Export limit exceeded: 338959 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (338959 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2013-7381 | 1 Libnotify Project | 1 Libnotify | 2024-11-21 | 9.8 Critical |
| libnotify before 1.0.4 for Node.js allows remote attackers to execute arbitrary commands via unspecified characters in a call to libnotify.notify. | ||||
| CVE-2013-7380 | 1 Ep Imageconvert Project | 1 Ep Imageconvert | 2024-11-21 | 9.8 Critical |
| The Etherpad Lite ep_imageconvert Plugin has a Remote Command Injection Vulnerability | ||||
| CVE-2013-7378 | 1 Hubot Scripts Project | 1 Hubot Scripts | 2024-11-21 | 9.8 Critical |
| scripts/email.coffee in the Hubot Scripts module before 2.4.4 for Node.js allows remote attackers to execute arbitrary commands. | ||||
| CVE-2013-7371 | 2 Debian, Sencha | 2 Debian Linux, Connect | 2024-11-21 | 6.1 Medium |
| node-connects before 2.8.2 has cross site scripting in Sencha Labs Connect middleware (vulnerability due to incomplete fix for CVE-2013-7370) | ||||
| CVE-2013-7370 | 4 Debian, Opensuse, Redhat and 1 more | 4 Debian Linux, Opensuse, Openshift and 1 more | 2024-11-21 | 6.1 Medium |
| node-connect before 2.8.1 has XSS in the Sencha Labs Connect middleware | ||||
| CVE-2013-7351 | 1 Shaarli Project | 1 Shaarli | 2024-11-21 | 6.1 Medium |
| Multiple cross-site scripting (XSS) vulnerabilities in index.php in Shaarli allow remote attackers to inject arbitrary web script or HTML via the URL to the (1) showRSS, (2) showATOM, or (3) showDailyRSS function; a (4) file name to the importFile function; or (5) vectors related to bookmarks. | ||||
| CVE-2013-7333 | 1 Projectfloodlight | 1 Open Sdn Controller | 2024-11-21 | 7.5 High |
| A vulnerability in version 0.90 of the Open Floodlight SDN controller software could allow an attacker with access to the OpenFlow control network to selectively disconnect individual switches from the SDN controller, causing degradation and eventually denial of network access to all devices connected to the targeted switch. | ||||
| CVE-2013-7325 | 1 Debian | 2 Debian Linux, Devscripts | 2024-11-21 | 8.8 High |
| An issue exists in uscan in devscripts before 2.13.19, which could let a remote malicious user execute arbitrary code via a crafted tarball. | ||||
| CVE-2013-7324 | 1 Webkitgtk | 1 Webkitgtk | 2024-11-21 | 5.3 Medium |
| Webkit-GTK 2.x (any version with HTML5 audio/video support based on GStreamer) allows remote attackers to trigger unexpectedly high sound volume via malicious javascript. NOTE: this WebKit-GTK behavior complies with existing W3C standards and existing practices for GNOME desktop integration. | ||||
| CVE-2013-7287 | 1 Mobileiron | 2 Sentry, Virtual Smartphone Platform | 2024-11-21 | 9.8 Critical |
| MobileIron VSP < 5.9.1 and Sentry < 5.0 has an insecure encryption scheme. | ||||
| CVE-2013-7286 | 1 Att | 2 Mobileiron Sentry, Mobileiron Virtual Smartphone Platform | 2024-11-21 | 7.5 High |
| MobileIron VSP < 5.9.1 and Sentry < 5.0 has a weak password obfuscation algorithm | ||||
| CVE-2013-7245 | 1 Sybase | 1 Adaptive Server Enterprise | 2024-11-21 | N/A |
| The Backup Server component in SAP Sybase ASE 15.7 before SP51 allows remote attackers to bypass access restrictions and perform database dumps by leveraging failure to validate credentials, aka SAP Security Note 1927859. | ||||
| CVE-2013-7203 | 1 Gitolite | 1 Gitolite | 2024-11-21 | N/A |
| gitolite before commit fa06a34 might allow local users to read arbitrary files in repositories via vectors related to the user umask when running gitolite setup. | ||||
| CVE-2013-7202 | 1 Paypal | 1 Paypal | 2024-11-21 | N/A |
| The WebHybridClient class in PayPal 5.3 and earlier for Android allows remote attackers to execute arbitrary JavaScript on the system. | ||||
| CVE-2013-7201 | 1 Paypal | 1 Paypal | 2024-11-21 | N/A |
| WebHybridClient.java in PayPal 5.3 and earlier for Android ignores SSL errors, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information. | ||||
| CVE-2013-7185 | 1 Daum | 1 Potplayer | 2024-11-21 | 7.8 High |
| PotPlayer 1.5.40688: .avi File Memory Corruption | ||||
| CVE-2013-7173 | 1 Belkin | 2 N750, N750 Firmware | 2024-11-21 | 9.8 Critical |
| Belkin n750 routers have a buffer overflow. | ||||
| CVE-2013-7172 | 1 Slackware | 1 Slackware Linux | 2024-11-21 | 7.8 High |
| Slackware 13.1, 13.37, 14.0 and 14.1 contain world-writable permissions on the iodbctest and iodbctestw programs within the libiodbc package, which could allow local users to use RPATH information to execute arbitrary code with root privileges. | ||||
| CVE-2013-7171 | 1 Slackware | 1 Slackware Linux | 2024-11-21 | 9.8 Critical |
| Slackware 14.0 and 14.1, and Slackware LLVM 3.0-i486-2 and 3.3-i486-2, contain world-writable permissions on the /tmp directory which could allow remote attackers to execute arbitrary code with root privileges. | ||||
| CVE-2013-7098 | 1 Infradead | 1 Openconnect | 2024-11-21 | 9.8 Critical |
| OpenConnect VPN client with GnuTLS before 5.02 contains a heap overflow if MTU is increased on reconnection. | ||||