Export limit exceeded: 343972 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 343972 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (343972 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2013-3960 | 1 Easytimestudio | 1 Easy File Manager | 2024-11-21 | 9.9 Critical |
| Easytime Studio Easy File Manager 1.1 has a HTTP request security bypass | ||||
| CVE-2013-3947 | 1 Ahnlab | 1 V3 Internet Security | 2024-11-21 | N/A |
| Buffer overflow in MedCoreD.sys in AhnLab V3 Internet Security 8.0.7.5 (Build 1373) allows local users to gain privileges via a crafted 0xA3350014 IOCTL call. | ||||
| CVE-2013-3946 | 1 Extensis | 1 Mrsid | 2024-11-21 | 7.8 High |
| Heap-based buffer overflow in the MrSID plugin (MrSID.dll) before 4.37 for IrfanView allows remote attackers to execute arbitrary code via a levels header. | ||||
| CVE-2013-3945 | 1 Extensis | 1 Mrsid | 2024-11-21 | 7.8 High |
| The MrSID plugin (MrSID.dll) before 4.37 for IrfanView allows remote attackers to execute arbitrary code via a nband tag. | ||||
| CVE-2013-3944 | 1 Extensis | 1 Mrsid | 2024-11-21 | 7.8 High |
| Stack-based buffer overflow in the MrSID plugin (MrSID.dll) before 4.37 for IrfanView allows remote attackers to execute arbitrary code via an IMAGE tag. | ||||
| CVE-2013-3942 | 1 Daum | 1 Potplayer | 2024-11-21 | 7.8 High |
| Potplayer prior to 1.5.39659: DLL Loading Arbitrary Code Execution Vulnerability | ||||
| CVE-2013-3941 | 1 Xnview | 1 Xnview | 2024-11-21 | 9.8 Critical |
| Xjp2.dll in XnView before 2.13 allows remote attackers to execute arbitrary code via (1) the Csiz parameter in a SIZ marker, which triggers an incorrect memory allocation, or (2) the lqcd field in a QCD marker in a crafted JPEG2000 file, which leads to a heap-based buffer overflow. | ||||
| CVE-2013-3939 | 1 Xnview | 1 Xnview | 2024-11-21 | 7.8 High |
| xnview.exe in XnView before 2.13 does not properly handle RLE strip lengths during processing of RGB files, which allows remote attackers to execute arbitrary code via the RLE strip size field in a RGB file, which leads to an unexpected sign extension error and a heap-based buffer overflow. | ||||
| CVE-2013-3937 | 1 Xnview | 1 Xnview | 2024-11-21 | 7.8 High |
| Heap-based buffer overflow in xnview.exe in XnView before 2.13 allows remote attackers to execute arbitrary code via the biBitCount field in a BMP file. | ||||
| CVE-2013-3936 | 1 Opsview | 2 Opsview, Opsview Core | 2024-11-21 | 6.1 Medium |
| Multiple cross-site scripting (XSS) vulnerabilities in Opsview before 4.4.1 and Opsview Core before 20130522 allow remote attackers to inject arbitrary web script or HTML. | ||||
| CVE-2013-3935 | 1 Opsview | 2 Opsview, Opsview Core | 2024-11-21 | 8.8 High |
| Cross-site request forgery (CSRF) vulnerability in Opsview before 4.4.1 and Opsview Core before 20130522 allows remote attackers to hijack the authentication of administrators for requests that change the administrator password via unspecified vectors. | ||||
| CVE-2013-3932 | 1 Jomres | 1 Jomres | 2024-11-21 | 8.8 High |
| SQL injection vulnerability in the Jomres (com_jomres) component before 7.3.1 for Joomla! allows remote authenticated users with the "Business Manager" permission to execute arbitrary SQL commands via the id parameter in an editProfile action to administrator/index.php. | ||||
| CVE-2013-3931 | 1 Jomres | 1 Jomres | 2024-11-21 | 5.4 Medium |
| Cross-site scripting (XSS) vulnerability in the Jomres (com_jomres) component before 7.3.1 for Joomla! allows remote authenticated users with the "Business Manager" permission to inject arbitrary web script or HTML via the property_name parameter, related to editing property details. | ||||
| CVE-2013-3738 | 1 Zabbix | 1 Zabbix | 2024-11-21 | 9.8 Critical |
| A File Inclusion vulnerability exists in Zabbix 2.0.6 due to inadequate sanitization of request strings in CGI scripts, which could let a remote malicious user execute arbitrary code. | ||||
| CVE-2013-3725 | 1 Invisioncommunity | 1 Invision Power Board | 2024-11-21 | 9.8 Critical |
| Invision Power Board (IPB) through 3.x allows admin account takeover leading to code execution. | ||||
| CVE-2013-3722 | 1 Opensips | 1 Opensips | 2024-11-21 | 7.5 High |
| A Denial of Service (infinite loop) exists in OpenSIPS before 1.10 in lookup.c. | ||||
| CVE-2013-3718 | 4 Debian, Gnome, Opensuse and 1 more | 4 Debian Linux, Evince, Opensuse and 1 more | 2024-11-21 | 5.5 Medium |
| evince is missing a check on number of pages which can lead to a segmentation fault | ||||
| CVE-2013-3703 | 1 Opensuse | 1 Open Build Service | 2024-11-21 | N/A |
| The controller of the Open Build Service API prior to version 2.4.4 is missing a write permission check, allowing an authenticated attacker to add or remove user roles from packages and/or project meta data. | ||||
| CVE-2013-3691 | 1 Ovislink | 2 Airlive Poe2600hd, Airlive Poe2600hd Firmware | 2024-11-21 | 7.5 High |
| AirLive POE-2600HD allows remote attackers to cause a denial of service (device reset) via a long URL. | ||||
| CVE-2013-3685 | 2 Lg, Spritesoftware | 45 E971, E973, E975 and 42 more | 2024-11-21 | 7.0 High |
| A Privilege Escalation Vulnerability exists in Sprite Software Spritebud 1.3.24 and 1.3.28 and Backup 2.5.4105 and 2.5.4108 on LG Android smartphones due to a race condition in the spritebud daemon, which could let a local malicious user obtain root privileges. | ||||