CVE-2013-0xxx

There are 933 CVE in this subgroup.

Last updated:

← Back to 2013

ID	Summary	Flags
CVE-2013-0001	The Windows Forms (aka WinForms) component in Microsoft .NET Framework 1.0 SP3, 1.1 SP1, 2.0 SP2, 3....
CVE-2013-0002	Buffer overflow in the Windows Forms (aka WinForms) component in Microsoft .NET Framework 1.0 SP3, 1...
CVE-2013-0003	Buffer overflow in a System.DirectoryServices.Protocols (S.DS.P) namespace method in Microsoft .NET ...
CVE-2013-0004	Microsoft .NET Framework 1.0 SP3, 1.1 SP1, 2.0 SP2, 3.0 SP2, 3.5, 3.5.1, 4, and 4.5 does not properl...
CVE-2013-0005	The WCF Replace function in the Open Data (aka OData) protocol implementation in Microsoft .NET Fram...
CVE-2013-0006	Microsoft XML Core Services (aka MSXML) 3.0, 5.0, and 6.0 does not properly parse XML content, which...
CVE-2013-0007	Microsoft XML Core Services (aka MSXML) 4.0, 5.0, and 6.0 does not properly parse XML content, which...
CVE-2013-0008	win32k.sys in the kernel-mode drivers in Microsoft Windows Vista SP2, Windows Server 2008 SP2, R2, a...	E
CVE-2013-0009	Cross-site scripting (XSS) vulnerability in Microsoft System Center Operations Manager 2007 SP1 and ...
CVE-2013-0010	Cross-site scripting (XSS) vulnerability in Microsoft System Center Operations Manager 2007 SP1 and ...
CVE-2013-0011	The Print Spooler in Microsoft Windows Server 2008 R2 and R2 SP1 and Windows 7 Gold and SP1 allows r...
CVE-2013-0012	Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...	R
CVE-2013-0013	The SSL provider component in Microsoft Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, ...
CVE-2013-0014	Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...	R
CVE-2013-0015	Microsoft Internet Explorer 6 through 9 does not properly perform auto-selection of the Shift JIS en...
CVE-2013-0016	Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...	R
CVE-2013-0017	Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...	R
CVE-2013-0018	Use-after-free vulnerability in Microsoft Internet Explorer 6 through 9 allows remote attackers to e...
CVE-2013-0019	Use-after-free vulnerability in Microsoft Internet Explorer 7 through 10 allows remote attackers to ...	E
CVE-2013-0020	Use-after-free vulnerability in Microsoft Internet Explorer 9 allows remote attackers to execute arb...
CVE-2013-0021	Use-after-free vulnerability in Microsoft Internet Explorer 6 through 10 allows remote attackers to ...
CVE-2013-0022	Use-after-free vulnerability in Microsoft Internet Explorer 9 allows remote attackers to execute arb...
CVE-2013-0023	Use-after-free vulnerability in Microsoft Internet Explorer 9 and 10 allows remote attackers to exec...
CVE-2013-0024	Use-after-free vulnerability in Microsoft Internet Explorer 8 and 9 allows remote attackers to execu...
CVE-2013-0025	Use-after-free vulnerability in Microsoft Internet Explorer 8 allows remote attackers to execute arb...
CVE-2013-0026	Use-after-free vulnerability in Microsoft Internet Explorer 9 allows remote attackers to execute arb...
CVE-2013-0027	Use-after-free vulnerability in Microsoft Internet Explorer 6 through 10 allows remote attackers to ...
CVE-2013-0028	Use-after-free vulnerability in Microsoft Internet Explorer 6 through 9 allows remote attackers to e...
CVE-2013-0029	Use-after-free vulnerability in Microsoft Internet Explorer 6 through 9 allows remote attackers to e...
CVE-2013-0030	The Vector Markup Language (VML) implementation in Microsoft Internet Explorer 6 through 10 does not...
CVE-2013-0031	Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...	R
CVE-2013-0032	Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...	R
CVE-2013-0033	Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...	R
CVE-2013-0034	Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...	R
CVE-2013-0035	Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...	R
CVE-2013-0036	Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...	R
CVE-2013-0037	Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...	R
CVE-2013-0038	Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...	R
CVE-2013-0039	Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...	R
CVE-2013-0040	Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...	R
CVE-2013-0041	Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...	R
CVE-2013-0042	Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...	R
CVE-2013-0043	Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...	R
CVE-2013-0044	Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...	R
CVE-2013-0045	Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...	R
CVE-2013-0046	Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...	R
CVE-2013-0047	Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...	R
CVE-2013-0048	Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...	R
CVE-2013-0049	Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...	R
CVE-2013-0050	Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...	R
CVE-2013-0051	Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...	R
CVE-2013-0052	Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...	R
CVE-2013-0053	Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...	R
CVE-2013-0054	Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...	R
CVE-2013-0055	Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...	R
CVE-2013-0056	Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...	R
CVE-2013-0057	Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...	R
CVE-2013-0058	Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...	R
CVE-2013-0059	Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...	R
CVE-2013-0060	Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...	R
CVE-2013-0061	Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...	R
CVE-2013-0062	Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...	R
CVE-2013-0063	Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...	R
CVE-2013-0064	Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...	R
CVE-2013-0065	Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...	R
CVE-2013-0066	Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...	R
CVE-2013-0067	Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...	R
CVE-2013-0068	Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...	R
CVE-2013-0069	Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...	R
CVE-2013-0070	Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...	R
CVE-2013-0071	Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...	R
CVE-2013-0072	Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...	R
CVE-2013-0073	The Windows Forms (aka WinForms) component in Microsoft .NET Framework 2.0 SP2, 3.5, 3.5.1, 4, and 4...
CVE-2013-0074	Microsoft Silverlight 5, and 5 Developer Runtime, before 5.1.20125.0 does not properly validate poin...	KEV S
CVE-2013-0075	The TCP/IP implementation in Microsoft Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, W...
CVE-2013-0076	The Client/Server Run-time Subsystem (CSRSS) in Microsoft Windows Server 2008 R2 and R2 SP1 and Wind...
CVE-2013-0077	Quartz.dll in DirectShow in Microsoft Windows XP SP2 and SP3, Server 2003 SP2, Vista SP2, and Server...
CVE-2013-0078	The Microsoft Antimalware Client in Windows Defender on Windows 8 and Windows RT uses an incorrect p...
CVE-2013-0079	Microsoft Visio Viewer 2010 SP1 allows remote attackers to execute arbitrary code via a crafted Visi...
CVE-2013-0080	Microsoft SharePoint Server 2010 SP1 and SharePoint Foundation 2010 SP1 allow remote attackers to by...
CVE-2013-0081	Microsoft SharePoint Portal Server 2003 SP3 and SharePoint Server 2007 SP3, 2010 SP1 and SP2, and 20...
CVE-2013-0082	Microsoft Office 2003 SP3 and 2007 SP3 allows remote attackers to execute arbitrary code via a craft...
CVE-2013-0083	Cross-site scripting (XSS) vulnerability in Microsoft SharePoint Server 2010 SP1 allows remote attac...
CVE-2013-0084	Directory traversal vulnerability in Microsoft SharePoint Server 2010 SP1 and SharePoint Foundation ...
CVE-2013-0085	Buffer overflow in Microsoft SharePoint Server 2010 SP1 and SharePoint Foundation 2010 SP1 allows re...
CVE-2013-0086	Microsoft OneNote 2010 SP1 does not properly determine buffer sizes during memory allocation, which ...
CVE-2013-0087	Use-after-free vulnerability in Microsoft Internet Explorer 6 through 10 allows remote attackers to ...
CVE-2013-0088	Use-after-free vulnerability in Microsoft Internet Explorer 6 through 10 allows remote attackers to ...
CVE-2013-0089	Use-after-free vulnerability in Microsoft Internet Explorer 6 through 10 allows remote attackers to ...
CVE-2013-0090	Use-after-free vulnerability in Microsoft Internet Explorer 6 through 10 allows remote attackers to ...	E
CVE-2013-0091	Use-after-free vulnerability in Microsoft Internet Explorer 8 allows remote attackers to execute arb...
CVE-2013-0092	Use-after-free vulnerability in Microsoft Internet Explorer 6 through 10 allows remote attackers to ...
CVE-2013-0093	Use-after-free vulnerability in Microsoft Internet Explorer 6 through 10 allows remote attackers to ...
CVE-2013-0094	Use-after-free vulnerability in Microsoft Internet Explorer 6 through 10 allows remote attackers to ...
CVE-2013-0095	Outlook in Microsoft Office for Mac 2008 before 12.3.6 and Office for Mac 2011 before 14.3.2 allows ...
CVE-2013-0096	Writer in Microsoft Windows Essentials 2011 and 2012 allows remote attackers to bypass proxy setting...
CVE-2013-0097	Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...	R
CVE-2013-0098	Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...	R
CVE-2013-0099	Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...	R
CVE-2013-0100	Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...	R
CVE-2013-0107	Stack-based buffer overflow in Foxit Advanced PDF Editor 3 before 3.04 might allow remote attackers ...
CVE-2013-0108	An ActiveX control in HscRemoteDeploy.dll in Honeywell Enterprise Buildings Integrator (EBI) R310, R...
CVE-2013-0109	The NVIDIA driver before 307.78, and Release 310 before 311.00, in the NVIDIA Display Driver service...	S
CVE-2013-0110	nvSCPAPISvr.exe in the NVIDIA Stereoscopic 3D Driver service, as distributed with the NVIDIA driver ...
CVE-2013-0111	daemonu.exe (aka the NVIDIA Update Service Daemon), as distributed with the NVIDIA driver before 307...
CVE-2013-0113	Nuance PDF Reader 7.0 and PDF Viewer Plus 7.1 allow remote attackers to execute arbitrary code or ca...
CVE-2013-0118	CS-Cart before 3.0.6, when PayPal Standard Payments is configured, allows remote attackers to set th...
CVE-2013-0120	The web interface on Dell PowerConnect 6248P switches allows remote attackers to cause a denial of s...
CVE-2013-0122	The avast! Mobile Security application before 2.0.4400 for Android allows attackers to cause a denia...
CVE-2013-0123	Multiple SQL injection vulnerabilities in the administration interface in ASKIA askiaweb allow remot...
CVE-2013-0124	Multiple cross-site scripting (XSS) vulnerabilities in the administration interface in ASKIA askiawe...
CVE-2013-0125	Cross-site scripting (XSS) vulnerability in fileview.asp in C2 WebResource allows remote attackers t...	E
CVE-2013-0126	Multiple cross-site request forgery (CSRF) vulnerabilities in index.cgi on the Verizon FIOS Actionte...	E
CVE-2013-0127	IBM Lotus Notes 8.x before 8.5.3 FP4 Interim Fix 1 and 9.0 before Interim Fix 1 does not block APPLE...
CVE-2013-0128	The Contact Customer Support feature in the TigerText Free Private Texting app before 3.1.402 for iO...
CVE-2013-0129	Multiple cross-site scripting (XSS) vulnerabilities in pd-admin before 4.17 allow remote authenticat...
CVE-2013-0130	Multiple buffer overflows in Core FTP before 2.2 build 1769 allow remote FTP servers to execute arbi...
CVE-2013-0131	Buffer overflow in the NVIDIA GPU driver before 304.88, 310.x before 310.44, and 313.x before 313.30...	S
CVE-2013-0132	The suexec implementation in Parallels Plesk Panel 11.0.9 contains a cgi-wrapper whitelist entry, wh...
CVE-2013-0133	Untrusted search path vulnerability in /usr/local/psa/admin/sbin/wrapper in Parallels Plesk Panel 11...
CVE-2013-0134	Cross-site scripting (XSS) vulnerability in the web interface in AirDroid allows remote attackers to...
CVE-2013-0135	Multiple SQL injection vulnerabilities in PHP Address Book 8.2.5 allow remote attackers to execute a...	E
CVE-2013-0136	Multiple directory traversal vulnerabilities in the EditDocument servlet in the Frontend in Mutiny b...	E
CVE-2013-0137	The default configuration of the Digital Alert Systems DASDEC EAS device before 2.0-2 and the Monroe...
CVE-2013-0138	BitZipper 2013 before Update 1 allows remote attackers to execute arbitrary code or cause a denial o...
CVE-2013-0139	The Arecont Vision AV1355DN MegaDome camera allows remote attackers to cause a denial of service (vi...
CVE-2013-0140	SQL injection vulnerability in the Agent-Handler component in McAfee ePolicy Orchestrator (ePO) befo...
CVE-2013-0141	Directory traversal vulnerability in McAfee ePolicy Orchestrator (ePO) before 4.5.7 and 4.6.x before...
CVE-2013-0142	QNAP VioStor NVR devices with firmware 4.0.3, and the Surveillance Station Pro component in QNAP NAS...
CVE-2013-0143	cgi-bin/pingping.cgi on QNAP VioStor NVR devices with firmware 4.0.3, and in the Surveillance Statio...
CVE-2013-0144	Cross-site request forgery (CSRF) vulnerability in cgi-bin/create_user.cgi on QNAP VioStor NVR devic...
CVE-2013-0145	Buffer overflow in the TFTPD service in Serva32 2.1.0 allows remote attackers to cause a denial of s...
CVE-2013-0148	The Data Camouflage (aka FairCom Standard Encryption) algorithm in FairCom c-treeACE does not ensure...
CVE-2013-0149	The OSPF implementation in Cisco IOS 12.0 through 12.4 and 15.0 through 15.3, IOS-XE 2.x through 3.9...
CVE-2013-0150	Directory traversal vulnerability in an unspecified signed Java applet in the client-side components...
CVE-2013-0151	The do_hvm_op function in xen/arch/x86/hvm/hvm.c in Xen 4.2.x on the x86_32 platform does not preven...
CVE-2013-0152	Memory leak in Xen 4.2 and unstable allows local HVM guests to cause a denial of service (host memor...
CVE-2013-0153	The AMD IOMMU support in Xen 4.2.x, 4.1.x, 3.3, and other versions, when using AMD-Vi for PCI passth...
CVE-2013-0154	The get_page_type function in xen/arch/x86/mm.c in Xen 4.2, when debugging is enabled, allows local ...
CVE-2013-0155	Ruby on Rails 3.0.x before 3.0.19, 3.1.x before 3.1.10, and 3.2.x before 3.2.11 does not properly co...
CVE-2013-0156	active_support/core_ext/hash/conversions.rb in Ruby on Rails before 2.3.15, 3.0.x before 3.0.19, 3.1...
CVE-2013-0157	(a) mount and (b) umount in util-linux 2.14.1, 2.17.2, and probably other versions allow local users...
CVE-2013-0158	Unspecified vulnerability in Jenkins before 1.498, Jenkins LTS before 1.480.2, and Jenkins Enterpris...
CVE-2013-0159	The fedora-business-cards package before 1-0.1.beta1.fc17 on Fedora 17 and before 1-0.1.beta1.fc18 o...	S
CVE-2013-0160	The Linux kernel through 3.7.9 allows local users to obtain sensitive information about keystroke ti...
CVE-2013-0161	Havalite CMS 1.1.7 has a stored XSS vulnerability...	E
CVE-2013-0162	The diff_pp function in lib/gauntlet_rubyparser.rb in the ruby_parser gem 3.1.1 and earlier for Ruby...	S
CVE-2013-0163	OpenShift haproxy cartridge: predictable /tmp in set-proxy connection hook which could facilitate Do...
CVE-2013-0164	The lockwrap function in port-proxy/bin/openshift-port-proxy-cfg in Red Hat OpenShift Origin before ...
CVE-2013-0165	cartridges/openshift-origin-cartridge-mongodb-2.2/info/bin/dump.sh in OpenShift does not properly cr...
CVE-2013-0166	OpenSSL before 0.9.8y, 1.0.0 before 1.0.0k, and 1.0.1 before 1.0.1d does not properly perform signat...
CVE-2013-0167	VDSM in Red Hat Enterprise Virtualization 3 and 3.2 allows privileged guest users to cause the host ...
CVE-2013-0168	The MoveDisk command in Red Hat Enterprise Virtualization Manager (RHEV-M) 3.1 and earlier does not ...
CVE-2013-0169	The TLS protocol 1.1 and 1.2 and the DTLS protocol 1.0 and 1.2, as used in OpenSSL, OpenJDK, PolarSS...
CVE-2013-0170	Use-after-free vulnerability in the virNetMessageFree function in rpc/virnetserverclient.c in libvir...	S
CVE-2013-0171	Foreman before 1.1 allows remote attackers to execute arbitrary code via a crafted YAML object to th...
CVE-2013-0172	Samba 4.0.x before 4.0.1, in certain Active Directory domain-controller configurations, does not pro...
CVE-2013-0173	Foreman before 1.1 uses a salt of "foreman" to hash root passwords, which makes it easier for attack...
CVE-2013-0174	The external node classifier (ENC) API in Foreman before 1.1 allows remote attackers to obtain the h...
CVE-2013-0175	multi_xml gem 0.5.2 for Ruby, as used in Grape before 0.2.6 and possibly other products, does not pr...
CVE-2013-0176	The publickey_from_privatekey function in libssh before 0.5.4, when no algorithm is matched during n...	S
CVE-2013-0177	Multiple cross-site scripting (XSS) vulnerabilities in widget/screen/ModelScreenWidget.java in Apach...
CVE-2013-0178	Insecure temporary file vulnerability in Redis before 2.6 related to /tmp/redis-%p.vm....	S
CVE-2013-0179	The process_bin_delete function in memcached.c in memcached 1.4.4 and other versions before 1.4.17, ...	E S
CVE-2013-0180	Insecure temporary file vulnerability in Redis 2.6 related to /tmp/redis.ds....	S
CVE-2013-0181	Cross-site scripting (XSS) vulnerability in Views in the Search API (search_api) module 7.x-1.x befo...	S
CVE-2013-0182	The Payment module 7.x-1.x before 7.x-1.3 for Drupal does not properly restrict access to payments, ...	S
CVE-2013-0183	multipart/parser.rb in Rack 1.3.x before 1.3.8 and 1.4.x before 1.4.3 allows remote attackers to cau...
CVE-2013-0184	Unspecified vulnerability in Rack::Auth::AbstractRequest in Rack 1.1.x before 1.1.5, 1.2.x before 1....
CVE-2013-0185	Cross-site request forgery (CSRF) vulnerability in ManageIQ Enterprise Virtualization Manager (EVM) ...
CVE-2013-0186	Multiple cross-site scripting (XSS) vulnerabilities in ManageIQ EVM allows remote attackers to injec...
CVE-2013-0187	Foreman before 1.1 allows remote authenticated users to gain privileges via a (1) XMLHttpRequest or ...
CVE-2013-0188	Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2013-0189, CVE-2013-0191. Reaso...	R
CVE-2013-0189	cachemgr.cgi in Squid 3.1.x and 3.2.x, possibly 3.1.22, 3.2.4, and other versions, allows remote att...	S
CVE-2013-0190	The xen_failsafe_callback function in Xen for the Linux kernel 2.6.23 and other versions, when runni...
CVE-2013-0191	libpam-pgsql (aka pam_pgsql) 0.7 does not properly handle a NULL value returned by the password sear...	E S
CVE-2013-0192	File Disclosure in SMF (SimpleMachines Forum) <= 2.0.3: Forum admin can read files such as the datab...
CVE-2013-0193	Cross-site Scripting (XSS) in Piwik before 1.10.1 allows remote attackers to inject arbitrary web sc...
CVE-2013-0194	Cross-site Scripting (XSS) in Piwik before 1.10.1 allows remote attackers to inject arbitrary web sc...
CVE-2013-0195	Cross-site Scripting (XSS) in Piwik before 1.10.1 allows remote attackers to inject arbitrary web sc...
CVE-2013-0196	A CSRF issue was found in OpenShift Enterprise 1.2. The web console is using 'Basic authentication' ...	E
CVE-2013-0197	Cross-site scripting (XSS) vulnerability in the filter_draw_selection_area2 function in core/filter_...
CVE-2013-0198	Dnsmasq before 2.66test2, when used with certain libvirt configurations, replies to queries from pro...	E S
CVE-2013-0199	The default LDAP ACIs in FreeIPA 3.0 before 3.1.2 do not restrict access to the (1) ipaNTTrustAuthIn...	S
CVE-2013-0200	HP Linux Imaging and Printing (HPLIP) through 3.12.4 allows local users to overwrite arbitrary files...	S
CVE-2013-0201	Multiple cross-site scripting (XSS) vulnerabilities in ownCloud 4.5.5, 4.0.10, and earlier allow rem...	E S
CVE-2013-0202	Cross-site scripting (XSS) vulnerability in ownCloud 4.5.5, 4.0.10, and earlier allows remote attack...
CVE-2013-0203	Multiple cross-site scripting (XSS) vulnerabilities in ownCloud 4.5.5, 4.0.10, and earlier allow rem...
CVE-2013-0204	settings/personal.php in ownCloud 4.5.x before 4.5.6 allows remote authenticated users to execute ar...
CVE-2013-0205	Cross-site request forgery (CSRF) vulnerability in the RESTful Web Services (restws) module 7.x-1.x ...	S
CVE-2013-0206	Unrestricted file upload vulnerability in the Live CSS module 6.x-2.x before 6.x-2.1 and 7.x-2.x bef...	S
CVE-2013-0207	Cross-site request forgery (CSRF) vulnerability in the Mark Complete module 7.x-1.x before 7.x-1.1 f...
CVE-2013-0208	The boot-from-volume feature in OpenStack Compute (Nova) Folsom and Essex, when using nova-volumes, ...
CVE-2013-0209	lib/MT/Upgrade.pm in mt-upgrade.cgi in Movable Type 4.2x and 4.3x through 4.38 does not require auth...	E S
CVE-2013-0210	The smart proxy Puppet run API in Foreman before 1.2.0 allows remote attackers to execute arbitrary ...
CVE-2013-0211	Integer signedness error in the archive_write_zip_data function in archive_write_set_format_zip.c in...	S
CVE-2013-0212	store/swift.py in OpenStack Glance Essex (2012.1), Folsom (2012.2) before 2012.2.3, and Grizzly, whe...	S
CVE-2013-0213	The Samba Web Administration Tool (SWAT) in Samba 3.x before 3.5.21, 3.6.x before 3.6.12, and 4.x be...
CVE-2013-0214	Cross-site request forgery (CSRF) vulnerability in the Samba Web Administration Tool (SWAT) in Samba...
CVE-2013-0215	oxenstored in Xen 4.1.x, Xen 4.2.x, and xen-unstable does not properly consider the state of the Xen...
CVE-2013-0216	The Xen netback functionality in the Linux kernel before 3.7.8 allows guest OS users to cause a deni...	E S
CVE-2013-0217	Memory leak in drivers/net/xen-netback/netback.c in the Xen netback functionality in the Linux kerne...	S
CVE-2013-0218	The GUI installer in JBoss Enterprise Application Platform (EAP) and Enterprise Web Platform (EWP) 5...
CVE-2013-0219	System Security Services Daemon (SSSD) before 1.9.4, when (1) creating, (2) copying, or (3) removing...
CVE-2013-0220	The (1) sss_autofs_cmd_getautomntent and (2) sss_autofs_cmd_getautomntbyname function in responder/a...
CVE-2013-0221	The SUSE coreutils-i18n.patch for GNU coreutils allows context-dependent attackers to cause a denial...	E S
CVE-2013-0222	The SUSE coreutils-i18n.patch for GNU coreutils allows context-dependent attackers to cause a denial...
CVE-2013-0223	The SUSE coreutils-i18n.patch for GNU coreutils allows context-dependent attackers to cause a denial...	E S
CVE-2013-0224	The Video module 7.x-2.x before 7.x-2.9 for Drupal, when using the FFmpeg transcoder, allows local u...	S
CVE-2013-0225	Cross-site scripting (XSS) vulnerability in the User Relationships module 6.x-1.x before 6.x-1.4 and...	S
CVE-2013-0226	The Keyboard Shortcut Utility module 7.x-1.x before 7.x-1.1 for Drupal does not properly check node ...
CVE-2013-0227	Cross-site scripting (XSS) vulnerability in the Search API Sorts module 7.x-1.x before 7.x-1.4 for D...	S
CVE-2013-0228	The xen_iret function in arch/x86/xen/xen-asm_32.S in the Linux kernel before 3.7.9 on 32-bit Xen pa...
CVE-2013-0229	The ProcessSSDPRequest function in minissdp.c in the SSDP handler in MiniUPnP MiniUPnPd before 1.4 a...
CVE-2013-0230	Stack-based buffer overflow in the ExecuteSoapAction function in the SOAPAction handler in the HTTP ...	E
CVE-2013-0231	The pciback_enable_msi function in the PCI backend driver (drivers/xen/pciback/conf_space_capability...
CVE-2013-0232	includes/functions.php in ZoneMinder Video Server 1.24.0, 1.25.0, and earlier allows remote attacker...	E
CVE-2013-0233	Devise gem 2.2.x before 2.2.3, 2.1.x before 2.1.3, 2.0.x before 2.0.5, and 1.5.x before 1.5.4 for Ru...	E
CVE-2013-0234	Cross-site scripting (XSS) vulnerability in the Twitter widget in Elgg before 1.7.17 and 1.8.x befor...	E S
CVE-2013-0235	The XMLRPC API in WordPress before 3.5.1 allows remote attackers to send HTTP requests to intranet s...	E S
CVE-2013-0236	Multiple cross-site scripting (XSS) vulnerabilities in WordPress before 3.5.1 allow remote attackers...	E S
CVE-2013-0237	Cross-site scripting (XSS) vulnerability in Plupload.as in Moxiecode plupload before 1.5.5, as used ...	E S
CVE-2013-0238	The try_parse_v4_netmask function in hostmask.c in IRCD-Hybrid before 8.0.6 does not properly valida...	E
CVE-2013-0239	Apache CXF before 2.5.9, 2.6.x before 2.6.6, and 2.7.x before 2.7.3, when the plaintext UsernameToke...	S
CVE-2013-0240	Gnome Online Accounts (GOA) 3.4.x, 3.6.x before 3.6.3, and 3.7.x before 3.7.5, does not properly val...
CVE-2013-0241	The QXL display driver in QXL Virtual GPU 0.1.0 allows local users to cause a denial of service (gue...
CVE-2013-0242	Buffer overflow in the extend_buffers function in the regular expression matcher (posix/regexec.c) i...	S
CVE-2013-0243	haskell-tls-extra before 0.6.1 has Basic Constraints attribute vulnerability may lead to Man in the ...
CVE-2013-0244	Cross-site scripting (XSS) vulnerability in Drupal 6.x before 6.28 and 7.x before 7.19, when running...	S
CVE-2013-0245	The printer friendly version functionality in the Book module in Drupal 6.x before 6.28 and 7.x befo...	S
CVE-2013-0246	The Image module in Drupal 7.x before 7.19, when a private file system is used, does not properly re...	S
CVE-2013-0247	OpenStack Keystone Essex 2012.1.3 and earlier, Folsom 2012.2.3 and earlier, and Grizzly grizzly-2 an...	S
CVE-2013-0248	The default configuration of javax.servlet.context.tempdir in Apache Commons FileUpload 1.0 through ...
CVE-2013-0249	Stack-based buffer overflow in the Curl_sasl_create_digest_md5_message function in lib/curl_sasl.c i...	E
CVE-2013-0250	The init_nss_hash function in exec/totemcrypto.c in Corosync 2.0 before 2.3 does not properly initia...	E S
CVE-2013-0251	Stack-based buffer overflow in llogincircuit.cc in latd 1.25 through 1.30 and earlier allows remote ...
CVE-2013-0252	boost::locale::utf::utf_traits in the Boost.Locale library in Boost 1.48 through 1.52 does not prope...
CVE-2013-0253	The default configuration of Apache Maven 3.0.4, when using Maven Wagon 2.1, disables SSL certificat...	S
CVE-2013-0254	The QSharedMemory class in Qt 5.0.0, 4.8.x before 4.8.5, 4.7.x before 4.7.6, and other versions incl...	S
CVE-2013-0255	PostgreSQL 9.2.x before 9.2.3, 9.1.x before 9.1.8, 9.0.x before 9.0.12, 8.4.x before 8.4.16, and 8.3...
CVE-2013-0256	darkfish.js in RDoc 2.3.0 through 3.12 and 4.x before 4.0.0.preview2.1, as used in Ruby, does not pr...
CVE-2013-0257	The email2image module 6.x-1.x and 6.x-2.x for Drupal does not properly restrict access to nodes, wh...	S
CVE-2013-0258	The Google Authenticator login (ga_login) module 7.x before 7.x-1.3 for Drupal, when multi-factor au...	S
CVE-2013-0259	Cross-site scripting (XSS) vulnerability in the Boxes module 7.x-1.x before 7.x-1.1 for Drupal allow...	S
CVE-2013-0260	Unspecified vulnerability in the Drush Debian Packaging module for Drupal allows local users to obta...
CVE-2013-0261	(1) installer/basedefs.py and (2) modules/ospluginutils.py in PackStack allows local users to overwr...
CVE-2013-0262	rack/file.rb (Rack::File) in Rack 1.5.x before 1.5.2 and 1.4.x before 1.4.5 allows attackers to acce...
CVE-2013-0263	Rack::Session::Cookie in Rack 1.5.x before 1.5.2, 1.4.x before 1.4.5, 1.3.x before 1.3.10, 1.2.x bef...
CVE-2013-0264	An import error was introduced in Cumin in the code refactoring in r5310. Server certificate validat...	S
CVE-2013-0265	The redirect_stderr function in xnbd_common.c in xnbd-server and xndb-wrapper in xNBD 0.1.0 allow lo...	E S
CVE-2013-0266	manifests/base.pp in the puppetlabs-cinder module, as used in PackStack, uses world-readable permiss...
CVE-2013-0267	The Privileges portion of the web GUI and the XMLRPC API in Apache VCL 2.3.x before 2.3.2, 2.2.x bef...
CVE-2013-0268	The msr_open function in arch/x86/kernel/msr.c in the Linux kernel before 3.7.6 allows local users t...
CVE-2013-0269	The JSON gem before 1.5.5, 1.6.x before 1.6.8, and 1.7.x before 1.7.7 for Ruby allows remote attacke...
CVE-2013-0270	OpenStack Keystone Grizzly before 2013.1, Folsom, and possibly earlier allows remote attackers to ca...	S
CVE-2013-0271	The MXit protocol plugin in libpurple in Pidgin before 2.10.7 might allow remote attackers to create...
CVE-2013-0272	Buffer overflow in http.c in the MXit protocol plugin in libpurple in Pidgin before 2.10.7 allows re...
CVE-2013-0273	sametime.c in the Sametime protocol plugin in libpurple in Pidgin before 2.10.7 does not properly te...
CVE-2013-0274	upnp.c in libpurple in Pidgin before 2.10.7 does not properly terminate long strings in UPnP respons...
CVE-2013-0275	Multiple cross-site scripting (XSS) vulnerabilities in Ganglia Web before 3.5.6 allow remote attacke...	E S
CVE-2013-0276	ActiveRecord in Ruby on Rails before 2.3.17, 3.1.x before 3.1.11, and 3.2.x before 3.2.12 allows rem...	S
CVE-2013-0277	ActiveRecord in Ruby on Rails before 2.3.17 and 3.x before 3.1.0 allows remote attackers to cause a ...	S
CVE-2013-0278	Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2013-1664, CVE-2013-1665. Reason:...	R
CVE-2013-0279	Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2013-1664, CVE-2013-1665. Reason:...	R
CVE-2013-0280	Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2013-1664, CVE-2013-1665. Reason:...	R
CVE-2013-0281	Pacemaker 1.1.10, when remote Cluster Information Base (CIB) configuration or resource management is...	E S
CVE-2013-0282	OpenStack Keystone Grizzly before 2013.1, Folsom 2012.1.3 and earlier, and Essex does not properly c...
CVE-2013-0283	Katello: Username in Notification page has cross site scripting...	E
CVE-2013-0284	Ruby agent 3.2.0 through 3.5.2 serializes sensitive data when communicating with servers operated by...
CVE-2013-0285	The nori gem 2.0.x before 2.0.2, 1.1.x before 1.1.4, and 1.0.x before 1.0.3 for Ruby does not proper...
CVE-2013-0286	Pinboard 1.0.6 theme for Wordpress has XSS....	E
CVE-2013-0287	The Simple Access Provider in System Security Services Daemon (SSSD) 1.9.0 through 1.9.4, when the A...	S
CVE-2013-0288	nss-pam-ldapd before 0.7.18 and 0.8.x before 0.8.11 allows context-dependent attackers to cause a de...
CVE-2013-0289	Isync 0.4 before 1.0.6, does not verify that the server hostname matches a domain name in the subjec...	S
CVE-2013-0290	The __skb_recv_datagram function in net/core/datagram.c in the Linux kernel before 3.8 does not prop...	S
CVE-2013-0291	NextGEN Gallery Plugin for WordPress 1.9.10 and 1.9.11 has a Path Disclosure Vulnerability...	E
CVE-2013-0292	The dbus_g_proxy_manager_filter function in dbus-gproxy in Dbus-glib before 0.100.1 does not properl...	E S
CVE-2013-0293	oVirt Node: Lock screen accepts F2 to drop to shell causing privilege escalation...
CVE-2013-0294	packet.py in pyrad before 2.1 uses weak random numbers to generate RADIUS authenticators and hash pa...	S
CVE-2013-0295	Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2013-0342. Reason: This candidate...	R
CVE-2013-0296	Race condition in pigz before 2.2.5 uses permissions derived from the umask when compressing a file ...
CVE-2013-0297	Multiple cross-site scripting (XSS) vulnerabilities in ownCloud before 4.0.12 and 4.5.x before 4.5.7...
CVE-2013-0298	Multiple cross-site scripting (XSS) vulnerabilities in ownCloud 4.5.x before 4.5.7 allow remote atta...
CVE-2013-0299	Multiple cross-site request forgery (CSRF) vulnerabilities in ownCloud before 4.0.12 and 4.5.x befor...
CVE-2013-0300	Multiple cross-site request forgery (CSRF) vulnerabilities in ownCloud 4.5.x before 4.5.7 allow remo...
CVE-2013-0301	Cross-site request forgery (CSRF) vulnerability in apps/calendar/ajax/settings/settimezone in ownClo...
CVE-2013-0302	Unspecified vulnerability in ownCloud Server before 4.0.12 allows remote attackers to obtain sensiti...
CVE-2013-0303	Unspecified vulnerability in core/ajax/translations.php in ownCloud before 4.0.12 and 4.5.x before 4...
CVE-2013-0304	ownCloud Server before 4.5.7 does not properly check ownership of calendars, which allows remote aut...
CVE-2013-0305	The administrative interface for Django 1.3.x before 1.3.6, 1.4.x before 1.4.4, and 1.5 before relea...	S
CVE-2013-0306	The form library in Django 1.3.x before 1.3.6, 1.4.x before 1.4.4, and 1.5 before release candidate ...
CVE-2013-0307	Cross-site scripting (XSS) vulnerability in settings.php in ownCloud before 4.0.12 and 4.5.x before ...
CVE-2013-0308	The imap-send command in GIT before 1.8.1.4 does not verify that the server hostname matches a domai...
CVE-2013-0309	arch/x86/include/asm/pgtable.h in the Linux kernel before 3.6.2, when transparent huge pages are use...
CVE-2013-0310	The cipso_v4_validate function in net/ipv4/cipso_ipv4.c in the Linux kernel before 3.4.8 allows loca...
CVE-2013-0311	The translate_desc function in drivers/vhost/vhost.c in the Linux kernel before 3.7 does not properl...	S
CVE-2013-0312	389 Directory Server before 1.3.0.4 allows remote attackers to cause a denial of service (crash) via...
CVE-2013-0313	The evm_update_evmxattr function in security/integrity/evm/evm_crypto.c in the Linux kernel before 3...
CVE-2013-0314	The GateIn Portal export/import gadget in JBoss Enterprise Portal Platform 5.2.2 does not properly c...
CVE-2013-0315	The GateIn Portal export/import gadget in JBoss Enterprise Portal Platform 5.2.2 allows remote attac...
CVE-2013-0316	The Image module in Drupal 7.x before 7.20 allows remote attackers to cause a denial of service (CPU...	S
CVE-2013-0317	Cross-site scripting (XSS) vulnerability in the Manager Change for Organic Groups (og_manager_change...	S
CVE-2013-0318	The admin page in the Banckle Chat module for Drupal does not properly restrict access, which allows...
CVE-2013-0319	Cross-site scripting (XSS) vulnerability in the Yandex.Metrics module 6.x-1.x before 6.x-1.6 and 7.x...	S
CVE-2013-0320	Cross-site request forgery (CSRF) vulnerability in the Taxonomy Manager (taxonomy_manager) module 6....	S
CVE-2013-0321	Cross-site scripting (XSS) vulnerability in Views in the Ubercart Views (uc_views) module 6.x before...	S
CVE-2013-0322	Cross-site scripting (XSS) vulnerability in Views in the Ubercart module 7.x-3.x before 7.x-3.4 for ...	S
CVE-2013-0323	Cross-site scripting (XSS) vulnerability in the Display Suite module 7.x-1.x before 7.x-1.7 and 7.x-...	S
CVE-2013-0324	Cross-site scripting (XSS) vulnerability in the Rendered links formatter in the Menu Reference modul...	S
CVE-2013-0325	Multiple cross-site scripting (XSS) vulnerabilities in the Varnish module 6.x-1.x before 6.x-1.2 and...	S
CVE-2013-0326	OpenStack nova base images permissions are world readable...
CVE-2013-0327	Cross-site request forgery (CSRF) vulnerability in Jenkins master in Jenkins before 1.502 and LTS be...
CVE-2013-0328	Cross-site scripting (XSS) vulnerability in Jenkins before 1.502 and LTS before 1.480.3 allows remot...
CVE-2013-0329	Unspecified vulnerability in Jenkins before 1.502 and LTS before 1.480.3 allows remote attackers to ...
CVE-2013-0330	Unspecified vulnerability in Jenkins before 1.502 and LTS before 1.480.3 allows remote authenticated...
CVE-2013-0331	Jenkins before 1.502 and LTS before 1.480.3 allows remote authenticated users with write access to c...
CVE-2013-0332	Multiple directory traversal vulnerabilities in ZoneMinder 1.24.x before 1.24.4 allow remote attacke...
CVE-2013-0333	lib/active_support/json/backends/yaml.rb in Ruby on Rails 2.3.x before 2.3.16 and 3.0.x before 3.0.2...
CVE-2013-0334	Bundler before 1.7, when multiple top-level source lines are used, allows remote attackers to instal...
CVE-2013-0335	OpenStack Compute (Nova) Grizzly, Folsom (2012.2), and Essex (2012.1) allows remote authenticated us...
CVE-2013-0336	The ipapwd_chpwop function in daemons/ipa-slapi-plugins/ipa-pwd-extop/ipa_pwd_extop.c in the directo...	E S
CVE-2013-0337	The default configuration of nginx, possibly 1.3.13 and earlier, uses world-readable permissions for...
CVE-2013-0338	libxml2 2.9.0 and earlier allows context-dependent attackers to cause a denial of service (CPU and m...
CVE-2013-0339	libxml2 through 2.9.1 does not properly handle external entities expansion unless an application dev...	E S
CVE-2013-0340	expat 2.1.0 and earlier does not properly handle entities expansion unless an application developer ...	E
CVE-2013-0341	Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was with...	R
CVE-2013-0342	The CreateID function in packet.py in pyrad before 2.1 uses sequential packet IDs, which makes it ea...	S
CVE-2013-0343	The ipv6_create_tempaddr function in net/ipv6/addrconf.c in the Linux kernel through 3.8 does not pr...
CVE-2013-0344	Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a...	R
CVE-2013-0345	varnish 3.0.3 uses world-readable permissions for the /var/log/varnish/ directory and the log files ...
CVE-2013-0346	Apache Tomcat 7.x uses world-readable permissions for the log directory and its files, which might a...
CVE-2013-0347	The Gentoo init script for webfs uses world-readable permissions for /var/log/webfsd.log, which allo...	E
CVE-2013-0348	thttpd.c in sthttpd before 2.26.4-r2 and thttpd 2.25b use world-readable permissions for /var/log/th...	S
CVE-2013-0349	The hidp_setup_hid function in net/bluetooth/hidp/core.c in the Linux kernel before 3.7.6 does not p...
CVE-2013-0350	tmp_smtp.c in pktstat 1.8.5 allows local users to overwrite arbitrary files via a symlink attack on ...
CVE-2013-0351	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 throug...
CVE-2013-0352	Unspecified vulnerability in the Enterprise Manager Base Platform component in Oracle Enterprise Man...
CVE-2013-0353	Unspecified vulnerability in the Enterprise Manager Base Platform component in Oracle Enterprise Man...
CVE-2013-0354	Unspecified vulnerability in the Enterprise Manager Base Platform component in Oracle Enterprise Man...
CVE-2013-0355	Unspecified vulnerability in the Enterprise Manager Base Platform component in Oracle Enterprise Man...
CVE-2013-0356	Unspecified vulnerability in the PeopleSoft PeopleTools component in Oracle PeopleSoft Products 8.51...
CVE-2013-0357	Unspecified vulnerability in the PeopleSoft PeopleTools component in Oracle PeopleSoft Products 8.52...
CVE-2013-0358	Unspecified vulnerability in the Enterprise Manager Base Platform component in Oracle Enterprise Man...
CVE-2013-0359	Unspecified vulnerability in the APM - Application Performance Management component in Oracle Enterp...
CVE-2013-0360	Unspecified vulnerability in the Application Performance Management (APM) component in Oracle Enterp...
CVE-2013-0361	Unspecified vulnerability in the Mobile Server component in Oracle Database Mobile/Lite Server (form...
CVE-2013-0362	Unspecified vulnerability in the Mobile Server component in Oracle Database Mobile/Lite Server (form...
CVE-2013-0363	Unspecified vulnerability in the Mobile Server component in Oracle Database Mobile/Lite Server (form...
CVE-2013-0364	Unspecified vulnerability in the Mobile Server component in Oracle Database Mobile/Lite Server (form...
CVE-2013-0365	Unspecified vulnerability in the Siebel CRM component in Oracle Siebel CRM 8.1.1 and 8.2.2 allows re...
CVE-2013-0366	Unspecified vulnerability in the Mobile Server component in Oracle Database Mobile/Lite Server (form...
CVE-2013-0367	Unspecified vulnerability in the Server component in Oracle MySQL 5.5.28 and earlier allows remote a...
CVE-2013-0368	Unspecified vulnerability in the Server component in Oracle MySQL 5.5.28 and earlier allows remote a...
CVE-2013-0369	Unspecified vulnerability in the PeopleSoft PeopleTools component in Oracle PeopleSoft Products 8.51...
CVE-2013-0370	Unspecified vulnerability in the Oracle Agile PLM Framework component in Oracle Supply Chain Product...
CVE-2013-0371	Unspecified vulnerability in the Server component in Oracle MySQL 5.5.28 and earlier allows remote a...
CVE-2013-0372	Unspecified vulnerability in the Enterprise Manager Base Platform component in Oracle Enterprise Man...
CVE-2013-0373	Unspecified vulnerability in the Enterprise Manager Base Platform component in Oracle Enterprise Man...
CVE-2013-0374	Unspecified vulnerability in the Enterprise Manager Base Platform component in Oracle Enterprise Man...
CVE-2013-0375	Unspecified vulnerability in the Server component in Oracle MySQL 5.1.66 and earlier, and 5.1.28 and...
CVE-2013-0376	Unspecified vulnerability in the Oracle Applications Framework component in Oracle E-Business Suite ...
CVE-2013-0377	Unspecified vulnerability in the Oracle Applications Technology Stack component in Oracle E-Business...
CVE-2013-0378	Unspecified vulnerability in the Siebel CRM component in Oracle Siebel CRM 8.1.1 and 8.2.2 allows re...
CVE-2013-0379	Unspecified vulnerability in the Siebel CRM component in Oracle Siebel CRM 8.1.1 and 8.2.2 allows re...
CVE-2013-0380	Unspecified vulnerability in the Oracle Payroll component in Oracle E-Business Suite 11.5.10.2, 12.0...
CVE-2013-0381	Unspecified vulnerability in the Oracle CRM Technical Foundation component in Oracle E-Business Suit...
CVE-2013-0382	Unspecified vulnerability in the Oracle Marketing component in Oracle E-Business Suite 11.5.10.2, 12...
CVE-2013-0383	Unspecified vulnerability in the Server component in Oracle MySQL 5.1.66 and earlier, and 5.5.28 and...
CVE-2013-0384	Unspecified vulnerability in the Server component in Oracle MySQL 5.1.66 and earlier, and 5.5.28 and...
CVE-2013-0385	Unspecified vulnerability in the Server component in Oracle MySQL 5.1.66 and earlier, and 5.5.28 and...
CVE-2013-0386	Unspecified vulnerability in the Server component in Oracle MySQL 5.5.28 and earlier allows remote a...
CVE-2013-0387	Unspecified vulnerability in the PeopleSoft PeopleTools component in Oracle PeopleSoft Products 8.51...
CVE-2013-0388	Unspecified vulnerability in the PeopleSoft HRMS component in Oracle PeopleSoft Products 9.1 allows ...
CVE-2013-0389	Unspecified vulnerability in the Server component in Oracle MySQL 5.1.66 and earlier, and 5.5.28 and...
CVE-2013-0390	Unspecified vulnerability in the Oracle Applications Framework component in Oracle E-Business Suite ...
CVE-2013-0391	Unspecified vulnerability in the PeopleSoft PeopleTools component in Oracle PeopleSoft Products 8.52...
CVE-2013-0392	Unspecified vulnerability in the PeopleSoft PeopleTools component in Oracle PeopleSoft Products 8.51...
CVE-2013-0393	Unspecified vulnerability in the Oracle Outside In Technology component in Oracle Fusion Middleware ...
CVE-2013-0394	Unspecified vulnerability in the PeopleSoft HRMS component in Oracle PeopleSoft Products 9.0 and 9.1...
CVE-2013-0395	Unspecified vulnerability in the PeopleSoft PeopleTools component in Oracle PeopleSoft Products 8.51...
CVE-2013-0396	Unspecified vulnerability in the Application Performance Management (APM) component in Oracle Enterp...
CVE-2013-0397	Unspecified vulnerability in the Oracle Applications Framework component in Oracle E-Business Suite ...
CVE-2013-0398	Unspecified vulnerability in Oracle Solaris 8, 9, 10, and 11 allows remote attackers to affect confi...	S
CVE-2013-0399	Unspecified vulnerability in Oracle Sun Solaris 9 and 10 allows local users to affect confidentialit...	S
CVE-2013-0400	Unspecified vulnerability in Oracle Sun Solaris 9 and 10 allows local users to affect confidentialit...	S
CVE-2013-0401	The Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier, 6 Update 43 ...
CVE-2013-0402	Heap-based buffer overflow in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Updat...
CVE-2013-0403	Unspecified vulnerability in Oracle Sun Solaris 8, 9, 10, and 11 allows local users to affect availa...	S
CVE-2013-0404	Unspecified vulnerability in Oracle Sun Solaris 10 allows local users to affect confidentiality, int...	S
CVE-2013-0405	Unspecified vulnerability in Oracle Sun Solaris 8, 9, 10, and 11 allows remote attackers to affect c...	S
CVE-2013-0406	Unspecified vulnerability in Oracle Sun Solaris 10 allows remote attackers to affect integrity via u...	S
CVE-2013-0407	Unspecified vulnerability in Oracle Sun Solaris 10 and 11 allows local users to affect availability ...	S
CVE-2013-0408	Unspecified vulnerability in Oracle Sun Solaris 10 allows local users to affect availability via vec...	S
CVE-2013-0409	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 throug...
CVE-2013-0410	Unspecified vulnerability in the Agile EDM component in Oracle Supply Chain Products Suite 6.1.1.0, ...
CVE-2013-0411	Unspecified vulnerability in Oracle Sun Solaris 8, 9, and 10 allows local users to affect confidenti...	S
CVE-2013-0412	Unspecified vulnerability in Oracle Sun Solaris 8, 9, 10, and 11 allows local users to affect integr...	S
CVE-2013-0413	Unspecified vulnerability in Oracle Sun Solaris 10 and 11 allows local users to affect confidentiali...	S
CVE-2013-0414	Unspecified vulnerability in Oracle Sun Solaris 11 allows local users to affect integrity and availa...
CVE-2013-0415	Unspecified vulnerability in Oracle Sun Solaris 10 allows local users to affect confidentiality, int...	S
CVE-2013-0416	Unspecified vulnerability in the Siebel Enterprise Application Integration component in Oracle Siebe...
CVE-2013-0417	Unspecified vulnerability in the Sun Storage Common Array Manager (CAM) component in Oracle Sun Prod...
CVE-2013-0418	Unspecified vulnerability in the Oracle Outside In Technology component in Oracle Fusion Middleware ...
CVE-2013-0419	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 throug...
CVE-2013-0420	Unspecified vulnerability in the VirtualBox component in Oracle Virtualization 4.0, 4.1, and 4.2 all...	E S
CVE-2013-0421	Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...	R
CVE-2013-0422	Multiple vulnerabilities in Oracle Java 7 before Update 11 allow remote attackers to execute arbitra...	KEV
CVE-2013-0423	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 throug...
CVE-2013-0424	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 throug...
CVE-2013-0425	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 throug...
CVE-2013-0426	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 throug...
CVE-2013-0427	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 throug...
CVE-2013-0428	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 throug...
CVE-2013-0429	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 throug...
CVE-2013-0430	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 throug...
CVE-2013-0431	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 throug...	KEV
CVE-2013-0432	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 throug...
CVE-2013-0433	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 throug...
CVE-2013-0434	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 throug...
CVE-2013-0435	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 throug...
CVE-2013-0436	Unspecified vulnerability in the JavaFX component in Oracle Java SE JavaFX 2.2.4 and earlier allows ...
CVE-2013-0437	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 throug...
CVE-2013-0438	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 throug...
CVE-2013-0439	Unspecified vulnerability in the JavaFX component in Oracle Java SE JavaFX 2.2.4 and earlier allows ...
CVE-2013-0440	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 throug...
CVE-2013-0441	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 throug...
CVE-2013-0442	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 throug...
CVE-2013-0443	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 throug...
CVE-2013-0444	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 throug...
CVE-2013-0445	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 throug...
CVE-2013-0446	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 throug...
CVE-2013-0447	Unspecified vulnerability in the JavaFX component in Oracle Java SE JavaFX 2.2.4 and earlier allows ...
CVE-2013-0448	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 throug...
CVE-2013-0449	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 throug...
CVE-2013-0450	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 throug...
CVE-2013-0451	SQL injection vulnerability in IBM Maximo Asset Management 6.2 through 6.2.8 and 7.1 through 7.1.1.1...
CVE-2013-0452	Cross-site request forgery (CSRF) vulnerability in the Software Use Analysis (SUA) application befor...
CVE-2013-0453	Cross-site scripting (XSS) vulnerability in Web Reports in IBM Tivoli Endpoint Manager (TEM) before ...
CVE-2013-0454	The SMB2 implementation in Samba 3.6.x before 3.6.6, as used on the IBM Storwize V7000 Unified 1.3 b...
CVE-2013-0455	Multiple cross-site scripting (XSS) vulnerabilities in IBM Sterling B2B Integrator 5.2.4 and Sterlin...
CVE-2013-0456	IBM Sterling B2B Integrator 5.1 and 5.2 and Sterling File Gateway 2.1 and 2.2 allow remote authentic...
CVE-2013-0457	Cross-site scripting (XSS) vulnerability in IBM Maximo Asset Management 7.5, Maximo Asset Management...
CVE-2013-0458	Cross-site scripting (XSS) vulnerability in the Administrative console in IBM WebSphere Application ...
CVE-2013-0459	Cross-site scripting (XSS) vulnerability in the Administrative console in IBM WebSphere Application ...
CVE-2013-0460	Cross-site request forgery (CSRF) vulnerability in the portlet subsystem in the administrative conso...
CVE-2013-0461	Cross-site scripting (XSS) vulnerability in the virtual member manager (VMM) administrative console ...
CVE-2013-0462	Unspecified vulnerability in IBM WebSphere Application Server (WAS) 6.1, 7.0 before 7.0.0.27, 8.0, a...
CVE-2013-0463	IBM Sterling B2B Integrator 5.1 and 5.2 and Sterling File Gateway 2.1 and 2.2 allow remote authentic...
CVE-2013-0464	Multiple cross-site scripting (XSS) vulnerabilities in IBM Eclipse Help System (IEHS) 3.4.3 and 3.6....
CVE-2013-0465	Unspecified vulnerability in the IBM WebSphere Cast Iron physical and virtual appliance 6.0 and 6.1 ...	S
CVE-2013-0466	Cross-site scripting (XSS) vulnerability in IBM WebSphere Message Broker 7.0 before 7.0.0.6 and 8.0 ...
CVE-2013-0467	IBM Eclipse Help System (IEHS), as used in IBM Data Studio 3.1 and 3.1.1 and other products, allows ...
CVE-2013-0468	Cross-site scripting (XSS) vulnerability in IBM Sterling B2B Integrator 5.1 and 5.2 and Sterling Fil...
CVE-2013-0470	HTTPD in IBM Netezza Performance Portal 1.0.2 allows remote authenticated users to list application ...
CVE-2013-0471	The traditional scheduler in the client in IBM Tivoli Storage Manager (TSM) before 6.2.5.0, 6.3 befo...
CVE-2013-0472	The Web GUI in the client in IBM Tivoli Storage Manager (TSM) 6.3 before 6.3.1.0 and 6.4 before 6.4....	S
CVE-2013-0473	Multiple cross-site scripting (XSS) vulnerabilities in IBM Security AppScan Enterprise 5.6 and 8.x b...
CVE-2013-0474	The Manual Explore browser plug-in in IBM Security AppScan Enterprise 5.6 and 8.x before 8.7 and IBM...
CVE-2013-0475	IBM Sterling B2B Integrator 5.1 and 5.2 and Sterling File Gateway 2.1 and 2.2 allow remote authentic...
CVE-2013-0476	IBM Sterling B2B Integrator 5.1 and 5.2 and Sterling File Gateway 2.1 and 2.2 allow remote attackers...
CVE-2013-0477	Multiple cross-site scripting (XSS) vulnerabilities in IBM InfoSphere Master Data Management - Colla...
CVE-2013-0478	Cross-site scripting (XSS) vulnerability in IBM InfoSphere Master Data Management - Collaborative Ed...
CVE-2013-0479	IBM Sterling B2B Integrator 5.1 and 5.2 and Sterling File Gateway 2.1 and 2.2 do not properly restri...
CVE-2013-0481	The console in IBM Sterling B2B Integrator 5.1 and 5.2 and Sterling File Gateway 2.1 and 2.2 allows ...
CVE-2013-0482	IBM WebSphere Application Server (WAS) 7.0 before 7.0.0.29, 8.0 before 8.0.0.6, and 8.5 through 8.5....
CVE-2013-0483	The login component in SOAP Gateway in IBM IMS Enterprise Suite 1.1, 2.1, and 2.2 uses cleartext cre...
CVE-2013-0484	The server process in IBM Cognos TM1 10.1.x before 10.1.1 FP1 allows remote attackers to cause a den...
CVE-2013-0485	Unspecified vulnerability in IBM Java SDK 7 before SR4-FP1, 6 before SR13-FP1, 5.0 before SR16-FP1, ...
CVE-2013-0486	Memory leak in the HTTP server in IBM Domino 8.5.x allows remote attackers to cause a denial of serv...
CVE-2013-0487	The Java Console in IBM Domino 8.5.x allows remote authenticated users to hijack temporary credentia...
CVE-2013-0488	Cross-site scripting (XSS) vulnerability in webadmin.nsf (aka the Web Administrator client) in IBM D...
CVE-2013-0489	Cross-site request forgery (CSRF) vulnerability in webadmin.nsf (aka the Web Administrator client) i...
CVE-2013-0490	Unspecified vulnerability in IBM InfoSphere Guardium S-TAP 8.1 for DB2 on z/OS allows local users to...
CVE-2013-0492	Cross-site scripting (XSS) vulnerability in IBM Informix Open Admin Tool (OAT) 2.x and 3.x before 3....
CVE-2013-0494	IBM Sterling B2B Integrator 5.0 and 5.1 allows remote attackers to cause a denial of service (memory...
CVE-2013-0499	Cross-site scripting (XSS) vulnerability in the echo functionality on IBM WebSphere DataPower SOA ap...	E
CVE-2013-0500	IBM Storwize V7000 Unified 1.3.x and 1.4.x before 1.4.2.0 does not properly handle device files that...
CVE-2013-0501	The EdrawSoft EDOFFICE.EDOfficeCtrl.1 ActiveX control, as used in Edraw Office Viewer Component, the...
CVE-2013-0502	Cross-site scripting (XSS) vulnerability in IBM InfoSphere Information Server 8.1, 8.5 through FP3, ...
CVE-2013-0503	Cross-site scripting (XSS) vulnerability in the Bookmarks component in IBM Lotus Connections before ...
CVE-2013-0504	Buffer overflow in the broker service in Adobe Flash Player before 10.3.183.67 and 11.x before 11.6....	S
CVE-2013-0505	IBM Sterling Order Management 8.0 before HF127, 8.5 before HF89, 9.0 before HF69, 9.1.0 before FP41,...
CVE-2013-0506	Cross-site scripting (XSS) vulnerability in IBM Sterling Order Management 8.0 before HF127, 8.5 befo...
CVE-2013-0507	IBM InfoSphere Information Server 8.1, 8.5, 8.7, 9.1 has a Session Fixation Vulnerability...
CVE-2013-0508	Multiple buffer overflows in IBM Tivoli Netcool System Service Monitors (SSM) and Application Servic...
CVE-2013-0509	Buffer overflow in the Transaction MIB agent in IBM Tivoli Netcool System Service Monitors (SSM) and...
CVE-2013-0510	IBM Security AppScan Enterprise 5.6 and 8.x before 8.7 includes a security test that sends session c...
CVE-2013-0511	Multiple SQL injection vulnerabilities in IBM Security AppScan Enterprise 5.6 and 8.x before 8.7 all...
CVE-2013-0512	Stack-based buffer overflow in the Manual Explore browser plug-in for Firefox in IBM Security AppSca...
CVE-2013-0513	IBM Security AppScan Enterprise 5.6 and 8.x before 8.7 and IBM Rational Policy Tester 5.6 and 8.x be...
CVE-2013-0516	Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in...	R
CVE-2013-0517	A Command Execution Vulnerability exists in IBM Sterling External Authentication Server 2.2.0, 2.3.0...
CVE-2013-0518	IBM Sterling Secure Proxy 3.2.0 and 3.3.01 before 3.3.01.23 Interim Fix 1, 3.4.0 before 3.4.0.6 Inte...
CVE-2013-0519	IBM Sterling Secure Proxy 3.2.0 and 3.3.01 before 3.3.01.23 Interim Fix 1, 3.4.0 before 3.4.0.6 Inte...
CVE-2013-0520	IBM Sterling Secure Proxy 3.2.0 and 3.3.01 before 3.3.01.23 Interim Fix 1, 3.4.0 before 3.4.0.6 Inte...
CVE-2013-0522	The Notes Client Single Logon feature in IBM Notes 8.0, 8.0.1, 8.0.2, 8.5, 8.5.1, 8.5.2, 8.5.3, and ...
CVE-2013-0523	IBM WebSphere Commerce Enterprise 5.6.x through 5.6.1.5, 6.0.x through 6.0.0.11, and 7.0.x through 7...
CVE-2013-0525	Multiple cross-site scripting (XSS) vulnerabilities in IBM iNotes 8.5.x allow local users to inject ...
CVE-2013-0526	ping.php in Global Console Manager 16 (GCM16) and Global Console Manager 32 (GCM32) before 1.20.0.22...
CVE-2013-0527	The Browser in IBM Sterling Connect:Direct 1.4 before 1.4.0.11 and 1.5 through 1.5.0.1 does not clos...
CVE-2013-0528	Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in...	R
CVE-2013-0529	The Browser in IBM Sterling Connect:Direct 1.4 before 1.4.0.11 and 1.5 through 1.5.0.1 does not set ...
CVE-2013-0531	The SSL implementation in IBM Security AppScan Enterprise before 8.7.0.1 enables cipher suites with ...
CVE-2013-0532	Cross-site request forgery (CSRF) vulnerability in IBM Security AppScan Enterprise 5.6 and 8.x befor...
CVE-2013-0533	Cross-site scripting (XSS) vulnerability in the Sametime Links server in IBM Sametime 8.0.2 through ...
CVE-2013-0534	The Connect client in IBM Sametime 8.5.1, 8.5.1.1, 8.5.1.2, 8.5.2, and 8.5.2.1, as used in the Lotus...
CVE-2013-0535	Multiple cross-site scripting (XSS) vulnerabilities in the Classic Meeting Server in IBM Sametime 7....
CVE-2013-0536	ntmulti.exe in the Multi User Profile Cleanup service in IBM Notes 8.0, 8.0.1, 8.0.2, 8.5, 8.5.1, 8....
CVE-2013-0537	The Enterprise Meeting Server in IBM Lotus Sametime 8.5.2 and 8.5.2.1 allows remote authenticated us...
CVE-2013-0538	Cross-site scripting (XSS) vulnerability in IBM Lotus Notes 8.x before 8.5.3 FP4 Interim Fix 1 and 9...
CVE-2013-0539	An unspecified third-party component in IBM Sterling B2B Integrator 5.1 and 5.2 and Sterling File Ga...
CVE-2013-0540	IBM WebSphere Application Server (WAS) Liberty Profile 8.5 before 8.5.0.2, when SSL is not enabled, ...
CVE-2013-0541	Buffer overflow in IBM WebSphere Application Server (WAS) 6.1 before 6.1.0.47, 7.0 before 7.0.0.29, ...
CVE-2013-0542	Cross-site scripting (XSS) vulnerability in the Administrative console in IBM WebSphere Application ...
CVE-2013-0543	IBM WebSphere Application Server (WAS) 6.1 before 6.1.0.47, 7.0 before 7.0.0.29, 8.0 before 8.0.0.6,...
CVE-2013-0544	Directory traversal vulnerability in the Administrative Console in IBM WebSphere Application Server ...
CVE-2013-0548	Multiple cross-site scripting (XSS) vulnerabilities in the Basic Services component in IBM Tivoli Mo...
CVE-2013-0549	Cross-site scripting (XSS) vulnerability in the Web Content Manager - Web Content Viewer Portlet in ...
CVE-2013-0550	Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in...	R
CVE-2013-0551	The Basic Services component in IBM Tivoli Monitoring (ITM) 6.2.0 through FP3, 6.2.1 through FP4, 6....
CVE-2013-0553	The client implementation in IBM Sametime 8.5.1 through 8.5.2.1, as used in Sametime Connect client,...
CVE-2013-0558	IBM Sterling B2B Integrator 5.1 and 5.2 and Sterling File Gateway 2.1 and 2.2 allow remote attackers...
CVE-2013-0559	Unspecified vulnerability in IBM API Management 2.0 before 2.0.0.1 allows remote attackers to access...
CVE-2013-0560	Multiple SQL injection vulnerabilities in IBM Sterling B2B Integrator 5.1 and 5.2 and Sterling File ...
CVE-2013-0565	Cross-site scripting (XSS) vulnerability in the RPC adapter for the Web 2.0 and Mobile toolkit in IB...
CVE-2013-0566	Multiple cross-site scripting (XSS) vulnerabilities in the (1) Accelerator JSPs, (2) Organization Ad...
CVE-2013-0567	IBM Sterling B2B Integrator 5.1 and 5.2 and Sterling File Gateway 2.1 and 2.2 allow remote authentic...
CVE-2013-0568	IBM Sterling B2B Integrator 5.1 and 5.2 and Sterling File Gateway 2.1 and 2.2 allow remote authentic...
CVE-2013-0569	Cross-site scripting (XSS) vulnerability in the Communities component in IBM Connections 4.5 allows ...
CVE-2013-0570	The Fibre Channel over Ethernet (FCoE) feature in IBM System Networking and Blade Network Technology...
CVE-2013-0571	Cross-site scripting (XSS) vulnerability in IBM Document Connect for Application Support Facility (a...
CVE-2013-0572	Cross-site scripting (XSS) vulnerability in IBM Document Connect for Application Support Facility (a...
CVE-2013-0576	Cross-site scripting (XSS) vulnerability in the Tivoli Enterprise Portal browser client in IBM Tivol...	S
CVE-2013-0577	The Optim E-Business Console in IBM Data Growth Solution for Oracle E-business Suite 6.0 through 9.1...
CVE-2013-0578	The Sterling Order Management APIs in IBM Sterling Multi-Channel Fulfillment Solution 8.0 before HF1...
CVE-2013-0579	The Optim E-Business Console in IBM Data Growth Solution for Oracle E-business Suite 6.0 through 9.1...
CVE-2013-0580	Cross-site request forgery (CSRF) vulnerability in the Optim E-Business Console in IBM Data Growth S...
CVE-2013-0581	Multiple cross-site scripting (XSS) vulnerabilities in IBM Business Process Manager (BPM) 7.5.1.x, 8...
CVE-2013-0582	Cross-site scripting (XSS) vulnerability in IBM Tivoli Federated Identity Manager (TFIM) 6.2.0 befor...
CVE-2013-0584	The Data Replication Dashboard component in IBM InfoSphere Replication Server 9.7 and 10.x before 10...
CVE-2013-0585	Multiple cross-site scripting (XSS) vulnerabilities in IBM InfoSphere Information Server through 8.5...	S
CVE-2013-0586	Cross-site scripting (XSS) vulnerability in the server in IBM Cognos Business Intelligence (BI) 8.4....
CVE-2013-0587	Multiple cross-site scripting (XSS) vulnerabilities in IBM WebSphere Portal before 8.0.0.1 CF07 allo...
CVE-2013-0589	IBM iNotes before 8.5.3 Fix Pack 6 and 9.x before 9.0.1 allows remote attackers to bypass the remote...	S
CVE-2013-0590	Cross-site scripting (XSS) vulnerability in iNotes 8.5.x in IBM Lotus Domino 8.5 before 8.5.3 FP5 al...
CVE-2013-0591	Cross-site scripting (XSS) vulnerability in iNotes 8.5.x in IBM Lotus Domino 8.5 before 8.5.3 FP5 al...
CVE-2013-0592	Cross-site scripting (XSS) vulnerability in IBM iNotes before 8.5.3 Fix Pack 6 and 9.x before 9.0.1 ...	S
CVE-2013-0593	Unspecified vulnerability in the olch2x32 ActiveX control in IBM SPSS SamplePower 3.0 before 3.0-IM-...
CVE-2013-0594	Open redirect vulnerability in IBM iNotes before 8.5.3 Fix Pack 6 and 9.x before 9.0.1 allows remote...	S
CVE-2013-0595	Multiple cross-site scripting (XSS) vulnerabilities in iNotes 8.5.x in IBM Lotus Domino 8.5 before 8...
CVE-2013-0596	Cross-site scripting (XSS) vulnerability in the Administrative console in IBM WebSphere Application ...
CVE-2013-0597	Cross-site scripting (XSS) vulnerability in IBM WebSphere Application Server (WAS) 7.0 before 7.0.0....
CVE-2013-0598	Cross-site request forgery (CSRF) vulnerability in the Web Client in IBM Rational ClearQuest 7.1 bef...
CVE-2013-0599	IBM Eclipse Help System (IEHS), as used in IBM Rational Directory Server 5.1.1 through 5.1.1.2 and 5...
CVE-2013-0600	Unspecified vulnerability on IBM WebSphere DataPower XC10 Appliance devices 2.0 and 2.1 through 2.1 ...
CVE-2013-0601	Adobe Reader and Acrobat 9.x before 9.5.3, 10.x before 10.1.5, and 11.x before 11.0.1 allow attacker...	S
CVE-2013-0602	Use-after-free vulnerability in Adobe Reader and Acrobat 9.x before 9.5.3, 10.x before 10.1.5, and 1...	S
CVE-2013-0603	Heap-based buffer overflow in Adobe Reader and Acrobat 9.x before 9.5.3, 10.x before 10.1.5, and 11....	S
CVE-2013-0604	Heap-based buffer overflow in Adobe Reader and Acrobat 9.x before 9.5.3, 10.x before 10.1.5, and 11....
CVE-2013-0605	Adobe Reader and Acrobat 9.x before 9.5.3, 10.x before 10.1.5, and 11.x before 11.0.1 allow attacker...
CVE-2013-0606	Buffer overflow in Adobe Reader and Acrobat 9.x before 9.5.3, 10.x before 10.1.5, and 11.x before 11...
CVE-2013-0607	Adobe Reader and Acrobat 9.x before 9.5.3, 10.x before 10.1.5, and 11.x before 11.0.1 allow attacker...
CVE-2013-0608	Adobe Reader and Acrobat 9.x before 9.5.3, 10.x before 10.1.5, and 11.x before 11.0.1 allow attacker...
CVE-2013-0609	Integer overflow in Adobe Reader and Acrobat 9.x before 9.5.3, 10.x before 10.1.5, and 11.x before 1...
CVE-2013-0610	Stack-based buffer overflow in Adobe Reader and Acrobat 9.x before 9.5.3, 10.x before 10.1.5, and 11...
CVE-2013-0611	Adobe Reader and Acrobat 9.x before 9.5.3, 10.x before 10.1.5, and 11.x before 11.0.1 allow attacker...
CVE-2013-0612	Buffer overflow in Adobe Reader and Acrobat 9.x before 9.5.3, 10.x before 10.1.5, and 11.x before 11...	S
CVE-2013-0613	Integer overflow in Adobe Reader and Acrobat 9.x before 9.5.3, 10.x before 10.1.5, and 11.x before 1...
CVE-2013-0614	Adobe Reader and Acrobat 9.x before 9.5.3, 10.x before 10.1.5, and 11.x before 11.0.1 allow attacker...
CVE-2013-0615	Buffer overflow in Adobe Reader and Acrobat 9.x before 9.5.3, 10.x before 10.1.5, and 11.x before 11...
CVE-2013-0616	Adobe Reader and Acrobat 9.x before 9.5.3, 10.x before 10.1.5, and 11.x before 11.0.1 allow attacker...
CVE-2013-0617	Buffer overflow in Adobe Reader and Acrobat 9.x before 9.5.3, 10.x before 10.1.5, and 11.x before 11...
CVE-2013-0618	Adobe Reader and Acrobat 9.x before 9.5.3, 10.x before 10.1.5, and 11.x before 11.0.1 allow attacker...
CVE-2013-0619	Adobe Reader and Acrobat 9.x before 9.5.3, 10.x before 10.1.5, and 11.x before 11.0.1 allow attacker...
CVE-2013-0620	Adobe Reader and Acrobat 9.x before 9.5.3, 10.x before 10.1.5, and 11.x before 11.0.1 allow attacker...
CVE-2013-0621	Buffer overflow in Adobe Reader and Acrobat 9.x before 9.5.3, 10.x before 10.1.5, and 11.x before 11...	S
CVE-2013-0622	Adobe Reader and Acrobat 9.x before 9.5.3, 10.x before 10.1.5, and 11.x before 11.0.1 allow attacker...
CVE-2013-0623	Adobe Reader and Acrobat 9.x before 9.5.3, 10.x before 10.1.5, and 11.x before 11.0.1 allow attacker...	S
CVE-2013-0624	Adobe Reader and Acrobat 9.x before 9.5.3, 10.x before 10.1.5, and 11.x before 11.0.1 allow attacker...	S
CVE-2013-0625	Adobe ColdFusion 9.0, 9.0.1, and 9.0.2, when a password is not configured, allows remote attackers t...	KEV
CVE-2013-0626	Stack-based buffer overflow in Adobe Reader and Acrobat 9.x before 9.5.3, 10.x before 10.1.5, and 11...
CVE-2013-0627	Unspecified vulnerability in Adobe Reader and Acrobat 9.x before 9.5.3, 10.x before 10.1.5, and 11.x...	S
CVE-2013-0628	Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...	R
CVE-2013-0629	Adobe ColdFusion 9.0, 9.0.1, 9.0.2, and 10, when a password is not configured, allows attackers to a...	KEV
CVE-2013-0630	Buffer overflow in Adobe Flash Player before 10.3.183.50 and 11.x before 11.5.502.146 on Windows and...	S
CVE-2013-0631	Adobe ColdFusion 9.0, 9.0.1, and 9.0.2 allows attackers to obtain sensitive information via unspecif...	KEV
CVE-2013-0632	administrator.cfc in Adobe ColdFusion 9.0, 9.0.1, 9.0.2, and 10 allows remote attackers to bypass au...	KEV E M
CVE-2013-0633	Buffer overflow in Adobe Flash Player before 10.3.183.51 and 11.x before 11.5.502.149 on Windows and...	S
CVE-2013-0634	Adobe Flash Player before 10.3.183.51 and 11.x before 11.5.502.149 on Windows and Mac OS X, before 1...	S
CVE-2013-0635	Adobe Shockwave Player before 12.0.0.112 allows attackers to execute arbitrary code or cause a denia...	S
CVE-2013-0636	Stack-based buffer overflow in Adobe Shockwave Player before 12.0.0.112 allows attackers to execute ...	S
CVE-2013-0637	Adobe Flash Player before 10.3.183.63 and 11.x before 11.6.602.168 on Windows, before 10.3.183.61 an...
CVE-2013-0638	Adobe Flash Player before 10.3.183.63 and 11.x before 11.6.602.168 on Windows, before 10.3.183.61 an...
CVE-2013-0639	Integer overflow in Adobe Flash Player before 10.3.183.63 and 11.x before 11.6.602.168 on Windows, b...
CVE-2013-0640	Adobe Reader and Acrobat 9.x before 9.5.4, 10.x before 10.1.6, and 11.x before 11.0.02 allow remote ...	KEV
CVE-2013-0641	Buffer overflow in Adobe Reader and Acrobat 9.x before 9.5.4, 10.x before 10.1.6, and 11.x before 11...	KEV
CVE-2013-0642	Buffer overflow in Adobe Flash Player before 10.3.183.63 and 11.x before 11.6.602.168 on Windows, be...
CVE-2013-0643	The Firefox sandbox in Adobe Flash Player before 10.3.183.67 and 11.x before 11.6.602.171 on Windows...	KEV S
CVE-2013-0644	Use-after-free vulnerability in Adobe Flash Player before 10.3.183.63 and 11.x before 11.6.602.168 o...
CVE-2013-0645	Buffer overflow in Adobe Flash Player before 10.3.183.63 and 11.x before 11.6.602.168 on Windows, be...
CVE-2013-0646	Integer overflow in Adobe Flash Player before 10.3.183.68 and 11.x before 11.6.602.180 on Windows an...
CVE-2013-0647	Adobe Flash Player before 10.3.183.63 and 11.x before 11.6.602.168 on Windows, before 10.3.183.61 an...
CVE-2013-0648	Unspecified vulnerability in the ExternalInterface ActionScript functionality in Adobe Flash Player ...	KEV S
CVE-2013-0649	Use-after-free vulnerability in Adobe Flash Player before 10.3.183.63 and 11.x before 11.6.602.168 o...
CVE-2013-0650	Use-after-free vulnerability in Adobe Flash Player before 10.3.183.68 and 11.x before 11.6.602.180 o...
CVE-2013-0651	The Portal installation process in GE Intelligent Platforms Proficy Real-Time Information Portal sto...
CVE-2013-0652	GE Intelligent Platforms Proficy Real-Time Information Portal does not restrict access to methods of...
CVE-2013-0653	Directory traversal vulnerability in substitute.bcl in the WebView CimWeb subsystem in GE Intelligen...
CVE-2013-0654	CimWebServer in GE Intelligent Platforms Proficy HMI/SCADA - CIMPLICITY 4.01 through 8.0, and Profic...
CVE-2013-0655	The client in Schneider Electric Software Update (SESU) Utility 1.0.x and 1.1.x does not ensure that...
CVE-2013-0656	Buffer overflow in a third-party ActiveX component in Siemens SIMATIC RF-MANAGER 2008, and RF-MANAGE...
CVE-2013-0657	Stack-based buffer overflow in Schneider Electric Interactive Graphical SCADA System (IGSS) 10 and e...	E S
CVE-2013-0658	Heap-based buffer overflow in RFManagerService.exe in Schneider Electric Accutech Manager 2.00.1 and...
CVE-2013-0659	The debugging feature on the Siemens CP 1604 and CP 1616 interface cards with firmware before 2.5.2 ...
CVE-2013-0662	Multiple stack-based buffer overflows in ModbusDrv.exe in Schneider Electric Modbus Serial Driver 1....	E M
CVE-2013-0663	Cross-site request forgery (CSRF) vulnerability on the Schneider Electric Quantum 140NOE77111, 140NO...	E
CVE-2013-0664	The FactoryCast service on the Schneider Electric Quantum 140NOE77111 and 140NWM10000, M340 BMXNOE01...
CVE-2013-0665	Schweitzer Engineering Laboratories (SEL) AcSELerator QuickSet before 5.12.0.1 uses weak permissions...
CVE-2013-0666	The configuration utility in MatrikonOPC Security Gateway 1.0 allows remote attackers to cause a den...
CVE-2013-0667	Cross-site scripting (XSS) vulnerability in the HMI web application in Siemens WinCC (TIA Portal) 11...
CVE-2013-0668	Multiple cross-site scripting (XSS) vulnerabilities in the HMI web application in Siemens WinCC (TIA...
CVE-2013-0669	The HMI web application in Siemens WinCC (TIA Portal) 11 allows remote authenticated users to cause ...
CVE-2013-0670	CRLF injection vulnerability in the HMI web application in Siemens WinCC (TIA Portal) 11 allows remo...
CVE-2013-0671	Directory traversal vulnerability in Siemens WinCC (TIA Portal) 11 allows remote authenticated users...
CVE-2013-0672	Cross-site scripting (XSS) vulnerability in the HMI web application in Siemens WinCC (TIA Portal) 11...
CVE-2013-0673	Directory traversal vulnerability in the web interface in the Health Monitor service in MatrikonOPC ...
CVE-2013-0674	Buffer overflow in the RegReader ActiveX control in Siemens WinCC before 7.2, as used in SIMATIC PCS...
CVE-2013-0675	Buffer overflow in CCEServer (aka the central communications component) in Siemens WinCC before 7.2,...
CVE-2013-0676	Siemens WinCC before 7.2, as used in SIMATIC PCS7 before 8.0 SP1 and other products, does not proper...
CVE-2013-0677	The web server in Siemens WinCC before 7.2, as used in SIMATIC PCS7 before 8.0 SP1 and other product...
CVE-2013-0678	Siemens WinCC before 7.2, as used in SIMATIC PCS7 before 8.0 SP1 and other products, does not proper...
CVE-2013-0679	Directory traversal vulnerability in the web server in Siemens WinCC before 7.2, as used in SIMATIC ...
CVE-2013-0680	Stack-based buffer overflow in the web server in Cogent Real-Time Systems Cogent DataHub before 7.3....
CVE-2013-0681	Cogent Real-Time Systems Cogent DataHub before 7.3.0, OPC DataHub before 6.4.22, Cascade DataHub bef...
CVE-2013-0682	Cogent Real-Time Systems Cogent DataHub before 7.3.0, OPC DataHub before 6.4.22, Cascade DataHub bef...
CVE-2013-0683	The DataSim and DataPid demonstration clients in Cogent Real-Time Systems Cogent DataHub before 7.3....
CVE-2013-0684	SQL injection vulnerability in Invensys Wonderware Information Server (WIS) 4.0 SP1SP1, 4.5- Portal,...
CVE-2013-0685	Invensys Wonderware Information Server (WIS) 4.0 SP1SP1, 4.5- Portal, and 5.0- Portal does not restr...
CVE-2013-0686	Invensys Wonderware Information Server (WIS) 4.0 SP1SP1, 4.5- Portal, and 5.0- Portal allows remote ...
CVE-2013-0687	The installer routine in Schneider Electric MiCOM S1 Studio uses world-writable permissions for exec...
CVE-2013-0688	Cross-site scripting (XSS) vulnerability in Invensys Wonderware Information Server (WIS) 4.0 SP1SP1,...
CVE-2013-0689	The TFTP server on the Emerson Process Management ROC800 RTU with software 3.50 and earlier, DL8000 ...
CVE-2013-0690	Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in...	R
CVE-2013-0691	Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in...	R
CVE-2013-0692	The kernel in ENEA OSE on the Emerson Process Management ROC800 RTU with software 3.50 and earlier, ...
CVE-2013-0693	The kernel in ENEA OSE on the Emerson Process Management ROC800 RTU with software 3.50 and earlier, ...
CVE-2013-0694	The Emerson Process Management ROC800 RTU with software 3.50 and earlier, DL8000 RTU with software 2...
CVE-2013-0695	Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in...	R
CVE-2013-0696	Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in...	R
CVE-2013-0697	Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in...	R
CVE-2013-0698	Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in...	R
CVE-2013-0699	The Galil RIO-47100 Pocket PLC allows remote attackers to cause a denial of service via a session th...	S
CVE-2013-0700	Siemens SIMATIC S7-1200 PLCs 2.x and 3.x allow remote attackers to cause a denial of service (defect...
CVE-2013-0701	SQL injection vulnerability in Cybozu Garoon 2.5.0 through 3.5.3 allows remote authenticated users t...
CVE-2013-0702	Cross-site scripting (XSS) vulnerability in Cybozu Garoon 2.0.0 through 3.5.3 allows remote attacker...
CVE-2013-0703	Cross-site scripting (XSS) vulnerability in imgboard.com imgboard before 1.22R6.1 u and 20xx before ...
CVE-2013-0704	Directory traversal vulnerability in the GREE application before 1.3.3 for Android allows remote att...
CVE-2013-0705	Directory traversal vulnerability in LSI 3ware Disk Manager (3DM) before 2 allows remote attackers t...
CVE-2013-0706	NEC Universal RAID Utility 1.40 Rev 680 and earlier, 2.31 Rev 1492 and earlier, and 2.5 Rev 2244 and...
CVE-2013-0707	Unspecified vulnerability in JustSystems Ichitaro 2006 and 2007, Ichitaro Government 2006 and 2007, ...	S
CVE-2013-0708	Cross-site scripting (XSS) vulnerability in dopvCOMET* 0009b allows remote attackers to inject arbit...
CVE-2013-0709	Cross-site scripting (XSS) vulnerability in dopvSTAR* 0091 allows remote attackers to inject arbitra...
CVE-2013-0710	Buffer overflow in Kingsoft Writer 2007 and 2010 before 2724 allows remote attackers to execute arbi...
CVE-2013-0711	IPSSH (aka the SSH server) in Wind River VxWorks 6.5 through 6.9 allows remote attackers to cause a ...
CVE-2013-0712	IPSSH (aka the SSH server) in Wind River VxWorks 6.5 through 6.9 allows remote authenticated users t...
CVE-2013-0713	IPSSH (aka the SSH server) in Wind River VxWorks 6.5 through 6.9 allows remote authenticated users t...
CVE-2013-0714	IPSSH (aka the SSH server) in Wind River VxWorks 6.5 through 6.9 allows remote attackers to execute ...
CVE-2013-0715	The WebCLI component in Wind River VxWorks 5.5 through 6.9 allows remote authenticated users to caus...
CVE-2013-0716	The web server in Wind River VxWorks 5.5 through 6.9 allows remote attackers to cause a denial of se...
CVE-2013-0717	Multiple cross-site request forgery (CSRF) vulnerabilities in the web-based management utility on th...
CVE-2013-0718	The Simeji application 4.8.1 and earlier for Android uses weak permissions for unspecified files, wh...
CVE-2013-0719	The ArtIME Japanese Input application 1.1.2 and earlier for Android uses weak permissions for unspec...
CVE-2013-0720	The COBIME application before 0.9.4 for Android uses weak permissions for unspecified files, which a...
CVE-2013-0721	wp-php-widget.php in the WP PHP widget plugin 1.0.2 for WordPress allows remote attackers to obtain ...
CVE-2013-0722	Stack-based buffer overflow in the scan_load_hosts function in ec_scan.c in Ettercap 0.7.5.1 and ear...	E S
CVE-2013-0723	Multiple heap-based buffer overflows in etxrw.dll in Kingsoft Spreadsheets 2012 8.1.0.3030 allow rem...
CVE-2013-0724	PHP remote file inclusion vulnerability in includes/generate-pdf.php in the WP ecommerce Shop Stylin...
CVE-2013-0725	ERDAS ER Viewer 13.0 has dwmapi.dll and irml.dll libraries arbitrary code execution vulnerabilities...
CVE-2013-0726	Stack-based buffer overflow in the ERM_convert_to_correct_webpath function in ermapper_u.dll in ERDA...
CVE-2013-0727	Multiple untrusted search path vulnerabilities in Global Mapper 14.1.0 allow local users to gain pri...
CVE-2013-0728	Multiple stack-based buffer overflows in NCSAddOn.dll in the ERDAS APOLLO ECWP plugin before 13.00.0...
CVE-2013-0729	Heap-based buffer overflow in Tracker Software PDF-XChange before 2.5.208 allows remote attackers to...	S
CVE-2013-0730	Multiple cross-site scripting (XSS) vulnerabilities in Newscoop 4.x through 4.1.0 allow remote attac...	S
CVE-2013-0731	ajax.functions.php in the MailUp plugin before 1.3.3 for WordPress does not properly restrict access...	E S
CVE-2013-0732	Heap-based buffer overflow in PDFCore8.dll in Nuance PDF Reader before 8.1 allows remote attackers t...
CVE-2013-0733	Untrusted search path vulnerability in Corel PaintShop Pro X5 and X6 16.0.0.113, 15.2.0.2, and earli...
CVE-2013-0734	Multiple cross-site scripting (XSS) vulnerabilities in the Mingle Forum plugin before 1.0.34 for Wor...
CVE-2013-0735	Multiple SQL injection vulnerabilities in wpf.class.php in the Mingle Forum plugin before 1.0.34 for...
CVE-2013-0736	Multiple cross-site request forgery (CSRF) vulnerabilities in the Mingle Forum plugin 1.0.34 and pos...
CVE-2013-0737	Cross-site scripting (XSS) vulnerability in BoltWire 3.5 and earlier allows remote attackers to inje...
CVE-2013-0738	Chamilo 1.9.4 has Multiple XSS and HTML Injection Vulnerabilities: blog.php and announcements.php....
CVE-2013-0739	Chamilo 1.9.4 has XSS due to improper validation of user-supplied input by the chat.php script....
CVE-2013-0740	Open redirect vulnerability in Dell OpenManage Server Administrator (OMSA) before 7.3.0 allows remot...
CVE-2013-0741	Cross-site scripting (XSS) vulnerability in imagegen.ashx in Percipient Studios ImageGen before 2.9....	S
CVE-2013-0742	Stack-based buffer overflow in Corel PDF Fusion 1.11 allows remote attackers to execute arbitrary co...	E
CVE-2013-0743	Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was wi...	R
CVE-2013-0744	Use-after-free vulnerability in the TableBackgroundPainter::TableBackgroundData::Destroy function in...	S
CVE-2013-0745	The AutoWrapperChanger class in Mozilla Firefox before 18.0, Firefox ESR 17.x before 17.0.2, Thunder...	S
CVE-2013-0746	Mozilla Firefox before 18.0, Firefox ESR 10.x before 10.0.12 and 17.x before 17.0.2, Thunderbird bef...	S
CVE-2013-0747	The gPluginHandler.handleEvent function in the plugin handler in Mozilla Firefox before 18.0, Firefo...	E S
CVE-2013-0748	The XBL.__proto__.toString implementation in Mozilla Firefox before 18.0, Firefox ESR 10.x before 10...	E
CVE-2013-0749	Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 18.0, Firefox E...	E S
CVE-2013-0750	Integer overflow in the JavaScript implementation in Mozilla Firefox before 18.0, Firefox ESR 10.x b...	S
CVE-2013-0751	Mozilla Firefox before 18.0 on Android and SeaMonkey before 2.15 do not restrict a touch event to a ...
CVE-2013-0752	Mozilla Firefox before 18.0, Firefox ESR 17.x before 17.0.2, Thunderbird before 17.0.2, Thunderbird ...	E S
CVE-2013-0753	Use-after-free vulnerability in the serializeToStream implementation in the XMLSerializer component ...	S
CVE-2013-0754	Use-after-free vulnerability in the ListenerManager implementation in Mozilla Firefox before 18.0, F...	S
CVE-2013-0755	Use-after-free vulnerability in the mozVibrate implementation in the Vibrate library in Mozilla Fire...	E S
CVE-2013-0756	Use-after-free vulnerability in the obj_toSource function in Mozilla Firefox before 18.0, Firefox ES...
CVE-2013-0757	The Chrome Object Wrapper (COW) implementation in Mozilla Firefox before 18.0, Firefox ESR 17.x befo...	E S
CVE-2013-0758	Mozilla Firefox before 18.0, Firefox ESR 10.x before 10.0.12 and 17.x before 17.0.2, Thunderbird bef...
CVE-2013-0759	Mozilla Firefox before 18.0, Firefox ESR 10.x before 10.0.12 and 17.x before 17.0.2, Thunderbird bef...	E S
CVE-2013-0760	Buffer overflow in the CharDistributionAnalysis::HandleOneChar function in Mozilla Firefox before 18...	S
CVE-2013-0761	Use-after-free vulnerability in the mozilla::TrackUnionStream::EndTrack implementation in Mozilla Fi...
CVE-2013-0762	Use-after-free vulnerability in the imgRequest::OnStopFrame function in Mozilla Firefox before 18.0,...
CVE-2013-0763	Use-after-free vulnerability in Mozilla Firefox before 18.0, Firefox ESR 17.x before 17.0.1, Thunder...
CVE-2013-0764	The nsSOCKSSocketInfo::ConnectToProxy function in Mozilla Firefox before 18.0, Firefox ESR 17.x befo...	S
CVE-2013-0765	Mozilla Firefox before 19.0, Thunderbird before 17.0.3, and SeaMonkey before 2.16 do not prevent mul...	S
CVE-2013-0766	Use-after-free vulnerability in the ~nsHTMLEditRules implementation in Mozilla Firefox before 18.0, ...	S
CVE-2013-0767	The nsSVGPathElement::GetPathLengthScale function in Mozilla Firefox before 18.0, Firefox ESR 10.x b...	S
CVE-2013-0768	Stack-based buffer overflow in the Canvas implementation in Mozilla Firefox before 18.0, Firefox ESR...	E S
CVE-2013-0769	Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 18.0, Firefox E...	E S
CVE-2013-0770	Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 18.0, Thunderbi...	E S
CVE-2013-0771	Heap-based buffer overflow in the gfxTextRun::ShrinkToLigatureBoundaries function in Mozilla Firefox...	S
CVE-2013-0772	The RasterImage::DrawFrameTo function in Mozilla Firefox before 19.0, Thunderbird before 17.0.3, and...	S
CVE-2013-0773	The Chrome Object Wrapper (COW) and System Only Wrapper (SOW) implementations in Mozilla Firefox bef...	S
CVE-2013-0774	Mozilla Firefox before 19.0, Firefox ESR 17.x before 17.0.3, Thunderbird before 17.0.3, Thunderbird ...	E S
CVE-2013-0775	Use-after-free vulnerability in the nsImageLoadingContent::OnStopContainer function in Mozilla Firef...	S
CVE-2013-0776	Mozilla Firefox before 19.0, Firefox ESR 17.x before 17.0.3, Thunderbird before 17.0.3, Thunderbird ...	S
CVE-2013-0777	Use-after-free vulnerability in the nsDisplayBoxShadowOuter::Paint function in Mozilla Firefox befor...	E S
CVE-2013-0778	The ClusterIterator::NextCluster function in Mozilla Firefox before 19.0, Thunderbird before 17.0.3,...	S
CVE-2013-0779	The nsCodingStateMachine::NextState function in Mozilla Firefox before 19.0, Thunderbird before 17.0...	E S
CVE-2013-0780	Use-after-free vulnerability in the nsOverflowContinuationTracker::Finish function in Mozilla Firefo...	S
CVE-2013-0781	Use-after-free vulnerability in the nsPrintEngine::CommonPrint function in Mozilla Firefox before 19...	S
CVE-2013-0782	Heap-based buffer overflow in the nsSaveAsCharset::DoCharsetConversion function in Mozilla Firefox b...	S
CVE-2013-0783	Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 19.0, Firefox E...	S
CVE-2013-0784	Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 19.0, Thunderbi...	E S
CVE-2013-0785	Cross-site scripting (XSS) vulnerability in show_bug.cgi in Bugzilla before 3.6.13, 3.7.x and 4.0.x ...
CVE-2013-0786	The Bugzilla::Search::build_subselect function in Bugzilla 2.x and 3.x before 3.6.13 and 3.7.x and 4...
CVE-2013-0787	Use-after-free vulnerability in the nsEditor::IsPreformatted function in editor/libeditor/base/nsEdi...
CVE-2013-0788	Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 20.0, Firefox E...
CVE-2013-0789	Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 20.0 and SeaMon...
CVE-2013-0790	Unspecified vulnerability in the browser engine in Mozilla Firefox before 20.0 on Android allows rem...
CVE-2013-0791	The CERT_DecodeCertPackage function in Mozilla Network Security Services (NSS), as used in Mozilla F...	S
CVE-2013-0792	Mozilla Firefox before 20.0 and SeaMonkey before 2.17, when gfx.color_management.enablev4 is used, d...
CVE-2013-0793	Mozilla Firefox before 20.0, Firefox ESR 17.x before 17.0.5, Thunderbird before 17.0.5, Thunderbird ...
CVE-2013-0794	Mozilla Firefox before 20.0 and SeaMonkey before 2.17 do not prevent origin spoofing of tab-modal di...
CVE-2013-0795	The System Only Wrapper (SOW) implementation in Mozilla Firefox before 20.0, Firefox ESR 17.x before...
CVE-2013-0796	The WebGL subsystem in Mozilla Firefox before 20.0, Firefox ESR 17.x before 17.0.5, Thunderbird befo...	E S
CVE-2013-0797	Untrusted search path vulnerability in the Mozilla Updater in Mozilla Firefox before 20.0, Firefox E...
CVE-2013-0798	Mozilla Firefox before 20.0 on Android uses world-writable and world-readable permissions for the ap...
CVE-2013-0799	Buffer overflow in the Mozilla Maintenance Service in Mozilla Firefox before 20.0, Firefox ESR 17.x ...
CVE-2013-0800	Integer signedness error in the pixman_fill_sse2 function in pixman-sse2.c in Pixman, as distributed...	S
CVE-2013-0801	Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 21.0, Firefox E...
CVE-2013-0802	Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a...	R
CVE-2013-0803	A PHP File Upload Vulnerability exists in PolarBear CMS 2.5 via upload.php, which could let a malici...	E
CVE-2013-0804	The client in Novell GroupWise 8.0 before 8.0.3 HP2 and 2012 before SP1 HP1 allows remote attackers ...
CVE-2013-0805	Multiple cross-site scripting (XSS) vulnerabilities in the search feature in iTop (aka IT Operations...
CVE-2013-0807	Cross-site scripting (XSS) vulnerability in the NewSectionPrompt function in include/tool/editing_pa...	E S
CVE-2013-0809	Unspecified vulnerability in the 2D component in the Java Runtime Environment (JRE) component in Ora...
CVE-2013-0810	Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, and Windows Server 200...
CVE-2013-0811	Use-after-free vulnerability in Microsoft Internet Explorer 8 and 9 allows remote attackers to execu...
CVE-2013-0828	The PDF functionality in Google Chrome before 24.0.1312.52 does not properly perform a cast of an un...
CVE-2013-0829	Google Chrome before 24.0.1312.52 does not properly maintain database metadata, which allows remote ...
CVE-2013-0830	The IPC layer in Google Chrome before 24.0.1312.52 on Windows omits a NUL character required for ter...
CVE-2013-0831	Directory traversal vulnerability in Google Chrome before 24.0.1312.52 allows remote attackers to ha...
CVE-2013-0832	Use-after-free vulnerability in Google Chrome before 24.0.1312.52 allows remote attackers to cause a...
CVE-2013-0833	Google Chrome before 24.0.1312.52 allows remote attackers to cause a denial of service (out-of-bound...
CVE-2013-0834	Google Chrome before 24.0.1312.52 allows remote attackers to cause a denial of service (out-of-bound...
CVE-2013-0835	Unspecified vulnerability in the Geolocation implementation in Google Chrome before 24.0.1312.52 all...
CVE-2013-0836	Google V8 before 3.14.5.3, as used in Google Chrome before 24.0.1312.52, does not properly implement...
CVE-2013-0837	Google Chrome before 24.0.1312.52 allows remote attackers to cause a denial of service or possibly h...
CVE-2013-0838	Google Chrome before 24.0.1312.52 on Linux uses weak permissions for shared memory segments, which h...
CVE-2013-0839	Use-after-free vulnerability in Google Chrome before 24.0.1312.56 allows remote attackers to cause a...
CVE-2013-0840	Google Chrome before 24.0.1312.56 does not validate URLs during the opening of new windows, which ha...
CVE-2013-0841	Array index error in the content-blocking functionality in Google Chrome before 24.0.1312.56 allows ...
CVE-2013-0842	Google Chrome before 24.0.1312.56 does not properly handle %00 characters in pathnames, which has un...
CVE-2013-0843	content/renderer/media/webrtc_audio_renderer.cc in Google Chrome before 24.0.1312.56 on Mac OS X doe...
CVE-2013-0844	Off-by-one error in the adpcm_decode_frame function in libavcodec/adpcm.c in FFmpeg before 1.0.4 all...
CVE-2013-0845	libavcodec/alsdec.c in FFmpeg before 1.0.4 allows remote attackers to have an unspecified impact via...
CVE-2013-0846	Array index error in the qdm2_decode_super_block function in libavcodec/qdm2.c in FFmpeg before 1.1 ...
CVE-2013-0847	The ff_id3v2_parse function in libavformat/id3v2.c in FFmpeg before 1.1 allows remote attackers to h...
CVE-2013-0848	The decode_init function in libavcodec/huffyuv.c in FFmpeg before 1.1 allows remote attackers to hav...
CVE-2013-0849	The roq_decode_init function in libavcodec/roqvideodec.c in FFmpeg before 1.1 allows remote attacker...
CVE-2013-0850	The decode_slice_header function in libavcodec/h264.c in FFmpeg before 1.1 allows remote attackers t...
CVE-2013-0851	The decode_frame function in libavcodec/eamad.c in FFmpeg before 1.1 allows remote attackers to have...
CVE-2013-0852	The parse_picture_segment function in libavcodec/pgssubdec.c in FFmpeg before 1.1 allows remote atta...
CVE-2013-0853	The wavpack_decode_frame function in libavcodec/wavpack.c in FFmpeg before 1.1 allows remote attacke...
CVE-2013-0854	The mjpeg_decode_scan_progressive_ac function in libavcodec/mjpegdec.c in FFmpeg before 1.1 allows r...
CVE-2013-0855	Integer overflow in the alac_decode_close function in libavcodec/alac.c in FFmpeg before 1.1 allows ...
CVE-2013-0856	The lpc_prediction function in libavcodec/alac.c in FFmpeg before 1.1 allows remote attackers to hav...
CVE-2013-0857	The decode_frame_ilbm function in libavcodec/iff.c in FFmpeg before 1.1 allows remote attackers to h...
CVE-2013-0858	The atrac3_decode_init function in libavcodec/atrac3.c in FFmpeg before 1.0.4 allows remote attacker...
CVE-2013-0859	The add_doubles_metadata function in libavcodec/tiff.c in FFmpeg before 1.1 allows remote attackers ...
CVE-2013-0860	The ff_er_frame_end function in libavcodec/error_resilience.c in FFmpeg before 1.0.4 and 1.1.x befor...
CVE-2013-0861	The avcodec_decode_audio4 function in libavcodec/utils.c in FFmpeg before 1.0.4 and 1.1.x before 1.1...
CVE-2013-0862	Multiple integer overflows in the process_frame_obj function in libavcodec/sanm.c in FFmpeg before 1...
CVE-2013-0863	Buffer overflow in the rle_decode function in libavcodec/sanm.c in FFmpeg before 1.0.4 and 1.1.x bef...
CVE-2013-0864	The gif_copy_img_rect function in libavcodec/gifdec.c in FFmpeg before 1.1.2 performs an incorrect c...
CVE-2013-0865	The vqa_decode_chunk function in libavcodec/vqavideo.c in FFmpeg before 1.0.4 and 1.1.x before 1.1.2...
CVE-2013-0866	The aac_decode_init function in libavcodec/aacdec.c in FFmpeg before 1.0.4 and 1.1.x before 1.1.2 al...
CVE-2013-0867	The decode_slice_header function in libavcodec/h264.c in FFmpeg before 1.1.2 does not properly check...
CVE-2013-0868	libavcodec/huffyuvdec.c in FFmpeg before 1.1.2 allows remote attackers to have an unspecified impact...
CVE-2013-0869	The field_end function in libavcodec/h264.c in FFmpeg before 1.1.2 allows remote attackers to have a...
CVE-2013-0870	The 'vp3_decode_frame' function in FFmpeg 1.1.4 moves threads check out of header packet type check....
CVE-2013-0871	Race condition in the ptrace functionality in the Linux kernel before 3.7.5 allows local users to ga...
CVE-2013-0872	The swr_init function in libswresample/swresample.c in FFmpeg before 1.1.3 allows remote attackers t...
CVE-2013-0873	The read_header function in libavcodec/shorten.c in FFmpeg before 1.1.3 allows remote attackers to h...
CVE-2013-0874	The (1) doubles2str and (2) shorts2str functions in libavcodec/tiff.c in FFmpeg before 1.1.3 allow r...
CVE-2013-0875	The ff_add_png_paeth_prediction function in libavcodec/pngdec.c in FFmpeg before 1.1.3 allows remote...
CVE-2013-0876	Multiple integer overflows in the (1) old_codec37 and (2) old_codec47 functions in libavcodec/sanm.c...
CVE-2013-0877	The old_codec37 function in libavcodec/sanm.c in FFmpeg before 1.1.3 allows remote attackers to have...
CVE-2013-0878	The advance_line function in libavcodec/targa.c in FFmpeg before 1.1.3 allows remote attackers to ha...
CVE-2013-0879	Google Chrome before 25.0.1364.97 on Windows and Linux, and before 25.0.1364.99 on Mac OS X, does no...
CVE-2013-0880	Use-after-free vulnerability in Google Chrome before 25.0.1364.97 on Windows and Linux, and before 2...
CVE-2013-0881	Google Chrome before 25.0.1364.97 on Windows and Linux, and before 25.0.1364.99 on Mac OS X, allows ...
CVE-2013-0882	Google Chrome before 25.0.1364.97 on Windows and Linux, and before 25.0.1364.99 on Mac OS X, allows ...
CVE-2013-0883	Skia, as used in Google Chrome before 25.0.1364.97 on Windows and Linux, and before 25.0.1364.99 on ...
CVE-2013-0884	Google Chrome before 25.0.1364.97 on Windows and Linux, and before 25.0.1364.99 on Mac OS X, does no...
CVE-2013-0885	Google Chrome before 25.0.1364.97 on Windows and Linux, and before 25.0.1364.99 on Mac OS X, does no...
CVE-2013-0886	Google Chrome before 25.0.1364.99 on Mac OS X does not properly implement signal handling for Native...
CVE-2013-0887	The developer-tools process in Google Chrome before 25.0.1364.97 on Windows and Linux, and before 25...
CVE-2013-0888	Skia, as used in Google Chrome before 25.0.1364.97 on Windows and Linux, and before 25.0.1364.99 on ...
CVE-2013-0889	Google Chrome before 25.0.1364.97 on Windows and Linux, and before 25.0.1364.99 on Mac OS X, does no...
CVE-2013-0890	Multiple unspecified vulnerabilities in the IPC layer in Google Chrome before 25.0.1364.97 on Window...
CVE-2013-0891	Integer overflow in Google Chrome before 25.0.1364.97 on Windows and Linux, and before 25.0.1364.99 ...
CVE-2013-0892	Multiple unspecified vulnerabilities in the IPC layer in Google Chrome before 25.0.1364.97 on Window...
CVE-2013-0893	Race condition in Google Chrome before 25.0.1364.97 on Windows and Linux, and before 25.0.1364.99 on...
CVE-2013-0894	Buffer overflow in the vorbis_parse_setup_hdr_floors function in the Vorbis decoder in vorbisdec.c i...
CVE-2013-0895	Google Chrome before 25.0.1364.97 on Linux, and before 25.0.1364.99 on Mac OS X, does not properly h...
CVE-2013-0896	Google Chrome before 25.0.1364.97 on Windows and Linux, and before 25.0.1364.99 on Mac OS X, does no...
CVE-2013-0897	Off-by-one error in the PDF functionality in Google Chrome before 25.0.1364.97 on Windows and Linux,...
CVE-2013-0898	Use-after-free vulnerability in Google Chrome before 25.0.1364.97 on Windows and Linux, and before 2...
CVE-2013-0899	Integer overflow in the padding implementation in the opus_packet_parse_impl function in src/opus_de...
CVE-2013-0900	Race condition in the International Components for Unicode (ICU) functionality in Google Chrome befo...
CVE-2013-0902	Use-after-free vulnerability in the frame-loader implementation in Google Chrome before 25.0.1364.15...
CVE-2013-0903	Use-after-free vulnerability in Google Chrome before 25.0.1364.152 allows remote attackers to cause ...
CVE-2013-0904	The Web Audio implementation in Google Chrome before 25.0.1364.152 allows remote attackers to cause ...
CVE-2013-0905	Use-after-free vulnerability in Google Chrome before 25.0.1364.152 allows remote attackers to cause ...
CVE-2013-0906	The IndexedDB implementation in Google Chrome before 25.0.1364.152 allows remote attackers to cause ...
CVE-2013-0907	Race condition in Google Chrome before 25.0.1364.152 allows remote attackers to cause a denial of se...
CVE-2013-0908	Google Chrome before 25.0.1364.152 does not properly manage bindings of extension processes, which h...
CVE-2013-0909	The XSS Auditor in Google Chrome before 25.0.1364.152 allows remote attackers to obtain sensitive HT...
CVE-2013-0910	Google Chrome before 25.0.1364.152 does not properly manage the interaction between the browser proc...
CVE-2013-0911	Directory traversal vulnerability in Google Chrome before 25.0.1364.152 allows remote attackers to h...
CVE-2013-0912	WebKit in Google Chrome before 25.0.1364.160 allows remote attackers to execute arbitrary code via v...
CVE-2013-0913	Integer overflow in drivers/gpu/drm/i915/i915_gem_execbuffer.c in the i915 driver in the Direct Rend...	S
CVE-2013-0914	The flush_signal_handlers function in kernel/signal.c in the Linux kernel before 3.8.4 preserves the...
CVE-2013-0915	The GPU process in Google Chrome OS before 25.0.1364.173 allows attackers to cause a denial of servi...
CVE-2013-0916	Use-after-free vulnerability in the Web Audio implementation in Google Chrome before 26.0.1410.43 al...
CVE-2013-0917	The URL loader in Google Chrome before 26.0.1410.43 allows remote attackers to cause a denial of ser...
CVE-2013-0918	Google Chrome before 26.0.1410.43 does not prevent navigation to developer tools in response to a dr...
CVE-2013-0919	Use-after-free vulnerability in Google Chrome before 26.0.1410.43 on Linux allows remote attackers t...
CVE-2013-0920	Use-after-free vulnerability in the extension bookmarks API in Google Chrome before 26.0.1410.43 all...
CVE-2013-0921	The Isolated Sites feature in Google Chrome before 26.0.1410.43 does not properly enforce the use of...
CVE-2013-0922	Google Chrome before 26.0.1410.43 does not properly restrict brute-force access attempts against web...
CVE-2013-0923	The USB Apps API in Google Chrome before 26.0.1410.43 allows remote attackers to cause a denial of s...
CVE-2013-0924	The extension functionality in Google Chrome before 26.0.1410.43 does not verify that use of the per...
CVE-2013-0925	Google Chrome before 26.0.1410.43 does not ensure that an extension has the tabs (aka APIPermission:...
CVE-2013-0926	Google Chrome before 26.0.1410.43 does not properly handle active content in an EMBED element during...
CVE-2013-0927	Google Chrome OS before 26.0.1410.57 relies on a Pango pango-utils.c read_config implementation that...
CVE-2013-0928	The NetWorker command processor in rrobotd.exe in the Device Manager in EMC AlphaStor 4.0 before bui...	E
CVE-2013-0929	Format string vulnerability in the _vsnsprintf function in rrobotd.exe in the Device Manager in EMC ...
CVE-2013-0930	Buffer overflow in Drive Control Program (DCP) in EMC AlphaStor 4.0 before build 814 allows remote a...
CVE-2013-0931	EMC RSA Authentication Agent 7.1.x before 7.1.2 on Windows does not enforce the Quick PIN Unlock tim...
CVE-2013-0932	EMC RSA Archer 5.x before GRC 5.3SP1, and Archer Smart Suite Framework 4.x, allows remote authentica...
CVE-2013-0933	Multiple cross-site scripting (XSS) vulnerabilities in EMC RSA Archer 5.x before GRC 5.3SP1, and Arc...
CVE-2013-0934	EMC RSA Archer 5.x before GRC 5.3SP1, and Archer Smart Suite Framework 4.x, allows remote authentica...
CVE-2013-0935	EMC Smarts Network Configuration Manager (NCM) before 9.2 does not require authentication for all Ja...
CVE-2013-0936	Cross-site scripting (XSS) vulnerability in EMC Smarts IP Manager, Smarts Service Assurance Manager,...
CVE-2013-0937	Session fixation vulnerability in EMC Documentum Webtop before 6.7 SP2, Documentum WDK before 6.7 SP...
CVE-2013-0938	Cross-site scripting (XSS) vulnerability in EMC Documentum Webtop before 6.7 SP2, Documentum WDK bef...
CVE-2013-0939	EMC Documentum Webtop before 6.7 SP2, Documentum WDK before 6.7 SP2, Documentum Taskspace before 6.7...
CVE-2013-0940	The nsrpush process in the client in EMC NetWorker before 7.6.5.3 and 8.x before 8.0.1.4 sets weak p...
CVE-2013-0941	EMC RSA Authentication API before 8.1 SP1, RSA Web Agent before 5.3.5 for Apache Web Server, RSA Web...
CVE-2013-0942	Cross-site scripting (XSS) vulnerability in EMC RSA Authentication Agent 7.1 before 7.1.1 for Web fo...
CVE-2013-0943	EMC NetWorker 7.6.x and 8.x before 8.1 allows local users to obtain sensitive configuration informat...
CVE-2013-0944	The web-based file-restore interface in EMC Avamar Server before 6.1.0 allows remote authenticated u...
CVE-2013-0945	EMC Avamar Client before 6.1.101-89 does not verify that the server hostname matches a domain name i...
CVE-2013-0946	Buffer overflow in the Library Control Program (LCP) in EMC AlphaStor 4.0 before build 910 allows re...	E
CVE-2013-0947	EMC RSA Authentication Manager 8.0 before P1 allows local users to discover cleartext operating-syst...
CVE-2013-0948	WebKit, as used in Apple iOS before 6.1, allows remote attackers to execute arbitrary code or cause ...
CVE-2013-0949	WebKit, as used in Apple iOS before 6.1, allows remote attackers to execute arbitrary code or cause ...
CVE-2013-0950	WebKit, as used in Apple iOS before 6.1, allows remote attackers to execute arbitrary code or cause ...	S
CVE-2013-0951	WebKit, as used in Apple iOS before 6.1, allows remote attackers to execute arbitrary code or cause ...
CVE-2013-0952	WebKit, as used in Apple iOS before 6.1, allows remote attackers to execute arbitrary code or cause ...	S
CVE-2013-0953	WebKit, as used in Apple iOS before 6.1, allows remote attackers to execute arbitrary code or cause ...
CVE-2013-0954	WebKit, as used in Apple iOS before 6.1, allows remote attackers to execute arbitrary code or cause ...
CVE-2013-0955	WebKit, as used in Apple iOS before 6.1, allows remote attackers to execute arbitrary code or cause ...
CVE-2013-0956	WebKit, as used in Apple iOS before 6.1, allows remote attackers to execute arbitrary code or cause ...
CVE-2013-0957	Data Protection in Apple iOS before 7 allows attackers to bypass intended limits on incorrect passco...
CVE-2013-0958	WebKit, as used in Apple iOS before 6.1, allows remote attackers to execute arbitrary code or cause ...
CVE-2013-0959	WebKit, as used in Apple iOS before 6.1, allows remote attackers to execute arbitrary code or cause ...	S
CVE-2013-0960	WebKit in Apple Safari before 6.0.3 allows remote attackers to execute arbitrary code or cause a den...
CVE-2013-0961	WebKit in Apple Safari before 6.0.3 allows remote attackers to execute arbitrary code or cause a den...
CVE-2013-0962	Cross-site scripting (XSS) vulnerability in WebKit in Apple iOS before 6.1 allows user-assisted remo...
CVE-2013-0963	Identity Services in Apple iOS before 6.1 does not properly handle validation failures of AppleID ce...
CVE-2013-0964	The kernel in Apple iOS before 6.1 and Apple TV before 5.2 does not properly validate copyin and cop...
CVE-2013-0965	Rejected reason: This candidate is unused by its CNA....	R
CVE-2013-0966	The Apple mod_hfs_apple module for the Apache HTTP Server in Apple Mac OS X before 10.8.3 does not p...
CVE-2013-0967	CoreTypes in Apple Mac OS X before 10.8.3 includes JNLP files in the list of safe file types, which ...
CVE-2013-0968	WebKit, as used in Apple iOS before 6.1, allows remote attackers to execute arbitrary code or cause ...
CVE-2013-0969	Login Window in Apple Mac OS X before 10.8.3 does not prevent application launching with the VoiceOv...
CVE-2013-0970	Messages in Apple Mac OS X before 10.8.3 allows remote attackers to bypass the FaceTime call-confirm...
CVE-2013-0971	Use-after-free vulnerability in PDFKit in Apple Mac OS X before 10.8.3 allows remote attackers to ex...
CVE-2013-0972	Rejected reason: This candidate is unused by its CNA....	R
CVE-2013-0973	Software Update in Apple Mac OS X through 10.7.5 does not prevent plugin loading within the marketin...
CVE-2013-0974	StoreKit in Apple iOS before 6.1 does not properly handle the disabling of JavaScript within the pre...
CVE-2013-0975	Buffer overflow in QuickDraw Manager in Apple Mac OS X before 10.8.4 allows remote attackers to exec...
CVE-2013-0976	IOAcceleratorFamily in Apple Mac OS X before 10.8.3 allows remote attackers to execute arbitrary cod...
CVE-2013-0977	dyld in Apple iOS before 6.1.3 and Apple TV before 5.2.1 does not properly manage the state of file ...
CVE-2013-0978	The ARM prefetch abort handler in the kernel in Apple iOS before 6.1.3 and Apple TV before 5.2.1 doe...
CVE-2013-0979	lockdownd in Lockdown in Apple iOS before 6.1.3 does not properly consider file types during the per...
CVE-2013-0980	The Passcode Lock implementation in Apple iOS before 6.1.3 does not properly manage the lock state, ...
CVE-2013-0981	The IOUSBDeviceFamily driver in the USB implementation in the kernel in Apple iOS before 6.1.3 and A...
CVE-2013-0982	The Private Browsing feature in CFNetwork in Apple Mac OS X before 10.8.4 does not prevent storage o...
CVE-2013-0983	Stack consumption vulnerability in CoreAnimation in Apple Mac OS X before 10.8.4 allows remote attac...
CVE-2013-0984	Directory Service in Apple Mac OS X through 10.6.8 allows remote attackers to execute arbitrary code...
CVE-2013-0985	Disk Management in Apple Mac OS X before 10.8.4 does not properly authenticate attempts to disable F...
CVE-2013-0986	Buffer overflow in Apple QuickTime before 7.7.4 allows remote attackers to execute arbitrary code or...
CVE-2013-0987	Apple QuickTime before 7.7.4 allows remote attackers to execute arbitrary code or cause a denial of ...
CVE-2013-0988	Buffer overflow in Apple QuickTime before 7.7.4 allows remote attackers to execute arbitrary code or...
CVE-2013-0989	Buffer overflow in Apple QuickTime before 7.7.4 allows remote attackers to execute arbitrary code or...
CVE-2013-0990	SMB in Apple Mac OS X before 10.8.4, when file sharing is enabled, allows remote authenticated users...
CVE-2013-0991	WebKit, as used in Apple iTunes before 11.0.3, allows man-in-the-middle attackers to execute arbitra...
CVE-2013-0992	WebKit, as used in Apple iTunes before 11.0.3, allows man-in-the-middle attackers to execute arbitra...
CVE-2013-0993	WebKit, as used in Apple iTunes before 11.0.3, allows man-in-the-middle attackers to execute arbitra...
CVE-2013-0994	WebKit, as used in Apple iTunes before 11.0.3, allows man-in-the-middle attackers to execute arbitra...
CVE-2013-0995	WebKit, as used in Apple iTunes before 11.0.3, allows man-in-the-middle attackers to execute arbitra...
CVE-2013-0996	WebKit, as used in Apple iTunes before 11.0.3, allows man-in-the-middle attackers to execute arbitra...
CVE-2013-0997	WebKit, as used in Apple iTunes before 11.0.3, allows man-in-the-middle attackers to execute arbitra...
CVE-2013-0998	WebKit, as used in Apple iTunes before 11.0.3, allows man-in-the-middle attackers to execute arbitra...
CVE-2013-0999	WebKit, as used in Apple iTunes before 11.0.3, allows man-in-the-middle attackers to execute arbitra...