Search Results (26986 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2013-3323 1 Ibm 13 Change And Configuration Management Database, Maximo Asset Management, Maximo Asset Management Essentials and 10 more 2024-11-21 9.8 Critical
A Privilege Escalation Vulnerability exists in IBM Maximo Asset Management 7.5, 7.1, and 6.2, when WebSeal with Basic Authentication is used, due to a failure to invalidate the authentication session, which could let a malicious user obtain unauthorized access.
CVE-2013-3317 1 Netgear 2 Wnr1000, Wnr1000 Firmware 2024-11-21 9.8 Critical
Netgear WNR1000v3 with firmware before 1.0.2.60 contains an Authentication Bypass via the NtgrBak key.
CVE-2013-3316 1 Netgear 2 Wnr1000, Wnr1000 Firmware 2024-11-21 9.8 Critical
Netgear WNR1000v3 with firmware before 1.0.2.60 contains an Authentication Bypass due to the server skipping checks for URLs containing a ".jpg".
CVE-2013-3215 1 Vtiger 1 Vtiger Crm 2024-11-21 9.8 Critical
vtiger CRM 5.4.0 and earlier contain an Authentication Bypass Vulnerability due to improper authentication validation in the validateSession function.
CVE-2013-3214 1 Vtiger 1 Vtiger Crm 2024-11-21 9.8 Critical
vtiger CRM 5.4.0 and earlier contain a PHP Code Injection Vulnerability in 'vtigerolservice.php'.
CVE-2013-3091 1 Belkin 2 N300, N300 Firmware 2024-11-21 9.8 Critical
An Authentication Bypass vulnerability in Belkin N300 (F7D7301v1) router allows remote attackers to bypass authentication using "Javascript debugging."
CVE-2013-3088 1 Belkin 2 N900, N900 Firmware 2024-11-21 9.8 Critical
Belkin N900 router (F9K1104v1) contains an Authentication Bypass using "Javascript debugging".
CVE-2013-3085 1 Belkin 2 F5d8236-4, F5d8236-4 Firmware 2024-11-21 9.8 Critical
An authentication bypass exists in the web management interface in Belkin F5D8236-4 v2.
CVE-2013-3073 1 Netgear 2 Wndr4700, Wndr4700 Firmware 2024-11-21 9.8 Critical
A Symlink Traversal vulnerability exists in NETGEAR Centria WNDR4700 Firmware 1.0.0.34.
CVE-2013-3072 1 Netgear 2 Wndr4700, Wndr4700 Firmware 2024-11-21 9.8 Critical
An Authentication Bypass vulnerability exists in NETGEAR Centria WNDR4700 Firmware 1.0.0.34 in http://<router_ip>/apply.cgi?/hdd_usr_setup.htm that when visited by any user, authenticated or not, causes the router to no longer require a password to access the web administration portal.
CVE-2013-3071 1 Netgear 2 Wndr4700, Wndr4700 Firmware 2024-11-21 9.8 Critical
NETGEAR Centria WNDR4700 devices with firmware 1.0.0.34 allow authentication bypass.
CVE-2013-2748 1 Belkin 2 Wemo Switch, Wemo Switch Firmware 2024-11-21 9.8 Critical
Belkin Wemo Switch before WeMo_US_2.00.2176.PVT could allow remote attackers to upload arbitrary files onto the system.
CVE-2013-2745 2 Debian, Minidlna Project 2 Debian Linux, Minidlna 2024-11-21 9.8 Critical
An SQL Injection vulnerability exists in MiniDLNA prior to 1.1.0
CVE-2013-2739 2 Debian, Readymedia Project 2 Debian Linux, Readymedia 2024-11-21 9.8 Critical
MiniDLNA has heap-based buffer overflow
CVE-2013-2738 1 Readymedia Project 1 Readymedia 2024-11-21 9.8 Critical
minidlna has SQL Injection that may allow retrieval of arbitrary files
CVE-2013-2681 1 Cisco 2 Linksys E4200, Linksys E4200 Firmware 2024-11-21 9.8 Critical
Cisco Linksys E4200 1.0.05 Build 7 devices contain a Security Bypass Vulnerability which could allow remote attackers to gain unauthorized access.
CVE-2013-2612 1 Huawei 2 E587, E587 Firmware 2024-11-21 9.8 Critical
Command-injection vulnerability in Huawei E587 3G Mobile Hotspot 11.203.27 allows remote attackers to execute arbitrary shell commands with root privileges due to an error in the Web UI.
CVE-2013-2573 1 Tp-link 6 Tl-sc 3130g, Tl-sc 3130g Firmware, Tl-sc 3171g and 3 more 2024-11-21 9.8 Critical
A Command Injection vulnerability exists in the ap parameter to the /cgi-bin/mft/wireless_mft.cgi file in TP-Link IP Cameras TL-SC 3130, TL-SC 3130G, 3171G. and 4171G 1.6.18P12s, which could let a malicious user execute arbitrary code.
CVE-2013-2571 1 Hcomm 1 Xpient Iris 2024-11-21 9.8 Critical
Iris 3.8 before build 1548, as used in Xpient point of sale (POS) systems, allows remote attackers to execute arbitrary commands via a crafted request to TCP port 7510, as demonstrated by opening the cash drawer.
CVE-2013-2570 1 Zavio 4 F3105, F3105 Firmware, F312a and 1 more 2024-11-21 9.8 Critical
A Command Injection vulnerability exists in Zavio IP Cameras through 1.6.3 in the General.Time.NTP.Server parameter to the sub_C8C8 function of the binary /opt/cgi/view/param, which could let a remove malicious user execute arbitrary code.