Export limit exceeded: 338009 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (338009 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2013-4521 | 1 Nuxeo | 1 Nuxeo | 2024-11-21 | 9.8 Critical |
| RichFaces implementation in Nuxeo Platform 5.6.0 before HF27 and 5.8.0 before HF-01 does not restrict the classes for which deserialization methods can be called, which allows remote attackers to execute arbitrary code via crafted serialized data. NOTE: this vulnerability may overlap CVE-2013-2165. | ||||
| CVE-2013-4518 | 1 Redhat | 2 Enterprise Linux, Update Infrastructure | 2024-11-21 | 5.5 Medium |
| RHUI (Red Hat Update Infrastructure) 2.1.3 has world readable PKI entitlement certificates | ||||
| CVE-2013-4486 | 2 Linux, Redhat | 2 Linux Kernel, Zanata | 2024-11-21 | 9.8 Critical |
| Zanata 3.0.0 through 3.1.2 has RCE due to EL interpolation in logging | ||||
| CVE-2013-4462 | 1 Portable Phpmyadmin Project | 1 Portable Phpmyadmin | 2024-11-21 | 9.1 Critical |
| WordPress Portable phpMyAdmin Plugin has an authentication bypass vulnerability | ||||
| CVE-2013-4454 | 1 Getbutterfly | 1 Portable-phpmyadmin | 2024-11-21 | 9.1 Critical |
| WordPress Portable phpMyAdmin Plugin 1.4.1 has Multiple Security Bypass Vulnerabilities | ||||
| CVE-2013-4451 | 1 Gitolite | 1 Gitolite | 2024-11-21 | N/A |
| gitolite commit fa06a34 through 3.5.3 might allow attackers to have unspecified impact via vectors involving world-writable permissions when creating (1) ~/.gitolite.rc, (2) ~/.gitolite, or (3) ~/repositories/gitolite-admin.git on fresh installs. | ||||
| CVE-2013-4441 | 1 Pwgen Project | 1 Pwgen | 2024-11-21 | 9.8 Critical |
| The Phonemes mode in Pwgen 2.06 generates predictable passwords, which makes it easier for context-dependent attackers to guess the password via a brute-force attack. | ||||
| CVE-2013-4423 | 1 Redhat | 2 Cloudforms, Cloudforms Managementengine | 2024-11-21 | 5.5 Medium |
| CloudForms stores user passwords in recoverable format | ||||
| CVE-2013-4412 | 3 Berlios, Debian, Gnu | 3 Slim, Debian Linux, Glibc | 2024-11-21 | 7.5 High |
| slim has NULL pointer dereference when using crypt() method from glibc 2.17 | ||||
| CVE-2013-4411 | 2 Fedoraproject, Reviewboard | 2 Fedora, Reviewboard | 2024-11-21 | 4.3 Medium |
| Review Board: URL processing gives unauthorized users access to review lists | ||||
| CVE-2013-4410 | 2 Fedoraproject, Reviewboard | 2 Fedora, Reviewboard | 2024-11-21 | 7.5 High |
| ReviewBoard: has an access-control problem in REST API | ||||
| CVE-2013-4409 | 3 Fedoraproject, Redhat, Reviewboard | 4 Fedora, Enterprise Linux, Djblets and 1 more | 2024-11-21 | 9.8 Critical |
| An eval() vulnerability exists in Python Software Foundation Djblets 0.7.21 and Beanbag Review Board before 1.7.15 when parsing JSON requests. | ||||
| CVE-2013-4395 | 1 Simplemachines | 1 Simple Machines Forum | 2024-11-21 | 6.1 Medium |
| Simple Machines Forum (SMF) through 2.0.5 has XSS | ||||
| CVE-2013-4374 | 1 Redhat | 2 Jboss Operations Network, Rhq Mongo Db Drift Server | 2024-11-21 | 7.1 High |
| An insecurity temporary file vulnerability exists in RHQ Mongo DB Drift Server through 2013-09-25 when unpacking zipped files. | ||||
| CVE-2013-4367 | 2 Linux, Ovirt | 2 Linux Kernel, Ovirt-engine | 2024-11-21 | 7.8 High |
| ovirt-engine 3.2 running on Linux kernel 3.1 and newer creates certain files world-writeable due to an upstream kernel change which impacted how python's os.chmod() works when passed a mode of '-1'. | ||||
| CVE-2013-4364 | 1 Redhat | 1 Openshift | 2024-11-21 | N/A |
| (1) oo-analytics-export and (2) oo-analytics-import in the openshift-origin-broker-util package in Red Hat OpenShift Enterprise 1 and 2 allow local users to have unspecified impact via a symlink attack on an unspecified file in /tmp. | ||||
| CVE-2013-4357 | 5 Canonical, Debian, Eglibc and 2 more | 5 Ubuntu Linux, Debian Linux, Eglibc and 2 more | 2024-11-21 | 7.5 High |
| The eglibc package before 2.14 incorrectly handled the getaddrinfo() function. An attacker could use this issue to cause a denial of service. | ||||
| CVE-2013-4335 | 1 Openpne | 1 Opopensocialplugin | 2024-11-21 | 9.8 Critical |
| opOpenSocialPlugin 0.8.2.1, > 0.9.9.2, 0.9.13, 1.2.6: Multiple XML External Entity Injection Vulnerabilities | ||||
| CVE-2013-4334 | 1 Tejimaya | 1 Opwebapiplugin | 2024-11-21 | 9.8 Critical |
| opWebAPIPlugin 0.5.1, 0.4.0, and 0.1.0: XXE Vulnerabilities | ||||
| CVE-2013-4333 | 1 Tejimaya | 1 Openpne | 2024-11-21 | 9.1 Critical |
| OpenPNE 3 versions 3.8.7, 3.6.11, 3.4.21.1, 3.2.7.6, 3.0.8.5 has an External Entity Injection Vulnerability | ||||