Lucene search
K

16 matches found

seebug.org
seebug.org
added 2014/07/01 12:0 a.m.12 views

Graphite Web Unsafe Pickle Handling

No description provided by source. This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit web site for more information on licensing and terms of use. http://metasploit.com/ require 'msf/core' class Metasploit3...

7.1AI score
Exploits0
Check Point Advisories
Check Point Advisories
added 2013/10/27 12:0 a.m.4 views

Graphite Web Unsafe Module Handling Code Execution (CVE-2013-5093)

A command injection vulnerability has been reported in Graphite Web...

7AI score0.38668EPSS
Exploits5
OSV
OSV
added 2013/09/27 10:8 a.m.9 views

CVE-2013-5093

The renderLocalView function in render/views.py in graphite-web in Graphite 0.9.5 through 0.9.10 uses the pickle Python module unsafely, which allows remote attackers to execute arbitrary code via a crafted serialized object...

7.2AI score
Exploits0References8
UbuntuCve
UbuntuCve
added 2013/09/27 10:8 a.m.18 views

CVE-2013-5093

The renderLocalView function in render/views.py in graphite-web in Graphite 0.9.5 through 0.9.10 uses the pickle Python module unsafely, which allows remote attackers to execute arbitrary code via a crafted serialized object...

6.8CVSS6.2AI score0.38668EPSS
Exploits5References3
UbuntuCve
UbuntuCve
added 2013/09/27 10:8 a.m.23 views

CVE-2013-5942

Graphite 0.9.5 through 0.9.10 uses the pickle Python module unsafely, which allows remote attackers to execute arbitrary code via a crafted serialized object, related to 1 remotestorage.py, 2 storage.py, 3 render/datalib.py, and 4 whitelist/views.py, a different vulnerability than CVE-2013-5093...

6.8CVSS6.2AI score0.02106EPSS
Exploits0References4
Prion
Prion
added 2013/09/27 10:8 a.m.16 views

Design/Logic Flaw

Graphite 0.9.5 through 0.9.10 uses the pickle Python module unsafely, which allows remote attackers to execute arbitrary code via a crafted serialized object, related to 1 remotestorage.py, 2 storage.py, 3 render/datalib.py, and 4 whitelist/views.py, a different vulnerability than CVE-2013-5093...

6.8CVSS7.7AI score0.38668EPSS
Exploits5References2Affected Software1
CVE
CVE
added 2013/09/27 10:0 a.m.123 views

CVE-2013-5093

Graphite Web (graphite-web) versions 0.9.5–0.9.10 are affected by an unsafe use of pickle in renderLocalView (render/views.py) that enables remote code execution via a crafted serialized object. Connected advisories corroborate a remote code execution vulnerability in graphite-web involving the p...

6.8CVSS7.3AI score0.38668EPSS
Exploits5References7Affected Software1
Debian CVE
Debian CVE
added 2013/09/27 10:0 a.m.22 views

CVE-2013-5093

The renderLocalView function in render/views.py in graphite-web in Graphite 0.9.5 through 0.9.10 uses the pickle Python module unsafely, which allows remote attackers to execute arbitrary code via a crafted serialized object...

6.8CVSS7.3AI score0.38668EPSS
Exploits5
OpenVAS
OpenVAS
added 2013/09/24 12:0 a.m.17 views

Fedora Update for graphite-web FEDORA-2013-15713

The remote host is missing an update for the SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

6.8CVSS6.5AI score0.38668EPSS
Exploits5References2
OpenVAS
OpenVAS
added 2013/09/24 12:0 a.m.17 views

Fedora Update for graphite-web FEDORA-2013-15710

The remote host is missing an update for the SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

6.8CVSS6.5AI score0.38668EPSS
Exploits5References2
Tenable Nessus
Tenable Nessus
added 2013/09/19 12:0 a.m.16 views

Fedora 18 : graphite-web-0.9.12-1.fc18 (2013-15713)

This is both an update to 0.9.12 and to address CVE-2013-5093. Correctly pull in fonts. Initial package import. Initial package import. Initial package import. Initial package import. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora securit...

6.8CVSS5.4AI score0.38668EPSS
Exploits5References1
Tenable Nessus
Tenable Nessus
added 2013/09/19 12:0 a.m.31 views

Fedora 19 : graphite-web-0.9.12-1.fc19 (2013-15710)

This is both an update to 0.9.12 and to address CVE-2013-5093. Correctly pull in fonts. Initial package import. Initial package import. Initial package import. Initial package import. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora securit...

6.8CVSS5.4AI score0.38668EPSS
Exploits5References1
Circl
Circl
added 2013/08/21 12:0 a.m.9 views

CVE-2013-5093

creationtimestamp| type| source ---|---|--- 2013-08-21 00:00:00+00:00| confirmed| https://www.exploit-db.com/exploits/27752 2018-05-29 15:50:33+00:00| seen| https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/unix/webapp/graphitepickleexec.rb 2025-02-06 03:13:41+00:00| see...

6.8CVSS5.7AI score0.38668EPSS
Exploits5References2
Packet Storm
Packet Storm
added 2013/08/21 12:0 a.m.31 views

Graphite Web Unsafe Pickle Handling

This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit web site for more information on licensing and terms of use. http://metasploit.com/ require 'msf/core' class Metasploit3 'Graphite Web Unsafe Pickle Handling',...

6.8CVSS0.3AI score0.38668EPSS
Exploits5
Exploit DB
Exploit DB
added 2013/08/21 12:0 a.m.38 views

Graphite Web - Unsafe Pickle Handling (Metasploit)

This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit web site for more information on licensing and terms of use. http://metasploit.com/ require 'msf/core' class Metasploit3 'Graphite Web Unsafe Pickle Handling',...

6.8CVSS7.4AI score0.38668EPSS
Exploits5
Metasploit
Metasploit
added 2013/08/20 4:56 p.m.31 views

Graphite Web Unsafe Pickle Handling

This module exploits a remote code execution vulnerability in the pickle handling of the rendering code in the Graphite Web project between version 0.9.5 and 0.9.10 both included. This module requires Metasploit: https://metasploit.com/download Current source:...

6.8CVSS7.8AI score0.38668EPSS
Exploits5
Rows per page
Query Builder