fedora, Tuned | 2024-11-21 | 4.7 MEDIUM | 5.5 MEDIUM |
| tuned before 2.x allows local users to kill running processes due to insecure permissions with tuned's ktune service. | |||||
| CVE-2013-1816 | 4 Debian, Fedoraproject, Mediawiki and 1 more | 4 Debian Linux, Fedora, Mediawiki and 1 more | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| MediaWiki before 1.19.4 and 1.20.x before 1.20.3 allows remote attackers to cause a denial of service (application crash) by sending a specially crafted request. | |||||
| CVE-2013-1811 | 2 Debian, Mantisbt | 2 Debian Linux, Mantisbt | 2024-11-21 | 4.0 MEDIUM | 4.3 MEDIUM |
| An access control issue in MantisBT before 1.2.13 allows users with "Reporter" permissions to change any issue to "New". | |||||
| CVE-2013-1751 | 1 Twiki | 1 Twiki | 2024-11-21 | 10.0 HIGH | 9.8 CRITICAL |
| TWiki before 5.1.4 allows remote attackers to execute arbitrary shell commands by sending a crafted '%MAKETEXT{}%' parameter value containing Perl backtick characters. | |||||
| CVE-2013-1689 | 1 Mozilla | 1 Firefox | 2024-11-21 | 4.3 MEDIUM | 6.5 MEDIUM |
| Mozilla Firefox 20.0a1 and earlier allows remote attackers to cause a denial of service (crash), related to event handling with frames. | |||||
| CVE-2013-1607 | 1 Pdfkit Project | 1 Pdfkit | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| Ruby PDFKit gem prior to 0.5.3 has a Code Execution Vulnerability | |||||
| CVE-2013-0342 | 1 Pyrad Project | 1 Pyrad | 2024-11-21 | 4.3 MEDIUM | 4.3 MEDIUM |
| The CreateID function in packet.py in pyrad before 2.1 uses sequential packet IDs, which makes it easier for remote attackers to spoof packets by predicting the next ID, a different vulnerability than CVE-2013-0294. | |||||
| CVE-2013-0267 | 1 Apache | 1 Vcl | 2024-11-21 | 6.5 MEDIUM | 8.8 HIGH |
| The Privileges portion of the web GUI and the XMLRPC API in Apache VCL 2.3.x before 2.3.2, 2.2.x before 2.2.2 and 2.1 allow remote authenticated users with nodeAdmin, manageGroup, resourceGrant, or userGrant permissions to gain privileges, cause a denial of service, or conduct cross-site scripting (XSS) attacks by leveraging improper data validation. | |||||
| CVE-2013-0243 | 1 Haskell | 1 Hs-tls | 2024-11-21 | 5.8 MEDIUM | 7.4 HIGH |
| haskell-tls-extra before 0.6.1 has Basic Constraints attribute vulnerability may lead to Man in the Middle attacks on TLS connections | |||||
| CVE-2013-0180 | 1 Redislabs | 1 Redis | 2024-11-21 | 3.6 LOW | 5.5 MEDIUM |
| Insecure temporary file vulnerability in Redis 2.6 related to /tmp/redis.ds. | |||||
| CVE-2013-0178 | 1 Redislabs | 1 Redis | 2024-11-21 | 3.6 LOW | 5.5 MEDIUM |
| Insecure temporary file vulnerability in Redis before 2.6 related to /tmp/redis-%p.vm. | |||||
| CVE-2013-0165 | 1 Redhat | 1 Openshift | 2024-11-21 | 7.5 HIGH | 7.3 HIGH |
| cartridges/openshift-origin-cartridge-mongodb-2.2/info/bin/dump.sh in OpenShift does not properly create files in /tmp. | |||||
| CVE-2012-6135 | 2 Phusion, Redhat | 2 Passenger, Openshift | 2024-11-21 | 6.4 MEDIUM | 7.5 HIGH |
| RubyGems passenger 4.0.0 betas 1 and 2 allows remote attackers to delete arbitrary files during the startup process. | |||||
| CVE-2012-6125 | 1 Call-cc | 1 Chicken | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| Chicken before 4.8.0 is susceptible to algorithmic complexity attacks related to hash table collisions. | |||||
| CVE-2012-6123 | 2 Call-cc, Debian | 2 Chicken, Debian Linux | 2024-11-21 | 5.0 MEDIUM | 6.5 MEDIUM |
| Chicken before 4.8.0 does not properly handle NUL bytes in certain strings, which allows an attacker to conduct "poisoned NUL byte attack." | |||||
| CVE-2012-6111 | 2 Debian, Gnome | 2 Debian Linux, Gnome Keyring | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| gnome-keyring does not discard stored secrets when using gnome_keyring_lock_all_sync function | |||||
| CVE-2012-6070 | 1 Falconpl | 1 Falconpl | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| Falconpl before 0.9.6.9-git20120606 misuses the libcurl API which may allow remote attackers to interfere with security checks. | |||||