Total
299227 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2013-6022 | 1 Tiki | 1 Tikiwiki Cms\/groupware | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
| A Cross-Site Scripting (XSS) vulnerability exists in Tiki Wiki CMG Groupware 11.0 via the id paraZeroClipboard.swf, which could let a remote malicious user execute arbitrary code. | |||||
| CVE-2013-5988 | 1 Semperplugins | 1 All In One Seo Pack | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
| A Cross-site Scripting (XSS) vulnerability exists in the All in One SEO Pack plugin before 2.0.3.1 for WordPress via the Search parameter. | |||||
| CVE-2013-5978 | 1 Cart66 | 1 Cart66 Lite Plugin | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
| Multiple cross-site scripting (XSS) vulnerabilities in products.php in the Cart66 Lite plugin before 1.5.1.15 for WordPress allow remote attackers to inject arbitrary web script or HTML via the (1) Product name or (2) Price description fields via a request to wp-admin/admin.php. NOTE: This issue may only cross privilege boundaries if used in combination with CVE-2013-5977. | |||||
| CVE-2013-5945 | 1 Dlink | 16 Dsr-1000, Dsr-1000 Firmware, Dsr-1000n and 13 more | 2024-11-21 | 10.0 HIGH | 9.8 CRITICAL |
| Multiple SQL injection vulnerabilities in D-Link DSR-150 with firmware before 1.08B44; DSR-150N with firmware before 1.05B64; DSR-250 and DSR-250N with firmware before 1.08B44; and DSR-500, DSR-500N, DSR-1000, and DSR-1000N with firmware before 1.08B77 allow remote attackers to execute arbitrary SQL commands via the password to (1) the login.authenticate function in share/lua/5.1/teamf1lualib/login.lua or (2) captivePortal.lua. | |||||
| CVE-2013-5743 | 1 Zabbix | 1 Zabbix | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| Multiple SQL injection vulnerabilities in Zabbix 1.8.x before 1.8.18rc1, 2.0.x before 2.0.9rc1, and 2.1.x before 2.1.7. | |||||
| CVE-2013-5687 | 1 Aicorporation | 1 Risknet Acquirer | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| RiskNet Acquirer before hotfix 6.0 b7+ADHOC-443 ApplicationServiceBean contains a service information disclosure. | |||||
| CVE-2013-5661 | 4 Isc, Nic, Nlnetlabs and 1 more | 4 Bind, Knot Resolver, Nsd and 1 more | 2024-11-21 | 2.6 LOW | 5.9 MEDIUM |
| Cache Poisoning issue exists in DNS Response Rate Limiting. | |||||
| CVE-2013-5659 | 1 Info-zip | 1 Wiz | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| Wiz 5.0.3 has a user mode write access violation | |||||
| CVE-2013-5658 | 1 Aultware | 1 Pwstore | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
| AultWare pwStore 2010.8.30.0 has XSS | |||||
| CVE-2013-5657 | 1 Aultware | 1 Pwstore | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| AultWare pwStore 2010.8.30.0 has DoS via an empty HTTP request | |||||
| CVE-2013-5656 | 1 Fuzezip Project | 1 Fuzezip | 2024-11-21 | 4.6 MEDIUM | 7.8 HIGH |
| FuzeZip 1.0.0.131625 has a Local Buffer Overflow vulnerability | |||||
| CVE-2013-5654 | 1 Yingzhipython Project | 1 Yingzhipython | 2024-11-21 | 9.4 HIGH | 9.1 CRITICAL |
| Vulnerability in YingZhi Python Programming Language v1.9 allows arbitrary anonymous uploads to the phone's storage | |||||
| CVE-2013-5638 | 1 Transcend-info | 2 Wifisd, Wifisd Firmware | 2024-11-21 | 3.5 LOW | 5.4 MEDIUM |
| Transcend WiFiSD 1.8 has persistent XSS | |||||
| CVE-2013-5637 | 1 Pqigroup | 2 Air Card, Air Card Firmware | 2024-11-21 | 3.5 LOW | 5.4 MEDIUM |
| PQI AirCard has persistent XSS | |||||
| CVE-2013-5594 | 1 Mozilla | 1 Firefox | 2024-11-21 | 4.3 MEDIUM | 4.3 MEDIUM |
| Mozilla Firefox before 25 allows modification of anonymous content of pluginProblem.xml binding | |||||
| CVE-2013-5582 | 1 Ammyy | 1 Ammyy Admin | 2024-11-21 | 6.8 MEDIUM | 7.8 HIGH |
| Ammyy Admin 3.2 and earlier stores the client ID at a fixed memory location, which might make it easier for user-assisted remote attackers to bypass authentication by running a local program that extracts a field from the AA_v3.2.exe file. | |||||
| CVE-2013-5571 | 1 Hmailserver | 1 Hmailserver | 2024-11-21 | 2.6 LOW | 5.9 MEDIUM |
| HMailServer 5.3.x and prior: Memory Corruption which could cause DOS | |||||
| CVE-2013-5461 | 1 Ibm | 2 Endpoint Manager For Remote Control, Tivoli Remote Control | 2024-11-21 | 4.0 MEDIUM | 8.8 HIGH |
| IBM Endpoint Manager for Remote Control 9.0.0 and 9.0.1 and Tivoli Remote Control 5.1.2 store multiple hashes of partial passwords, which makes it easier for remote attackers to decrypt passwords by leveraging access to the hashes. IBM X-Force ID: 88309. | |||||
| CVE-2013-5391 | 1 Ibm | 2 Mobile Foundation, Worklight | 2024-11-21 | 3.5 LOW | 5.3 MEDIUM |
| IBM Worklight Consumer and Enterprise Editions 5.0.x before 5.0.6 Fix Pack 2 and 6.0.x before 6.0.0 Fix Pack 2, and Mobile Foundation Consumer and Enterprise Editions 5.0.x before 5.0.6 Fix Pack 2 and 6.0.0 Fix Pack 2 make it easier for attackers to defeat cryptographic protection mechanisms by leveraging improper initialization of the pseudo random number generator (PRNG) in Android and use of the Java Cryptography Architecture (JCA) by a Worklight program. IBM X-Force ID: 87128. | |||||
| CVE-2013-5212 | 1 Easyxdm | 1 Easyxdm | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
| Cross-site Scripting (XSS) in EasyXDM before 2.4.18 allows remote attackers to inject arbitrary web script or html via the easyxdm.swf file. | |||||