Filtered by vendor
Subscriptions
Total
12529 CVE
CVE | Vendors | Products | Updated | CVSS v3.1 |
---|---|---|---|---|
CVE-2013-4245 | 2 Debian, Gnome | 2 Debian Linux, Orca | 2024-11-21 | 7.3 High |
Orca has arbitrary code execution due to insecure Python module load | ||||
CVE-2013-4144 | 1 Swfupload Project | 1 Swfupload | 2024-11-21 | 9.8 Critical |
There is an object injection vulnerability in swfupload plugin for wordpress. | ||||
CVE-2013-4103 | 1 Cryptocat Project | 1 Cryptocat | 2024-11-21 | 9.8 Critical |
Cryptocat before 2.0.22 has Remote Script Injection due to improperly sanitizing user input | ||||
CVE-2013-4101 | 1 Cryptocat Project | 1 Cryptocat | 2024-11-21 | 5.3 Medium |
Cryptocat before 2.0.22 Link Markup Decorator HTML Handling Weakness | ||||
CVE-2013-4100 | 1 Cryptocat Project | 1 Cryptocat | 2024-11-21 | 7.5 High |
Cryptocat before 2.0.22 has Remote Denial of Service via username | ||||
CVE-2013-3945 | 1 Extensis | 1 Mrsid | 2024-11-21 | 7.8 High |
The MrSID plugin (MrSID.dll) before 4.37 for IrfanView allows remote attackers to execute arbitrary code via a nband tag. | ||||
CVE-2013-3738 | 1 Zabbix | 1 Zabbix | 2024-11-21 | 9.8 Critical |
A File Inclusion vulnerability exists in Zabbix 2.0.6 due to inadequate sanitization of request strings in CGI scripts, which could let a remote malicious user execute arbitrary code. | ||||
CVE-2013-3718 | 4 Debian, Gnome, Opensuse and 1 more | 4 Debian Linux, Evince, Opensuse and 1 more | 2024-11-21 | 5.5 Medium |
evince is missing a check on number of pages which can lead to a segmentation fault | ||||
CVE-2013-2571 | 1 Hcomm | 1 Xpient Iris | 2024-11-21 | 9.8 Critical |
Iris 3.8 before build 1548, as used in Xpient point of sale (POS) systems, allows remote attackers to execute arbitrary commands via a crafted request to TCP port 7510, as demonstrated by opening the cash drawer. | ||||
CVE-2013-2259 | 1 Cryptocat Project | 1 Cryptocat | 2024-11-21 | 9.8 Critical |
Cryptocat before 2.0.22 has Arbitrary Code Execution on Firefox Conversation Overview | ||||
CVE-2013-2227 | 2 Debian, Glpi-project | 2 Debian Linux, Glpi | 2024-11-21 | 7.5 High |
GLPI 0.83.7 has Local File Inclusion in common.tabs.php. | ||||
CVE-2013-2103 | 1 Redhat | 1 Openshift | 2024-11-21 | 8.1 High |
OpenShift cartridge allows remote URL retrieval | ||||
CVE-2013-2093 | 1 Dolibarr | 1 Dolibarr Erp\/crm | 2024-11-21 | 9.8 Critical |
Dolibarr ERP/CRM 3.3.1 does not properly validate user input in viewimage.php and barcode.lib.php which allows remote attackers to execute arbitrary commands. | ||||
CVE-2013-1930 | 2 Fedoraproject, Mantisbt | 2 Fedora, Mantisbt | 2024-11-21 | 4.3 Medium |
MantisBT 1.2.12 before 1.2.15 allows authenticated users to by the workflow restriction and close issues. | ||||
CVE-2013-1910 | 2 Baseurl, Debian | 2 Yum, Debian Linux | 2024-11-21 | 9.8 Critical |
yum does not properly handle bad metadata, which allows an attacker to cause a denial of service and possibly have other unspecified impact via a Trojan horse file in the metadata of a remote repository. | ||||
CVE-2013-1889 | 1 Mod Ruid2 Project | 1 Mod Ruid2 | 2024-11-21 | 7.5 High |
mod_ruid2 before 0.9.8 improperly handles file descriptors which allows remote attackers to bypass security using a CGI script to break out of the chroot. | ||||
CVE-2013-1820 | 2 Fedoraproject, Redhat | 2 Fedora, Tuned | 2024-11-21 | 5.5 Medium |
tuned before 2.x allows local users to kill running processes due to insecure permissions with tuned's ktune service. | ||||
CVE-2013-1816 | 4 Debian, Fedoraproject, Mediawiki and 1 more | 4 Debian Linux, Fedora, Mediawiki and 1 more | 2024-11-21 | 7.5 High |
MediaWiki before 1.19.4 and 1.20.x before 1.20.3 allows remote attackers to cause a denial of service (application crash) by sending a specially crafted request. | ||||
CVE-2013-1811 | 2 Debian, Mantisbt | 2 Debian Linux, Mantisbt | 2024-11-21 | 4.3 Medium |
An access control issue in MantisBT before 1.2.13 allows users with "Reporter" permissions to change any issue to "New". | ||||
CVE-2013-1751 | 1 Twiki | 1 Twiki | 2024-11-21 | 9.8 Critical |
TWiki before 5.1.4 allows remote attackers to execute arbitrary shell commands by sending a crafted '%MAKETEXT{}%' parameter value containing Perl backtick characters. |