Export limit exceeded: 338009 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (338009 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2013-2600 | 2 Debian, Miniupnp Project | 2 Debian Linux, Miniupnpd | 2024-11-21 | 7.5 High |
| MiniUPnPd has information disclosure use of snprintf() | ||||
| CVE-2013-2574 | 1 Foscam | 2 Fi8620, Fi8620 Firmware | 2024-11-21 | 7.5 High |
| An Access vulnerability exists in FOSCAM IP Camera FI8620 due to insufficient access restrictions in the /tmpfs/ and /log/ directories, which could let a malicious user obtain sensitive information. | ||||
| CVE-2013-2573 | 1 Tp-link | 6 Tl-sc 3130g, Tl-sc 3130g Firmware, Tl-sc 3171g and 3 more | 2024-11-21 | 9.8 Critical |
| A Command Injection vulnerability exists in the ap parameter to the /cgi-bin/mft/wireless_mft.cgi file in TP-Link IP Cameras TL-SC 3130, TL-SC 3130G, 3171G. and 4171G 1.6.18P12s, which could let a malicious user execute arbitrary code. | ||||
| CVE-2013-2572 | 1 Tp-link | 8 Tl-sc 3130, Tl-sc 3130 Firmware, Tl-sc 3130g and 5 more | 2024-11-21 | 7.5 High |
| A Security Bypass vulnerability exists in TP-LINK IP Cameras TL-SC 3130, TL-SC 3130G, 3171G, 4171G, and 3130 1.6.18P12 due to default hard-coded credentials for the administrative Web interface, which could let a malicious user obtain unauthorized access to CGI files. | ||||
| CVE-2013-2571 | 1 Hcomm | 1 Xpient Iris | 2024-11-21 | 9.8 Critical |
| Iris 3.8 before build 1548, as used in Xpient point of sale (POS) systems, allows remote attackers to execute arbitrary commands via a crafted request to TCP port 7510, as demonstrated by opening the cash drawer. | ||||
| CVE-2013-2570 | 1 Zavio | 4 F3105, F3105 Firmware, F312a and 1 more | 2024-11-21 | 9.8 Critical |
| A Command Injection vulnerability exists in Zavio IP Cameras through 1.6.3 in the General.Time.NTP.Server parameter to the sub_C8C8 function of the binary /opt/cgi/view/param, which could let a remove malicious user execute arbitrary code. | ||||
| CVE-2013-2569 | 1 Zavio | 4 F3105, F3105 Firmware, F312a and 1 more | 2024-11-21 | 7.5 High |
| A Security Bypass vulnerability exists in Zavio IP Cameras through 1.6.3 because the RTSP protocol authentication is disabled by default, which could let a malicious user obtain unauthorized access to the live video stream. | ||||
| CVE-2013-2568 | 1 Zavio | 4 F3105, F3105 Firmware, F312a and 1 more | 2024-11-21 | 9.8 Critical |
| A Command Injection vulnerability exists in Zavio IP Cameras through 1.6.3 via the ap parameter to /cgi-bin/mft/wireless_mft.cgi, which could let a remote malicious user execute arbitrary code. | ||||
| CVE-2013-2567 | 1 Zavio | 4 F3105, F3105 Firmware, F312a and 1 more | 2024-11-21 | 7.5 High |
| An Authentication Bypass vulnerability exists in the web interface in Zavio IP Cameras through 1.6.03 due to a hardcoded admin account found in boa.conf, which lets a remote malicious user obtain sensitive information. | ||||
| CVE-2013-2565 | 1 Mambo-foundation | 1 Mambo Cms | 2024-11-21 | N/A |
| A vulnerability in Mambo CMS v4.6.5 where the scripts thumbs.php, editorFrame.php, editor.php, images.php, manager.php discloses the root path of the webserver. | ||||
| CVE-2013-2516 | 1 Fileutils Project | 1 Fileutils | 2024-11-21 | N/A |
| Vulnerability in FileUtils v0.7, Ruby Gem Fileutils <= v0.7 Command Injection vulnerability in user supplied url variable that is passed to the shell. | ||||
| CVE-2013-2513 | 1 Milboj | 1 Flash Tool | 2024-11-21 | 9.8 Critical |
| The flash_tool gem through 0.6.0 for Ruby allows command execution via shell metacharacters in the name of a downloaded file. | ||||
| CVE-2013-2512 | 1 Ftpd Project | 1 Ftpd | 2024-11-21 | 9.8 Critical |
| The ftpd gem 0.2.1 for Ruby allows remote attackers to execute arbitrary OS commands via shell metacharacters in a LIST or NLST command argument within FTP protocol traffic. | ||||
| CVE-2013-2499 | 1 Simplehrm | 1 Simplehrm | 2024-11-21 | 7.5 High |
| SimpleHRM 2.3 and earlier could allow remote attackers to bypass the authentication process in 'user_manager.php' via spoofing a cookie. | ||||
| CVE-2013-2474 | 1 Aws-dms | 1 Aws Xms | 2024-11-21 | 7.5 High |
| Directory traversal vulnerability in AWS XMS 2.5 allows remote attackers to view arbitrary files via the 'what' parameter. | ||||
| CVE-2013-2294 | 1 Viewgit Project | 1 Viewgit | 2024-11-21 | 6.1 Medium |
| Multiple cross-site scripting (XSS) vulnerabilities in ViewGit before 0.0.7 allow remote repository users to inject arbitrary web script or HTML via a (1) tag name to the Shortlog table in templates/shortlog.php or branch name to the (2) Shortlog table in templates/shortlog.php or (3) Heads table in plates/summary.php. | ||||
| CVE-2013-2267 | 1 Fudforum | 1 Fudforum | 2024-11-21 | 7.2 High |
| PHP Code Injection vulnerability in FUDforum Bulletin Board Software 3.0.4 could allow remote attackers to execute arbitrary code on the system. | ||||
| CVE-2013-2262 | 1 Cryptocat Project | 1 Cryptocat | 2024-11-21 | 7.5 High |
| Cryptocat strophe.js before 2.0.22 has information disclosure | ||||
| CVE-2013-2261 | 1 Cryptocat Project | 1 Cryptocat | 2024-11-21 | 7.5 High |
| Cryptocat before 2.0.22 Chrome Extension 'img/keygen.gif' has Information Disclosure | ||||
| CVE-2013-2260 | 1 Cryptocat Project | 1 Cryptocat | 2024-11-21 | 9.8 Critical |
| Cryptocat before 2.0.22: Cryptocat.random() Function Array Key has Entropy Weakness | ||||