Export limit exceeded: 335011 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (24485 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2013-1594 | 1 Vivotek | 2 Pt7135, Pt7135 Firmware | 2024-11-21 | 7.5 High |
| An Information Disclosure vulnerability exists via a GET request in Vivotek PT7135 IP Camera 0300a and 0400a due to wireless keys and 3rd party credentials stored in clear text. | ||||
| CVE-2013-1422 | 1 Webcalendar Project | 1 Webcalendar | 2024-11-21 | 5.3 Medium |
| webcalendar before 1.2.7 shows the reason for a failed login (e.g., "no such user"). | ||||
| CVE-2013-10030 | 1 Angrybyte | 1 Wordpress Exit Box Lite | 2024-11-21 | 4.3 Medium |
| A vulnerability, which was classified as problematic, has been found in Exit Box Lite Plugin up to 1.06 on WordPress. Affected by this issue is some unknown functionality of the file wordpress-exit-box-lite.php. The manipulation leads to information disclosure. The attack may be launched remotely. Upgrading to version 1.10 is able to address this issue. The name of the patch is fad26701addb862c51baf85c6e3cc136aa79c309. It is recommended to upgrade the affected component. The identifier of this vulnerability is VDB-230672. | ||||
| CVE-2013-10007 | 1 Wp-print-friendly Project | 1 Wp Print Friendly | 2024-11-21 | 5.3 Medium |
| A vulnerability classified as problematic has been found in ethitter WP-Print-Friendly up to 0.5.2. This affects an unknown part of the file wp-print-friendly.php. The manipulation leads to information disclosure. It is possible to initiate the attack remotely. Upgrading to version 0.5.3 is able to address this issue. The identifier of the patch is 437787292670c20b4abe20160ebbe8428187f2b4. It is recommended to upgrade the affected component. The identifier VDB-217269 was assigned to this vulnerability. | ||||
| CVE-2013-0589 | 1 Ibm | 1 Inotes | 2024-11-21 | N/A |
| IBM iNotes before 8.5.3 Fix Pack 6 and 9.x before 9.0.1 allows remote attackers to bypass the remote image filtering mechanism and obtain sensitive information via a crafted e-mail message. IBM X-Force ID: 83371. | ||||
| CVE-2013-0570 | 1 Ibm | 12 Flex System Fabric Cn4093, Flex System Fabric En4093, Flex System Si4093 and 9 more | 2024-11-21 | N/A |
| The Fibre Channel over Ethernet (FCoE) feature in IBM System Networking and Blade Network Technology (BNT) switches running IBM Networking Operating System (aka NOS, formerly BLADE Operating System) floods data frames with unknown MAC addresses out on all interfaces on the same VLAN, which might allow remote attackers to obtain sensitive information in opportunistic circumstances by eavesdropping on the broadcast domain. IBM X-Force ID: 83166. | ||||
| CVE-2013-0522 | 1 Ibm | 1 Lotus Notes | 2024-11-21 | N/A |
| The Notes Client Single Logon feature in IBM Notes 8.0, 8.0.1, 8.0.2, 8.5, 8.5.1, 8.5.2, 8.5.3, and 9.0 on Windows allows local users to discover passwords via vectors involving an unspecified operating system communication mechanism for password transmission between Windows and Notes. IBM X-Force ID: 82531. | ||||
| CVE-2013-0342 | 1 Pyrad Project | 1 Pyrad | 2024-11-21 | 4.3 Medium |
| The CreateID function in packet.py in pyrad before 2.1 uses sequential packet IDs, which makes it easier for remote attackers to spoof packets by predicting the next ID, a different vulnerability than CVE-2013-0294. | ||||
| CVE-2013-0291 | 1 Imagely | 1 Nextgen Gallery | 2024-11-21 | 7.5 High |
| NextGEN Gallery Plugin for WordPress 1.9.10 and 1.9.11 has a Path Disclosure Vulnerability | ||||
| CVE-2013-0267 | 1 Apache | 1 Vcl | 2024-11-21 | N/A |
| The Privileges portion of the web GUI and the XMLRPC API in Apache VCL 2.3.x before 2.3.2, 2.2.x before 2.2.2 and 2.1 allow remote authenticated users with nodeAdmin, manageGroup, resourceGrant, or userGrant permissions to gain privileges, cause a denial of service, or conduct cross-site scripting (XSS) attacks by leveraging improper data validation. | ||||
| CVE-2013-0243 | 1 Haskell | 1 Hs-tls | 2024-11-21 | 7.4 High |
| haskell-tls-extra before 0.6.1 has Basic Constraints attribute vulnerability may lead to Man in the Middle attacks on TLS connections | ||||
| CVE-2013-0192 | 1 Simplemachines | 1 Simple Machines Forum | 2024-11-21 | 4.9 Medium |
| File Disclosure in SMF (SimpleMachines Forum) <= 2.0.3: Forum admin can read files such as the database config. | ||||
| CVE-2013-0180 | 1 Redislabs | 1 Redis | 2024-11-21 | 5.5 Medium |
| Insecure temporary file vulnerability in Redis 2.6 related to /tmp/redis.ds. | ||||
| CVE-2013-0178 | 1 Redislabs | 1 Redis | 2024-11-21 | 5.5 Medium |
| Insecure temporary file vulnerability in Redis before 2.6 related to /tmp/redis-%p.vm. | ||||
| CVE-2013-0165 | 1 Redhat | 1 Openshift | 2024-11-21 | 7.3 High |
| cartridges/openshift-origin-cartridge-mongodb-2.2/info/bin/dump.sh in OpenShift does not properly create files in /tmp. | ||||
| CVE-2012-6341 | 1 Netgear | 4 Wgr614v7, Wgr614v7 Firmware, Wgr614v9 and 1 more | 2024-11-21 | 6.5 Medium |
| An Information Disclosure vulnerability exists in the my config file in NEtGEAR WGR614 v7 and v9, which could let a malicious user recover all previously used passwords on the device, for both the control panel and WEP/WPA/WPA2, in plaintext. This is a different issue than CVE-2012-6340. | ||||
| CVE-2012-6135 | 2 Phusion, Redhat | 2 Passenger, Openshift | 2024-11-21 | 7.5 High |
| RubyGems passenger 4.0.0 betas 1 and 2 allows remote attackers to delete arbitrary files during the startup process. | ||||
| CVE-2012-6125 | 1 Call-cc | 1 Chicken | 2024-11-21 | 9.8 Critical |
| Chicken before 4.8.0 is susceptible to algorithmic complexity attacks related to hash table collisions. | ||||
| CVE-2012-6123 | 2 Call-cc, Debian | 2 Chicken, Debian Linux | 2024-11-21 | 6.5 Medium |
| Chicken before 4.8.0 does not properly handle NUL bytes in certain strings, which allows an attacker to conduct "poisoned NUL byte attack." | ||||
| CVE-2012-6111 | 2 Debian, Gnome | 2 Debian Linux, Gnome Keyring | 2024-11-21 | 7.5 High |
| gnome-keyring does not discard stored secrets when using gnome_keyring_lock_all_sync function | ||||