Export limit exceeded: 343601 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (343601 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2013-4718 | 1 Otrs | 2 Otrs, Otrs Itsm | 2024-11-21 | 5.4 Medium |
| Cross-site scripting (XSS) vulnerability in Open Ticket Request System (OTRS) ITSM 3.0.x before 3.0.9, 3.1.x before 3.1.10, and 3.2.x before 3.2.7 allows remote authenticated users to inject arbitrary web script or HTML via an ITSM ConfigItem search. | ||||
| CVE-2013-4717 | 1 Otrs | 2 Otrs, Otrs Itsm | 2024-11-21 | 8.8 High |
| Multiple SQL injection vulnerabilities in Open Ticket Request System (OTRS) Help Desk 3.0.x before 3.0.22, 3.1.x before 3.1.18, and 3.2.x before 3.2.9 allow remote authenticated users to execute arbitrary SQL commands via unspecified vectors related to Kernel/Output/HTML/PreferencesCustomQueue.pm, Kernel/System/CustomerCompany.pm, Kernel/System/Ticket/IndexAccelerator/RuntimeDB.pm, Kernel/System/Ticket/IndexAccelerator/StaticDB.pm, and Kernel/System/TicketSearch.pm. | ||||
| CVE-2013-4695 | 1 Winamp | 1 Winamp | 2024-11-21 | 7.8 High |
| Winamp 5.63: Invalid Pointer Dereference leading to Arbitrary Code Execution | ||||
| CVE-2013-4693 | 1 Xorbin | 1 Digital Flash Clock | 2024-11-21 | 6.1 Medium |
| WordPress Xorbin Digital Flash Clock 1.0 has XSS | ||||
| CVE-2013-4692 | 1 Xorbin | 1 Analog Flash Clock | 2024-11-21 | 6.1 Medium |
| Xorbin Analog Flash Clock 1.0 extension for Joomia has XSS | ||||
| CVE-2013-4691 | 1 Sencha | 1 Connect | 2024-11-21 | 6.1 Medium |
| Sencha Labs Connect has XSS with connect.methodOverride() | ||||
| CVE-2013-4665 | 1 Spbas | 1 Business Automation Software | 2024-11-21 | 6.5 Medium |
| SPBAS Business Automation Software 2012 has CSRF. | ||||
| CVE-2013-4664 | 1 Spbas | 1 Business Automation Software | 2024-11-21 | 6.1 Medium |
| SPBAS Business Automation Software 2012 has XSS. | ||||
| CVE-2013-4658 | 1 Linksys | 2 Ea6500, Ea6500 Firmware | 2024-11-21 | 9.8 Critical |
| Linksys EA6500 has SMB Symlink Traversal allowing symbolic links to be created to locations outside of the Samba share. | ||||
| CVE-2013-4657 | 1 Netgear | 4 Wnr3500l, Wnr3500l Firmware, Wnr3500u and 1 more | 2024-11-21 | 9.8 Critical |
| Symlink Traversal vulnerability in NETGEAR WNR3500U and WNR3500L due to misconfiguration in the SMB service. | ||||
| CVE-2013-4656 | 1 Asus | 4 Rt-ac66u, Rt-ac66u Firmware, Rt-n56u and 1 more | 2024-11-21 | 9.8 Critical |
| Symlink Traversal vulnerability in ASUS RT-AC66U and RT-N56U due to misconfiguration in the SMB service. | ||||
| CVE-2013-4655 | 1 Belkin | 2 N900, N900 Firmware | 2024-11-21 | 7.5 High |
| Symlink Traversal vulnerability in Belkin N900 due to misconfiguration in the SMB service. | ||||
| CVE-2013-4654 | 1 Tp-link | 4 Tl-1043nd, Tl-1043nd Firmware, Tl-wdr4300 and 1 more | 2024-11-21 | 9.8 Critical |
| Symlink Traversal vulnerability in TP-LINK TL-WDR4300 and TL-1043ND.. | ||||
| CVE-2013-4621 | 1 Magdevgroup | 1 Magnolia Cms | 2024-11-21 | 9.8 Critical |
| Magnolia CMS before 4.5.9 has multiple access bypass vulnerabilities | ||||
| CVE-2013-4602 | 1 Avira | 10 Antivir Mailgate, Antivir Mailgate Suite, Antivir Personal and 7 more | 2024-11-21 | 5.5 Medium |
| A Denial of Service (infinite loop) vulnerability exists in Avira AntiVir Engine before 8.2.12.58 via an unspecified function in the PDF Scanner Engine. | ||||
| CVE-2013-4593 | 1 Omniauth-facebook Project | 1 Omniauth-facebook | 2024-11-21 | 7.5 High |
| RubyGem omniauth-facebook has an access token security vulnerability | ||||
| CVE-2013-4584 | 2 Debian, Horms | 2 Debian Linux, Perdition | 2024-11-21 | 5.9 Medium |
| Perdition before 2.2 may have weak security when handling outbound connections, caused by an error in the STARTTLS IMAP and POP server. ssl_outgoing_ciphers not being applied to STARTTLS connections | ||||
| CVE-2013-4583 | 1 Gitlab | 2 Gitlab, Gitlab-shell | 2024-11-21 | 8.8 High |
| The parse_cmd function in lib/gitlab_shell.rb in GitLab 5.0 before 5.4.2, Community Edition before 6.2.4, and Enterprise Edition before 6.2.1 and gitlab-shell before 1.7.8 allows remote authenticated users to gain privileges and clone arbitrary repositories. | ||||
| CVE-2013-4582 | 1 Gitlab | 2 Gitlab, Gitlab-shell | 2024-11-21 | 6.5 Medium |
| The (1) create_branch, (2) create_tag, (3) import_project, and (4) fork_project functions in lib/gitlab_projects.rb in GitLab 5.0 before 5.4.2, Community Edition before 6.2.4, Enterprise Edition before 6.2.1 and gitlab-shell before 1.7.8 allows remote authenticated users to include information from local files into the metadata of a Git repository via the web interface. | ||||
| CVE-2013-4572 | 2 Fedoraproject, Mediawiki | 2 Fedora, Mediawiki | 2024-11-21 | 7.5 High |
| The CentralNotice extension for MediaWiki before 1.19.9, 1.20.x before 1.20.8, and 1.21.x before 1.21.3 sets the Cache-Control header to cache session cookies when a user is autocreated, which allows remote attackers to authenticate as the created user. | ||||