Lucene search
K

1801 matches found

NVD
NVD
added 2013/03/25 9:55 p.m.19 views

CVE-2013-1836

Moodle 2.x through 2.1.10, 2.2.x before 2.2.8, 2.3.x before 2.3.5, and 2.4.x before 2.4.2 does not properly manage privileges for WebDAV repositories, which allows remote authenticated users to read, modify, or delete arbitrary site-wide repositories by leveraging certain read access...

6.5CVSS8.9AI score0.01961EPSS
Exploits0References5
Prion
Prion
added 2013/03/25 9:55 p.m.8 views

Design/Logic Flaw

Moodle 2.x through 2.1.10, 2.2.x before 2.2.8, 2.3.x before 2.3.5, and 2.4.x before 2.4.2 does not properly manage privileges for WebDAV repositories, which allows remote authenticated users to read, modify, or delete arbitrary site-wide repositories by leveraging certain read access...

6.5CVSS6.8AI score0.01961EPSS
Exploits0References5Affected Software1
Cvelist
Cvelist
added 2013/03/25 9:0 p.m.21 views

CVE-2013-1836

Moodle 2.x through 2.1.10, 2.2.x before 2.2.8, 2.3.x before 2.3.5, and 2.4.x before 2.4.2 does not properly manage privileges for WebDAV repositories, which allows remote authenticated users to read, modify, or delete arbitrary site-wide repositories by leveraging certain read access...

8.9AI score0.01961EPSS
Exploits0References5
securityvulns
securityvulns
added 2013/03/24 12:0 a.m.62 views

[USN-1762-1] APT vulnerability

========================================================================== Ubuntu Security Notice USN-1762-1 March 14, 2013 apt vulnerability ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu...

4.3CVSS0.2AI score0.01343EPSS
Exploits0
NVD
NVD
added 2013/03/21 5:55 p.m.41 views

CVE-2013-1051

apt 0.8.16, 0.9.7, and possibly other versions does not properly handle InRelease files, which allows man-in-the-middle attackers to modify packages before installation via unknown vectors, possibly related to integrity checking and the use of third-party repositories...

4.3CVSS6.4AI score0.01343EPSS
Exploits0References3
OSV
OSV
added 2013/03/21 5:55 p.m.10 views

CVE-2013-1051

apt 0.8.16, 0.9.7, and possibly other versions does not properly handle InRelease files, which allows man-in-the-middle attackers to modify packages before installation via unknown vectors, possibly related to integrity checking and the use of third-party repositories...

6.6AI score
Exploits0References3
Prion
Prion
added 2013/03/21 5:55 p.m.22 views

Code injection

apt 0.8.16, 0.9.7, and possibly other versions does not properly handle InRelease files, which allows man-in-the-middle attackers to modify packages before installation via unknown vectors, possibly related to integrity checking and the use of third-party repositories...

4.3CVSS6.9AI score0.01343EPSS
Exploits0References3Affected Software3
CVE
CVE
added 2013/03/21 5:0 p.m.78 views

CVE-2013-1051

CVE-2013-1051 affects apt versions 0.8.16 and 0.9.7 (and possibly others) through improper handling of InRelease files, enabling man-in-the-middle modification of packages before installation via unknown vectors. The underlying issue relates to repository integrity checks and third‑party reposito...

4.3CVSS6.4AI score0.01343EPSS
Exploits0References3Affected Software2
Debian CVE
Debian CVE
added 2013/03/21 5:0 p.m.25 views

CVE-2013-1051

apt 0.8.16, 0.9.7, and possibly other versions does not properly handle InRelease files, which allows man-in-the-middle attackers to modify packages before installation via unknown vectors, possibly related to integrity checking and the use of third-party repositories...

4.3CVSS6.3AI score0.01343EPSS
Exploits0
OpenVAS
OpenVAS
added 2013/03/15 12:0 a.m.30 views

Ubuntu Update for apt USN-1762-1

Check for the Version of apt OpenVAS Vulnerability Test $Id: gbubuntuUSN17621.nasl 8483 2018-01-22 06:58:04Z teissa $ Ubuntu Update for apt USN-1762-1 Authors: System Generated Check Copyright: Copyright c 2013 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you c...

4.3CVSS6.5AI score0.01343EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2013/03/15 12:0 a.m.27 views

Ubuntu 11.10 / 12.04 LTS / 12.10 : apt vulnerability (USN-1762-1)

Ansgar Burchardt discovered that APT incorrectly handled InRelease files. If a remote attacker were able to perform a man-in-the-middle attack, this flaw could potentially be used to install altered packages. This update corrects the issue by disabling InRelease file support completely. Please no...

4.3CVSS5.5AI score0.01343EPSS
Exploits0References2
UbuntuCve
UbuntuCve
added 2013/03/14 12:0 a.m.33 views

CVE-2013-1051

apt 0.8.16, 0.9.7, and possibly other versions does not properly handle InRelease files, which allows man-in-the-middle attackers to modify packages before installation via unknown vectors, possibly related to integrity checking and the use of third-party repositories...

4.3CVSS5.9AI score0.01343EPSS
Exploits0References2
OSV
OSV
added 2013/03/11 4:0 a.m.3 views

UBUNTU-CVE-2013-1835

Moodle 2.x through 2.1.10, 2.2.x before 2.2.8, 2.3.x before 2.3.5, and 2.4.x before 2.4.2 allows remote authenticated administrators to obtain sensitive information from the external repositories of arbitrary users by leveraging the loginas feature...

3.5CVSS5.9AI score0.01481EPSS
Exploits0References2
OSV
OSV
added 2013/03/11 4:0 a.m.2 views

UBUNTU-CVE-2013-1836

Moodle 2.x through 2.1.10, 2.2.x before 2.2.8, 2.3.x before 2.3.5, and 2.4.x before 2.4.2 does not properly manage privileges for WebDAV repositories, which allows remote authenticated users to read, modify, or delete arbitrary site-wide repositories by leveraging certain read access...

6.5CVSS5.9AI score0.01961EPSS
Exploits0References2
Packet Storm
Packet Storm
added 2013/02/13 12:0 a.m.47 views

Sparx Systems Enterprise Architect 9.3.931 Corporate Password Disclosure

Subject ======= Simple password obfuscation in Sparx Systems "Enterprise Architect" when using server based repositories Affected product ================ Product: Enterprise Architect Vendor: Sparx Systems Affected versions ================= Tested with 9.3.931 Corporate, other versions likely t...

Exploits0
Tenable Nessus
Tenable Nessus
added 2013/01/31 12:0 a.m.31 views

IBM WebSphere Application Server 8.0 < Fix Pack 5 Multiple Vulnerabilities

IBM WebSphere Application Server 8.0 before Fix Pack 5 appears to be running on the remote host. It is, therefore, potentially affected by the following vulnerabilities : - An unspecified error exists related to the Administrative Console that can allow an attacker to hijack sessions...

6.8CVSS8.5AI score0.02898EPSS
Exploits2References9
Tenable Nessus
Tenable Nessus
added 2012/11/20 12:0 a.m.55 views

IBM WebSphere Application Server 8.5 < Fix Pack 1 Multiple Vulnerabilities

IBM WebSphere Application Server 8.5 before Fix Pack 1 appears to be running on the remote host and is, therefore, potentially affected by the following vulnerabilities : - An input validation error exists related to the 'Eclipse Help System' that can allow arbitrary redirect responses to HTTP...

7.5CVSS8.2AI score0.0388EPSS
Exploits5References23
Fedora
Fedora
added 2012/11/06 7:49 a.m.25 views

[SECURITY] Fedora 17 Update: viewvc-1.1.17-1.fc17

ViewVC is a browser interface for CVS and Subversion version control repositories. It generates templatized HTML to present navigable directory, revision, and change log listings. It can display specific versions of files as well as diffs between those versions. Basically, ViewVC provides the bul...

4.3CVSS1.5AI score0.03085EPSS
Exploits0
Prion
Prion
added 2012/10/22 11:55 p.m.18 views

Directory traversal

Directory traversal vulnerability in gitolite 3.x before 3.1, when wild card repositories and a pattern matching "../" are enabled, allows remote authenticated users to create arbitrary repositories and possibly perform other actions via a .. dot dot in a repository name...

4.6CVSS6.8AI score0.02069EPSS
Exploits0References7Affected Software1
CVE
CVE
added 2012/10/22 11:0 p.m.43 views

CVE-2012-4506

CVE-2012-4506 affects gitolite 3.x prior to 3.1. When wild card repositories are used and a pattern matching ".." is enabled, a directory traversal vulnerability can allow remote authenticated users to create arbitrary repositories and potentially perform other actions via a ".." in a repository ...

4.6CVSS6.5AI score0.02069EPSS
Exploits0References7Affected Software2
Rows per page
Query Builder