Total
12945 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2013-0190 | 2 Linux, Redhat | 2 Linux Kernel, Enterprise Linux | 2025-04-11 | N/A |
| The xen_failsafe_callback function in Xen for the Linux kernel 2.6.23 and other versions, when running a 32-bit PVOPS guest, allows local users to cause a denial of service (guest crash) by triggering an iret fault, leading to use of an incorrect stack pointer and stack corruption. | ||||
| CVE-2013-0252 | 1 Boost | 1 Boost | 2025-04-11 | N/A |
| boost::locale::utf::utf_traits in the Boost.Locale library in Boost 1.48 through 1.52 does not properly detect certain invalid UTF-8 sequences, which might allow remote attackers to bypass input validation protection mechanisms via crafted trailing bytes. | ||||
| CVE-2013-0331 | 2 Jenkins, Redhat | 2 Jenkins, Openshift | 2025-04-11 | N/A |
| Jenkins before 1.502 and LTS before 1.480.3 allows remote authenticated users with write access to cause a denial of service via a crafted payload. | ||||
| CVE-2013-0520 | 1 Ibm | 1 Sterling Secure Proxy | 2025-04-11 | N/A |
| IBM Sterling Secure Proxy 3.2.0 and 3.3.01 before 3.3.01.23 Interim Fix 1, 3.4.0 before 3.4.0.6 Interim Fix 1, and 3.4.1 before 3.4.1.7 allows remote authenticated users to obtain sensitive Java stack-trace information by providing invalid input data. | ||||
| CVE-2013-0699 | 1 Galilmc | 1 Rio-47100 Plc | 2025-04-11 | N/A |
| The Galil RIO-47100 Pocket PLC allows remote attackers to cause a denial of service via a session that includes "repeated requests." | ||||
| CVE-2013-0715 | 1 Windriver | 1 Vxworks | 2025-04-11 | N/A |
| The WebCLI component in Wind River VxWorks 5.5 through 6.9 allows remote authenticated users to cause a denial of service (CLI session crash) via a crafted command string. | ||||
| CVE-2013-0716 | 1 Windriver | 1 Vxworks | 2025-04-11 | N/A |
| The web server in Wind River VxWorks 5.5 through 6.9 allows remote attackers to cause a denial of service (daemon crash) via a crafted URI. | ||||
| CVE-2013-0857 | 1 Ffmpeg | 1 Ffmpeg | 2025-04-11 | N/A |
| The decode_frame_ilbm function in libavcodec/iff.c in FFmpeg before 1.1 allows remote attackers to have an unspecified impact via a crafted height value in IFF PBM/ILBM bitmap data. | ||||
| CVE-2013-1029 | 1 Apple | 1 Mac Os X | 2025-04-11 | N/A |
| The kernel in Apple Mac OS X before 10.8.5 allows remote attackers to cause a denial of service (panic) via crafted IGMP packets that leverage incorrect, extraneous code in the IGMP parser. | ||||
| CVE-2013-1093 | 1 Novell | 1 Zenworks Configuration Management | 2025-04-11 | N/A |
| Open redirect vulnerability in the fwdToURL function in the ZCC login page in zcc-framework.jar in Novell ZENworks Configuration Management (ZCM) 11.2 before 11.2.3a Monthly Update 1 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via the directToPage parameter. | ||||
| CVE-2013-1122 | 1 Cisco | 2 Nexus 7000, Nx-os | 2025-04-11 | N/A |
| Cisco NX-OS on the Nexus 7000, when a certain Overlay Transport Virtualization (OTV) configuration is used, allows remote attackers to cause a denial of service (M1-Series module reload) via crafted packets, aka Bug ID CSCud15673. | ||||
| CVE-2013-1184 | 1 Cisco | 6 Unified Computing System 6120xp Fabric Interconnect, Unified Computing System 6140xp Fabric Interconnect, Unified Computing System 6248up Fabric Interconnect and 3 more | 2025-04-11 | N/A |
| The management API in the XML API management service in the Manager component in Cisco Unified Computing System (UCS) 1.x before 1.2(1b) allows remote attackers to cause a denial of service (service outage) via a malformed request, aka Bug ID CSCtg48206. | ||||
| CVE-2013-1229 | 1 Cisco | 1 Telepresence Management Suite | 2025-04-11 | N/A |
| TMSSNMPService.exe in TelePresence Manager in Cisco TelePresence Management Suite (TMS) on 64-bit platforms allows remote attackers to cause a denial of service (process crash) via SNMP traps, aka Bug ID CSCue00028. | ||||
| CVE-2013-1231 | 1 Cisco | 2 Webex Meetings Server, Webex Node For Mcs | 2025-04-11 | N/A |
| The HTTP implementation in Cisco WebEx Node for MCS and WebEx Meetings Server allows remote attackers to read cache files via a crafted request, aka Bug IDs CSCue36664 and CSCue36629. | ||||
| CVE-2013-1321 | 1 Microsoft | 1 Publisher | 2025-04-11 | N/A |
| Microsoft Publisher 2003 SP3 does not properly check the data type of an unspecified return value, which allows remote attackers to execute arbitrary code via a crafted Publisher file, aka "Publisher Return Value Validation Vulnerability." | ||||
| CVE-2013-1431 | 1 Simon Mcvittie | 1 Telepathy Gabble | 2025-04-11 | N/A |
| The Wocky module in Telepathy Gabble before 0.16.6 and 0.17.x before 0.17.4, when connecting to a "legacy Jabber server," does not properly enforce the WockyConnector:tls-required flag, which allows remote attackers to bypass TLS verification and perform a man-in-the-middle attacks. | ||||
| CVE-2013-1572 | 1 Wireshark | 1 Wireshark | 2025-04-11 | N/A |
| The dissect_oampdu_event_notification function in epan/dissectors/packet-slowprotocols.c in the IEEE 802.3 Slow Protocols dissector in Wireshark 1.6.x before 1.6.13 and 1.8.x before 1.8.5 does not properly handle certain short lengths, which allows remote attackers to cause a denial of service (infinite loop) via a malformed packet. | ||||
| CVE-2013-1574 | 1 Wireshark | 1 Wireshark | 2025-04-11 | N/A |
| The dissect_bthci_eir_ad_data function in epan/dissectors/packet-bthci_cmd.c in the Bluetooth HCI dissector in Wireshark 1.6.x before 1.6.13 and 1.8.x before 1.8.5 uses an incorrect data type for a counter variable, which allows remote attackers to cause a denial of service (infinite loop) via a malformed packet. | ||||
| CVE-2013-1575 | 1 Wireshark | 1 Wireshark | 2025-04-11 | N/A |
| The dissect_r3_cmd_alarmconfigure function in epan/dissectors/packet-assa_r3.c in the R3 dissector in Wireshark 1.6.x before 1.6.13 and 1.8.x before 1.8.5 does not properly handle a certain alarm length, which allows remote attackers to cause a denial of service (infinite loop) via a malformed packet. | ||||
| CVE-2013-1630 | 1 Guillaume Gauvrit | 1 Pyshop | 2025-04-11 | N/A |
| pyshop before 0.7.1 uses HTTP to retrieve packages from the PyPI repository, and does not perform integrity checks on package contents, which allows man-in-the-middle attackers to execute arbitrary code via a crafted response to a download operation. | ||||