Export limit exceeded: 364050 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Export limit exceeded: 26304 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Search Results (26304 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2013-4053 1 Ibm 2 Websphere Application Server, Websphere Application Server Feature Pack For Web Services 2025-04-11 N/A
The WS-Security implementation in IBM WebSphere Application Server (WAS) 6.1 before 6.1.0.47, 7.0 before 7.0.0.31, 8.0 before 8.0.0.8, and 8.5 before 8.5.5.1, and WAS Feature Pack for Web Services 6.1 before 6.1.0.47, when a trust store is configured for XML Digital Signatures, does not properly verify X.509 certificates, which allows remote attackers to obtain privileged access via unspecified vectors.
CVE-2013-3342 1 Adobe 2 Acrobat, Acrobat Reader 2025-04-11 N/A
Adobe Reader and Acrobat 9.x before 9.5.5, 10.x before 10.1.7, and 11.x before 11.0.03 do not properly handle operating-system domain blacklists, which has unspecified impact and attack vectors.
CVE-2013-4032 1 Ibm 1 Db2 2025-04-11 N/A
The Fast Communications Manager (FCM) in IBM DB2 Enterprise Server Edition and Advanced Enterprise Server Edition 10.1 before FP3 and 10.5, when a multi-node configuration is used, allows remote attackers to cause a denial of service via vectors involving arbitrary data.
CVE-2013-3376 1 Cisco 1 Video Surveillance Operations Manager 2025-04-11 N/A
Open redirect vulnerability in the help page in Cisco Video Surveillance Operations Manager allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a crafted URL, aka Bug ID CSCty74490.
CVE-2013-3378 1 Cisco 2 Telepresence Tc Software, Telepresence Te Software 2025-04-11 N/A
Cisco TelePresence TC Software before 6.1 and TE Software before 4.1.3 allow remote attackers to cause a denial of service (temporary device hang) via crafted SIP packets, aka Bug ID CSCuf89557.
CVE-2013-3393 1 Cisco 2 Jabber, Virtualization Experience Media Engine 2025-04-11 N/A
The Precision Video Engine component in Cisco Jabber for Windows and Cisco Virtualization Experience Media Engine allows remote attackers to cause a denial of service (process crash and call disconnection) via crafted RTP packets, aka Bug IDs CSCuh60706 and CSCue21117.
CVE-2013-3398 1 Cisco 1 Prime Central For Hosted Collaboration Solution 2025-04-11 N/A
The web framework in Cisco Prime Central for Hosted Collaboration Solution (HCS) Assurance provides different responses to requests for arbitrary pathnames depending on whether the pathname exists, which allows remote attackers to enumerate directories and files via a series of crafted requests, aka Bug ID CSCuh64574.
CVE-2013-3955 1 Apple 4 Ipad, Ipad2, Ipad Mini and 1 more 2025-04-11 N/A
The get_xattrinfo function in the XNU kernel in Apple iOS 5.x and 6.x through 6.1.3 on iPad devices does not properly validate the header of an AppleDouble file, which might allow local users to cause a denial of service (memory corruption) or have unspecified other impact via an invalid file on an msdosfs filesystem.
CVE-2013-3442 1 Cisco 1 Unified Communications Manager 2025-04-11 N/A
The web portal in Cisco Unified Communications Manager (Unified CM) allows remote authenticated users to obtain sensitive stack-trace information via unspecified vectors that trigger a stack exception, aka Bug ID CSCug34854.
CVE-2013-3953 1 Apple 2 Iphone Os, Mac Os X 2025-04-11 N/A
The mach_port_space_info function in osfmk/ipc/mach_debug.c in the XNU kernel in Apple Mac OS X 10.8.x does not initialize a certain structure member, which allows local users to obtain sensitive information from kernel heap memory via a crafted call.
CVE-2013-3511 1 Gwos 1 Groundwork Monitor 2025-04-11 N/A
Open redirect vulnerability in the NeDi component in GroundWork Monitor Enterprise 6.7.0 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vectors.
CVE-2013-3512 1 Gwos 1 Groundwork Monitor 2025-04-11 N/A
The Cacti component in GroundWork Monitor Enterprise 6.7.0 does not properly perform authorization checks, which allows remote authenticated users to read or modify configuration settings via unspecified vectors, as demonstrated by reading credentials.
CVE-2013-3948 1 Apple 1 Iphone Os 2025-04-11 N/A
Apple iOS 6.1.3 does not follow redirects during determination of the hostname to display in an iOS Enterprise Deployment installation dialog, which makes it easier for remote attackers to trigger installation of arbitrary applications via a download-manifest itms-services:// URL that leverages an open redirect vulnerability within a trusted domain.
CVE-2013-3909 1 Microsoft 1 Internet Explorer 2025-04-11 N/A
Microsoft Internet Explorer 6 through 8 allows remote attackers to read content from a different (1) domain or (2) zone via crafted characters in Cascading Style Sheets (CSS) token sequences, aka "Internet Explorer Information Disclosure Vulnerability."
CVE-2013-3908 1 Microsoft 1 Internet Explorer 2025-04-11 N/A
Microsoft Internet Explorer 6 through 10 allows user-assisted remote attackers to bypass the Same Origin Policy and obtain sensitive information from any visited document via a crafted web page that is not properly handled during a print-preview action, aka "Internet Explorer Information Disclosure Vulnerability."
CVE-2013-3860 1 Microsoft 1 .net Framework 2025-04-11 N/A
Microsoft .NET Framework 2.0 SP2, 3.5, 3.5 SP1, 3.5.1, 4, and 4.5 does not properly parse a DTD during XML digital-signature validation, which allows remote attackers to cause a denial of service (application crash or hang) via a crafted signed XML document, aka "Entity Expansion Vulnerability."
CVE-2013-3233 1 Linux 1 Linux Kernel 2025-04-11 N/A
The llcp_sock_recvmsg function in net/nfc/llcp/sock.c in the Linux kernel before 3.9-rc7 does not initialize a certain length variable and a certain data structure, which allows local users to obtain sensitive information from kernel stack memory via a crafted recvmsg or recvfrom system call.
CVE-2013-3226 1 Linux 1 Linux Kernel 2025-04-11 N/A
The sco_sock_recvmsg function in net/bluetooth/sco.c in the Linux kernel before 3.9-rc7 does not initialize a certain length variable, which allows local users to obtain sensitive information from kernel stack memory via a crafted recvmsg or recvfrom system call.
CVE-2013-3237 1 Linux 1 Linux Kernel 2025-04-11 N/A
The vsock_stream_sendmsg function in net/vmw_vsock/af_vsock.c in the Linux kernel before 3.9-rc7 does not initialize a certain length variable, which allows local users to obtain sensitive information from kernel stack memory via a crafted recvmsg or recvfrom system call.
CVE-2012-2562 2 Google, Xelex 2 Android, Mobiletrack 2025-04-11 N/A
The Xelex MobileTrack application 2.3.7 and earlier for Android does not verify the origin of SMS commands, which allows remote attackers to execute a (1) LOCATE, (2) TRACK, (3) UPDATECFG, (4) UPDATEACCT, (5) STAT, (6) TERM, or (7) WIPE command via an SMS message.