8415 matches found
Cross site scripting
Cross-site scripting XSS vulnerability in the simpleformat helper in actionpack/lib/actionview/helpers/texthelper.rb in Ruby on Rails 4.x before 4.0.2 allows remote attackers to inject arbitrary web script or HTML via a crafted HTML attribute...
CVE-2013-6416
Cross-site scripting XSS vulnerability in the simpleformat helper in actionpack/lib/actionview/helpers/texthelper.rb in Ruby on Rails 4.x before 4.0.2 allows remote attackers to inject arbitrary web script or HTML via a crafted HTML attribute...
CVE-2013-6416
Cross-site scripting XSS vulnerability in the simpleformat helper in actionpack/lib/actionview/helpers/texthelper.rb in Ruby on Rails 4.x before 4.0.2 allows remote attackers to inject arbitrary web script or HTML via a crafted HTML attribute...
Buffer overflow
Buffer overflow in VideoCharge Software Watermark Master 2.2.23 allows remote attackers to execute arbitrary code via a long string in the name attribute of the cols element in a .wstyle file...
Buffer overflow
Multiple buffer underflows in the XFS implementation in the Linux kernel through 3.12.1 allow local users to cause a denial of service memory corruption or possibly have unspecified other impact by leveraging the CAPSYSADMIN capability for a 1 XFSIOCATTRLISTBYHANDLE or 2 XFSIOCATTRLISTBYHANDLE32...
UBUNTU-CVE-2013-6382
Multiple buffer underflows in the XFS implementation in the Linux kernel through 3.12.1 allow local users to cause a denial of service memory corruption or possibly have unspecified other impact by leveraging the CAPSYSADMIN capability for a 1 XFSIOCATTRLISTBYHANDLE or 2 XFSIOCATTRLISTBYHANDLE32...
DEBIAN-CVE-2013-4485
389 Directory Server 1.2.11.15 aka Red Hat Directory Server before 8.2.11-14 allows remote authenticated users to cause a denial of service crash via multiple @ characters in a GER attribute list in a search request...
Cross site request forgery (csrf)
389 Directory Server 1.2.11.15 aka Red Hat Directory Server before 8.2.11-14 allows remote authenticated users to cause a denial of service crash via multiple @ characters in a GER attribute list in a search request...
UBUNTU-CVE-2013-4485
389 Directory Server 1.2.11.15 aka Red Hat Directory Server before 8.2.11-14 allows remote authenticated users to cause a denial of service crash via multiple @ characters in a GER attribute list in a search request...
CVE-2013-4485
389 Directory Server 1.2.11.15 aka Red Hat Directory Server before 8.2.11-14 allows remote authenticated users to cause a denial of service crash via multiple @ characters in a GER attribute list in a search request...
389-ds-base: DoS due to improper handling of ger attr searches
389 Directory Server 1.2.11.15 aka Red Hat Directory Server before 8.2.11-14 allows remote authenticated users to cause a denial of service crash via multiple @ characters in a GER attribute list in a search request...
389-ds-base: DoS due to improper handling of ger attr searches
389 Directory Server 1.2.11.15 aka Red Hat Directory Server before 8.2.11-14 allows remote authenticated users to cause a denial of service crash via multiple @ characters in a GER attribute list in a search request...
RHEL 6 : augeas (RHSA-2013:1537)
Updated augeas packages that fix two security issues, several bugs, and add various enhancements are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having low security impact. A Common Vulnerability Scoring System CVSS base score, which...
kernel: nfs: missing check for buffer length in __nfs4_get_acl_uncached
Buffer overflow in the nfs4getacluncached function in fs/nfs/nfs4proc.c in the Linux kernel before 3.7.2 allows local users to cause a denial of service memory corruption and system crash or possibly have unspecified other impact via a getxattr system call for the system.nfs4acl extended attribut...
samba: DoS via integer overflow when reading an EA list
Integer overflow in the readnttransealist function in nttrans.c in smbd in Samba 3.x before 3.5.22, 3.6.x before 3.6.17, and 4.x before 4.0.8 allows remote attackers to cause a denial of service memory consumption via a malformed packet...
DEBIAN-CVE-2013-4591
Buffer overflow in the nfs4getacluncached function in fs/nfs/nfs4proc.c in the Linux kernel before 3.7.2 allows local users to cause a denial of service memory corruption and system crash or possibly have unspecified other impact via a getxattr system call for the system.nfs4acl extended attribut...
CVE-2013-4591
Buffer overflow in the nfs4getacluncached function in fs/nfs/nfs4proc.c in the Linux kernel before 3.7.2 allows local users to cause a denial of service memory corruption and system crash or possibly have unspecified other impact via a getxattr system call for the system.nfs4acl extended attribut...
UBUNTU-CVE-2013-4591
Buffer overflow in the nfs4getacluncached function in fs/nfs/nfs4proc.c in the Linux kernel before 3.7.2 allows local users to cause a denial of service memory corruption and system crash or possibly have unspecified other impact via a getxattr system call for the system.nfs4acl extended attribut...
IT-Grundschutz M4.020: Restriktive Attributvergabe bei Unix-Benutzerdateien und -verzeichnissen
IT-Grundschutz M4.020: Restriktive Attributvergabe bei Unix-Benutzerdateien und -verzeichnissen. ACHTUNG: Dieser Test wird nicht mehr unterstützt. Er wurde ersetzt durch den entsprechenden Test der nun permanent and die aktuelle EL angepasst wird: OID 1.3.6.1.4.1.25623.1.0.94188 Stand: 13...
CVE-2013-6621
Use-after-free vulnerability in Google Chrome before 31.0.1650.48 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to the x-webkit-speech attribute in a text INPUT element...