ReportizFlow
Filtered by vendor
Subscriptions
Total
322985 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2013-0243 | 1 Haskell | 1 Hs-tls | 2024-11-21 | 7.4 High |
| haskell-tls-extra before 0.6.1 has Basic Constraints attribute vulnerability may lead to Man in the Middle attacks on TLS connections | ||||
| CVE-2013-0196 | 1 Redhat | 2 Enterprise Linux, Openshift | 2024-11-21 | 6.5 Medium |
| A CSRF issue was found in OpenShift Enterprise 1.2. The web console is using 'Basic authentication' and the REST API has no CSRF attack protection mechanism. This can allow an attacker to obtain the credential and the Authorization: header when requesting the REST API via web browser. | ||||
| CVE-2013-0195 | 1 Matomo | 1 Matomo | 2024-11-21 | 6.1 Medium |
| Cross-site Scripting (XSS) in Piwik before 1.10.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. NOTE: This is a different vulnerability than CVE-2013-0193 and CVE-2013-0194. | ||||
| CVE-2013-0194 | 1 Matomo | 1 Matomo | 2024-11-21 | 6.1 Medium |
| Cross-site Scripting (XSS) in Piwik before 1.10.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. NOTE: This is a different vulnerability than CVE-2013-0193 and CVE-2013-0195. | ||||
| CVE-2013-0193 | 1 Matomo | 1 Matomo | 2024-11-21 | 6.1 Medium |
| Cross-site Scripting (XSS) in Piwik before 1.10.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. NOTE: This is a different vulnerability than CVE-2013-0194 and CVE-2013-0195. | ||||
| CVE-2013-0192 | 1 Simplemachines | 1 Simple Machines Forum | 2024-11-21 | 4.9 Medium |
| File Disclosure in SMF (SimpleMachines Forum) <= 2.0.3: Forum admin can read files such as the database config. | ||||
| CVE-2013-0186 | 1 Redhat | 3 Cloudforms, Cloudforms Managementengine, Manageiq Enterprise Virtualization Manager | 2024-11-21 | 6.1 Medium |
| Multiple cross-site scripting (XSS) vulnerabilities in ManageIQ EVM allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | ||||
| CVE-2013-0185 | 1 Redhat | 2 Cloudforms Managementengine, Manageiq Enterprise Virtualization Manager | 2024-11-21 | N/A |
| Cross-site request forgery (CSRF) vulnerability in ManageIQ Enterprise Virtualization Manager (EVM) allows remote attackers to hijack the authentication of users for requests that have unspecified impact via unknown vectors. | ||||
| CVE-2013-0180 | 1 Redislabs | 1 Redis | 2024-11-21 | 5.5 Medium |
| Insecure temporary file vulnerability in Redis 2.6 related to /tmp/redis.ds. | ||||
| CVE-2013-0178 | 1 Redislabs | 1 Redis | 2024-11-21 | 5.5 Medium |
| Insecure temporary file vulnerability in Redis before 2.6 related to /tmp/redis-%p.vm. | ||||
| CVE-2013-0165 | 1 Redhat | 1 Openshift | 2024-11-21 | 7.3 High |
| cartridges/openshift-origin-cartridge-mongodb-2.2/info/bin/dump.sh in OpenShift does not properly create files in /tmp. | ||||
| CVE-2013-0163 | 1 Redhat | 1 Openshift | 2024-11-21 | 5.5 Medium |
| OpenShift haproxy cartridge: predictable /tmp in set-proxy connection hook which could facilitate DoS | ||||
| CVE-2013-0161 | 1 Havalite | 1 Havalite | 2024-11-21 | 5.4 Medium |
| Havalite CMS 1.1.7 has a stored XSS vulnerability | ||||
| CVE-2013-0159 | 1 Fedoraproject | 1 Fedora | 2024-11-21 | N/A |
| The fedora-business-cards package before 1-0.1.beta1.fc17 on Fedora 17 and before 1-0.1.beta1.fc18 on Fedora 18 allows local users to cause a denial of service or write to arbitrary files via a symlink attack on /tmp/fedora-business-cards-buffer.svg. | ||||
| CVE-2012-6721 | 1 Socialengine | 1 Socialengine | 2024-11-21 | 6.3 Medium |
| Multiple cross-site request forgery (CSRF) vulnerabilities in the (1) Forum, (2) Event, and (3) Classifieds plugins in SocialEngine before 4.2.4. | ||||
| CVE-2012-6720 | 1 Socialengine | 1 Socialengine | 2024-11-21 | 6.1 Medium |
| Multiple cross-site scripting (XSS) vulnerabilities in SocialEngine before 4.2.4 allow remote attackers to inject arbitrary web script or HTML via the (1) title parameter to music/create, (2) location parameter to events/create, or (3) search parameter to widget/index/content_id/*. | ||||
| CVE-2012-6719 | 1 Sharebar Project | 1 Sharebar | 2024-11-21 | N/A |
| The sharebar plugin before 1.2.2 for WordPress has SQL injection. | ||||
| CVE-2012-6718 | 1 Sharebar Project | 1 Sharebar | 2024-11-21 | N/A |
| The sharebar plugin before 1.2.2 for WordPress has XSS, a different issue than CVE-2013-3491. | ||||
| CVE-2012-6717 | 1 Redirection | 1 Redirection | 2024-11-21 | N/A |
| The redirection plugin before 2.2.12 for WordPress has XSS, a different issue than CVE-2011-4562. | ||||
| CVE-2012-6716 | 1 Pixelite | 1 Events Manager | 2024-11-21 | N/A |
| The events-manager plugin before 5.1.7 for WordPress has XSS via JSON call links. | ||||