CVE-2013-4238
- EPSS 5.35%
- Veröffentlicht 18.08.2013 02:52:22
- Zuletzt bearbeitet 29.04.2026 01:13:23
The ssl.match_hostname function in the SSL module in Python 2.6 through 3.4 does not properly handle a '\0' character in a domain name in the Subject Alternative Name field of an X.509 certificate, which allows man-in-the-middle attackers to spoof ar...
CVE-2013-2132
- EPSS 2.63%
- Veröffentlicht 15.08.2013 17:55:24
- Zuletzt bearbeitet 29.04.2026 01:13:23
bson/_cbsonmodule.c in the mongo-python-driver (aka. pymongo) before 2.5.2, as used in MongoDB, allows context-dependent attackers to cause a denial of service (NULL pointer dereference and crash) via vectors related to decoding of an "invalid DBRef....
CVE-2013-2126
- EPSS 4.41%
- Veröffentlicht 14.08.2013 15:55:06
- Zuletzt bearbeitet 29.04.2026 01:13:23
Multiple double free vulnerabilities in the LibRaw::unpack function in libraw_cxx.cpp in LibRaw before 0.15.2 allow context-dependent attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a malformed full-...
- EPSS 69.01%
- Veröffentlicht 06.08.2013 02:56:00
- Zuletzt bearbeitet 29.04.2026 01:13:23
Integer overflow in the read_nttrans_ea_list function in nttrans.c in smbd in Samba 3.x before 3.5.22, 3.6.x before 3.6.17, and 4.x before 4.0.8 allows remote attackers to cause a denial of service (memory consumption) via a malformed packet.
CVE-2013-2174
- EPSS 11.12%
- Veröffentlicht 31.07.2013 13:20:25
- Zuletzt bearbeitet 29.04.2026 01:13:23
Heap-based buffer overflow in the curl_easy_unescape function in lib/escape.c in cURL and libcurl 7.7 through 7.30.0 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted string endi...
CVE-2013-1968
- EPSS 2.81%
- Veröffentlicht 31.07.2013 13:20:24
- Zuletzt bearbeitet 29.04.2026 01:13:23
Subversion before 1.6.23 and 1.7.x before 1.7.10 allows remote authenticated users to cause a denial of service (FSFS repository corruption) via a newline character in a file name.
CVE-2013-2112
- EPSS 3.89%
- Veröffentlicht 31.07.2013 13:20:24
- Zuletzt bearbeitet 29.04.2026 01:13:23
The svnserve server in Subversion before 1.6.23 and 1.7.x before 1.7.10 allows remote attackers to cause a denial of service (exit) by aborting a connection.
CVE-2013-4002
- EPSS 24.74%
- Veröffentlicht 23.07.2013 11:03:19
- Zuletzt bearbeitet 29.04.2026 01:13:23
XMLscanner.java in Apache Xerces2 Java Parser before 2.12.0, as used in the Java Runtime Environment (JRE) in IBM Java 5.0 before 5.0 SR16-FP3, 6 before 6 SR14, 6.0.1 before 6.0.1 SR6, and 7 before 7 SR5 as well as Oracle Java SE 7u40 and earlier, Ja...
- EPSS 4.31%
- Veröffentlicht 18.07.2013 16:51:40
- Zuletzt bearbeitet 29.04.2026 01:13:23
Directory traversal vulnerability in File Roller 3.6.x before 3.6.4, 3.8.x before 3.8.3, and 3.9.x before 3.9.3, when libarchive is used, allows remote attackers to create arbitrary files via a crafted archive that is not properly handled in a "Keep ...
- EPSS 3.09%
- Veröffentlicht 17.07.2013 13:41:16
- Zuletzt bearbeitet 29.04.2026 01:13:23
Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.31 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server Parser.