CVSS: 7.5EPSS: 2%CPEs: 6EXPL: 0CVE-2014-0021
https://notcve.org/view.php?id=CVE-2014-0021
15 Nov 2019 — Chrony before 1.29.1 has traffic amplification in cmdmon protocol Chrony versiones anteriores a la versión 1.29.1, tiene amplificación de tráfico en el protocolo cmdmon. • http://lists.fedoraproject.org/pipermail/package-announce/2014-February/127837.html •
CVSS: 9.8EPSS: 1%CPEs: 6EXPL: 0CVE-2013-4409
https://notcve.org/view.php?id=CVE-2013-4409
04 Nov 2019 — An eval() vulnerability exists in Python Software Foundation Djblets 0.7.21 and Beanbag Review Board before 1.7.15 when parsing JSON requests. Existe una vulnerabilidad de la función eval() en Python Software Foundation Djblets versión 0.7.21 y Beanbag Review Board versiones anteriores a la versión 1.7.15, cuando se analizan peticiones JSON. • http://lists.fedoraproject.org/pipermail/package-announce/2013-November/120619.html • CWE-20: Improper Input Validation •
CVSS: 7.8EPSS: 0%CPEs: 8EXPL: 0CVE-2013-4251
https://notcve.org/view.php?id=CVE-2013-4251
04 Nov 2019 — The scipy.weave component in SciPy before 0.12.1 creates insecure temporary directories. El componente scipy.weave en SciPy versiones anteriores a 0.12.1, crea directorios temporales no seguros. • http://lists.fedoraproject.org/pipermail/package-announce/2013-November/120696.html • CWE-269: Improper Privilege Management •
CVSS: 6.1EPSS: 0%CPEs: 6EXPL: 0CVE-2013-4168
https://notcve.org/view.php?id=CVE-2013-4168
01 Nov 2019 — Cross-site scripting (XSS) vulnerability in SmokePing 2.6.9 in the start and end time fields. Vulnerabilidad de tipo cross-site scripting (XSS) en SmokePing versión 2.6.9, en los campos de hora de inicio y finalización. • http://lists.fedoraproject.org/pipermail/package-announce/2013-August/113987.html • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 8.1EPSS: 0%CPEs: 7EXPL: 0CVE-2013-4751
https://notcve.org/view.php?id=CVE-2013-4751
01 Nov 2019 — php-symfony2-Validator has loss of information during serialization php-symfony2-Validator, presenta una perdida de información durante la serialización • http://lists.fedoraproject.org/pipermail/package-announce/2013-August/114380.html • CWE-20: Improper Input Validation •
CVSS: 6.5EPSS: 0%CPEs: 5EXPL: 0CVE-2014-1398
https://notcve.org/view.php?id=CVE-2014-1398
10 Apr 2018 — The entity wrapper access API in the Entity API module 7.x-1.x before 7.x-1.3 for Drupal might allow remote authenticated users to bypass intended access restrictions on comment, user and node statistics properties via unspecified vectors. La API de acceso al contenedor de entidad en el módulo Entity API, en versiones 7.x-1.x anteriores a la 7.x-1.3 para Drupal, podría permitir que usuarios autenticados remotos omitan las restricciones de acceso planeadas en las propiedades comment, user y node statistics m... • http://lists.fedoraproject.org/pipermail/package-announce/2014-January/126811.html • CWE-284: Improper Access Control •
CVSS: 6.5EPSS: 0%CPEs: 5EXPL: 0CVE-2014-1399
https://notcve.org/view.php?id=CVE-2014-1399
10 Apr 2018 — The entity wrapper access API in the Entity API module 7.x-1.x before 7.x-1.3 for Drupal might allow remote authenticated users to bypass intended access restrictions on referenced entities via unspecified vectors. La API de acceso al contenedor de entidad en el módulo Entity API, en versiones 7.x-1.x anteriores a la 7.x-1.3 para Drupal, podría permitir que usuarios autenticados remotos omitan las restricciones de acceso planeadas en las entidades referenciadas mediante vectores sin especificar. • http://lists.fedoraproject.org/pipermail/package-announce/2014-January/126811.html • CWE-284: Improper Access Control •
CVSS: 6.5EPSS: 0%CPEs: 5EXPL: 0CVE-2014-1400
https://notcve.org/view.php?id=CVE-2014-1400
10 Apr 2018 — The entity_access API in the Entity API module 7.x-1.x before 7.x-1.3 for Drupal might allow remote authenticated users to bypass intended access restrictions and read unpublished comments via unspecified vectors. La API entity_access en el módulo Entity API, en versiones 7.x-1.x anteriores a la 7.x-1.3 para Drupal, podría permitir que usuarios autenticados remotos omitan las restricciones de acceso planeadas y lean comentarios no publicados mediante vectores sin especificar. • http://lists.fedoraproject.org/pipermail/package-announce/2014-January/126811.html • CWE-284: Improper Access Control •
CVSS: 9.8EPSS: 4%CPEs: 43EXPL: 2CVE-2014-3005
https://notcve.org/view.php?id=CVE-2014-3005
01 Feb 2018 — XML external entity (XXE) vulnerability in Zabbix 1.8.x before 1.8.21rc1, 2.0.x before 2.0.13rc1, 2.2.x before 2.2.5rc1, and 2.3.x before 2.3.2 allows remote attackers to read arbitrary files or potentially execute arbitrary code via a crafted DTD in an XML request. Vulnerabilidad XEE (XML External Entity) en Zabbix 1.8.x anteriores a 1.8.21rc1, 2.0.x anteriores a 2.0.13rc1, 2.2.x anteriores a 2.2.5rc1 y 2.3.x anteriores a 2.3.2 permite que los atacantes remotos lean archivos arbitrarios o puedan ejecutar c... • http://lists.fedoraproject.org/pipermail/package-announce/2014-June/134885.html • CWE-611: Improper Restriction of XML External Entity Reference •
CVSS: 7.8EPSS: 0%CPEs: 253EXPL: 0CVE-2016-1238 – Gentoo Linux Security Advisory 201812-07
https://notcve.org/view.php?id=CVE-2016-1238
25 Jul 2016 — (1) cpan/Archive-Tar/bin/ptar, (2) cpan/Archive-Tar/bin/ptardiff, (3) cpan/Archive-Tar/bin/ptargrep, (4) cpan/CPAN/scripts/cpan, (5) cpan/Digest-SHA/shasum, (6) cpan/Encode/bin/enc2xs, (7) cpan/Encode/bin/encguess, (8) cpan/Encode/bin/piconv, (9) cpan/Encode/bin/ucmlint, (10) cpan/Encode/bin/unidump, (11) cpan/ExtUtils-MakeMaker/bin/instmodsh, (12) cpan/IO-Compress/bin/zipdetails, (13) cpan/JSON-PP/bin/json_pp, (14) cpan/Test-Harness/bin/prove, (15) dist/ExtUtils-ParseXS/lib/ExtUtils/xsubpp, (16) dist/Modul... • http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00002.html • CWE-264: Permissions, Privileges, and Access Controls •