Total
3824 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2013-7465 | 1 Icecoldapps | 1 Servers Ultimate | 2024-11-21 | N/A |
| Ice Cold Apps Servers Ultimate 6.0.2(12) does not require authentication for TELNET, SSH, or FTP, which allows remote attackers to execute arbitrary code by uploading PHP scripts. | ||||
| CVE-2013-7051 | 1 Dlink | 2 Dir-100, Dir-100 Firmware | 2024-11-21 | 8.8 High |
| D-Link DIR-100 4.03B07: cli.cgi security bypass due to failure to check authentication parameters | ||||
| CVE-2013-6360 | 1 Trendnet | 2 Ts-s402, Ts-s402 Firmware | 2024-11-21 | 7.5 High |
| TRENDnet TS-S402 has a backdoor to enable TELNET. | ||||
| CVE-2013-5582 | 1 Ammyy | 1 Ammyy Admin | 2024-11-21 | 7.8 High |
| Ammyy Admin 3.2 and earlier stores the client ID at a fixed memory location, which might make it easier for user-assisted remote attackers to bypass authentication by running a local program that extracts a field from the AA_v3.2.exe file. | ||||
| CVE-2013-5123 | 5 Debian, Fedoraproject, Pypa and 2 more | 6 Debian Linux, Fedora, Pip and 3 more | 2024-11-21 | 5.9 Medium |
| The mirroring support (-M, --use-mirrors) in Python Pip before 1.5 uses insecure DNS querying and authenticity checks which allows attackers to perform man-in-the-middle attacks. | ||||
| CVE-2013-5122 | 1 Cisco | 8 Linksys E4200, Linksys E4200 Firmware, Linksys Ea2700 and 5 more | 2024-11-21 | 9.8 Critical |
| Cisco Linksys Routers EA2700, EA3500, E4200, EA4500: A bug can cause an unsafe TCP port to open which leads to unauthenticated access | ||||
| CVE-2013-5116 | 1 Evernote | 1 Evernote | 2024-11-21 | 7.1 High |
| Evernote prior to 5.5.1 has insecure password change | ||||
| CVE-2013-5114 | 1 Logmein | 1 Lastpass | 2024-11-21 | 6.1 Medium |
| LastPass prior to 2.5.1 allows secure wipe bypass. | ||||
| CVE-2013-5112 | 1 Evernote | 1 Evernote | 2024-11-21 | 4.6 Medium |
| Evernote before 5.5.1 has insecure PIN storage | ||||
| CVE-2013-4982 | 1 Avtech | 2 Avn801 Dvr, Avn801 Dvr Firmware | 2024-11-21 | 9.8 Critical |
| AVTECH AVN801 DVR has a security bypass via the administration login captcha | ||||
| CVE-2013-4976 | 1 Hikvision | 2 Ds-2cd7153-e, Ds-2cd7153-e Firmware | 2024-11-21 | 9.8 Critical |
| Hikvision DS-2CD7153-E IP Camera has security bypass via hardcoded credentials | ||||
| CVE-2013-4863 | 1 Micasaverde | 2 Veralite, Veralite Firmware | 2024-11-21 | 8.8 High |
| The HomeAutomationGateway service in MiCasaVerde VeraLite with firmware 1.5.408 allows (1) remote attackers to execute arbitrary Lua code via a RunLua action in a request to upnp/control/hag on port 49451 or (2) remote authenticated users to execute arbitrary Lua code via a RunLua action in a request to port_49451/upnp/control/hag. | ||||
| CVE-2013-4621 | 1 Magdevgroup | 1 Magnolia Cms | 2024-11-21 | 9.8 Critical |
| Magnolia CMS before 4.5.9 has multiple access bypass vulnerabilities | ||||
| CVE-2013-4593 | 1 Omniauth-facebook Project | 1 Omniauth-facebook | 2024-11-21 | 7.5 High |
| RubyGem omniauth-facebook has an access token security vulnerability | ||||
| CVE-2013-4462 | 1 Portable Phpmyadmin Project | 1 Portable Phpmyadmin | 2024-11-21 | 9.1 Critical |
| WordPress Portable phpMyAdmin Plugin has an authentication bypass vulnerability | ||||
| CVE-2013-4454 | 1 Getbutterfly | 1 Portable-phpmyadmin | 2024-11-21 | 9.1 Critical |
| WordPress Portable phpMyAdmin Plugin 1.4.1 has Multiple Security Bypass Vulnerabilities | ||||
| CVE-2013-3367 | 1 Trendnet | 4 Tew-691gr, Tew-691gr Firmware, Tew-692gr and 1 more | 2024-11-21 | 9.8 Critical |
| Undocumented TELNET service in TRENDnet TEW-691GR and TEW-692GR when a web page named backdoor contains an HTML parameter of password and a value of j78G¬DFdg_24Mhw3. | ||||
| CVE-2013-3317 | 1 Netgear | 2 Wnr1000, Wnr1000 Firmware | 2024-11-21 | 9.8 Critical |
| Netgear WNR1000v3 with firmware before 1.0.2.60 contains an Authentication Bypass via the NtgrBak key. | ||||
| CVE-2013-3316 | 1 Netgear | 2 Wnr1000, Wnr1000 Firmware | 2024-11-21 | 9.8 Critical |
| Netgear WNR1000v3 with firmware before 1.0.2.60 contains an Authentication Bypass due to the server skipping checks for URLs containing a ".jpg". | ||||
| CVE-2013-3215 | 1 Vtiger | 1 Vtiger Crm | 2024-11-21 | 9.8 Critical |
| vtiger CRM 5.4.0 and earlier contain an Authentication Bypass Vulnerability due to improper authentication validation in the validateSession function. | ||||