Search Results (26986 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2013-7471 1 Dlink 10 Dir-300, Dir-300 Firmware, Dir-600 and 7 more 2024-11-21 9.8 Critical
An issue was discovered in soap.cgi?service=WANIPConn1 on D-Link DIR-845 before v1.02b03, DIR-600 before v2.17b01, DIR-645 before v1.04b11, DIR-300 rev. B, and DIR-865 devices. There is Command Injection via shell metacharacters in the NewInternalClient, NewExternalPort, or NewInternalPort element of a SOAP POST request.
CVE-2013-7390 1 Zohocorp 1 Manageengine Desktop Central 2024-11-21 9.8 Critical
Unrestricted file upload vulnerability in AgentLogUploadServlet in ManageEngine DesktopCentral 7.x and 8.0.0 before build 80293 allows remote attackers to execute arbitrary code by uploading a file with a jsp extension, then accessing it via a direct request to the file in the webroot.
CVE-2013-7381 1 Libnotify Project 1 Libnotify 2024-11-21 9.8 Critical
libnotify before 1.0.4 for Node.js allows remote attackers to execute arbitrary commands via unspecified characters in a call to libnotify.notify.
CVE-2013-7380 1 Ep Imageconvert Project 1 Ep Imageconvert 2024-11-21 9.8 Critical
The Etherpad Lite ep_imageconvert Plugin has a Remote Command Injection Vulnerability
CVE-2013-7378 1 Hubot Scripts Project 1 Hubot Scripts 2024-11-21 9.8 Critical
scripts/email.coffee in the Hubot Scripts module before 2.4.4 for Node.js allows remote attackers to execute arbitrary commands.
CVE-2013-7287 1 Mobileiron 2 Sentry, Virtual Smartphone Platform 2024-11-21 9.8 Critical
MobileIron VSP < 5.9.1 and Sentry < 5.0 has an insecure encryption scheme.
CVE-2013-7173 1 Belkin 2 N750, N750 Firmware 2024-11-21 9.8 Critical
Belkin n750 routers have a buffer overflow.
CVE-2013-7171 1 Slackware 1 Slackware Linux 2024-11-21 9.8 Critical
Slackware 14.0 and 14.1, and Slackware LLVM 3.0-i486-2 and 3.3-i486-2, contain world-writable permissions on the /tmp directory which could allow remote attackers to execute arbitrary code with root privileges.
CVE-2013-7098 1 Infradead 1 Openconnect 2024-11-21 9.8 Critical
OpenConnect VPN client with GnuTLS before 5.02 contains a heap overflow if MTU is increased on reconnection.
CVE-2013-7088 3 Clamav, Debian, Fedoraproject 3 Clamav, Debian Linux, Fedora 2024-11-21 9.8 Critical
ClamAV before 0.97.7 has buffer overflow in the libclamav component
CVE-2013-7087 3 Clamav, Debian, Fedoraproject 3 Clamav, Debian Linux, Fedora 2024-11-21 9.8 Critical
ClamAV before 0.97.7 has WWPack corrupt heap memory
CVE-2013-7070 1 Fibranet 1 Monitorix 2024-11-21 9.8 Critical
The handle_request function in lib/HTTPServer.pm in Monitorix before 3.3.1 allows remote attackers to execute arbitrary commands via shell metacharacters in the URI.
CVE-2013-7055 1 Dlink 2 Dir-100, Dir-100 Firmware 2024-11-21 9.8 Critical
D-Link DIR-100 4.03B07 has PPTP and poe information disclosure
CVE-2013-7052 1 Dlink 2 Dir-100, Dir-100 Firmware 2024-11-21 9.8 Critical
D-Link DIR-100 4.03B07: security bypass via an error in the cliget.cgi script
CVE-2013-6792 1 Google 1 Android 2024-11-21 9.8 Critical
Google Android prior to 4.4 has an APK Signature Security Bypass Vulnerability
CVE-2013-6362 1 Xerox 24 Colorqube 9201, Colorqube 9201 Firmware, Colorqube 9202 and 21 more 2024-11-21 9.8 Critical
Xerox ColorCube and WorkCenter devices in 2013 had hardcoded FTP and shell user accounts.
CVE-2013-6295 1 Prestashop 1 Prestashop 2024-11-21 9.8 Critical
PrestaShop 1.5.5 vulnerable to privilege escalation via a Salesman account via upload module
CVE-2013-6276 1 Qnap 10 Viocard-100, Viocard-100 Firmware, Viocard-30 and 7 more 2024-11-21 9.8 Critical
QNAP F_VioCard 2312 and F_VioGate 2308 have hardcoded entries in authorized_keys files. NOTE: 1. All active models are not affected. The last affected model was EOL since 2010. 2. The legacy authorization mechanism is no longer adopted in all active models
CVE-2013-6236 1 Izoncam 2 Izon Ip, Izon Ip Firmware 2024-11-21 9.8 Critical
IZON IP 2.0.2: hard-coded password vulnerability
CVE-2013-6225 1 Livezilla 1 Livezilla 2024-11-21 9.8 Critical
LiveZilla 5.0.1.4 has a Remote Code Execution vulnerability