Export limit exceeded: 335857 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (74900 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2013-4859 | 1 Insteon | 2 Hub, Hub Firmware | 2024-11-21 | 8.1 High |
| INSTEON Hub 2242-222 lacks Web and API authentication | ||||
| CVE-2013-4855 | 1 Dlink | 2 Dir-865l, Dir-865l Firmware | 2024-11-21 | 8.8 High |
| D-Link DIR-865L has SMB Symlink Traversal due to misconfiguration in the SMB service allowing symbolic links to be created to locations outside of the Samba share. | ||||
| CVE-2013-4848 | 1 Tp-link | 2 Tl-wdr4300, Tl-wdr4300 Firmware | 2024-11-21 | 8.8 High |
| TP-Link TL-WDR4300 version 3.13.31 has multiple CSRF vulnerabilities. | ||||
| CVE-2013-4796 | 1 Reviewboard | 1 Reviewboard | 2024-11-21 | 8.8 High |
| ReviewBoard 1.6.17 allows code execution by attaching PHP scripts to review request | ||||
| CVE-2013-4751 | 3 Fedoraproject, Redhat, Sensiolabs | 3 Fedora, Enterprise Linux, Symfony | 2024-11-21 | 8.1 High |
| php-symfony2-Validator has loss of information during serialization | ||||
| CVE-2013-4717 | 1 Otrs | 2 Otrs, Otrs Itsm | 2024-11-21 | 8.8 High |
| Multiple SQL injection vulnerabilities in Open Ticket Request System (OTRS) Help Desk 3.0.x before 3.0.22, 3.1.x before 3.1.18, and 3.2.x before 3.2.9 allow remote authenticated users to execute arbitrary SQL commands via unspecified vectors related to Kernel/Output/HTML/PreferencesCustomQueue.pm, Kernel/System/CustomerCompany.pm, Kernel/System/Ticket/IndexAccelerator/RuntimeDB.pm, Kernel/System/Ticket/IndexAccelerator/StaticDB.pm, and Kernel/System/TicketSearch.pm. | ||||
| CVE-2013-4695 | 1 Winamp | 1 Winamp | 2024-11-21 | 7.8 High |
| Winamp 5.63: Invalid Pointer Dereference leading to Arbitrary Code Execution | ||||
| CVE-2013-4655 | 1 Belkin | 2 N900, N900 Firmware | 2024-11-21 | 7.5 High |
| Symlink Traversal vulnerability in Belkin N900 due to misconfiguration in the SMB service. | ||||
| CVE-2013-4593 | 1 Omniauth-facebook Project | 1 Omniauth-facebook | 2024-11-21 | 7.5 High |
| RubyGem omniauth-facebook has an access token security vulnerability | ||||
| CVE-2013-4583 | 1 Gitlab | 2 Gitlab, Gitlab-shell | 2024-11-21 | 8.8 High |
| The parse_cmd function in lib/gitlab_shell.rb in GitLab 5.0 before 5.4.2, Community Edition before 6.2.4, and Enterprise Edition before 6.2.1 and gitlab-shell before 1.7.8 allows remote authenticated users to gain privileges and clone arbitrary repositories. | ||||
| CVE-2013-4572 | 2 Fedoraproject, Mediawiki | 2 Fedora, Mediawiki | 2024-11-21 | 7.5 High |
| The CentralNotice extension for MediaWiki before 1.19.9, 1.20.x before 1.20.8, and 1.21.x before 1.21.3 sets the Cache-Control header to cache session cookies when a user is autocreated, which allows remote attackers to authenticate as the created user. | ||||
| CVE-2013-4536 | 2 Qemu, Redhat | 3 Qemu, Enterprise Linux, Openstack | 2024-11-21 | 7.8 High |
| An user able to alter the savevm data (either on the disk or over the wire during migration) could use this flaw to to corrupt QEMU process memory on the (destination) host, which could potentially result in arbitrary code execution on the host with the privileges of the QEMU process. | ||||
| CVE-2013-4535 | 2 Qemu, Redhat | 8 Qemu, Enterprise Linux, Enterprise Linux Desktop and 5 more | 2024-11-21 | 8.8 High |
| The virtqueue_map_sg function in hw/virtio/virtio.c in QEMU before 1.7.2 allows remote attackers to execute arbitrary files via a crafted savevm image, related to virtio-block or virtio-serial read. | ||||
| CVE-2013-4532 | 3 Canonical, Debian, Qemu | 3 Ubuntu Linux, Debian Linux, Qemu | 2024-11-21 | 7.8 High |
| Qemu 1.1.2+dfsg to 2.1+dfsg suffers from a buffer overrun which could potentially result in arbitrary code execution on the host with the privileges of the QEMU process. | ||||
| CVE-2013-4412 | 3 Berlios, Debian, Gnu | 3 Slim, Debian Linux, Glibc | 2024-11-21 | 7.5 High |
| slim has NULL pointer dereference when using crypt() method from glibc 2.17 | ||||
| CVE-2013-4410 | 2 Fedoraproject, Reviewboard | 2 Fedora, Reviewboard | 2024-11-21 | 7.5 High |
| ReviewBoard: has an access-control problem in REST API | ||||
| CVE-2013-4374 | 1 Redhat | 2 Jboss Operations Network, Rhq Mongo Db Drift Server | 2024-11-21 | 7.1 High |
| An insecurity temporary file vulnerability exists in RHQ Mongo DB Drift Server through 2013-09-25 when unpacking zipped files. | ||||
| CVE-2013-4367 | 2 Linux, Ovirt | 2 Linux Kernel, Ovirt-engine | 2024-11-21 | 7.8 High |
| ovirt-engine 3.2 running on Linux kernel 3.1 and newer creates certain files world-writeable due to an upstream kernel change which impacted how python's os.chmod() works when passed a mode of '-1'. | ||||
| CVE-2013-4357 | 5 Canonical, Debian, Eglibc and 2 more | 5 Ubuntu Linux, Debian Linux, Eglibc and 2 more | 2024-11-21 | 7.5 High |
| The eglibc package before 2.14 incorrectly handled the getaddrinfo() function. An attacker could use this issue to cause a denial of service. | ||||
| CVE-2013-4251 | 4 Debian, Fedoraproject, Redhat and 1 more | 4 Debian Linux, Fedora, Enterprise Linux and 1 more | 2024-11-21 | 7.8 High |
| The scipy.weave component in SciPy before 0.12.1 creates insecure temporary directories. | ||||