Total
18201 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2013-2259 | 1 Cryptocat Project | 1 Cryptocat | 2024-11-21 | 9.8 Critical |
| Cryptocat before 2.0.22 has Arbitrary Code Execution on Firefox Conversation Overview | ||||
| CVE-2013-2198 | 1 Login Security Project | 1 Login Security | 2024-11-21 | 9.8 Critical |
| The Login Security module 6.x-1.x before 6.x-1.3 and 7.x-1.x before 7.x-1.3 for Drupal allows attackers to bypass intended restrictions via a crafted username. | ||||
| CVE-2013-2167 | 3 Debian, Openstack, Redhat | 3 Debian Linux, Python-keystoneclient, Openstack | 2024-11-21 | 9.8 Critical |
| python-keystoneclient version 0.2.3 to 0.2.5 has middleware memcache signing bypass | ||||
| CVE-2013-2166 | 4 Debian, Fedoraproject, Openstack and 1 more | 4 Debian Linux, Fedora, Python-keystoneclient and 1 more | 2024-11-21 | 9.8 Critical |
| python-keystoneclient version 0.2.3 to 0.2.5 has middleware memcache encryption bypass | ||||
| CVE-2013-2159 | 1 Monkey-project | 1 Monkey | 2024-11-21 | 9.8 Critical |
| Monkey HTTP Daemon: broken user name authentication | ||||
| CVE-2013-2095 | 1 Openshift-origin-controller Project | 1 Openshift-origin-controller | 2024-11-21 | 9.8 Critical |
| rubygem-openshift-origin-controller: API can be used to create applications via cartridge_cache.rb URI.prase() to perform command injection | ||||
| CVE-2013-2093 | 1 Dolibarr | 1 Dolibarr Erp\/crm | 2024-11-21 | 9.8 Critical |
| Dolibarr ERP/CRM 3.3.1 does not properly validate user input in viewimage.php and barcode.lib.php which allows remote attackers to execute arbitrary commands. | ||||
| CVE-2013-2091 | 1 Dolibarr | 1 Dolibarr Erp\/crm | 2024-11-21 | 9.8 Critical |
| SQL injection vulnerability in Dolibarr ERP/CRM 3.3.1 allows remote attackers to execute arbitrary SQL commands via the 'pays' parameter in fiche.php. | ||||
| CVE-2013-2060 | 1 Redhat | 1 Openshift | 2024-11-21 | 9.8 Critical |
| The download_from_url function in OpenShift Origin allows remote attackers to execute arbitrary commands via shell metacharacters in the URL of a request to download a cart. | ||||
| CVE-2013-2057 | 1 Yabb | 1 Yabb | 2024-11-21 | 9.8 Critical |
| YaBB through 2.5.2: 'guestlanguage' Cookie Parameter Local File Include Vulnerability | ||||
| CVE-2013-2018 | 1 Berkeley | 1 Boinc | 2024-11-21 | 9.8 Critical |
| Multiple SQL injection vulnerabilities in BOINC allow remote attackers to execute arbitrary SQL commands via unspecified vectors. | ||||
| CVE-2013-2010 | 2 Automattic, Boldgrid | 2 Wp Super Cache, W3 Total Cache | 2024-11-21 | 9.8 Critical |
| WordPress W3 Total Cache Plugin 0.9.2.8 has a Remote PHP Code Execution Vulnerability | ||||
| CVE-2013-20004 | 1 Starwindsoftware | 1 Iscsi San | 2024-11-21 | 9.8 Critical |
| A flaw was found in StarWind iSCSI target. StarWind service does not limit client connections and allocates memory on each connection attempt. An attacker could create a denial of service state by trying to connect a non-existent target multiple times. This affects iSCSI SAN (Windows Native) Version 6.0, build 2013-01-16. | ||||
| CVE-2013-20002 | 1 Themify | 1 Framework | 2024-11-21 | 9.8 Critical |
| Elemin allows remote attackers to upload and execute arbitrary PHP code via the Themify framework (before 1.2.2) wp-content/themes/elemin/themify/themify-ajax.php file. | ||||
| CVE-2013-1910 | 2 Baseurl, Debian | 2 Yum, Debian Linux | 2024-11-21 | 9.8 Critical |
| yum does not properly handle bad metadata, which allows an attacker to cause a denial of service and possibly have other unspecified impact via a Trojan horse file in the metadata of a remote repository. | ||||
| CVE-2013-1751 | 1 Twiki | 1 Twiki | 2024-11-21 | 9.8 Critical |
| TWiki before 5.1.4 allows remote attackers to execute arbitrary shell commands by sending a crafted '%MAKETEXT{}%' parameter value containing Perl backtick characters. | ||||
| CVE-2013-1744 | 1 Iris Citations Management Tool Project | 1 Iris Citations Management Tool | 2024-11-21 | 9.8 Critical |
| IRIS citations management tool through 1.3 allows remote attackers to execute arbitrary commands. | ||||
| CVE-2013-1666 | 1 Foswiki | 1 Foswiki | 2024-11-21 | 9.8 Critical |
| Foswiki before 1.1.8 contains a code injection vulnerability in the MAKETEXT macro. | ||||
| CVE-2013-1607 | 1 Pdfkit Project | 1 Pdfkit | 2024-11-21 | 9.8 Critical |
| Ruby PDFKit gem prior to 0.5.3 has a Code Execution Vulnerability | ||||
| CVE-2013-1599 | 1 Dlink | 34 Dcs-1100, Dcs-1100 Firmware, Dcs-1100l and 31 more | 2024-11-21 | 9.8 Critical |
| A Command Injection vulnerability exists in the /var/www/cgi-bin/rtpd.cgi script in D-Link IP Cameras DCS-3411/3430 firmware 1.02, DCS-5605/5635 1.01, DCS-1100L/1130L 1.04, DCS-1100/1130 1.03, DCS-1100/1130 1.04_US, DCS-2102/2121 1.05_RU, DCS-3410 1.02, DCS-5230 1.02, DCS-5230L 1.02, DCS-6410 1.00, DCS-7410 1.00, DCS-7510 1.00, and WCS-1100 1.02, which could let a remote malicious user execute arbitrary commands through the camera’s web interface. | ||||