Search Results (26986 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2013-5945 1 Dlink 16 Dsr-1000, Dsr-1000 Firmware, Dsr-1000n and 13 more 2024-11-21 9.8 Critical
Multiple SQL injection vulnerabilities in D-Link DSR-150 with firmware before 1.08B44; DSR-150N with firmware before 1.05B64; DSR-250 and DSR-250N with firmware before 1.08B44; and DSR-500, DSR-500N, DSR-1000, and DSR-1000N with firmware before 1.08B77 allow remote attackers to execute arbitrary SQL commands via the password to (1) the login.authenticate function in share/lua/5.1/teamf1lualib/login.lua or (2) captivePortal.lua.
CVE-2013-5743 1 Zabbix 1 Zabbix 2024-11-21 9.8 Critical
Multiple SQL injection vulnerabilities in Zabbix 1.8.x before 1.8.18rc1, 2.0.x before 2.0.9rc1, and 2.1.x before 2.1.7.
CVE-2013-5122 1 Cisco 8 Linksys E4200, Linksys E4200 Firmware, Linksys Ea2700 and 5 more 2024-11-21 9.8 Critical
Cisco Linksys Routers EA2700, EA3500, E4200, EA4500: A bug can cause an unsafe TCP port to open which leads to unauthenticated access
CVE-2013-5027 1 O-dyn 1 Collabtive 2024-11-21 9.8 Critical
Collabtive 1.0 has incorrect access control
CVE-2013-4982 1 Avtech 2 Avn801 Dvr, Avn801 Dvr Firmware 2024-11-21 9.8 Critical
AVTECH AVN801 DVR has a security bypass via the administration login captcha
CVE-2013-4976 1 Hikvision 2 Ds-2cd7153-e, Ds-2cd7153-e Firmware 2024-11-21 9.8 Critical
Hikvision DS-2CD7153-E IP Camera has security bypass via hardcoded credentials
CVE-2013-4864 1 Micasaverde 2 Veralite, Veralite Firmware 2024-11-21 9.8 Critical
MiCasaVerde VeraLite with firmware 1.5.408 allows remote attackers to send HTTP requests to intranet servers via the url parameter to cgi-bin/cmh/proxy.sh, related to a Server-Side Request Forgery (SSRF) issue.
CVE-2013-4857 1 Dlink 2 Dir-865l, Dir-865l Firmware 2024-11-21 9.8 Critical
D-Link DIR-865L has PHP File Inclusion in the router xml file.
CVE-2013-4743 1 Static Http Server Project 1 Static Http Server 2024-11-21 9.8 Critical
Static HTTP Server 1.0 has a Local Overflow
CVE-2013-4658 1 Linksys 2 Ea6500, Ea6500 Firmware 2024-11-21 9.8 Critical
Linksys EA6500 has SMB Symlink Traversal allowing symbolic links to be created to locations outside of the Samba share.
CVE-2013-4657 1 Netgear 4 Wnr3500l, Wnr3500l Firmware, Wnr3500u and 1 more 2024-11-21 9.8 Critical
Symlink Traversal vulnerability in NETGEAR WNR3500U and WNR3500L due to misconfiguration in the SMB service.
CVE-2013-4656 1 Asus 4 Rt-ac66u, Rt-ac66u Firmware, Rt-n56u and 1 more 2024-11-21 9.8 Critical
Symlink Traversal vulnerability in ASUS RT-AC66U and RT-N56U due to misconfiguration in the SMB service.
CVE-2013-4654 1 Tp-link 4 Tl-1043nd, Tl-1043nd Firmware, Tl-wdr4300 and 1 more 2024-11-21 9.8 Critical
Symlink Traversal vulnerability in TP-LINK TL-WDR4300 and TL-1043ND..
CVE-2013-4621 1 Magdevgroup 1 Magnolia Cms 2024-11-21 9.8 Critical
Magnolia CMS before 4.5.9 has multiple access bypass vulnerabilities
CVE-2013-4561 1 Redhat 1 Openshift 2024-11-21 9.1 Critical
In a openshift node, there is a cron job to update mcollective facts that mishandles a temporary file. This may lead to loss of confidentiality and integrity.
CVE-2013-4521 1 Nuxeo 1 Nuxeo 2024-11-21 9.8 Critical
RichFaces implementation in Nuxeo Platform 5.6.0 before HF27 and 5.8.0 before HF-01 does not restrict the classes for which deserialization methods can be called, which allows remote attackers to execute arbitrary code via crafted serialized data. NOTE: this vulnerability may overlap CVE-2013-2165.
CVE-2013-4486 2 Linux, Redhat 2 Linux Kernel, Zanata 2024-11-21 9.8 Critical
Zanata 3.0.0 through 3.1.2 has RCE due to EL interpolation in logging
CVE-2013-4462 1 Portable Phpmyadmin Project 1 Portable Phpmyadmin 2024-11-21 9.1 Critical
WordPress Portable phpMyAdmin Plugin has an authentication bypass vulnerability
CVE-2013-4454 1 Getbutterfly 1 Portable-phpmyadmin 2024-11-21 9.1 Critical
WordPress Portable phpMyAdmin Plugin 1.4.1 has Multiple Security Bypass Vulnerabilities
CVE-2013-4441 1 Pwgen Project 1 Pwgen 2024-11-21 9.8 Critical
The Phonemes mode in Pwgen 2.06 generates predictable passwords, which makes it easier for context-dependent attackers to guess the password via a brute-force attack.