Export limit exceeded: 335730 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 335730 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (74862 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2013-20003 | 1 Silabs | 10 Zgm130s037hgn, Zgm130s037hgn Firmware, Zgm2305a27hgn and 7 more | 2024-11-21 | 8.3 High |
| Z-Wave devices from Sierra Designs (circa 2013) and Silicon Labs (using S0 security) may use a known, shared network key of all zeros, allowing an attacker within radio range to spoof Z-Wave traffic. | ||||
| CVE-2013-1924 | 1 Skill | 1 Commerce Skrill | 2024-11-21 | 7.5 High |
| Commerce Skrill (Formerly Moneybookers) has an Access bypass vulnerability in all versions prior to 7.x-1.2 | ||||
| CVE-2013-1916 | 1 User Photo Project | 1 User Photo | 2024-11-21 | 8.8 High |
| In WordPress Plugin User Photo 0.9.4, when a photo is uploaded, it is only partially validated and it is possible to upload a backdoor on the server hosting WordPress. This backdoor can be called (executed) even if the photo has not been yet approved. | ||||
| CVE-2013-1895 | 2 Fedoraproject, Python | 2 Fedora, Py-bcrypt | 2024-11-21 | 7.5 High |
| The py-bcrypt module before 0.3 for Python does not properly handle concurrent memory access, which allows attackers to bypass authentication via multiple authentication requests, which trigger the password hash to be overwritten. | ||||
| CVE-2013-1889 | 1 Mod Ruid2 Project | 1 Mod Ruid2 | 2024-11-21 | 7.5 High |
| mod_ruid2 before 0.9.8 improperly handles file descriptors which allows remote attackers to bypass security using a CGI script to break out of the chroot. | ||||
| CVE-2013-1817 | 4 Debian, Fedoraproject, Mediawiki and 1 more | 4 Debian Linux, Fedora, Mediawiki and 1 more | 2024-11-21 | 7.5 High |
| MediaWiki before 1.19.4 and 1.20.x before 1.20.3 contains an error in the api.php script which allows remote attackers to obtain sensitive information. | ||||
| CVE-2013-1816 | 4 Debian, Fedoraproject, Mediawiki and 1 more | 4 Debian Linux, Fedora, Mediawiki and 1 more | 2024-11-21 | 7.5 High |
| MediaWiki before 1.19.4 and 1.20.x before 1.20.3 allows remote attackers to cause a denial of service (application crash) by sending a specially crafted request. | ||||
| CVE-2013-1809 | 2 Debian, Gambas Project | 2 Debian Linux, Gambas | 2024-11-21 | 7.5 High |
| Gambas before 3.4.0 allows remote attackers to move or manipulate directory contents or perform symlink attacks due to the creation of insecure temporary directories. | ||||
| CVE-2013-1793 | 1 Redhat | 2 Openstack, Openstack Essex | 2024-11-21 | 7.5 High |
| openstack-utils openstack-db has insecure password creation | ||||
| CVE-2013-1771 | 1 Monkey-project | 1 Monkey | 2024-11-21 | 7.5 High |
| The web server Monkeyd produces a world-readable log (/var/log/monkeyd/master.log) on gentoo. | ||||
| CVE-2013-1753 | 2 Python, Redhat | 3 Python, Enterprise Linux, Rhel Software Collections | 2024-11-21 | 7.5 High |
| The gzip_decode function in the xmlrpc client library in Python 3.4 and earlier allows remote attackers to cause a denial of service (memory consumption) via a crafted HTTP request. | ||||
| CVE-2013-1634 | 1 Intel | 2 82574l Controller, 82574l Controller Firmware | 2024-11-21 | 7.5 High |
| A denial of service vulnerability exists in some motherboard implementations of Intel e1000e/82574L network controller devices through 2013-02-06 where the device can be brought into a non-processing state when parsing 32 hex, 33 hex, or 34 hex byte values at the 0x47f offset. NOTE: A followup statement from Intel suggests that the root cause of this issue was an incorrectly configured EEPROM image. | ||||
| CVE-2013-1602 | 1 Dlink | 34 Dcs-1100, Dcs-1100 Firmware, Dcs-1100l and 31 more | 2024-11-21 | 7.5 High |
| An Information Disclosure vulnerability exists due to insufficient validation of authentication cookies for the RTSP session in D-Link DCS-5635 1.01, DCS-1100L 1.04, DCS-1130L 1.04, DCS-1100 1.03/1.04_US, DCS-1130 1.03/1.04_US , DCS-2102 1.05_RU/1.06/1.06_FR/1.05_TESCO, DCS-2121 1.05_RU/1.06/1.06_FR/1.05_TESCO, DCS-3410 1.02, DCS-5230 1.02, DCS-5230L 1.02, DCS-6410 1.0, DCS-7410 1.0, DCS-7510 1.0, and WCS-1100 1.02, which could let a malicious user obtain unauthorized access to video streams. | ||||
| CVE-2013-1598 | 1 Vivotek | 2 Pt7135, Pt7135 Firmware | 2024-11-21 | 8.8 High |
| A Command Injection vulnerability exists in Vivotek PT7135 IP Cameras 0300a and 0400a via the system.ntp parameter to the farseer.out binary file, which cold let a malicious user execute arbitrary code. | ||||
| CVE-2013-1594 | 1 Vivotek | 2 Pt7135, Pt7135 Firmware | 2024-11-21 | 7.5 High |
| An Information Disclosure vulnerability exists via a GET request in Vivotek PT7135 IP Camera 0300a and 0400a due to wireless keys and 3rd party credentials stored in clear text. | ||||
| CVE-2013-1593 | 1 Sap | 1 Netweaver | 2024-11-21 | 7.5 High |
| A Denial of Service vulnerability exists in the WRITE_C function in the msg_server.exe module in SAP NetWeaver 2004s, 7.01 SR1, 7.02 SP06, and 7.30 SP04 when sending a crafted SAP Message Server packet to TCP ports 36NN and/or 39NN. | ||||
| CVE-2013-1391 | 5 Capturecctv, Hachi, Huntcctv and 2 more | 40 Cdr 0410ve, Cdr 0410ve Firmware, Cdr 0820vde and 37 more | 2024-11-21 | 7.5 High |
| Authentication bypass vulnerability in the the web interface in Hunt CCTV, Capture CCTV, Hachi CCTV, NoVus CCTV, and Well-Vision Inc DVR systems allows a remote attacker to retrieve the device configuration. | ||||
| CVE-2013-1352 | 1 Veraxsystems | 1 Network Management System | 2024-11-21 | 7.5 High |
| Verax NMS prior to 2.1.0 uses an encryption key that is hardcoded in a JAR archive. | ||||
| CVE-2013-1202 | 1 Cisco | 1 Ace Application Control Engine Module A2 | 2024-11-21 | 7.5 High |
| Cisco ACE A2(3.6) allows log retention DoS. | ||||
| CVE-2013-0725 | 1 Hexagongeospatial | 1 Erdas Er Viewer | 2024-11-21 | 7.8 High |
| ERDAS ER Viewer 13.0 has dwmapi.dll and irml.dll libraries arbitrary code execution vulnerabilities | ||||