# |
CVE ID
|
CWE ID
|
# of Exploits
|
Vulnerability Type(s)
|
Publish Date
|
Update Date
|
Score
|
Gained Access Level
|
Access
|
Complexity
|
Authentication
|
Conf.
|
Integ.
|
Avail.
|
45501 |
CVE-2013-4216 |
264 |
|
DoS |
2013-08-24 |
2013-08-27 |
2.1 |
None |
Local |
Low |
Not required |
None |
None |
Partial |
The Trace_OpenLogFile function in InfraStack/OSDependent/Linux/InfraStackModules/TraceModule/TraceModule.c in the Trace module in the Intel WiMAX Network Service through 1.5.2 for Intel Wireless WiMAX Connection 2400 devices uses world-writable permissions for wimaxd.log, which allows local users to cause a denial of service (data corruption) by modifying this file. |
45502 |
CVE-2013-4215 |
59 |
|
+Priv |
2014-05-05 |
2014-05-06 |
4.4 |
None |
Local |
Medium |
Not required |
Partial |
Partial |
Partial |
The IPXPING_COMMAND in contrib/check_ipxping.c in Nagios Plugins 1.4.16 allows local users to gain privileges via a symlink attack on /tmp/ipxping/ipxping. |
45503 |
CVE-2013-4214 |
59 |
|
|
2013-11-23 |
2016-12-19 |
6.3 |
None |
Local |
Medium |
Not required |
None |
Complete |
Complete |
rss-newsfeed.php in Nagios Core 3.4.4, 3.5.1, and earlier, when MAGPIE_CACHE_ON is set to 1, allows local users to overwrite arbitrary files via a symlink attack on /tmp/magpie_cache. |
45504 |
CVE-2013-4213 |
284 |
|
|
2013-08-16 |
2017-08-28 |
6.4 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
None |
Red Hat JBoss Enterprise Application Platform (EAP) 6.1.0 does not properly cache EJB invocations by the EJB client API, which allows remote attackers to hijack sessions by using an EJB client. |
45505 |
CVE-2013-4212 |
94 |
1
|
|
2013-12-07 |
2017-08-28 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
Certain getText methods in the ActionSupport controller in Apache Roller before 5.0.2 allow remote attackers to execute arbitrary OGNL expressions via the first or second parameter, as demonstrated by the pageTitle parameter in the !getPageTitle sub-URL to roller-ui/login.rol, which uses a subclass of UIAction, aka "OGNL Injection." |
45506 |
CVE-2013-4210 |
|
|
DoS |
2013-10-01 |
2013-10-30 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
The org.jboss.remoting.transport.socket.ServerThread class in Red Hat JBoss Remoting for Red Hat JBoss SOA Platform 5.3.1 GA, Web Platform 5.2.0, Enterprise Application Platform 5.2.0, and other products allows remote attackers to cause a denial of service (file descriptor consumption) via unspecified vectors. |
45507 |
CVE-2013-4209 |
200 |
|
+Info |
2018-05-01 |
2018-06-13 |
2.1 |
None |
Local |
Low |
Not required |
Partial |
None |
None |
Automatic Bug Reporting Tool (ABRT) before 2.1.6 allows local users to obtain sensitive information about arbitrary files via vectors related to sha1sums. |
45508 |
CVE-2013-4208 |
200 |
|
+Info |
2013-08-19 |
2015-09-02 |
2.1 |
None |
Local |
Low |
Not required |
Partial |
None |
None |
The rsa_verify function in PuTTY before 0.63 (1) does not clear sensitive process memory after use and (2) does not free certain structures containing sensitive process memory, which might allow local users to discover private RSA and DSA keys. |
45509 |
CVE-2013-4207 |
119 |
|
DoS Overflow |
2013-08-19 |
2015-09-02 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
None |
Partial |
Buffer overflow in sshbn.c in PuTTY before 0.63 allows remote SSH servers to cause a denial of service (crash) via an invalid DSA signature that is not properly handled during computation of a modular inverse and triggers the overflow during a division by zero by the bignum functionality, a different vulnerability than CVE-2013-4206. |
45510 |
CVE-2013-4206 |
119 |
|
DoS Exec Code Overflow Mem. Corr. |
2013-08-19 |
2015-09-02 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
Heap-based buffer underflow in the modmul function in sshbn.c in PuTTY before 0.63 allows remote SSH servers to cause a denial of service (crash) and possibly trigger memory corruption or code execution via a crafted DSA signature, which is not properly handled when performing certain bit-shifting operations during modular multiplication. |
45511 |
CVE-2013-4205 |
399 |
|
DoS |
2013-08-24 |
2013-10-02 |
4.7 |
None |
Local |
Medium |
Not required |
None |
None |
Complete |
Memory leak in the unshare_userns function in kernel/user_namespace.c in the Linux kernel before 3.10.6 allows local users to cause a denial of service (memory consumption) via an invalid CLONE_NEWUSER unshare call. |
45512 |
CVE-2013-4204 |
79 |
|
XSS |
2013-11-17 |
2017-08-23 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
Multiple cross-site scripting (XSS) vulnerabilities in the JUnit files in the GWTTestCase in Google Web Toolkit (GWT) before 2.5.1 RC1 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors. |
45513 |
CVE-2013-4202 |
399 |
|
DoS |
2013-09-16 |
2018-11-16 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
None |
Partial |
The (1) backup (api/contrib/backups.py) and (2) volume transfer (contrib/volume_transfer.py) APIs in OpenStack Cinder Grizzly 2013.1.3 and earlier allows remote attackers to cause a denial of service (resource consumption and crash) via an XML Entity Expansion (XEE) attack. NOTE: this issue is due to an incomplete fix for CVE-2013-1664. |
45514 |
CVE-2013-4201 |
275 |
|
|
2018-05-01 |
2018-06-13 |
4.0 |
None |
Remote |
Low |
Single system |
None |
Partial |
None |
Katello allows remote authenticated users to call the "system remove_deletion" CLI command via vectors related to "remove system" permissions. |
45515 |
CVE-2013-4200 |
264 |
|
Bypass |
2014-01-21 |
2018-10-09 |
5.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
None |
The isURLInPortal method in the URLTool class in in_portal.py in Plone 2.1 through 4.1, 4.2.x through 4.2.5, and 4.3.x through 4.3.1 treats URLs starting with a space as a relative URL, which allows remote attackers to bypass the allow_external_login_sites filtering property, redirect users to arbitrary web sites, and conduct phishing attacks via a space before a URL in the "next" parameter to acl_users/credentials_cookie_auth/require_login. |
45516 |
CVE-2013-4199 |
20 |
|
DoS |
2014-03-11 |
2014-03-11 |
3.5 |
None |
Remote |
Medium |
Single system |
None |
None |
Partial |
(1) cb_decode.py and (2) linkintegrity.py in Plone 2.1 through 4.1, 4.2.x through 4.2.5, and 4.3.x through 4.3.1 allow remote authenticated users to cause a denial of service (resource consumption) via a large zip archive, which is expanded (decompressed). |
45517 |
CVE-2013-4198 |
264 |
|
Bypass |
2014-03-11 |
2014-03-11 |
4.0 |
None |
Remote |
Low |
Single system |
None |
Partial |
None |
mail_password.py in Plone 2.1 through 4.1, 4.2.x through 4.2.5, and 4.3.x through 4.3.1 allows remote authenticated users to bypass the prohibition on password changes via the forgotten password email functionality. |
45518 |
CVE-2013-4197 |
20 |
|
|
2014-03-11 |
2014-03-11 |
5.5 |
None |
Remote |
Low |
Single system |
None |
Partial |
Partial |
member_portrait.py in Plone 2.1 through 4.1, 4.2.x through 4.2.5, and 4.3.x through 4.3.1 allows remote authenticated users to modify or delete portraits of other users via unspecified vectors. |
45519 |
CVE-2013-4196 |
264 |
|
+Info |
2014-03-11 |
2014-03-11 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
The object manager implementation (objectmanager.py) in Plone 2.1 through 4.1, 4.2.x through 4.2.5, and 4.3.x through 4.3.1 does not properly restrict access to internal methods, which allows remote attackers to obtain sensitive information via a crafted request. |
45520 |
CVE-2013-4195 |
20 |
|
|
2014-03-11 |
2014-03-11 |
5.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
None |
Multiple open redirect vulnerabilities in (1) marmoset_patch.py, (2) publish.py, and (3) principiaredirect.py in Plone 2.1 through 4.1, 4.2.x through 4.2.5, and 4.3.x through 4.3.1 allow remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vectors. |
45521 |
CVE-2013-4194 |
200 |
|
+Info |
2014-03-11 |
2014-03-11 |
4.3 |
None |
Remote |
Medium |
Not required |
Partial |
None |
None |
The WYSIWYG component (wysiwyg.py) in Plone 2.1 through 4.1, 4.2.x through 4.2.5, and 4.3.x through 4.3.1 allows remote attackers to obtain sensitive information via a crafted URL, which reveals the installation path in an error message. |
45522 |
CVE-2013-4193 |
264 |
|
|
2014-03-11 |
2014-03-11 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
typeswidget.py in Plone 2.1 through 4.1, 4.2.x through 4.2.5, and 4.3.x through 4.3.1 does not properly enforce the immutable setting on unspecified content edit forms, which allows remote attackers to hide fields on the forms via a crafted URL. |
45523 |
CVE-2013-4192 |
20 |
|
|
2014-03-11 |
2014-03-11 |
4.0 |
None |
Remote |
Low |
Single system |
None |
Partial |
None |
sendto.py in Plone 2.1 through 4.1, 4.2.x through 4.2.5, and 4.3.x through 4.3.1 allows remote authenticated users to spoof emails via unspecified vectors. |
45524 |
CVE-2013-4191 |
264 |
|
+Info |
2014-03-11 |
2014-03-11 |
5.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
None |
zip.py in Plone 2.1 through 4.1, 4.2.x through 4.2.5, and 4.3.x through 4.3.1 does not properly enforce access restrictions when including content in a zip archive, which allows remote attackers to obtain sensitive information by reading a generated archive. |
45525 |
CVE-2013-4190 |
79 |
|
XSS |
2014-03-11 |
2014-03-11 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
Multiple cross-site scripting (XSS) vulnerabilities in (1) spamProtect.py, (2) pts.py, and (3) request.py in Plone 2.1 through 4.1, 4.2.x through 4.2.5, and 4.3.x through 4.3.1 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors. |
45526 |
CVE-2013-4189 |
|
|
|
2014-03-11 |
2014-03-11 |
6.5 |
None |
Remote |
Low |
Single system |
Partial |
Partial |
Partial |
Multiple unspecified vulnerabilities in (1) dataitems.py, (2) get.py, and (3) traverseName.py in Plone 2.1 through 4.1, 4.2.x through 4.2.5, and 4.3.x through 4.3.1 allow remote authenticated users with administrator access to a subtree to access nodes above the subtree via unknown vectors. |
45527 |
CVE-2013-4188 |
399 |
|
DoS |
2014-03-11 |
2014-03-11 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
None |
Partial |
traverser.py in Plone 2.1 through 4.1, 4.2.x through 4.2.5, and 4.3.x through 4.3.1 allows remote attackers with administrator privileges to cause a denial of service (infinite loop and resource consumption) via unspecified vectors related to "retrieving information for certain resources." |
45528 |
CVE-2013-4185 |
310 |
|
DoS |
2013-10-29 |
2018-11-15 |
4.0 |
None |
Remote |
Low |
Single system |
None |
None |
Partial |
Algorithmic complexity vulnerability in OpenStack Compute (Nova) before 2013.1.3 and Havana before havana-3 does not properly handle network source security group policy updates, which allows remote authenticated users to cause a denial of service (nova-network consumption) via a large number of server-creation operations, which triggers a large number of update requests. |
45529 |
CVE-2013-4183 |
200 |
|
+Info |
2013-09-16 |
2013-10-30 |
2.1 |
None |
Local |
Low |
Not required |
Partial |
None |
None |
The clear_volume function in LVMVolumeDriver driver in OpenStack Cinder 2013.1.1 through 2013.1.2 does not properly clear data when deleting a snapshot, which allows local users to obtain sensitive information via unspecified vectors. |
45530 |
CVE-2013-4181 |
79 |
|
XSS |
2013-09-16 |
2013-09-25 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
Cross-site scripting (XSS) vulnerability in the addAlert function in the RedirectServlet servlet in oVirt Engine and Red Hat Enterprise Virtualization Manager (RHEV-M), as used in Red Hat Enterprise Virtualization 3 and 3.2, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. |
45531 |
CVE-2013-4180 |
20 |
|
DoS |
2013-09-16 |
2013-09-17 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
The (1) power and (2) ipmi_boot actions in the HostController in Foreman before 1.2.2 allow remote attackers to cause a denial of service (memory consumption) via unspecified input that is converted to a symbol. |
45532 |
CVE-2013-4179 |
119 |
|
DoS Overflow |
2013-09-16 |
2013-10-30 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
None |
Partial |
The security group extension in OpenStack Compute (Nova) Grizzly 2013.1.3, Havana before havana-3, and earlier allows remote attackers to cause a denial of service (resource consumption and crash) via an XML Entity Expansion (XEE) attack. NOTE: this issue is due to an incomplete fix for CVE-2013-1664. |
45533 |
CVE-2013-4178 |
287 |
|
|
2014-05-29 |
2014-05-30 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
The Google Authenticator login module 6.x-1.x before 6.x-1.2 and 7.x-1.x before 7.x-1.4 for Drupal allows remote attackers to obtain access by replaying the username, password, and one-time password (OTP). |
45534 |
CVE-2013-4177 |
264 |
|
Bypass |
2014-05-29 |
2014-05-30 |
5.0 |
None |
Remote |
Low |
Not required |
None |
Partial |
None |
The Google Authenticator login module 6.x-1.x before 6.x-1.2 and 7.x-1.x before 7.x-1.4 for Drupal does not properly identify user account names, which might allow remote attackers to bypass the two-factor authentication requirement via unspecified vectors. |
45535 |
CVE-2013-4174 |
79 |
|
XSS |
2013-08-19 |
2017-08-28 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
Multiple cross-site scripting (XSS) vulnerabilities in the Scald module 7.x-1.x before 7.x-1.1 for Drupal allow remote attackers to inject arbitrary web script or HTML via the (1) flash_uri, (2) flash_width, or (3) flash_height in the scald_flash_scald_prerender function in providers/scald_flash/scald_flash.module; or the (4) caption in the scald_image_scald_prerender function in providers/scald_image/scald_image.module. |
45536 |
CVE-2013-4173 |
22 |
|
Dir. Trav. |
2013-10-11 |
2013-10-15 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
Directory traversal vulnerability in the trend-data daemon (xymond_rrd) in Xymon 4.x before 4.3.12 allows remote attackers to delete arbitrary files via a .. (dot dot) in the host name in a "drophost" command. |
45537 |
CVE-2013-4171 |
79 |
|
XSS |
2013-12-07 |
2013-12-09 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
Multiple cross-site scripting (XSS) vulnerabilities in Apache Roller before 5.0.2 allow remote attackers to inject arbitrary web script or HTML via vectors related to the search results in the (1) RSS and (2) Atom feed templates. |
45538 |
CVE-2013-4169 |
59 |
|
|
2013-09-10 |
2013-09-11 |
6.9 |
None |
Local |
Medium |
Not required |
Complete |
Complete |
Complete |
GNOME Display Manager (gdm) before 2.21.1 allows local users to change permissions of arbitrary directories via a symlink attack on /tmp/.X11-unix/. |
45539 |
CVE-2013-4167 |
79 |
|
XSS |
2013-10-11 |
2013-10-15 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
Cross-site scripting (XSS) vulnerability in CMS Made Simple (CMSMS) before 1.11.7 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. |
45540 |
CVE-2013-4165 |
200 |
|
+Info |
2013-08-02 |
2013-10-11 |
4.3 |
None |
Remote |
Medium |
Not required |
Partial |
None |
None |
The HTTPAuthorized function in bitcoinrpc.cpp in bitcoind 0.8.1 provides information about authentication failure upon detecting the first incorrect byte of a password, which makes it easier for remote attackers to determine passwords via a timing side-channel attack. |
45541 |
CVE-2013-4164 |
119 |
|
DoS Exec Code Overflow |
2013-11-23 |
2018-01-08 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
Heap-based buffer overflow in Ruby 1.8, 1.9 before 1.9.3-p484, 2.0 before 2.0.0-p353, 2.1 before 2.1.0 preview2, and trunk before revision 43780 allows context-dependent attackers to cause a denial of service (segmentation fault) and possibly execute arbitrary code via a string that is converted to a floating point value, as demonstrated using (1) the to_f method or (2) JSON.parse. |
45542 |
CVE-2013-4163 |
399 |
|
DoS |
2013-07-29 |
2013-10-02 |
4.7 |
None |
Local |
Medium |
Not required |
None |
None |
Complete |
The ip6_append_data_mtu function in net/ipv6/ip6_output.c in the IPv6 implementation in the Linux kernel through 3.10.3 does not properly maintain information about whether the IPV6_MTU setsockopt option had been specified, which allows local users to cause a denial of service (BUG and system crash) via a crafted application that uses the UDP_CORK option in a setsockopt system call. |
45543 |
CVE-2013-4162 |
399 |
|
DoS |
2013-07-29 |
2014-01-03 |
4.7 |
None |
Local |
Medium |
Not required |
None |
None |
Complete |
The udp_v6_push_pending_frames function in net/ipv6/udp.c in the IPv6 implementation in the Linux kernel through 3.10.3 makes an incorrect function call for pending data, which allows local users to cause a denial of service (BUG and system crash) via a crafted application that uses the UDP_CORK option in a setsockopt system call. |
45544 |
CVE-2013-4160 |
|
|
DoS |
2014-01-21 |
2014-01-22 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
Little CMS (lcms2) before 2.5, as used in OpenJDK 7 and possibly other products, allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via vectors related to (1) cmsStageAllocLabV2ToV4curves, (2) cmsPipelineDup, (3) cmsAllocProfileSequenceDescription, (4) CurvesAlloc, and (5) cmsnamed. |
45545 |
CVE-2013-4157 |
59 |
|
|
2013-10-04 |
2013-10-07 |
3.6 |
None |
Local |
Low |
Not required |
None |
Partial |
Partial |
Red Hat Storage 2.0 allows local users to overwrite arbitrary files via a symlink attack on the (1) e, (2) local-bricks.list, (3) bricks.err, or (4) limits.conf files in /tmp. |
45546 |
CVE-2013-4156 |
119 |
|
DoS Overflow Mem. Corr. |
2013-07-31 |
2013-07-31 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
Apache OpenOffice.org (OOo) before 4.0 allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via a crafted element in an OOXML document file. |
45547 |
CVE-2013-4155 |
119 |
|
DoS Overflow |
2013-08-20 |
2013-10-30 |
4.0 |
None |
Remote |
Low |
Single system |
None |
None |
Partial |
OpenStack Swift before 1.9.1 in Folsom, Grizzly, and Havana allows authenticated users to cause a denial of service ("superfluous" tombstone consumption and Swift cluster slowdown) via a DELETE request with a timestamp that is older than expected. |
45548 |
CVE-2013-4154 |
|
|
DoS |
2013-09-30 |
2013-10-11 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
None |
Partial |
The qemuAgentCommand function in libvirt before 1.1.1, when a guest agent is not configured, allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via vectors related to "agent based cpu (un)plug," as demonstrated by the "virsh vcpucount foobar --guest" command. |
45549 |
CVE-2013-4153 |
399 |
|
DoS |
2013-09-30 |
2013-10-11 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
Double free vulnerability in the qemuAgentGetVCPUs function in qemu/qemu_agent.c in libvirt 1.0.6 through 1.1.0 allows remote attackers to cause a denial of service (daemon crash) via a cpu count request, as demonstrated by the "virsh vcpucount dom --guest" command. |
45550 |
CVE-2013-4152 |
264 |
|
DoS CSRF |
2014-01-23 |
2016-11-28 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
The Spring OXM wrapper in Spring Framework before 3.2.4 and 4.0.0.M1, when using the JAXB marshaller, does not disable entity resolution, which allows context-dependent attackers to read arbitrary files, cause a denial of service, and conduct CSRF attacks via an XML external entity declaration in conjunction with an entity reference in a (1) DOMSource, (2) StAXSource, (3) SAXSource, or (4) StreamSource, aka an XML External Entity (XXE) issue. |