Export limit exceeded: 337951 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (337951 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2013-10009 | 1 Pychao Project | 1 Pychao | 2024-11-21 | 5.5 Medium |
| A vulnerability was found in DrAzraelTod pyChao and classified as critical. Affected by this issue is the function klauen/lesen of the file mod_fun/__init__.py. The manipulation leads to sql injection. The patch is identified as 9d8adbc07c384ba51c2583ce0819c9abb77dc648. It is recommended to apply a patch to fix this issue. VDB-217634 is the identifier assigned to this vulnerability. | ||||
| CVE-2013-10007 | 1 Wp-print-friendly Project | 1 Wp Print Friendly | 2024-11-21 | 5.3 Medium |
| A vulnerability classified as problematic has been found in ethitter WP-Print-Friendly up to 0.5.2. This affects an unknown part of the file wp-print-friendly.php. The manipulation leads to information disclosure. It is possible to initiate the attack remotely. Upgrading to version 0.5.3 is able to address this issue. The identifier of the patch is 437787292670c20b4abe20160ebbe8428187f2b4. It is recommended to upgrade the affected component. The identifier VDB-217269 was assigned to this vulnerability. | ||||
| CVE-2013-0803 | 1 Polarbear Cms Project | 1 Polarbear Cms | 2024-11-21 | 9.8 Critical |
| A PHP File Upload Vulnerability exists in PolarBear CMS 2.5 via upload.php, which could let a malicious user execute arbitrary code. | ||||
| CVE-2013-0739 | 1 Chamilo | 1 Chamilo | 2024-11-21 | 6.1 Medium |
| Chamilo 1.9.4 has XSS due to improper validation of user-supplied input by the chat.php script. | ||||
| CVE-2013-0738 | 1 Chamilo | 1 Chamilo | 2024-11-21 | 6.1 Medium |
| Chamilo 1.9.4 has Multiple XSS and HTML Injection Vulnerabilities: blog.php and announcements.php. | ||||
| CVE-2013-0737 | 1 Boltwire | 1 Boltwire | 2024-11-21 | 6.1 Medium |
| Cross-site scripting (XSS) vulnerability in BoltWire 3.5 and earlier allows remote attackers to inject arbitrary web script or HTML via the fieldnames parameter. | ||||
| CVE-2013-0725 | 1 Hexagongeospatial | 1 Erdas Er Viewer | 2024-11-21 | 7.8 High |
| ERDAS ER Viewer 13.0 has dwmapi.dll and irml.dll libraries arbitrary code execution vulnerabilities | ||||
| CVE-2013-0594 | 1 Ibm | 1 Inotes | 2024-11-21 | N/A |
| Open redirect vulnerability in IBM iNotes before 8.5.3 Fix Pack 6 and 9.x before 9.0.1 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vectors. IBM X-Force ID: 83383. | ||||
| CVE-2013-0592 | 1 Ibm | 1 Inotes | 2024-11-21 | N/A |
| Cross-site scripting (XSS) vulnerability in IBM iNotes before 8.5.3 Fix Pack 6 and 9.x before 9.0.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. IBM X-Force ID: 83815. | ||||
| CVE-2013-0589 | 1 Ibm | 1 Inotes | 2024-11-21 | N/A |
| IBM iNotes before 8.5.3 Fix Pack 6 and 9.x before 9.0.1 allows remote attackers to bypass the remote image filtering mechanism and obtain sensitive information via a crafted e-mail message. IBM X-Force ID: 83371. | ||||
| CVE-2013-0570 | 1 Ibm | 12 Flex System Fabric Cn4093, Flex System Fabric En4093, Flex System Si4093 and 9 more | 2024-11-21 | N/A |
| The Fibre Channel over Ethernet (FCoE) feature in IBM System Networking and Blade Network Technology (BNT) switches running IBM Networking Operating System (aka NOS, formerly BLADE Operating System) floods data frames with unknown MAC addresses out on all interfaces on the same VLAN, which might allow remote attackers to obtain sensitive information in opportunistic circumstances by eavesdropping on the broadcast domain. IBM X-Force ID: 83166. | ||||
| CVE-2013-0522 | 1 Ibm | 1 Lotus Notes | 2024-11-21 | N/A |
| The Notes Client Single Logon feature in IBM Notes 8.0, 8.0.1, 8.0.2, 8.5, 8.5.1, 8.5.2, 8.5.3, and 9.0 on Windows allows local users to discover passwords via vectors involving an unspecified operating system communication mechanism for password transmission between Windows and Notes. IBM X-Force ID: 82531. | ||||
| CVE-2013-0517 | 1 Ibm | 1 Sterling External Authentication Server | 2024-11-21 | 7.8 High |
| A Command Execution Vulnerability exists in IBM Sterling External Authentication Server 2.2.0, 2.3.01, 2.4.0, and 2.4.1 via an unspecified OS command, which could let a local malicious user execute arbitrary code. | ||||
| CVE-2013-0507 | 1 Ibm | 1 Infosphere Information Server | 2024-11-21 | 8.1 High |
| IBM InfoSphere Information Server 8.1, 8.5, 8.7, 9.1 has a Session Fixation Vulnerability | ||||
| CVE-2013-0342 | 1 Pyrad Project | 1 Pyrad | 2024-11-21 | 4.3 Medium |
| The CreateID function in packet.py in pyrad before 2.1 uses sequential packet IDs, which makes it easier for remote attackers to spoof packets by predicting the next ID, a different vulnerability than CVE-2013-0294. | ||||
| CVE-2013-0326 | 2 Debian, Openstack | 2 Debian Linux, Nova | 2024-11-21 | 5.5 Medium |
| OpenStack nova base images permissions are world readable | ||||
| CVE-2013-0294 | 2 Fedoraproject, Pyrad Project | 2 Fedora, Pyrad | 2024-11-21 | 5.9 Medium |
| packet.py in pyrad before 2.1 uses weak random numbers to generate RADIUS authenticators and hash passwords, which makes it easier for remote attackers to obtain sensitive information via a brute force attack. | ||||
| CVE-2013-0293 | 1 Ovirt | 1 Node | 2024-11-21 | 7.8 High |
| oVirt Node: Lock screen accepts F2 to drop to shell causing privilege escalation | ||||
| CVE-2013-0291 | 1 Imagely | 1 Nextgen Gallery | 2024-11-21 | 7.5 High |
| NextGEN Gallery Plugin for WordPress 1.9.10 and 1.9.11 has a Path Disclosure Vulnerability | ||||
| CVE-2013-0286 | 1 Pinboard Project | 1 Pinboard | 2024-11-21 | 5.4 Medium |
| Pinboard 1.0.6 theme for Wordpress has XSS. | ||||