Max CVSS | 7.5 | Min CVSS | 2.1 | Total Count | 2 |
ID | CVSS | Summary | Last (major) update | Published | |
CVE-2013-1823 | 4.3 |
Cross-site scripting (XSS) vulnerability in the Notifications form in Red Hat Subscription Asset Manager before 1.2.1 allows remote attackers to inject arbitrary web script or HTML via the username field.
|
13-02-2023 - 04:41 | 02-04-2013 - 22:55 | |
CVE-2013-0263 | 5.1 |
Rack::Session::Cookie in Rack 1.5.x before 1.5.2, 1.4.x before 1.4.5, 1.3.x before 1.3.10, 1.2.x before 1.2.8, and 1.1.x before 1.1.6 allows remote attackers to guess the session cookie, gain privileges, and execute arbitrary code via a timing attack
|
13-02-2023 - 04:40 | 08-02-2013 - 20:55 | |
CVE-2013-0256 | 4.3 |
darkfish.js in RDoc 2.3.0 through 3.12 and 4.x before 4.0.0.preview2.1, as used in Ruby, does not properly generate documents, which allows remote attackers to conduct cross-site scripting (XSS) attacks via a crafted URL.
|
09-09-2021 - 12:28 | 01-03-2013 - 05:40 | |
CVE-2013-0276 | 4.3 |
ActiveRecord in Ruby on Rails before 2.3.17, 3.1.x before 3.1.11, and 3.2.x before 3.2.12 allows remote attackers to bypass the attr_protected protection mechanism and modify protected model attributes via a crafted request.
|
08-08-2019 - 15:42 | 13-02-2013 - 01:55 | |
CVE-2013-0269 | 7.5 |
The JSON gem before 1.5.5, 1.6.x before 1.6.8, and 1.7.x before 1.7.7 for Ruby allows remote attackers to cause a denial of service (resource consumption) or bypass the mass assignment protection mechanism via a crafted JSON document that triggers th
|
09-12-2017 - 02:29 | 13-02-2013 - 01:55 | |
CVE-2012-6116 | 2.1 |
modules/certs/manifests/config.pp in katello-configure before 1.3.3.pulpv2 in Katello uses weak permissions (666) for the Candlepin bootstrap RPM, which allows local users to modify the Candlepin CA certificate by writing to this file.
|
04-04-2013 - 03:21 | 01-03-2013 - 05:40 | |
CVE-2012-6119 | 2.1 |
Candlepin before 0.7.24, as used in Red Hat Subscription Asset Manager before 1.2.1, does not properly check manifest signatures, which allows local users to modify manifests.
|
03-04-2013 - 04:00 | 02-04-2013 - 22:55 |