Export limit exceeded: 347071 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 79199 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (79199 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2013-1817 | 4 Debian, Fedoraproject, Mediawiki and 1 more | 4 Debian Linux, Fedora, Mediawiki and 1 more | 2024-11-21 | 7.5 High |
| MediaWiki before 1.19.4 and 1.20.x before 1.20.3 contains an error in the api.php script which allows remote attackers to obtain sensitive information. | ||||
| CVE-2013-1816 | 4 Debian, Fedoraproject, Mediawiki and 1 more | 4 Debian Linux, Fedora, Mediawiki and 1 more | 2024-11-21 | 7.5 High |
| MediaWiki before 1.19.4 and 1.20.x before 1.20.3 allows remote attackers to cause a denial of service (application crash) by sending a specially crafted request. | ||||
| CVE-2013-1809 | 2 Debian, Gambas Project | 2 Debian Linux, Gambas | 2024-11-21 | 7.5 High |
| Gambas before 3.4.0 allows remote attackers to move or manipulate directory contents or perform symlink attacks due to the creation of insecure temporary directories. | ||||
| CVE-2013-1793 | 1 Redhat | 2 Openstack, Openstack Essex | 2024-11-21 | 7.5 High |
| openstack-utils openstack-db has insecure password creation | ||||
| CVE-2013-1771 | 1 Monkey-project | 1 Monkey | 2024-11-21 | 7.5 High |
| The web server Monkeyd produces a world-readable log (/var/log/monkeyd/master.log) on gentoo. | ||||
| CVE-2013-1753 | 2 Python, Redhat | 3 Python, Enterprise Linux, Rhel Software Collections | 2024-11-21 | 7.5 High |
| The gzip_decode function in the xmlrpc client library in Python 3.4 and earlier allows remote attackers to cause a denial of service (memory consumption) via a crafted HTTP request. | ||||
| CVE-2013-1634 | 1 Intel | 2 82574l Controller, 82574l Controller Firmware | 2024-11-21 | 7.5 High |
| A denial of service vulnerability exists in some motherboard implementations of Intel e1000e/82574L network controller devices through 2013-02-06 where the device can be brought into a non-processing state when parsing 32 hex, 33 hex, or 34 hex byte values at the 0x47f offset. NOTE: A followup statement from Intel suggests that the root cause of this issue was an incorrectly configured EEPROM image. | ||||
| CVE-2013-1602 | 1 Dlink | 34 Dcs-1100, Dcs-1100 Firmware, Dcs-1100l and 31 more | 2024-11-21 | 7.5 High |
| An Information Disclosure vulnerability exists due to insufficient validation of authentication cookies for the RTSP session in D-Link DCS-5635 1.01, DCS-1100L 1.04, DCS-1130L 1.04, DCS-1100 1.03/1.04_US, DCS-1130 1.03/1.04_US , DCS-2102 1.05_RU/1.06/1.06_FR/1.05_TESCO, DCS-2121 1.05_RU/1.06/1.06_FR/1.05_TESCO, DCS-3410 1.02, DCS-5230 1.02, DCS-5230L 1.02, DCS-6410 1.0, DCS-7410 1.0, DCS-7510 1.0, and WCS-1100 1.02, which could let a malicious user obtain unauthorized access to video streams. | ||||
| CVE-2013-1598 | 1 Vivotek | 2 Pt7135, Pt7135 Firmware | 2024-11-21 | 8.8 High |
| A Command Injection vulnerability exists in Vivotek PT7135 IP Cameras 0300a and 0400a via the system.ntp parameter to the farseer.out binary file, which cold let a malicious user execute arbitrary code. | ||||
| CVE-2013-1594 | 1 Vivotek | 2 Pt7135, Pt7135 Firmware | 2024-11-21 | 7.5 High |
| An Information Disclosure vulnerability exists via a GET request in Vivotek PT7135 IP Camera 0300a and 0400a due to wireless keys and 3rd party credentials stored in clear text. | ||||
| CVE-2013-1593 | 1 Sap | 1 Netweaver | 2024-11-21 | 7.5 High |
| A Denial of Service vulnerability exists in the WRITE_C function in the msg_server.exe module in SAP NetWeaver 2004s, 7.01 SR1, 7.02 SP06, and 7.30 SP04 when sending a crafted SAP Message Server packet to TCP ports 36NN and/or 39NN. | ||||
| CVE-2013-1391 | 5 Capturecctv, Hachi, Huntcctv and 2 more | 40 Cdr 0410ve, Cdr 0410ve Firmware, Cdr 0820vde and 37 more | 2024-11-21 | 7.5 High |
| Authentication bypass vulnerability in the the web interface in Hunt CCTV, Capture CCTV, Hachi CCTV, NoVus CCTV, and Well-Vision Inc DVR systems allows a remote attacker to retrieve the device configuration. | ||||
| CVE-2013-1352 | 1 Veraxsystems | 1 Network Management System | 2024-11-21 | 7.5 High |
| Verax NMS prior to 2.1.0 uses an encryption key that is hardcoded in a JAR archive. | ||||
| CVE-2013-1202 | 1 Cisco | 1 Ace Application Control Engine Module A2 | 2024-11-21 | 7.5 High |
| Cisco ACE A2(3.6) allows log retention DoS. | ||||
| CVE-2013-0725 | 1 Hexagongeospatial | 1 Erdas Er Viewer | 2024-11-21 | 7.8 High |
| ERDAS ER Viewer 13.0 has dwmapi.dll and irml.dll libraries arbitrary code execution vulnerabilities | ||||
| CVE-2013-0517 | 1 Ibm | 1 Sterling External Authentication Server | 2024-11-21 | 7.8 High |
| A Command Execution Vulnerability exists in IBM Sterling External Authentication Server 2.2.0, 2.3.01, 2.4.0, and 2.4.1 via an unspecified OS command, which could let a local malicious user execute arbitrary code. | ||||
| CVE-2013-0507 | 1 Ibm | 1 Infosphere Information Server | 2024-11-21 | 8.1 High |
| IBM InfoSphere Information Server 8.1, 8.5, 8.7, 9.1 has a Session Fixation Vulnerability | ||||
| CVE-2013-0293 | 1 Ovirt | 1 Node | 2024-11-21 | 7.8 High |
| oVirt Node: Lock screen accepts F2 to drop to shell causing privilege escalation | ||||
| CVE-2013-0291 | 1 Imagely | 1 Nextgen Gallery | 2024-11-21 | 7.5 High |
| NextGEN Gallery Plugin for WordPress 1.9.10 and 1.9.11 has a Path Disclosure Vulnerability | ||||
| CVE-2013-0264 | 1 Redhat | 1 Mrg Management Console | 2024-11-21 | 7.5 High |
| An import error was introduced in Cumin in the code refactoring in r5310. Server certificate validation is always disabled when connecting to Aviary servers, even if the installed packages on a system support it. | ||||