CVSS: 5.9EPSS: 0%CPEs: 5EXPL: 0CVE-2013-5661
https://notcve.org/view.php?id=CVE-2013-5661
Cache Poisoning issue exists in DNS Response Rate Limiting. Existe Un problema de envenenamiento de caché en el DNS Response Rate Limiting. • https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-5661 https://bugzilla.suse.com/show_bug.cgi?id=CVE-2013-5661 https://security-tracker.debian.org/tracker/CVE-2013-5661 • CWE-290: Authentication Bypass by Spoofing •
CVSS: 6.5EPSS: 0%CPEs: 11EXPL: 1CVE-2013-6461
https://notcve.org/view.php?id=CVE-2013-6461
Nokogiri gem 1.5.x and 1.6.x has DoS while parsing XML entities by failing to apply limits La gema Nokogiri versiones 1.5.x y 1.6.x, tienebn una DoS durante el análisis de entidades XML al fallar para aplicar límites. • http://www.openwall.com/lists/oss-security/2013/12/27/2 http://www.securityfocus.com/bid/64513 https://access.redhat.com/security/cve/cve-2013-6461 https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-6461 https://exchange.xforce.ibmcloud.com/vulnerabilities/90059 https://security-tracker.debian.org/tracker/CVE-2013-6461 • CWE-776: Improper Restriction of Recursive Entity References in DTDs ('XML Entity Expansion') •
CVSS: 6.5EPSS: 0%CPEs: 11EXPL: 1CVE-2013-6460
https://notcve.org/view.php?id=CVE-2013-6460
Nokogiri gem 1.5.x has Denial of Service via infinite loop when parsing XML documents La gema Nokogiri versiones 1.5.x, tiene una Denegación de Servicio por medio de un bucle infinito cuando se analizan documentos XML. • http://www.openwall.com/lists/oss-security/2013/12/27/2 http://www.securityfocus.com/bid/64513 https://access.redhat.com/security/cve/cve-2013-6460 https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-6460 https://bugzilla.suse.com/show_bug.cgi?id=CVE-2013-6460 https://exchange.xforce.ibmcloud.com/vulnerabilities/90058 https://security-tracker.debian.org/tracker/CVE-2013-6460 • CWE-776: Improper Restriction of Recursive Entity References in DTDs ('XML Entity Expansion') •
CVSS: 9.8EPSS: 1%CPEs: 6EXPL: 0CVE-2013-4409
https://notcve.org/view.php?id=CVE-2013-4409
An eval() vulnerability exists in Python Software Foundation Djblets 0.7.21 and Beanbag Review Board before 1.7.15 when parsing JSON requests. Existe una vulnerabilidad de la función eval() en Python Software Foundation Djblets versión 0.7.21 y Beanbag Review Board versiones anteriores a la versión 1.7.15, cuando se analizan peticiones JSON. • http://lists.fedoraproject.org/pipermail/package-announce/2013-November/120619.html http://lists.fedoraproject.org/pipermail/package-announce/2013-October/119819.html http://lists.fedoraproject.org/pipermail/package-announce/2013-October/119820.html http://lists.fedoraproject.org/pipermail/package-announce/2013-October/119830.html http://lists.fedoraproject.org/pipermail/package-announce/2013-October/119831.html http://www.securityfocus.com/bid/63029 https://access.redhat.com/security/cve/cve-2013-4409 https:/& • CWE-20: Improper Input Validation •
CVSS: 7.8EPSS: 0%CPEs: 8EXPL: 0CVE-2013-4251
https://notcve.org/view.php?id=CVE-2013-4251
The scipy.weave component in SciPy before 0.12.1 creates insecure temporary directories. El componente scipy.weave en SciPy versiones anteriores a 0.12.1, crea directorios temporales no seguros. • http://lists.fedoraproject.org/pipermail/package-announce/2013-November/120696.html http://lists.fedoraproject.org/pipermail/package-announce/2013-October/119759.html http://lists.fedoraproject.org/pipermail/package-announce/2013-October/119771.html http://www.securityfocus.com/bid/63008 https://access.redhat.com/security/cve/cve-2013-4251 https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-4251 https://bugzilla.suse.com/show_bug.cgi?id=CVE-2013-4251 https://exchange.xforce.ibmcloud.com/vulnera • CWE-269: Improper Privilege Management •