Total
307697 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2013-1597 | 1 Vivotek | 2 Pt7135, Pt7135 Firmware | 2024-11-21 | 4.0 MEDIUM | 6.5 MEDIUM |
| A Directory Traversal vulnerability exists in Vivotek PT7135 IP Cameras 0300a and 0400a via a specially crafted GET request, which could let a malicious user obtain user credentials. | |||||
| CVE-2013-1596 | 1 Vivotek | 2 Pt7135, Pt7135 Firmware | 2024-11-21 | 5.0 MEDIUM | 5.3 MEDIUM |
| An Authentication Bypass Vulnerability exists in Vivotek PT7135 IP Camera 0300a and 0400a via specially crafted RTSP packets to TCP port 554. | |||||
| CVE-2013-1595 | 1 Vivotek | 2 Pt7135, Pt7135 Firmware | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| A Buffer Overflow vulnerability exists in Vivotek PT7135 IP Camera 0300a and 0400a via a specially crafted packet in the Authorization header field sent to the RTSP service, which could let a remote malicious user execute arbitrary code or cause a Denial of Service. | |||||
| CVE-2013-1594 | 1 Vivotek | 2 Pt7135, Pt7135 Firmware | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| An Information Disclosure vulnerability exists via a GET request in Vivotek PT7135 IP Camera 0300a and 0400a due to wireless keys and 3rd party credentials stored in clear text. | |||||
| CVE-2013-1593 | 1 Sap | 1 Netweaver | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| A Denial of Service vulnerability exists in the WRITE_C function in the msg_server.exe module in SAP NetWeaver 2004s, 7.01 SR1, 7.02 SP06, and 7.30 SP04 when sending a crafted SAP Message Server packet to TCP ports 36NN and/or 39NN. | |||||
| CVE-2013-1592 | 1 Sap | 1 Netweaver | 2024-11-21 | 10.0 HIGH | 9.8 CRITICAL |
| A Buffer Overflow vulnerability exists in the Message Server service _MsJ2EE_AddStatistics() function when sending specially crafted SAP Message Server packets to remote TCP ports 36NN and/or 39NN in SAP NetWeaver 2004s, 7.01 SR1, 7.02 SP06, and 7.30 SP04, which could let a remote malicious user execute arbitrary code. | |||||
| CVE-2013-1437 | 2 Fedoraproject, Module-metadata Project | 2 Fedora, Module-metadata | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| Eval injection vulnerability in the Module-Metadata module before 1.000015 for Perl allows remote attackers to execute arbitrary Perl code via the $Version value. | |||||
| CVE-2013-1429 | 2 Canonical, Debian | 3 Ubuntu Linux, Debian Linux, Lintian | 2024-11-21 | 4.3 MEDIUM | 6.3 MEDIUM |
| Lintian before 2.5.12 allows remote attackers to gather information about the "host" system using crafted symlinks. | |||||
| CVE-2013-1426 | 1 Mahara | 1 Mahara | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
| Cross-site Scripting (XSS) in Mahara before 1.5.9 and 1.6.x before 1.6.4 allows remote attackers to inject arbitrary web script or HTML via the TinyMCE editor. | |||||
| CVE-2013-1425 | 2 Debian, Ldap Git Backup Project | 2 Debian Linux, Ldap Git Backup | 2024-11-21 | 2.1 LOW | 5.5 MEDIUM |
| ldap-git-backup before 1.0.4 exposes password hashes due to incorrect directory permissions. | |||||
| CVE-2013-1422 | 1 Webcalendar Project | 1 Webcalendar | 2024-11-21 | 5.0 MEDIUM | 5.3 MEDIUM |
| webcalendar before 1.2.7 shows the reason for a failed login (e.g., "no such user"). | |||||
| CVE-2013-1420 | 1 Get-simple | 1 Getsimple Cms | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
| Multiple cross-site scripting (XSS) vulnerabilities in GetSimple CMS before 3.2.1 allow remote attackers to inject arbitrary web script or HTML via the (1) id parameter to backup-edit.php; (2) title or (3) menu parameter to edit.php; or (4) path or (5) returnid parameter to filebrowser.php in admin/. NOTE: the path parameter in admin/upload.php vector is already covered by CVE-2012-6621. | |||||
| CVE-2013-1410 | 1 Perforce | 1 P4web | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
| Perforce P4web 2011.1 and 2012.1 has multiple XSS vulnerabilities | |||||
| CVE-2013-1401 | 1 Cardozatechnologies | 1 Wordpress Poll | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| Multiple security bypass vulnerabilities in the editAnswer, deleteAnswer, addAnswer, and deletePoll functions in WordPress Poll Plugin 34.5 for WordPress allow a remote attacker to add, edit, and delete an answer and delete a poll. | |||||
| CVE-2013-1400 | 1 Cardozatechnologies | 1 Wordpress Poll | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| Multiple SQL injection vulnerabilities in CWPPoll.js in WordPress Poll Plugin 34.5 for WordPress allow attackers to execute arbitrary SQL commands via the pollid or poll_id parameter in a viewPollResults or userlogs action. | |||||
| CVE-2013-1391 | 5 Capturecctv, Hachi, Huntcctv and 2 more | 40 Cdr 0410ve, Cdr 0410ve Firmware, Cdr 0820vde and 37 more | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| Authentication bypass vulnerability in the the web interface in Hunt CCTV, Capture CCTV, Hachi CCTV, NoVus CCTV, and Well-Vision Inc DVR systems allows a remote attacker to retrieve the device configuration. | |||||
| CVE-2013-1360 | 1 Sonicwall | 4 Analyzer, Global Management System, Universal Management Appliance and 1 more | 2024-11-21 | 10.0 HIGH | 9.8 CRITICAL |
| An Authentication Bypass vulnerability exists in DELL SonicWALL Global Management System (GMS) 4.1, 5.0, 5.1, 6.0, and 7.0, Analyzer 7.0, Universal Management Appliance (UMA) 5.1, 6.0, and 7.0 and ViewPoint 4.1, 5.0, and 6.0 via a crafted request to the SGMS interface, which could let a remote malicious user obtain administrative access. | |||||
| CVE-2013-1359 | 1 Sonicwall | 4 Analyzer, Global Management System, Universal Management Appliance and 1 more | 2024-11-21 | 10.0 HIGH | 9.8 CRITICAL |
| An Authentication Bypass Vulnerability exists in DELL SonicWALL Analyzer 7.0, Global Management System (GMS) 4.1, 5.0, 5.1, 6.0, and 7.0; Universal Management Appliance (UMA) 5.1, 6.0, and 7.0 and ViewPoint 4.1, 5.0, 5.1, and 6.0 via the skipSessionCheck parameter to the UMA interface (/appliance/), which could let a remote malicious user obtain access to the root account. | |||||
| CVE-2013-1353 | 1 Orangehrm | 1 Orangehrm | 2024-11-21 | 3.5 LOW | 5.4 MEDIUM |
| Orange HRM 2.7.1 allows XSS via the vacancy name. | |||||
| CVE-2013-1352 | 1 Veraxsystems | 1 Network Management System | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| Verax NMS prior to 2.1.0 uses an encryption key that is hardcoded in a JAR archive. | |||||