Export limit exceeded: 335571 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 74824 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (74824 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2013-3313 | 1 Loftek | 2 Nexus 543, Nexus 543 Firmware | 2024-11-21 | 7.5 High |
| The Loftek Nexus 543 IP Camera stores passwords in cleartext, which allows remote attackers to obtain sensitive information via an HTTP GET request to check_users.cgi. NOTE: cleartext passwords can also be obtained from proc/kcore when leveraging the directory traversal vulnerability in CVE-2013-3311. | ||||
| CVE-2013-3312 | 1 Loftek | 2 Nexus 543, Nexus 543 Firmware | 2024-11-21 | 8.8 High |
| Multiple cross-site request forgery (CSRF) vulnerabilities in the Loftek Nexus 543 IP Camera allow remote attackers to hijack the authentication of unspecified victims for requests that change (1) passwords or (2) firewall configuration, as demonstrated by a request to set_users.cgi. | ||||
| CVE-2013-3311 | 1 Loftek | 2 Nexus 543, Nexus 543 Firmware | 2024-11-21 | 7.5 High |
| Directory traversal vulnerability in the Loftek Nexus 543 IP Camera allows remote attackers to read arbitrary files via a .. (dot dot) in the URL of an HTTP GET request. | ||||
| CVE-2013-3247 | 1 Xnview | 1 Xnview | 2024-11-21 | 7.8 High |
| Heap-based buffer overflow in xnview.exe in XnView before 2.03 allows remote attackers to execute arbitrary code via a crafted RLE compressed layer in an XCF file. | ||||
| CVE-2013-3246 | 1 Xnview | 1 Xnview | 2024-11-21 | 7.8 High |
| Stack-based buffer overflow in xnview.exe in XnView before 2.03 allows remote attackers to execute arbitrary code via a crafted image layer in an XCF file. | ||||
| CVE-2013-3212 | 1 Vtiger | 1 Vtiger Crm | 2024-11-21 | 8.1 High |
| vtiger CRM 5.4.0 and earlier contain local file-include vulnerabilities in 'customerportal.php' which allows remote attackers to view files and execute local script code. | ||||
| CVE-2013-3093 | 1 Asus | 14 Dsl-n55u, Dsl-n55u Firmware, Rt-ac66u and 11 more | 2024-11-21 | 8.8 High |
| ASUS RT-N56U devices allow CSRF. | ||||
| CVE-2013-3074 | 1 Netgear | 2 Wndr4700, Wndr4700 Firmware | 2024-11-21 | 7.5 High |
| NetGear WNDR4700 Media Server devices with firmware 1.0.0.34 allow remote attackers to cause a denial of service (device crash). | ||||
| CVE-2013-3070 | 1 Netgear | 2 Wndr4700, Wndr4700 Firmware | 2024-11-21 | 7.5 High |
| An Information Disclosure vulnerability exists in Netgear WNDR4700 running firmware 1.0.0.34 in the management web interface, which discloses the PSK of the wireless LAN. | ||||
| CVE-2013-2830 | 1 Sumatrapdfreader | 1 Sumatrapdf | 2024-11-21 | 7.8 High |
| Use-after-free vulnerability in SumatraPDF Reader 2.x before 2.2.1 allows remote attackers to execute arbitrary code via a crafted PDF file. | ||||
| CVE-2013-2773 | 1 Gonitro | 1 Nitropdf | 2024-11-21 | 7.8 High |
| Nitro PDF 8.5.0.26: A specially crafted DLL file can facilitate Arbitrary Code Execution | ||||
| CVE-2013-2680 | 1 Cisco | 2 Linksys E4200, Linksys E4200 Firmware | 2024-11-21 | 7.5 High |
| Cisco Linksys E4200 1.0.05 Build 7 devices store passwords in cleartext allowing remote attackers to obtain sensitive information. | ||||
| CVE-2013-2678 | 1 Cisco | 2 Linksys E4200, Linksys E4200 Firmware | 2024-11-21 | 8.1 High |
| Cisco Linksys E4200 1.0.05 Build 7 routers contain a Local File Include Vulnerability which could allow remote attackers to obtain sensitive information or execute arbitrary code by sending a crafted URL request to the apply.cgi script using the submit_type parameter. | ||||
| CVE-2013-2676 | 1 Brother | 2 Mfc-9970cdw, Mfc-9970cdw Firmware | 2024-11-21 | 7.5 High |
| Brother MFC-9970CDW 1.10 firmware L devices contain an information disclosure vulnerability which allows remote attackers to view private IP addresses and other sensitive information. | ||||
| CVE-2013-2674 | 1 Brother | 2 Mfc-9970cdw, Mfc-9970cdw Firmware | 2024-11-21 | 7.5 High |
| Brother MFC-9970CDW 1.10 firmware L devices contain an information disclosure vulnerability which allows remote attackers to view sensitive information from referrer logs due to inadequate handling of HTTP referrer headers. | ||||
| CVE-2013-2672 | 1 Brother | 2 Mfc-9970cdw, Mfc-9970cdw Firmware | 2024-11-21 | 7.5 High |
| Brother MFC-9970CDW devices with firmware 0D allow cleartext submission of passwords. | ||||
| CVE-2013-2646 | 1 Tp-link | 2 Tl-wr1043nd, Tl-wr1043nd Firmware | 2024-11-21 | 7.5 High |
| TP-LINK TL-WR1043ND V1_120405 devices contain an unspecified denial of service vulnerability. | ||||
| CVE-2013-2600 | 2 Debian, Miniupnp Project | 2 Debian Linux, Miniupnpd | 2024-11-21 | 7.5 High |
| MiniUPnPd has information disclosure use of snprintf() | ||||
| CVE-2013-2574 | 1 Foscam | 2 Fi8620, Fi8620 Firmware | 2024-11-21 | 7.5 High |
| An Access vulnerability exists in FOSCAM IP Camera FI8620 due to insufficient access restrictions in the /tmpfs/ and /log/ directories, which could let a malicious user obtain sensitive information. | ||||
| CVE-2013-2572 | 1 Tp-link | 8 Tl-sc 3130, Tl-sc 3130 Firmware, Tl-sc 3130g and 5 more | 2024-11-21 | 7.5 High |
| A Security Bypass vulnerability exists in TP-LINK IP Cameras TL-SC 3130, TL-SC 3130G, 3171G, 4171G, and 3130 1.6.18P12 due to default hard-coded credentials for the administrative Web interface, which could let a malicious user obtain unauthorized access to CGI files. | ||||