Total
10352 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2013-2259 | 1 Cryptocat Project | 1 Cryptocat | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
Cryptocat before 2.0.22 has Arbitrary Code Execution on Firefox Conversation Overview | |||||
CVE-2013-2227 | 2 Debian, Glpi-project | 2 Debian Linux, Glpi | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
GLPI 0.83.7 has Local File Inclusion in common.tabs.php. | |||||
CVE-2013-2103 | 1 Redhat | 1 Openshift | 2024-11-21 | 5.5 MEDIUM | 8.1 HIGH |
OpenShift cartridge allows remote URL retrieval | |||||
CVE-2013-2093 | 1 Dolibarr | 1 Dolibarr Erp\/crm | 2024-11-21 | 10.0 HIGH | 9.8 CRITICAL |
Dolibarr ERP/CRM 3.3.1 does not properly validate user input in viewimage.php and barcode.lib.php which allows remote attackers to execute arbitrary commands. | |||||
CVE-2013-1930 | 2 Fedoraproject, Mantisbt | 2 Fedora, Mantisbt | 2024-11-21 | 4.0 MEDIUM | 4.3 MEDIUM |
MantisBT 1.2.12 before 1.2.15 allows authenticated users to by the workflow restriction and close issues. | |||||
CVE-2013-1910 | 2 Baseurl, Debian | 2 Yum, Debian Linux | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
yum does not properly handle bad metadata, which allows an attacker to cause a denial of service and possibly have other unspecified impact via a Trojan horse file in the metadata of a remote repository. | |||||
CVE-2013-1889 | 1 Mod Ruid2 Project | 1 Mod Ruid2 | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
mod_ruid2 before 0.9.8 improperly handles file descriptors which allows remote attackers to bypass security using a CGI script to break out of the chroot. | |||||
CVE-2013-1820 | 2 Fedoraproject, Redhat | 2 Fedora, Tuned | 2024-11-21 | 4.7 MEDIUM | 5.5 MEDIUM |
tuned before 2.x allows local users to kill running processes due to insecure permissions with tuned's ktune service. | |||||
CVE-2013-1816 | 4 Debian, Fedoraproject, Mediawiki and 1 more | 4 Debian Linux, Fedora, Mediawiki and 1 more | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
MediaWiki before 1.19.4 and 1.20.x before 1.20.3 allows remote attackers to cause a denial of service (application crash) by sending a specially crafted request. | |||||
CVE-2013-1811 | 2 Debian, Mantisbt | 2 Debian Linux, Mantisbt | 2024-11-21 | 4.0 MEDIUM | 4.3 MEDIUM |
An access control issue in MantisBT before 1.2.13 allows users with "Reporter" permissions to change any issue to "New". | |||||
CVE-2013-1751 | 1 Twiki | 1 Twiki | 2024-11-21 | 10.0 HIGH | 9.8 CRITICAL |
TWiki before 5.1.4 allows remote attackers to execute arbitrary shell commands by sending a crafted '%MAKETEXT{}%' parameter value containing Perl backtick characters. | |||||
CVE-2013-1689 | 1 Mozilla | 1 Firefox | 2024-11-21 | 4.3 MEDIUM | 6.5 MEDIUM |
Mozilla Firefox 20.0a1 and earlier allows remote attackers to cause a denial of service (crash), related to event handling with frames. | |||||
CVE-2013-1607 | 1 Pdfkit Project | 1 Pdfkit | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
Ruby PDFKit gem prior to 0.5.3 has a Code Execution Vulnerability | |||||
CVE-2013-0342 | 1 Pyrad Project | 1 Pyrad | 2024-11-21 | 4.3 MEDIUM | 4.3 MEDIUM |
The CreateID function in packet.py in pyrad before 2.1 uses sequential packet IDs, which makes it easier for remote attackers to spoof packets by predicting the next ID, a different vulnerability than CVE-2013-0294. | |||||
CVE-2013-0267 | 1 Apache | 1 Vcl | 2024-11-21 | 6.5 MEDIUM | 8.8 HIGH |
The Privileges portion of the web GUI and the XMLRPC API in Apache VCL 2.3.x before 2.3.2, 2.2.x before 2.2.2 and 2.1 allow remote authenticated users with nodeAdmin, manageGroup, resourceGrant, or userGrant permissions to gain privileges, cause a denial of service, or conduct cross-site scripting (XSS) attacks by leveraging improper data validation. | |||||
CVE-2013-0243 | 1 Haskell | 1 Hs-tls | 2024-11-21 | 5.8 MEDIUM | 7.4 HIGH |
haskell-tls-extra before 0.6.1 has Basic Constraints attribute vulnerability may lead to Man in the Middle attacks on TLS connections | |||||
CVE-2013-0180 | 1 Redislabs | 1 Redis | 2024-11-21 | 3.6 LOW | 5.5 MEDIUM |
Insecure temporary file vulnerability in Redis 2.6 related to /tmp/redis.ds. | |||||
CVE-2013-0178 | 1 Redislabs | 1 Redis | 2024-11-21 | 3.6 LOW | 5.5 MEDIUM |
Insecure temporary file vulnerability in Redis before 2.6 related to /tmp/redis-%p.vm. | |||||
CVE-2013-0165 | 1 Redhat | 1 Openshift | 2024-11-21 | 7.5 HIGH | 7.3 HIGH |
cartridges/openshift-origin-cartridge-mongodb-2.2/info/bin/dump.sh in OpenShift does not properly create files in /tmp. | |||||
CVE-2012-6135 | 2 Phusion, Redhat | 2 Passenger, Openshift | 2024-11-21 | 6.4 MEDIUM | 7.5 HIGH |
RubyGems passenger 4.0.0 betas 1 and 2 allows remote attackers to delete arbitrary files during the startup process. |