Search
Search Results (5707 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2013-6461 | 3 Debian, Nokogiri, Redhat | 7 Debian Linux, Nokogiri, Cloudforms Management Engine and 4 more | 2024-08-06 | 6.5 Medium |
| Nokogiri gem 1.5.x and 1.6.x has DoS while parsing XML entities by failing to apply limits | ||||
| CVE-2013-4663 | 1 Redmine | 1 Redmine Git Hosting Plugin | 2024-08-06 | N/A |
| git_http_controller.rb in the redmine_git_hosting plugin for Redmine allows remote attackers to execute arbitrary commands via shell metacharacters in (1) the service parameter to info/refs, related to the get_info_refs function or (2) the reqfile argument to the file_exists function. | ||||
| CVE-2013-4335 | 1 Openpne | 1 Opopensocialplugin | 2024-08-06 | 9.8 Critical |
| opOpenSocialPlugin 0.8.2.1, > 0.9.9.2, 0.9.13, 1.2.6: Multiple XML External Entity Injection Vulnerabilities | ||||
| CVE-2013-4179 | 2 Openstack, Redhat | 3 Compute, Havana, Openstack | 2024-08-06 | N/A |
| The security group extension in OpenStack Compute (Nova) Grizzly 2013.1.3, Havana before havana-3, and earlier allows remote attackers to cause a denial of service (resource consumption and crash) via an XML Entity Expansion (XEE) attack. NOTE: this issue is due to an incomplete fix for CVE-2013-1664. | ||||
| CVE-2024-7397 | 1 Korenix | 1 Jetport5601v3 | 2024-08-06 | N/A |
| Improper filering of special characters result in a command ('command injection') vulnerability in Korenix JetPort 5601v3.This issue affects JetPort 5601v3: through 1.2. | ||||
| CVE-2017-6000 | 2023-11-07 | N/A | ||
| DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none | ||||
| CVE-2016-5483 | 1 Redhat | 2 Enterprise Linux, Rhel Software Collections | 2023-11-07 | N/A |
| DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2017-3600. Reason: This candidate is a reservation duplicate of CVE-2017-3600. Notes: All CVE users should reference CVE-2017-3600 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage | ||||