Total
307683 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2013-10001 | 1 Htc | 5 Mail, One Sv, One X and 2 more | 2024-11-21 | 4.3 MEDIUM | 4.8 MEDIUM |
| A vulnerability was found in HTC One/Sense 4.x. It has been rated as problematic. Affected by this issue is the certification validation of the mail client. An exploit has been disclosed to the public and may be used. | |||||
| CVE-2013-0803 | 1 Polarbear Cms Project | 1 Polarbear Cms | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| A PHP File Upload Vulnerability exists in PolarBear CMS 2.5 via upload.php, which could let a malicious user execute arbitrary code. | |||||
| CVE-2013-0739 | 1 Chamilo | 1 Chamilo | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
| Chamilo 1.9.4 has XSS due to improper validation of user-supplied input by the chat.php script. | |||||
| CVE-2013-0738 | 1 Chamilo | 1 Chamilo | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
| Chamilo 1.9.4 has Multiple XSS and HTML Injection Vulnerabilities: blog.php and announcements.php. | |||||
| CVE-2013-0737 | 1 Boltwire | 1 Boltwire | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
| Cross-site scripting (XSS) vulnerability in BoltWire 3.5 and earlier allows remote attackers to inject arbitrary web script or HTML via the fieldnames parameter. | |||||
| CVE-2013-0725 | 1 Hexagongeospatial | 1 Erdas Er Viewer | 2024-11-21 | 6.9 MEDIUM | 7.8 HIGH |
| ERDAS ER Viewer 13.0 has dwmapi.dll and irml.dll libraries arbitrary code execution vulnerabilities | |||||
| CVE-2013-0594 | 1 Ibm | 1 Inotes | 2024-11-21 | 5.8 MEDIUM | 6.1 MEDIUM |
| Open redirect vulnerability in IBM iNotes before 8.5.3 Fix Pack 6 and 9.x before 9.0.1 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vectors. IBM X-Force ID: 83383. | |||||
| CVE-2013-0592 | 1 Ibm | 1 Inotes | 2024-11-21 | 3.5 LOW | 5.4 MEDIUM |
| Cross-site scripting (XSS) vulnerability in IBM iNotes before 8.5.3 Fix Pack 6 and 9.x before 9.0.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. IBM X-Force ID: 83815. | |||||
| CVE-2013-0589 | 1 Ibm | 1 Inotes | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| IBM iNotes before 8.5.3 Fix Pack 6 and 9.x before 9.0.1 allows remote attackers to bypass the remote image filtering mechanism and obtain sensitive information via a crafted e-mail message. IBM X-Force ID: 83371. | |||||
| CVE-2013-0570 | 1 Ibm | 12 Flex System Fabric Cn4093, Flex System Fabric En4093, Flex System Si4093 and 9 more | 2024-11-21 | 2.9 LOW | 5.3 MEDIUM |
| The Fibre Channel over Ethernet (FCoE) feature in IBM System Networking and Blade Network Technology (BNT) switches running IBM Networking Operating System (aka NOS, formerly BLADE Operating System) floods data frames with unknown MAC addresses out on all interfaces on the same VLAN, which might allow remote attackers to obtain sensitive information in opportunistic circumstances by eavesdropping on the broadcast domain. IBM X-Force ID: 83166. | |||||
| CVE-2013-0522 | 1 Ibm | 1 Lotus Notes | 2024-11-21 | 1.9 LOW | 7.0 HIGH |
| The Notes Client Single Logon feature in IBM Notes 8.0, 8.0.1, 8.0.2, 8.5, 8.5.1, 8.5.2, 8.5.3, and 9.0 on Windows allows local users to discover passwords via vectors involving an unspecified operating system communication mechanism for password transmission between Windows and Notes. IBM X-Force ID: 82531. | |||||
| CVE-2013-0517 | 1 Ibm | 1 Sterling External Authentication Server | 2024-11-21 | 7.2 HIGH | 7.8 HIGH |
| A Command Execution Vulnerability exists in IBM Sterling External Authentication Server 2.2.0, 2.3.01, 2.4.0, and 2.4.1 via an unspecified OS command, which could let a local malicious user execute arbitrary code. | |||||
| CVE-2013-0507 | 1 Ibm | 1 Infosphere Information Server | 2024-11-21 | 5.8 MEDIUM | 8.1 HIGH |
| IBM InfoSphere Information Server 8.1, 8.5, 8.7, 9.1 has a Session Fixation Vulnerability | |||||
| CVE-2013-0342 | 1 Pyrad Project | 1 Pyrad | 2024-11-21 | 4.3 MEDIUM | 4.3 MEDIUM |
| The CreateID function in packet.py in pyrad before 2.1 uses sequential packet IDs, which makes it easier for remote attackers to spoof packets by predicting the next ID, a different vulnerability than CVE-2013-0294. | |||||
| CVE-2013-0326 | 2 Debian, Openstack | 2 Debian Linux, Nova | 2024-11-21 | 2.1 LOW | 5.5 MEDIUM |
| OpenStack nova base images permissions are world readable | |||||
| CVE-2013-0294 | 2 Fedoraproject, Pyrad Project | 2 Fedora, Pyrad | 2024-11-21 | 4.3 MEDIUM | 5.9 MEDIUM |
| packet.py in pyrad before 2.1 uses weak random numbers to generate RADIUS authenticators and hash passwords, which makes it easier for remote attackers to obtain sensitive information via a brute force attack. | |||||
| CVE-2013-0293 | 1 Ovirt | 1 Node | 2024-11-21 | 7.2 HIGH | 7.8 HIGH |
| oVirt Node: Lock screen accepts F2 to drop to shell causing privilege escalation | |||||
| CVE-2013-0291 | 1 Imagely | 1 Nextgen Gallery | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| NextGEN Gallery Plugin for WordPress 1.9.10 and 1.9.11 has a Path Disclosure Vulnerability | |||||
| CVE-2013-0286 | 1 Pinboard Project | 1 Pinboard | 2024-11-21 | 3.5 LOW | 5.4 MEDIUM |
| Pinboard 1.0.6 theme for Wordpress has XSS. | |||||
| CVE-2013-0283 | 1 Theforeman | 1 Katello | 2024-11-21 | 3.5 LOW | 5.4 MEDIUM |
| Katello: Username in Notification page has cross site scripting | |||||