CVE-2013-2xxx

There are 873 CVE in this subgroup.

Last updated:

← Back to 2013

ID	Summary	Flags
CVE-2013-2000	Multiple buffer overflows in X.org libXxf86dga 1.1.3 and earlier allow X servers to cause a denial o...
CVE-2013-2001	Buffer overflow in X.org libXxf86vm 1.1.2 and earlier allows X servers to cause a denial of service ...
CVE-2013-2002	Buffer overflow in X.org libXt 1.1.3 and earlier allows X servers to cause a denial of service (cras...
CVE-2013-2003	Integer overflow in X.org libXcursor 1.1.13 and earlier allows X servers to trigger allocation of in...
CVE-2013-2004	The (1) GetDatabase and (2) _XimParseStringFile functions in X.org libX11 1.5.99.901 (1.6 RC1) and e...
CVE-2013-2005	X.org libXt 1.1.3 and earlier does not check the return value of the XGetWindowProperty function, wh...
CVE-2013-2006	OpenStack Identity (Keystone) Grizzly 2013.1.1, when DEBUG mode logging is enabled, logs the (1) adm...
CVE-2013-2007	The qemu guest agent in Qemu 1.4.1 and earlier, as used by Xen, when started in daemon mode, uses we...
CVE-2013-2008	WordPress Super Cache Plugin 1.3 has XSS....	S
CVE-2013-2009	WordPress WP Super Cache Plugin 1.2 has Remote PHP Code Execution...	E S
CVE-2013-2010	WordPress W3 Total Cache Plugin 0.9.2.8 has a Remote PHP Code Execution Vulnerability...	E
CVE-2013-2011	WordPress W3 Super Cache Plugin before 1.3.2 contains a PHP code-execution vulnerability which could...	E
CVE-2013-2012	autojump before 21.5.8 allows local users to gain privileges via a Trojan horse custom_install direc...	S
CVE-2013-2013	The user-password-update command in python-keystoneclient before 0.2.4 accepts the new password in t...	S
CVE-2013-2014	OpenStack Identity (Keystone) before 2013.1 allows remote attackers to cause a denial of service (me...
CVE-2013-2015	The ext4_orphan_del function in fs/ext4/namei.c in the Linux kernel before 3.7.3 does not properly h...
CVE-2013-2016	A flaw was found in the way qemu v1.3.0 and later (virtio-rng) validates addresses when guest access...	E S
CVE-2013-2017	The veth (aka virtual Ethernet) driver in the Linux kernel before 2.6.34 does not properly manage sk...
CVE-2013-2018	Multiple SQL injection vulnerabilities in BOINC allow remote attackers to execute arbitrary SQL comm...
CVE-2013-2019	Stack-based buffer overflow in BOINC 6.10.58 and 6.12.34 allows remote attackers to have unspecified...
CVE-2013-2020	Integer underflow in the cli_scanpe function in pe.c in ClamAV before 0.97.8 allows remote attackers...	S
CVE-2013-2021	pdf.c in ClamAV 0.97.1 through 0.97.7 allows remote attackers to cause a denial of service (out-of-b...
CVE-2013-2022	Multiple cross-site scripting (XSS) vulnerabilities in actionscript/Jplayer.as in the Flash SWF comp...
CVE-2013-2023	Cross-site scripting (XSS) vulnerability in actionscript/Jplayer.as in the Flash SWF component (jpla...
CVE-2013-2024	OS command injection vulnerability in the "qs" procedure from the "utils" module in Chicken before 4...
CVE-2013-2025	Cross-site scripting (XSS) vulnerability in Ushahidi Platform 2.5.x through 2.6.1 allows remote atta...	E S
CVE-2013-2026	Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2011-4971. Reason: This candida...	R
CVE-2013-2027	Jython 2.2.1 uses the current umask to set the privileges of the class cache files, which allows loc...
CVE-2013-2028	The ngx_http_parse_chunked function in http/ngx_http_parse.c in nginx 1.3.9 through 1.4.0 allows rem...	E S
CVE-2013-2029	nagios.upgrade_to_v3.sh, as distributed by Red Hat and possibly others for Nagios Core 3.4.4, 3.5.1,...
CVE-2013-2030	keystone/middleware/auth_token.py in OpenStack Nova Folsom, Grizzly, and Havana uses an insecure tem...	S
CVE-2013-2031	MediaWiki before 1.19.6 and 1.20.x before 1.20.5 allows remote attackers to conduct cross-site scrip...	S
CVE-2013-2032	MediaWiki before 1.19.6 and 1.20.x before 1.20.5 does not allow extensions to prevent password chang...	S
CVE-2013-2033	Cross-site scripting (XSS) vulnerability in Jenkins before 1.514, LTS before 1.509.1, and Enterprise...
CVE-2013-2034	Multiple cross-site request forgery (CSRF) vulnerabilities in Jenkins before 1.514, LTS before 1.509...
CVE-2013-2035	Race condition in hawtjni-runtime/src/main/java/org/fusesource/hawtjni/runtime/Library.java in HawtJ...	E S
CVE-2013-2036	Cross-site scripting (XSS) vulnerability in the Filebrowser module 6.x-2.x before 6.x-2.2 for Drupal...
CVE-2013-2037	httplib2 0.7.2, 0.8, and earlier, after an initial connection is made, does not verify that the serv...	E S
CVE-2013-2038	The NMEA0183 driver in gpsd before 3.9 allows remote attackers to cause a denial of service (daemon ...	E S
CVE-2013-2039	Directory traversal vulnerability in lib/files/view.php in ownCloud before 4.0.15, 4.5.x 4.5.11, and...	S
CVE-2013-2040	Multiple cross-site scripting (XSS) vulnerabilities in ownCloud before 4.0.15, 4.5.x before 4.5.11, ...	S
CVE-2013-2041	Multiple cross-site scripting (XSS) vulnerabilities in ownCloud 5.0.x before 5.0.6 allow remote auth...	S
CVE-2013-2042	Multiple cross-site scripting (XSS) vulnerabilities in ownCloud before 4.0.15, 4.5.x before 4.5.11, ...	S
CVE-2013-2043	apps/calendar/ajax/events.php in ownCloud before 4.5.11 and 5.x before 5.0.6 does not properly check...	S
CVE-2013-2044	Open redirect vulnerability in the Login Page (index.php) in ownCloud before 5.0.6 allows remote att...	S
CVE-2013-2045	SQL injection vulnerability in lib/db.php in ownCloud Server 5.0.x before 5.0.6 allows remote authen...
CVE-2013-2046	SQL injection vulnerability in lib/bookmarks.php in ownCloud Server 4.5.x before 4.5.11 and 5.x befo...
CVE-2013-2047	The login page (aka index.php) in ownCloud before 5.0.6 does not disable the autocomplete setting fo...	S
CVE-2013-2048	ownCloud before 5.0.6 does not properly check permissions, which allows remote authenticated users t...	S
CVE-2013-2049	Red Hat CloudForms 2 Management Engine (CFME) allows remote attackers to conduct session tampering a...
CVE-2013-2050	SQL injection vulnerability in the miq_policy controller in Red Hat CloudForms 2.0 Management Engine...	E
CVE-2013-2051	The Tomcat 6 DIGEST authentication functionality as used in Red Hat Enterprise Linux 6 allows remote...
CVE-2013-2052	Buffer overflow in the atodn function in libreswan 3.0 and 3.1, when Opportunistic Encryption is ena...	S
CVE-2013-2053	Buffer overflow in the atodn function in Openswan before 2.6.39, when Opportunistic Encryption is en...
CVE-2013-2054	Buffer overflow in the atodn function in strongSwan 2.0.0 through 4.3.4, when Opportunistic Encrypti...
CVE-2013-2055	Unspecified vulnerability in Apache Wicket 1.4.x before 1.4.23, 1.5.x before 1.5.11, and 6.x before ...
CVE-2013-2056	The Inter-Satellite Sync (ISS) operation in Red Hat Network (RHN) Satellite 5.3, 5.4, and 5.5 does n...
CVE-2013-2057	YaBB through 2.5.2: 'guestlanguage' Cookie Parameter Local File Include Vulnerability...
CVE-2013-2058	The host_start function in drivers/usb/chipidea/host.c in the Linux kernel before 3.7.4 does not pro...	E S
CVE-2013-2059	OpenStack Identity (Keystone) Folsom 2012.2.4 and earlier, Grizzly before 2013.1.1, and Havana does ...	E
CVE-2013-2060	The download_from_url function in OpenShift Origin allows remote attackers to execute arbitrary comm...	E
CVE-2013-2061	The openvpn_decrypt function in crypto.c in OpenVPN 2.3.0 and earlier, when running in UDP mode, all...	E S
CVE-2013-2062	Multiple integer overflows in X.org libXp 1.0.1 and earlier allow X servers to trigger allocation of...
CVE-2013-2063	Integer overflow in X.org libXtst 1.2.1 and earlier allows X servers to trigger allocation of insuff...
CVE-2013-2064	Integer overflow in X.org libxcb 1.9 and earlier allows X servers to trigger allocation of insuffici...
CVE-2013-2065	(1) DL and (2) Fiddle in Ruby 1.9 before 1.9.3 patchlevel 426, and 2.0 before 2.0.0 patchlevel 195, ...	E S
CVE-2013-2066	Buffer overflow in X.org libXv 1.0.7 and earlier allows X servers to cause a denial of service (cras...
CVE-2013-2067	java/org/apache/catalina/authenticator/FormAuthenticator.java in the form authentication feature in ...	S
CVE-2013-2068	Multiple directory traversal vulnerabilities in the AgentController in Red Hat CloudForms Management...	E
CVE-2013-2069	Red Hat livecd-tools before 13.4.4, 17.x before 17.17, 18.x before 18.16, and 19.x before 19.3, when...
CVE-2013-2070	http/modules/ngx_http_proxy_module.c in nginx 1.1.4 through 1.2.8 and 1.3.0 through 1.4.0, when prox...	S
CVE-2013-2071	java/org/apache/catalina/core/AsyncContextImpl.java in Apache Tomcat 7.x before 7.0.40 does not prop...	E S
CVE-2013-2072	Buffer overflow in the Python bindings for the xc_vcpu_setaffinity call in Xen 4.0.x, 4.1.x, and 4.2...
CVE-2013-2073	Transifex command-line client before 0.9 does not validate X.509 certificates, which allows man-in-t...	S
CVE-2013-2074	kioslave/http/http.cpp in KIO in kdelibs 4.10.3 and earlier allows attackers to discover credentials...
CVE-2013-2075	Multiple buffer overflows in the (1) R5RS char-ready, (2) tcp-accept-ready, and (3) file-select proc...
CVE-2013-2076	Xen 4.0.x, 4.1.x, and 4.2.x, when running on AMD64 processors, only save/restore the FOP, FIP, and F...
CVE-2013-2077	Xen 4.0.x, 4.1.x, and 4.2.x does not properly restrict the contents of a XRSTOR, which allows local ...
CVE-2013-2078	Xen 4.0.2 through 4.0.4, 4.1.x, and 4.2.x allows local PV guest users to cause a denial of service (...
CVE-2013-2079	mod/assign/locallib.php in the assignment module in Moodle 2.3.x before 2.3.7 and 2.4.x before 2.4.4...	S
CVE-2013-2080	The core_grade component in Moodle through 2.2.10, 2.3.x before 2.3.7, and 2.4.x before 2.4.4 does n...	S
CVE-2013-2081	Moodle through 2.1.10, 2.2.x before 2.2.10, 2.3.x before 2.3.7, and 2.4.x before 2.4.4 does not cons...	S
CVE-2013-2082	Moodle through 2.1.10, 2.2.x before 2.2.10, 2.3.x before 2.3.7, and 2.4.x before 2.4.4 does not enfo...	S
CVE-2013-2083	The MoodleQuickForm class in lib/formslib.php in Moodle through 2.1.10, 2.2.x before 2.2.10, 2.3.x b...	S
CVE-2013-2084	Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2013-2069. Reason: This candidate...	R
CVE-2013-2085	Directory traversal vulnerability in apps/files_trashbin/index.php in ownCloud Server before 5.0.6 a...	S
CVE-2013-2086	The configuration loader in ownCloud 5.0.x before 5.0.6 allows remote attackers to obtain CSRF token...	S
CVE-2013-2087	Multiple cross-site scripting (XSS) vulnerabilities in Gallery 3 before 3.0.7 allow remote attackers...	S
CVE-2013-2088	contrib/hook-scripts/svn-keyword-check.pl in Subversion before 1.6.23 allows remote authenticated us...	E
CVE-2013-2089	Incomplete blacklist vulnerability in ownCloud before 5.0.6 allows remote authenticated users to exe...	S
CVE-2013-2090	The set_meta_data function in lib/cremefraiche.rb in the Creme Fraiche gem before 0.6.1 for Ruby all...	E
CVE-2013-2091	SQL injection vulnerability in Dolibarr ERP/CRM 3.3.1 allows remote attackers to execute arbitrary S...
CVE-2013-2092	Cross-site Scripting (XSS) in Dolibarr ERP/CRM 3.3.1 allows remote attackers to inject arbitrary web...	S
CVE-2013-2093	Dolibarr ERP/CRM 3.3.1 does not properly validate user input in viewimage.php and barcode.lib.php wh...	S
CVE-2013-2094	The perf_swevent_init function in kernel/events/core.c in the Linux kernel before 3.8.9 uses an inco...	KEV E S
CVE-2013-2095	rubygem-openshift-origin-controller: API can be used to create applications via cartridge_cache.rb U...	E
CVE-2013-2096	OpenStack Compute (Nova) Folsom, Grizzly, and Havana does not verify the virtual size of a QCOW2 ima...
CVE-2013-2097	ZPanel through 10.1.0 has Remote Command Execution...	E
CVE-2013-2098	Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2013-2099. Reason: This candida...	R
CVE-2013-2099	Algorithmic complexity vulnerability in the ssl.match_hostname function in Python 3.2.x, 3.3.x, and ...	S
CVE-2013-2100	The urlopen function in pym/portage/util/_urlopen.py in Gentoo Portage 2.1.12, when using HTTPS, doe...	E S
CVE-2013-2101	Katello has multiple XSS issues in various entities...	E
CVE-2013-2102	The default configuration of Red Hat JBoss Portal before 6.1.0 enables the JGroups diagnostics servi...
CVE-2013-2103	OpenShift cartridge allows remote URL retrieval...
CVE-2013-2104	python-keystoneclient before 0.2.4, as used in OpenStack Keystone (Folsom), does not properly check ...
CVE-2013-2105	The Show In Browser (show_in_browser) gem 0.0.3 for Ruby allows local users to inject arbitrary web ...	E
CVE-2013-2106	webauth before 4.6.1 has authentication credential disclosure...
CVE-2013-2107	Cross-site request forgery (CSRF) vulnerability in the Mail On Update plugin before 5.2.0 for WordPr...	E S
CVE-2013-2108	WordPress WP Cleanfix Plugin 2.4.4 has CSRF...	E
CVE-2013-2109	WordPress plugin wp-cleanfix has Remote Code Execution...	E
CVE-2013-2110	Heap-based buffer overflow in the php_quot_print_encode function in ext/standard/quot_print.c in PHP...
CVE-2013-2111	The IMAP functionality in Dovecot before 2.2.2 allows remote attackers to cause a denial of service ...	S
CVE-2013-2112	The svnserve server in Subversion before 1.6.23 and 1.7.x before 1.7.10 allows remote attackers to c...
CVE-2013-2113	The create method in app/controllers/users_controller.rb in Foreman before 1.2.0-RC2 allows remote a...
CVE-2013-2114	Unrestricted file upload vulnerability in the chunk upload API in MediaWiki 1.19 through 1.19.6 and ...	S
CVE-2013-2115	Apache Struts 2 before 2.3.14.2 allows remote attackers to execute arbitrary OGNL code via a crafted...
CVE-2013-2116	The _gnutls_ciphertext2compressed function in lib/gnutls_cipher.c in GnuTLS 2.12.23 allows remote at...
CVE-2013-2117	Directory traversal vulnerability in the cgit_parse_readme function in ui-summary.c in cgit before 0...
CVE-2013-2118	SPIP 3.0.x before 3.0.9, 2.1.x before 2.1.22, and 2.0.x before 2.0.23 allows remote attackers to gai...
CVE-2013-2119	Phusion Passenger gem before 3.0.21 and 4.0.x before 4.0.5 for Ruby allows local users to cause a de...	S
CVE-2013-2120	The %{password(...)} macro in pastemacroexpander.cpp in the KDE Paste Applet before 4.10.5 in kdepla...	E S
CVE-2013-2121	Eval injection vulnerability in the create method in the Bookmarks controller in Foreman before 1.2....	E
CVE-2013-2122	The Edit Limit module 7.x-1.x before 7.x-1.3 for Drupal does not properly restrict access to comment...
CVE-2013-2123	The Node access user reference module 6.x-3.x before 6.x-3.5 and 7.x-3.x before 7.x-3.10 for Drupal ...	S
CVE-2013-2124	Double free vulnerability in inspect-fs.c in LibguestFS 1.20.x before 1.20.7, 1.21.x, 1.22.0, and 1....	E S
CVE-2013-2125	OpenSMTPD before 5.3.2 does not properly handle SSL sessions, which allows remote attackers to cause...	E S
CVE-2013-2126	Multiple double free vulnerabilities in the LibRaw::unpack function in libraw_cxx.cpp in LibRaw befo...	E S
CVE-2013-2127	Buffer overflow in the exposure correction code in LibRaw before 0.15.1 allows context-dependent att...	E S
CVE-2013-2128	The tcp_read_sock function in net/ipv4/tcp.c in the Linux kernel before 2.6.34 does not properly man...	S
CVE-2013-2129	Cross-site scripting (XSS) vulnerability in the Webform module 6.x-3.x before 6.x-3.19 for Drupal al...
CVE-2013-2130	ZNC 1.0 allows remote authenticated users to cause a denial of service (NULL pointer reference and c...	E S
CVE-2013-2131	Format string vulnerability in the rrdtool module 1.4.7 for Python, as used in Zenoss, allows contex...
CVE-2013-2132	bson/_cbsonmodule.c in the mongo-python-driver (aka. pymongo) before 2.5.2, as used in MongoDB, allo...	E S
CVE-2013-2133	The EJB invocation handler implementation in Red Hat JBossWS, as used in JBoss Enterprise Applicatio...
CVE-2013-2134	Apache Struts 2 before 2.3.14.3 allows remote attackers to execute arbitrary OGNL code via a request...
CVE-2013-2135	Apache Struts 2 before 2.3.14.3 allows remote attackers to execute arbitrary OGNL code via a request...
CVE-2013-2136	Multiple cross-site scripting (XSS) vulnerabilities in Apache CloudStack before 4.1.1 allow remote a...
CVE-2013-2137	Cross-site scripting (XSS) vulnerability in the "View Log" screen in the Webtools application in Apa...	S
CVE-2013-2138	The (1) uploadify and (2) flowplayer SWF files in Gallery 3 before 3.0.8 do not properly remove quer...
CVE-2013-2139	Buffer overflow in srtp.c in libsrtp in srtp 1.4.5 and earlier allows remote attackers to cause a de...
CVE-2013-2140	The dispatch_discard_io function in drivers/block/xen-blkback/blkback.c in the Xen blkback implement...	E S
CVE-2013-2141	The do_tkill function in kernel/signal.c in the Linux kernel before 3.8.9 does not initialize a cert...	E S
CVE-2013-2142	userpref.c in libimobiledevice 1.1.4, when $HOME and $XDG_CONFIG_HOME are not set, allows local user...	E
CVE-2013-2143	The users controller in Katello 1.5.0-14 and earlier, and Red Hat Satellite, does not check authoriz...	E
CVE-2013-2144	Red Hat Enterprise Virtualization Manager (RHEVM) before 3.2 does not properly check permissions for...
CVE-2013-2145	The cpansign verify functionality in the Module::Signature module before 0.72 for Perl allows attack...	E S
CVE-2013-2146	arch/x86/kernel/cpu/perf_event_intel.c in the Linux kernel before 3.8.9, when the Performance Events...	E S
CVE-2013-2147	The HP Smart Array controller disk-array driver and Compaq SMART2 controller disk-array driver in th...
CVE-2013-2148	The fill_event_metadata function in fs/notify/fanotify/fanotify_user.c in the Linux kernel through 3...
CVE-2013-2149	Multiple cross-site scripting (XSS) vulnerabilities in ownCloud before 4.0.16 and 5.x before 5.0.7 a...	S
CVE-2013-2150	Multiple cross-site scripting (XSS) vulnerabilities in js/viewer.js in ownCloud before 4.5.12 and 5....	S
CVE-2013-2151	Unquoted Windows search path vulnerability in Red Hat Enterprise Virtualization (RHEV) 3 and 3.2 all...
CVE-2013-2152	Unquoted Windows search path vulnerability in the SPICE service, as used in Red Hat Enterprise Virtu...
CVE-2013-2153	The XML digital signature functionality (xsec/dsig/DSIGReference.cpp) in Apache Santuario XML Securi...	E S
CVE-2013-2154	Stack-based buffer overflow in the XML Signature Reference functionality (xsec/dsig/DSIGReference.cp...	S
CVE-2013-2155	Apache Santuario XML Security for C++ (aka xml-security-c) before 1.7.1 does not properly validate l...	S
CVE-2013-2156	Heap-based buffer overflow in the Exclusive Canonicalization functionality (xsec/canon/XSECC14n20010...	S
CVE-2013-2157	OpenStack Keystone Folsom, Grizzly before 2013.1.3, and Havana, when using LDAP with Anonymous bindi...
CVE-2013-2158	Cross-site request forgery (CSRF) vulnerability in the Services module 6.x-3.x and 7.x-3.x before 7....
CVE-2013-2159	Monkey HTTP Daemon: broken user name authentication...
CVE-2013-2160	The streaming XML parser in Apache CXF 2.5.x before 2.5.10, 2.6.x before 2.6.7, and 2.7.x before 2.7...	S
CVE-2013-2161	XML injection vulnerability in account/utils.py in OpenStack Swift Folsom, Grizzly, and Havana allow...
CVE-2013-2162	Race condition in the post-installation script (mysql-server-5.5.postinst) for MySQL Server 5.5 for ...	E
CVE-2013-2163	Monkey HTTP Daemon (monkeyd) before 1.2.2 allows remote attackers to cause a denial of service (infi...	E
CVE-2013-2164	The mmc_ioctl_cdrom_read_data function in drivers/cdrom/cdrom.c in the Linux kernel through 3.10 all...	E S
CVE-2013-2165	ResourceBuilderImpl.java in the RichFaces 3.x through 5.x implementation in Red Hat JBoss Web Framew...
CVE-2013-2166	python-keystoneclient version 0.2.3 to 0.2.5 has middleware memcache encryption bypass...	E
CVE-2013-2167	python-keystoneclient version 0.2.3 to 0.2.5 has middleware memcache signing bypass...	S
CVE-2013-2168	The _dbus_printf_string_upper_bound function in dbus/dbus-sysdeps-unix.c in D-Bus (aka DBus) 1.4.x b...
CVE-2013-2169	Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was wi...	R
CVE-2013-2170	Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was wi...	R
CVE-2013-2171	The vm_map_lookup function in sys/vm/vm_map.c in the mmap implementation in the kernel in FreeBSD 9....
CVE-2013-2172	jcp/xml/dsig/internal/dom/DOMCanonicalizationMethod.java in Apache Santuario XML Security for Java 1...	S
CVE-2013-2173	wp-includes/class-phpass.php in WordPress 3.5.1, when a password-protected post exists, allows remot...	E
CVE-2013-2174	Heap-based buffer overflow in the curl_easy_unescape function in lib/escape.c in cURL and libcurl 7....	E S
CVE-2013-2175	HAProxy 1.4 before 1.4.24 and 1.5 before 1.5-dev19, when configured to use hdr_ip or other "hdr_*" f...	S
CVE-2013-2176	Unquoted Windows search path vulnerability in the Red Hat Enterprise Virtualization Application Prov...
CVE-2013-2177	Cross-site scripting (XSS) vulnerability in the Display Suite module 7.x-1.x before 7.x-1.7 and 7.x-...
CVE-2013-2178	The apache-auth.conf, apache-nohome.conf, apache-noscript.conf, and apache-overflows.conf files in F...
CVE-2013-2179	X.Org xdm 1.1.10, 1.1.11, and possibly other versions, when performing authentication using certain ...	E S
CVE-2013-2180	Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. Reason: This CVE has been rejected as it was inco...	R
CVE-2013-2181	Cross-site scripting (XSS) vulnerability in the Directory Listing plugin in Monkey HTTP Daemon (monk...	E
CVE-2013-2182	The Mandril security plugin in Monkey HTTP Daemon (monkeyd) before 1.5.0 allows remote attackers to ...	E S
CVE-2013-2183	Monkey HTTP Daemon has local security bypass...
CVE-2013-2184	Movable Type before 5.2.6 does not properly use the Storable::thaw function, which allows remote att...
CVE-2013-2185	The readObject method in the DiskFileItem class in Apache Tomcat and JBoss Web, as used in Red Hat J...
CVE-2013-2186	The DiskFileItem class in Apache Commons FileUpload, as used in Red Hat JBoss BRMS 5.3.1; JBoss Port...
CVE-2013-2187	Cross-site scripting (XSS) vulnerability in Apache Archiva 1.2 through 1.2.2 and 1.3 before 1.3.8 al...	S
CVE-2013-2188	A certain Red Hat patch to the do_filp_open function in fs/namei.c in the kernel package before 2.6....
CVE-2013-2189	Apache OpenOffice.org (OOo) before 4.0 allows remote attackers to cause a denial of service (memory ...	S
CVE-2013-2190	The translate_hierarchy_event function in x11/clutter-device-manager-xi2.c in Clutter, when resuming...	E S
CVE-2013-2191	python-bugzilla before 0.9.0 does not validate X.509 certificates, which allows man-in-the-middle at...	S
CVE-2013-2192	The RPC protocol implementation in Apache Hadoop 2.x before 2.0.6-alpha, 0.23.x before 0.23.9, and 1...
CVE-2013-2193	Apache HBase 0.92.x before 0.92.3 and 0.94.x before 0.94.9, when the Kerberos features are enabled, ...
CVE-2013-2194	Multiple integer overflows in the Elf parser (libelf) in Xen 4.2.x and earlier allow local guest adm...
CVE-2013-2195	The Elf parser (libelf) in Xen 4.2.x and earlier allow local guest administrators with certain permi...	S
CVE-2013-2196	Multiple unspecified vulnerabilities in the Elf parser (libelf) in Xen 4.2.x and earlier allow local...	S
CVE-2013-2197	The Login Security module 6.x-1.x before 6.x-1.3 and 7.x-1.x before 7.x-1.3 for Drupal, when using t...	S
CVE-2013-2198	The Login Security module 6.x-1.x before 6.x-1.3 and 7.x-1.x before 7.x-1.3 for Drupal allows attack...
CVE-2013-2199	The HTTP API in WordPress before 3.5.2 allows remote attackers to send HTTP requests to intranet ser...
CVE-2013-2200	WordPress before 3.5.2 does not properly check the capabilities of roles, which allows remote authen...
CVE-2013-2201	Multiple cross-site scripting (XSS) vulnerabilities in WordPress before 3.5.2 allow remote attackers...
CVE-2013-2202	WordPress before 3.5.2 allows remote attackers to read arbitrary files via an oEmbed XML provider re...
CVE-2013-2203	WordPress before 3.5.2, when the uploads directory forbids write access, allows remote attackers to ...
CVE-2013-2204	moxieplayer.as in Moxiecode moxieplayer, as used in the TinyMCE Media plugin in WordPress before 3.5...	E S
CVE-2013-2205	The default configuration of SWFUpload in WordPress before 3.5.2 has an unrestrictive security.allow...
CVE-2013-2206	The sctp_sf_do_5_2_4_dupcook function in net/sctp/sm_statefuns.c in the SCTP implementation in the L...	E S
CVE-2013-2207	pt_chown in GNU C Library (aka glibc or libc6) before 2.18 does not properly check permissions for t...	S
CVE-2013-2208	tpp 1.3.1 allows remote attackers to execute arbitrary commands via a --exec command in a TPP templa...
CVE-2013-2209	Cross-site scripting (XSS) vulnerability in the auto-complete widget in htdocs/media/rb/js/reviews.j...	E S
CVE-2013-2210	Heap-based buffer overflow in the XML Signature Reference functionality in Apache Santuario XML Secu...
CVE-2013-2211	The libxenlight (libxl) toolstack library in Xen 4.0.x, 4.1.x, and 4.2.x uses weak permissions for x...
CVE-2013-2212	The vmx_set_uc_mode function in Xen 3.3 through 4.3, when disabling caches, allows local HVM guests ...
CVE-2013-2213	The KRandom::random function in KDE Paste Applet after 4.10.5 in kdeplasma-addons uses the GNU C Lib...	E
CVE-2013-2214	status.cgi in Nagios 4.0 before 4.0 beta4 and 3.x before 3.5.1 does not properly restrict access to ...
CVE-2013-2215	Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was wi...	R
CVE-2013-2216	Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was with...	R
CVE-2013-2217	cache.py in Suds 0.4, when tempdir is set to None, allows local users to redirect SOAP queries and p...
CVE-2013-2218	Double free vulnerability in the virConnectListAllInterfaces method in interface/interface_backend_n...	E S
CVE-2013-2219	The Red Hat Directory Server before 8.2.11-13 and 389 Directory Server do not properly restrict acce...
CVE-2013-2220	Buffer overflow in the radius_get_vendor_attr function in the Radius extension before 1.2.7 for PHP ...	E S
CVE-2013-2221	Heap-based buffer overflow in the ZRtp::storeMsgTemp function in GNU ZRTPCPP before 3.2.0 allows rem...	E S
CVE-2013-2222	Multiple stack-based buffer overflows in GNU ZRTPCPP before 3.2.0 allow remote attackers to cause a ...	E S
CVE-2013-2223	GNU ZRTPCPP before 3.2.0 allows remote attackers to obtain sensitive information (uninitialized heap...	E S
CVE-2013-2224	A certain Red Hat patch for the Linux kernel 2.6.32 on Red Hat Enterprise Linux (RHEL) 6 allows loca...
CVE-2013-2225	inc/ticket.class.php in GLPI 0.83.9 and earlier allows remote attackers to unserialize arbitrary PHP...	E S
CVE-2013-2226	Multiple SQL injection vulnerabilities in GLPI before 0.83.9 allow remote attackers to execute arbit...	E S
CVE-2013-2227	GLPI 0.83.7 has Local File Inclusion in common.tabs.php....	E
CVE-2013-2228	SaltStack RSA Key Generation allows remote users to decrypt communications...
CVE-2013-2229	Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2013-2218. Reason: This candida...	R
CVE-2013-2230	The qemu driver (qemu/qemu_driver.c) in libvirt before 1.1.1 allows remote authenticated users to ca...	S
CVE-2013-2231	Unquoted Windows search path vulnerability in the QEMU Guest Agent service for Red Hat Enterprise Li...
CVE-2013-2232	The ip6_sk_dst_check function in net/ipv6/ip6_output.c in the Linux kernel before 3.10 allows local ...	E S
CVE-2013-2233	Ansible before 1.2.1 makes it easier for remote attackers to conduct man-in-the-middle attacks by le...
CVE-2013-2234	The (1) key_notify_sa_flush and (2) key_notify_policy_flush functions in net/key/af_key.c in the Lin...	E S
CVE-2013-2235	Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was with...	R
CVE-2013-2236	Stack-based buffer overflow in the new_msg_lsa_change_notify function in the OSPFD API (ospf_api.c) ...
CVE-2013-2237	The key_notify_policy_flush function in net/key/af_key.c in the Linux kernel before 3.9 does not ini...	E S
CVE-2013-2238	Multiple buffer overflows in the switch_perform_substitution function in switch_regex.c in FreeSWITC...	E S
CVE-2013-2239	vzkernel before 042stab080.2 in the OpenVZ modification for the Linux kernel 2.6.32 does not initial...
CVE-2013-2240	lib/flowplayer.swf.php in Gallery 3 before 3.0.9 does not properly remove query fragments, which all...	E S
CVE-2013-2241	modules/gallery/helpers/data_rest.php in Gallery 3 before 3.0.9 allows remote attackers to bypass in...	S
CVE-2013-2242	mod/chat/gui_sockets/index.php in Moodle through 2.1.10, 2.2.x before 2.2.11, 2.3.x before 2.3.8, 2....
CVE-2013-2243	mod/lesson/pagetypes/matching.php in Moodle through 2.2.11, 2.3.x before 2.3.8, 2.4.x before 2.4.5, ...
CVE-2013-2244	Multiple cross-site scripting (XSS) vulnerabilities in lib/conditionlib.php in Moodle 2.4.x before 2...
CVE-2013-2245	rss/file.php in Moodle through 2.1.10, 2.2.x before 2.2.11, 2.3.x before 2.3.8, 2.4.x before 2.4.5, ...
CVE-2013-2246	mod/feedback/lib.php in Moodle through 2.1.10, 2.2.x before 2.2.11, 2.3.x before 2.3.8, 2.4.x before...
CVE-2013-2247	The Fast Permissions Administration module 6.x-2.x before 6.x-2.5 and 7.x-2.x before 7.x-2.3 for Dru...	S
CVE-2013-2248	Multiple open redirect vulnerabilities in Apache Struts 2.0.0 through 2.3.15 allow remote attackers ...
CVE-2013-2249	mod_session_dbd.c in the mod_session_dbd module in the Apache HTTP Server before 2.4.5 proceeds with...	E S
CVE-2013-2250	Apache Open For Business Project (aka OFBiz) 10.04.01 through 10.04.05, 11.04.01 through 11.04.02, a...	S
CVE-2013-2251	Apache Struts 2.0.0 through 2.3.15 allows remote attackers to execute arbitrary OGNL expressions via...	KEV E S
CVE-2013-2252	Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was with...	R
CVE-2013-2254	The deepGetOrCreateNode function in impl/operations/AbstractCreateOperation.java in org.apache.sling...	E S
CVE-2013-2255	HTTPSConnections in OpenStack Keystone 2013, OpenStack Compute 2013.1, and possibly other OpenStack ...
CVE-2013-2256	OpenStack Compute (Nova) before 2013.1.3 and Havana before havana-2 does not properly enforce the os...	E S
CVE-2013-2257	Cryptocat before 2.0.42 has Group Chat ECC Private Key Generation Brute Force Weakness...
CVE-2013-2258	Cryptocat before 2.0.22 has Nickname User Impersonation...
CVE-2013-2259	Cryptocat before 2.0.22 has Arbitrary Code Execution on Firefox Conversation Overview...
CVE-2013-2260	Cryptocat before 2.0.22: Cryptocat.random() Function Array Key has Entropy Weakness...
CVE-2013-2261	Cryptocat before 2.0.22 Chrome Extension 'img/keygen.gif' has Information Disclosure...
CVE-2013-2262	Cryptocat strophe.js before 2.0.22 has information disclosure...
CVE-2013-2263	Unspecified vulnerability in Citrix Access Gateway Standard Edition 5.0.x before 5.0.4.223524 allows...
CVE-2013-2264	The SIP channel driver in Asterisk Open Source 1.8.x before 1.8.20.2, 10.x before 10.12.2, and 11.x ...
CVE-2013-2266	libdns in ISC BIND 9.7.x and 9.8.x before 9.8.4-P2, 9.8.5 before 9.8.5b2, 9.9.x before 9.9.2-P2, and...
CVE-2013-2267	PHP Code Injection vulnerability in FUDforum Bulletin Board Software 3.0.4 could allow remote attack...
CVE-2013-2268	Unspecified vulnerability in the MathML implementation in WebKit in Google Chrome before 25.0.1364.9...
CVE-2013-2269	The Sponsorship Confirmation functionality in Aruba Networks ClearPass 5.x, 6.0.1, and 6.0.2, and Am...
CVE-2013-2270	Cross-site scripting (XSS) vulnerability in the administration page in Airvana HubBub C1-600-RT and ...
CVE-2013-2271	The D-Link DSL-2740B Gateway with firmware EU_1.0, when an active administrator session exists, allo...	E
CVE-2013-2272	The penny-flooding protection mechanism in the CTxMemPool::accept method in bitcoind and Bitcoin-Qt ...
CVE-2013-2273	bitcoind and Bitcoin-Qt before 0.4.9rc1, 0.5.x before 0.5.8rc1, 0.6.0 before 0.6.0.11rc1, 0.6.1 thro...
CVE-2013-2274	Puppet 2.6.x before 2.6.18 and Puppet Enterprise 1.2.x before 1.2.7 allows remote authenticated user...
CVE-2013-2275	The default configuration for puppet masters 0.25.0 and later in Puppet before 2.6.18, 2.7.x before ...
CVE-2013-2276	The avcodec_decode_audio4 function in utils.c in libavcodec in FFmpeg before 1.1.3 does not verify t...
CVE-2013-2277	The ff_h264_decode_seq_parameter_set function in h264_ps.c in libavcodec in FFmpeg before 1.1.3 does...
CVE-2013-2278	Unspecified vulnerability in War FTP Daemon (warftpd) 1.82, when running as a Windows service, allow...	S
CVE-2013-2279	CA SiteMinder Federation (FSS) 12.5, 12.0, and r6; Federation (Standalone) 12.1 and 12.0; Agent for ...
CVE-2013-2287	Multiple cross-site scripting (XSS) vulnerabilities in views/notify.php in the Uploader plugin 1.0.4...	E
CVE-2013-2289	Cross-site scripting (XSS) vulnerability in admin/templates/default.php in Batavi 1.2.2 allows remot...	E
CVE-2013-2290	Cross-site scripting (XSS) vulnerability in the dashboard of the ArubaOS Administration WebUI in Aru...
CVE-2013-2292	bitcoind and Bitcoin-Qt 0.8.0 and earlier allow remote attackers to cause a denial of service (elect...
CVE-2013-2293	The CTransaction::FetchInputs method in bitcoind and Bitcoin-Qt before 0.8.0rc1 copies transactions ...
CVE-2013-2294	Multiple cross-site scripting (XSS) vulnerabilities in ViewGit before 0.0.7 allow remote repository ...	E
CVE-2013-2296	Walrus in Eucalyptus before 3.2.2 does not verify authorization for the GetBucketLoggingStatus, SetB...
CVE-2013-2297	Eucalyptus EuStore sets a blank root password in the default configuration of EMI 3868652036, EMI 04...
CVE-2013-2298	Multiple stack-based buffer overflows in the XML parser in BOINC 7.x allow attackers to have unspeci...
CVE-2013-2299	Cross-site scripting (XSS) vulnerability in Advantech WebAccess (formerly BroadWin WebAccess) before...
CVE-2013-2300	The FlickWnn (aka OpenWnn/Flick support) application 2.02 and earlier for Android uses weak permissi...
CVE-2013-2301	The OMRON OpenWnn application before 1.3.6 for Android uses weak permissions for unspecified files, ...
CVE-2013-2302	TransWARE Active! mail 6, when an external public interface is used, allows local users to obtain se...
CVE-2013-2303	Sleipnir 4.0.0.4000 and earlier on Windows allows remote attackers to spoof the SSL lock icon and ad...
CVE-2013-2304	The Sleipnir Mobile application 2.8.0 and earlier and Sleipnir Mobile Black Edition application 2.8....
CVE-2013-2305	Cross-site request forgery (CSRF) vulnerability in Cybozu Office before 8.1.6 and 9.x before 9.3.0, ...
CVE-2013-2306	The jigbrowser+ application before 1.6.4 for Android does not properly open windows, which allows re...
CVE-2013-2307	The Yahoo! Browser application before 1.4.3 for Android allows remote attackers to spoof the address...
CVE-2013-2308	The (1) OWA Helper and (2) OSG Lite programs in SoftBank Online Service Gate allow remote authentica...
CVE-2013-2309	Cross-site scripting (XSS) vulnerability in the management screen in OpenPNE 3.4.x before 3.4.21.1, ...	S
CVE-2013-2310	SoftBank Wi-Fi Spot Configuration Software, as used on SoftBank SHARP 3G handsets, SoftBank Panasoni...
CVE-2013-2311	Cross-site scripting (XSS) vulnerability in static/js/share.js (aka the social bookmarking widget) i...
CVE-2013-2312	Cross-site scripting (XSS) vulnerability in the shopping-cart screen in LOCKON EC-CUBE 2.11.0 throug...
CVE-2013-2313	Session fixation vulnerability in LOCKON EC-CUBE 2.11.0 through 2.12.3enP2 allows remote attackers t...
CVE-2013-2314	Cross-site scripting (XSS) vulnerability in the adminAuthorization function in data/class/helper/SC_...
CVE-2013-2315	data/class/pages/forgot/LC_Page_Forgot.php in LOCKON EC-CUBE 2.11.0 through 2.12.3enP2 does not prop...
CVE-2013-2316	The Yahoo! Browser application 1.4.4 and earlier for Android allows remote attackers to spoof the ad...
CVE-2013-2317	The Sleipnir Mobile application 2.9.1 and earlier and Sleipnir Mobile Black Edition application 2.9....
CVE-2013-2318	The Content Provider in the MovatwiTouch application before 1.793 and MovatwiTouch Paid application ...
CVE-2013-2319	FileMaker Pro before 12 and Pro Advanced before 12 does not verify X.509 certificates from SSL serve...
CVE-2013-2321	Cross-site scripting (XSS) vulnerability in HP Service Manager Web Tier 9.31 before 9.31.2004 p2 all...
CVE-2013-2322	HP SQL/MX 3.2 and earlier on NonStop servers, when SQL/MP Objects are used, allows remote authentica...
CVE-2013-2323	HP SQL/MX 3.0 through 3.2 on NonStop servers, when SQL/MP Objects are used, allows remote authentica...
CVE-2013-2324	Unspecified vulnerability in HP Storage Data Protector 6.20, 6.21, 7.00, and 7.01 allows remote atta...
CVE-2013-2325	Unspecified vulnerability in HP Storage Data Protector 6.20, 6.21, 7.00, and 7.01 allows remote atta...
CVE-2013-2326	Unspecified vulnerability in HP Storage Data Protector 6.20, 6.21, 7.00, and 7.01 allows remote atta...
CVE-2013-2327	Unspecified vulnerability in HP Storage Data Protector 6.20, 6.21, 7.00, and 7.01 allows remote atta...
CVE-2013-2328	Unspecified vulnerability in HP Storage Data Protector 6.20, 6.21, 7.00, and 7.01 allows remote atta...
CVE-2013-2329	Unspecified vulnerability in HP Storage Data Protector 6.20, 6.21, 7.00, and 7.01 allows remote atta...
CVE-2013-2330	Unspecified vulnerability in HP Storage Data Protector 6.20, 6.21, 7.00, and 7.01 allows remote atta...
CVE-2013-2331	Unspecified vulnerability in HP Storage Data Protector 6.20, 6.21, 7.00, and 7.01 allows remote atta...
CVE-2013-2332	Unspecified vulnerability in HP Storage Data Protector 6.20, 6.21, 7.00, and 7.01 allows remote atta...
CVE-2013-2333	Unspecified vulnerability in HP Storage Data Protector 6.20, 6.21, 7.00, and 7.01 allows remote atta...
CVE-2013-2334	Unspecified vulnerability in HP Storage Data Protector 6.20, 6.21, 7.00, and 7.01 allows remote atta...
CVE-2013-2335	Unspecified vulnerability in HP Storage Data Protector 6.20, 6.21, 7.00, and 7.01 allows remote atta...
CVE-2013-2336	HP Service Manager 7.11, 9.21, 9.30, and 9.31, and ServiceCenter 6.2.8, allows remote attackers to o...
CVE-2013-2337	Cross-site scripting (XSS) vulnerability in HP Service Manager 7.11, 9.21, 9.30, and 9.31, and Servi...
CVE-2013-2338	Unspecified vulnerability on HP Integrated Lights-Out 3 (aka iLO3) cards with firmware before 1.57 a...
CVE-2013-2339	HP Smart Zero Core 4.3 and 4.3.1 on the t410 All-in-One Smart Zero Client, t410 Smart Zero Client, t...
CVE-2013-2340	Unspecified vulnerability on the HP ProCurve JC###A, JC###B, JD###A, JD###B, JE###A, JF###A, JF###B,...
CVE-2013-2341	Unspecified vulnerability on the HP ProCurve JC###A, JC###B, JD###A, JD###B, JE###A, JF###A, JF###B,...
CVE-2013-2342	The HP StoreOnce D2D backup system with software before 3.0.0 has a default password of badg3r5 for ...
CVE-2013-2343	Unspecified vulnerability on the HP LeftHand Virtual SAN Appliance hydra with software before 10.0 a...
CVE-2013-2344	Unspecified vulnerability in HP Storage Data Protector 6.2X allows remote attackers to execute arbit...
CVE-2013-2345	Unspecified vulnerability in HP Storage Data Protector 6.2X allows remote attackers to execute arbit...
CVE-2013-2346	Unspecified vulnerability in HP Storage Data Protector 6.2X allows remote attackers to execute arbit...
CVE-2013-2347	The Backup Client Service (OmniInet.exe) in HP Storage Data Protector 6.2X allows remote attackers t...	E
CVE-2013-2348	Unspecified vulnerability in HP Storage Data Protector 6.2X allows remote attackers to execute arbit...
CVE-2013-2349	Unspecified vulnerability in HP Storage Data Protector 6.2X allows remote attackers to execute arbit...
CVE-2013-2350	Unspecified vulnerability in HP Storage Data Protector 6.2X allows remote attackers to execute arbit...
CVE-2013-2351	Unspecified vulnerability in HP Network Node Manager i (NNMi) 9.00, 9.1x, and 9.2x allows remote att...
CVE-2013-2352	LeftHand OS (aka SAN iQ) 10.5 and earlier on HP StoreVirtual Storage devices does not provide a mech...
CVE-2013-2353	Unspecified vulnerability in HP StoreOnce D2D Backup System 1.x before 1.2.19 and 2.x before 2.3.0 a...
CVE-2013-2354	Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...	R
CVE-2013-2355	HP System Management Homepage (SMH) before 7.2.1 allows remote attackers to bypass intended access r...
CVE-2013-2356	HP System Management Homepage (SMH) before 7.2.1 allows remote attackers to obtain sensitive informa...
CVE-2013-2357	Unspecified vulnerability in HP System Management Homepage (SMH) before 7.2.1 allows remote authenti...
CVE-2013-2358	Unspecified vulnerability in HP System Management Homepage (SMH) before 7.2.1 allows remote authenti...
CVE-2013-2359	Unspecified vulnerability in HP System Management Homepage (SMH) before 7.2.1 allows remote authenti...
CVE-2013-2360	Unspecified vulnerability in HP System Management Homepage (SMH) before 7.2.1 allows remote authenti...
CVE-2013-2361	Cross-site scripting (XSS) vulnerability in HP System Management Homepage (SMH) before 7.2.1 allows ...
CVE-2013-2362	Unspecified vulnerability in HP System Management Homepage (SMH) before 7.2.1 allows local users to ...
CVE-2013-2363	HP System Management Homepage (SMH) before 7.2.1 allows remote attackers to obtain sensitive informa...
CVE-2013-2364	Cross-site scripting (XSS) vulnerability in HP System Management Homepage (SMH) before 7.2.1 allows ...
CVE-2013-2365	HP Database and Middleware Automation (DMA) 10.x before 10.10, when SSL is used, allows remote attac...
CVE-2013-2366	Unspecified vulnerability in HP Business Process Monitor 9.13.1 patch 1 and 9.22 patch 1 allows remo...
CVE-2013-2367	Multiple unspecified vulnerabilities in HP SiteScope 11.20 and 11.21, when SOAP is used, allow remot...
CVE-2013-2368	Unspecified vulnerability in HP LoadRunner before 11.52 allows remote attackers to cause a denial of...
CVE-2013-2369	Unspecified vulnerability in HP LoadRunner before 11.52 allows remote attackers to execute arbitrary...
CVE-2013-2370	Unspecified vulnerability in HP LoadRunner before 11.52 allows remote attackers to execute arbitrary...
CVE-2013-2371	The Web API in the Statistics Server in TIBCO Spotfire Statistics Services 3.3.x before 3.3.1, 4.5.x...
CVE-2013-2372	Cross-site scripting (XSS) vulnerability in the Engine in TIBCO Spotfire Web Player 3.3.x before 3.3...
CVE-2013-2373	The Engine in TIBCO Spotfire Web Player 3.3.x before 3.3.3, 4.0.x before 4.0.3, 4.5.x before 4.5.1, ...
CVE-2013-2374	Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools component in Oracle PeopleSoft Pr...
CVE-2013-2375	Unspecified vulnerability in Oracle MySQL 5.1.68 and earlier, 5.5.30 and earlier, and 5.6.10 and ear...
CVE-2013-2376	Unspecified vulnerability in Oracle MySQL 5.5.30 and earlier and 5.6.10 and earlier allows remote au...
CVE-2013-2377	Unspecified vulnerability in the Oracle FLEXCUBE Direct Banking component in Oracle Financial Servic...
CVE-2013-2378	Unspecified vulnerability in Oracle MySQL 5.1.67 and earlier, 5.5.29 and earlier, and 5.6.10 and ear...
CVE-2013-2379	Unspecified vulnerability in the Oracle FLEXCUBE Direct Banking component in Oracle Financial Servic...
CVE-2013-2380	Unspecified vulnerability in the Oracle JRockit component in Oracle Fusion Middleware R27.7.4 and ea...
CVE-2013-2381	Unspecified vulnerability in Oracle MySQL 5.6.10 and earlier allows remote authenticated users to af...
CVE-2013-2382	Unspecified vulnerability in the Oracle FLEXCUBE Direct Banking component in Oracle Financial Servic...
CVE-2013-2383	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update...
CVE-2013-2384	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update...
CVE-2013-2385	Unspecified vulnerability in the Oracle FLEXCUBE Direct Banking component in Oracle Financial Servic...
CVE-2013-2386	Unspecified vulnerability in the Oracle FLEXCUBE Direct Banking component in Oracle Financial Servic...
CVE-2013-2387	Unspecified vulnerability in the Oracle FLEXCUBE Direct Banking component in Oracle Financial Servic...
CVE-2013-2388	Unspecified vulnerability in the Oracle Applications Technology Stack component in Oracle E-Business...
CVE-2013-2389	Unspecified vulnerability in Oracle MySQL 5.1.68 and earlier, 5.5.30 and earlier, and 5.6.10 and ear...
CVE-2013-2390	Unspecified vulnerability in the Oracle WebLogic Server component in Oracle Fusion Middleware 10.0.2...
CVE-2013-2391	Unspecified vulnerability in Oracle MySQL 5.1.68 and earlier, 5.5.30 and earlier, and 5.6.10 and ear...
CVE-2013-2392	Unspecified vulnerability in Oracle MySQL 5.1.68 and earlier, 5.5.30 and earlier, and 5.6.10 and ear...
CVE-2013-2393	Unspecified vulnerability in the Oracle Outside In Technology component in Oracle Fusion Middleware ...
CVE-2013-2394	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update...
CVE-2013-2395	Unspecified vulnerability in Oracle MySQL 5.6.10 and earlier allows remote authenticated users to af...
CVE-2013-2396	Unspecified vulnerability in the Oracle Applications Manager component in Oracle E-Business Suite 12...
CVE-2013-2397	Unspecified vulnerability in the Oracle Retail Central Office component in Oracle Industry Applicati...
CVE-2013-2398	Unspecified vulnerability in the Siebel UI Framework component in Oracle Siebel CRM 8.1.1 and 8.2.2 ...
CVE-2013-2399	Unspecified vulnerability in the Siebel Call Center component in Oracle Siebel CRM 8.1.1 and 8.2.2 a...
CVE-2013-2400	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update...
CVE-2013-2401	Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools component in Oracle PeopleSoft Pr...
CVE-2013-2402	Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools component in Oracle PeopleSoft Pr...
CVE-2013-2403	Unspecified vulnerability in the Siebel Enterprise Application Integration component in Oracle Siebe...
CVE-2013-2404	Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools component in Oracle PeopleSoft Pr...
CVE-2013-2405	Unspecified vulnerability in the Primavera P6 Enterprise Project Portfolio Management component in O...
CVE-2013-2406	Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools component in Oracle PeopleSoft Pr...
CVE-2013-2407	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update...
CVE-2013-2408	Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools component in Oracle PeopleSoft Pr...
CVE-2013-2409	Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools component in Oracle PeopleSoft Pr...
CVE-2013-2410	Unspecified vulnerability in the PeopleSoft Enterprise HRMS component in Oracle PeopleSoft Products ...
CVE-2013-2411	Unspecified vulnerability in the Primavera P6 Enterprise Project Portfolio Management component in O...
CVE-2013-2412	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update...
CVE-2013-2413	Unspecified vulnerability in the Siebel Enterprise Application Integration component in Oracle Siebe...
CVE-2013-2414	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update...
CVE-2013-2415	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update...
CVE-2013-2416	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update...
CVE-2013-2417	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update...
CVE-2013-2418	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update...
CVE-2013-2419	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update...
CVE-2013-2420	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update...
CVE-2013-2421	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update...
CVE-2013-2422	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update...
CVE-2013-2423	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update...	KEV E S
CVE-2013-2424	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update...
CVE-2013-2425	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update...
CVE-2013-2426	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update...
CVE-2013-2427	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update...
CVE-2013-2428	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update...
CVE-2013-2429	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update...
CVE-2013-2430	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update...
CVE-2013-2431	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update...
CVE-2013-2432	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update...
CVE-2013-2433	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update...
CVE-2013-2434	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update...
CVE-2013-2435	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update...
CVE-2013-2436	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update...
CVE-2013-2437	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update...
CVE-2013-2438	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update...
CVE-2013-2439	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update...
CVE-2013-2440	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update...
CVE-2013-2441	Unspecified vulnerability in the Agile EDM component in Oracle Supply Chain Products Suite 6.1.1.0, ...
CVE-2013-2442	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update...
CVE-2013-2443	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update...
CVE-2013-2444	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update...
CVE-2013-2445	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update...
CVE-2013-2446	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update...
CVE-2013-2447	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update...
CVE-2013-2448	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update...
CVE-2013-2449	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update...
CVE-2013-2450	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update...
CVE-2013-2451	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update...
CVE-2013-2452	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update...
CVE-2013-2453	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update...
CVE-2013-2454	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update...
CVE-2013-2455	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update...
CVE-2013-2456	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update...
CVE-2013-2457	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update...
CVE-2013-2458	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update...
CVE-2013-2459	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update...
CVE-2013-2460	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update...
CVE-2013-2461	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update...
CVE-2013-2462	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update...
CVE-2013-2463	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update...
CVE-2013-2464	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update...
CVE-2013-2465	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update...	KEV S
CVE-2013-2466	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update...
CVE-2013-2467	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 5.0 Upda...
CVE-2013-2468	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update...
CVE-2013-2469	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update...
CVE-2013-2470	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update...
CVE-2013-2471	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update...
CVE-2013-2472	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update...
CVE-2013-2473	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update...
CVE-2013-2474	Directory traversal vulnerability in AWS XMS 2.5 allows remote attackers to view arbitrary files via...	E
CVE-2013-2475	The TCP dissector in Wireshark 1.8.x before 1.8.6 allows remote attackers to cause a denial of servi...
CVE-2013-2476	The dissect_hartip function in epan/dissectors/packet-hartip.c in the HART/IP dissector in Wireshark...
CVE-2013-2477	The CSN.1 dissector in Wireshark 1.8.x before 1.8.6 does not properly manage function pointers, whic...
CVE-2013-2478	The dissect_server_info function in epan/dissectors/packet-ms-mms.c in the MS-MMS dissector in Wires...
CVE-2013-2479	The dissect_mpls_echo_tlv_dd_map function in epan/dissectors/packet-mpls-echo.c in the MPLS Echo dis...
CVE-2013-2480	The RTPS and RTPS2 dissectors in Wireshark 1.6.x before 1.6.14 and 1.8.x before 1.8.6 allow remote a...
CVE-2013-2481	Integer signedness error in the dissect_mount_dirpath_call function in epan/dissectors/packet-mount....
CVE-2013-2482	The AMPQ dissector in Wireshark 1.6.x before 1.6.14 and 1.8.x before 1.8.6 allows remote attackers t...
CVE-2013-2483	The acn_add_dmp_data function in epan/dissectors/packet-acn.c in the ACN dissector in Wireshark 1.6....
CVE-2013-2484	The CIMD dissector in Wireshark 1.6.x before 1.6.14 and 1.8.x before 1.8.6 allows remote attackers t...
CVE-2013-2485	The FCSP dissector in Wireshark 1.6.x before 1.6.14 and 1.8.x before 1.8.6 allows remote attackers t...
CVE-2013-2486	The dissect_diagnosticrequest function in epan/dissectors/packet-reload.c in the REsource LOcation A...
CVE-2013-2487	epan/dissectors/packet-reload.c in the REsource LOcation And Discovery (aka RELOAD) dissector in Wir...
CVE-2013-2488	The DTLS dissector in Wireshark 1.6.x before 1.6.14 and 1.8.x before 1.8.6 does not validate the fra...
CVE-2013-2492	Stack-based buffer overflow in Firebird 2.1.3 through 2.1.5 before 18514, and 2.5.1 through 2.5.3 be...	E
CVE-2013-2493	The Hook_Terminate function in chrome_frame/protocol_sink_wrap.cc in the Google Chrome Frame plugin ...
CVE-2013-2494	libdns in ISC DHCP 4.2.x before 4.2.5-P1 allows remote name servers to cause a denial of service (me...
CVE-2013-2495	The iff_read_header function in iff.c in libavformat in FFmpeg through 1.1.3 does not properly handl...
CVE-2013-2496	The msrle_decode_8_16_24_32 function in msrledec.c in libavcodec in FFmpeg through 1.1.3 does not pr...
CVE-2013-2498	SQL injection vulnerability in the login page in flexycms/modules/user/user_manager.php in SimpleHRM...	E
CVE-2013-2499	SimpleHRM 2.3 and earlier could allow remote attackers to bypass the authentication process in 'user...	E
CVE-2013-2501	Cross-site scripting (XSS) vulnerability in the Terillion Reviews plugin before 1.2 for WordPress al...	E
CVE-2013-2503	Privoxy before 3.0.21 does not properly handle Proxy-Authenticate and Proxy-Authorization headers in...	E
CVE-2013-2504	Cross-site scripting (XSS) vulnerability in SPS/Portal/default.aspx in Service Desk in Matrix42 Serv...	E
CVE-2013-2506	app/models/spree/user.rb in spree_auth_devise in Spree 1.1.x before 1.1.6, 1.2.x, and 1.3.x does not...
CVE-2013-2507	Multiple cross-site scripting (XSS) vulnerabilities in the Brother MFC-9970CDW printer with firmware...	E
CVE-2013-2512	The ftpd gem 0.2.1 for Ruby allows remote attackers to execute arbitrary OS commands via shell metac...	E
CVE-2013-2513	The flash_tool gem through 0.6.0 for Ruby allows command execution via shell metacharacters in the n...
CVE-2013-2516	Vulnerability in FileUtils v0.7, Ruby Gem Fileutils <= v0.7 Command Injection vulnerability in user ...	E
CVE-2013-2517	Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...	R
CVE-2013-2518	Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...	R
CVE-2013-2546	The report API in the crypto user configuration API in the Linux kernel through 3.8.2 uses an incorr...
CVE-2013-2547	The crypto_report_one function in crypto/crypto_user.c in the report API in the crypto user configur...
CVE-2013-2548	The crypto_report_one function in crypto/crypto_user.c in the report API in the crypto user configur...
CVE-2013-2549	Unspecified vulnerability in Adobe Reader 11.0.02 allows remote attackers to execute arbitrary code ...
CVE-2013-2550	Unspecified vulnerability in Adobe Reader 11.0.02 allows attackers to bypass the sandbox protection ...
CVE-2013-2551	Use-after-free vulnerability in Microsoft Internet Explorer 6 through 10 allows remote attackers to ...	KEV S
CVE-2013-2552	Unspecified vulnerability in Microsoft Internet Explorer 10 on Windows 8 allows remote attackers to ...
CVE-2013-2553	Unspecified vulnerability in the kernel in Microsoft Windows 7 allows local users to gain privileges...
CVE-2013-2554	Unspecified vulnerability in Microsoft Windows 7 allows attackers to bypass the ASLR and DEP protect...
CVE-2013-2555	Integer overflow in Adobe Flash Player before 10.3.183.75 and 11.x before 11.7.700.169 on Windows an...
CVE-2013-2556	Unspecified vulnerability in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, and Wi...
CVE-2013-2557	The sandbox protection mechanism in Microsoft Internet Explorer 9 allows remote attackers to cause a...
CVE-2013-2558	Unspecified vulnerability in Microsoft Windows 8 allows remote attackers to cause a denial of servic...
CVE-2013-2559	SQL injection vulnerability in Symphony CMS before 2.3.2 allows remote authenticated users to execut...	E S
CVE-2013-2560	Directory traversal vulnerability in the web interface on Foscam devices with firmware before 11.37....
CVE-2013-2561	OpenFabrics ibutils 1.5.7 allows local users to overwrite arbitrary files via a symlink attack on (1...	E
CVE-2013-2562	Mambo CMS 4.6.5 stores the MySQL database password in cleartext in the document root, which allows l...	E
CVE-2013-2563	Mambo CMS 4.6.5 uses world-readable permissions on configuration.php, which allows local users to ob...	E
CVE-2013-2564	Mambo CMS 4.6.5 allows remote attackers to cause a denial of service (memory and bandwidth consumpti...	E
CVE-2013-2565	A vulnerability in Mambo CMS v4.6.5 where the scripts thumbs.php, editorFrame.php, editor.php, image...	E
CVE-2013-2566	The RC4 algorithm, as used in the TLS protocol and SSL protocol, has many single-byte biases, which ...
CVE-2013-2567	An Authentication Bypass vulnerability exists in the web interface in Zavio IP Cameras through 1.6.0...	E
CVE-2013-2568	A Command Injection vulnerability exists in Zavio IP Cameras through 1.6.3 via the ap parameter to /...	E
CVE-2013-2569	A Security Bypass vulnerability exists in Zavio IP Cameras through 1.6.3 because the RTSP protocol a...	E
CVE-2013-2570	A Command Injection vulnerability exists in Zavio IP Cameras through 1.6.3 in the General.Time.NTP.S...	E
CVE-2013-2571	Iris 3.8 before build 1548, as used in Xpient point of sale (POS) systems, allows remote attackers t...	E
CVE-2013-2572	A Security Bypass vulnerability exists in TP-LINK IP Cameras TL-SC 3130, TL-SC 3130G, 3171G, 4171G, ...	E S
CVE-2013-2573	A Command Injection vulnerability exists in the ap parameter to the /cgi-bin/mft/wireless_mft.cgi fi...	E S
CVE-2013-2574	An Access vulnerability exists in FOSCAM IP Camera FI8620 due to insufficient access restrictions in...	E
CVE-2013-2576	Buffer overflow in Artweaver before 3.1.6 allows remote attackers to cause a denial of service (cras...	E
CVE-2013-2577	Buffer overflow in XnView before 2.04 allows remote attackers to execute arbitrary code via a crafte...	E S
CVE-2013-2578	cgi-bin/admin/servetest in TP-Link IP Cameras TL-SC3130, TL-SC3130G, TL-SC3171, TL-SC3171G, and poss...	E
CVE-2013-2579	TP-Link IP Cameras TL-SC3130, TL-SC3130G, TL-SC3171, TL-SC3171G, and possibly other models before be...	E
CVE-2013-2580	Unrestricted file upload vulnerability in cgi-bin/uploadfile in TP-Link IP Cameras TL-SC3130, TL-SC3...	E
CVE-2013-2581	cgi-bin/firmwareupgrade in TP-Link IP Cameras TL-SC3130, TL-SC3130G, TL-SC3171, TL-SC3171G, and poss...	E
CVE-2013-2582	CRLF injection vulnerability in the redirect servlet in Open-Xchange AppSuite and Server before 6.22...
CVE-2013-2583	Multiple cross-site scripting (XSS) vulnerabilities in Open-Xchange AppSuite and Server before 6.20....
CVE-2013-2585	Cross-site scripting (XSS) vulnerability in Atmail Webmail Server 6.6.x before 6.6.3 and 7.0.x befor...	E
CVE-2013-2586	XAMPP 1.8.1 does not properly restrict access to xampp/lang.php, which allows remote attackers to mo...	E
CVE-2013-2594	SQL injection vulnerability in reports/calldiary.php in Hornbill Supportworks ITSM 1.0.0 through 3.4...	E
CVE-2013-2595	The device-initialization functionality in the MSM camera driver for the Linux kernel 2.6.x and 3.x,...
CVE-2013-2596	Integer overflow in the fb_mmap function in drivers/video/fbmem.c in the Linux kernel before 3.8.9, ...	KEV E S
CVE-2013-2597	Stack-based buffer overflow in the acdb_ioctl function in audio_acdb.c in the acdb audio driver for ...	KEV
CVE-2013-2598	app/aboot/aboot.c in the Little Kernel (LK) bootloader, as distributed with Qualcomm Innovation Cent...
CVE-2013-2599	A certain Qualcomm Innovation Center (QuIC) patch to the NativeDaemonConnector class in services/jav...
CVE-2013-2600	MiniUPnPd has information disclosure use of snprintf()...	E
CVE-2013-2601	The NDVM in Citrix XenClient XT before 2.1.3 and 3.x before 3.1.4 allows remote attackers to execute...
CVE-2013-2602	Multiple array index errors in the MyHeritage SEQueryObject ActiveX control (SearchEngineQuery.dll) ...
CVE-2013-2603	The RACInstaller.StateCtrl.1 ActiveX control in InstallerDlg.dll in RealNetworks GameHouse RealArcad...
CVE-2013-2604	RealNetworks GameHouse RealArcade Installer (aka ActiveMARK Game Installer) 2.6.0.481 and 3.0.7 uses...
CVE-2013-2612	Command-injection vulnerability in Huawei E587 3G Mobile Hotspot 11.203.27 allows remote attackers t...
CVE-2013-2615	lib/entry_controller.rb in the fastreader Gem 1.0.8 for Ruby allows remote attackers to execute arbi...	E
CVE-2013-2616	lib/mini_magick.rb in the MiniMagick Gem 1.3.1 for Ruby allows remote attackers to execute arbitrary...
CVE-2013-2617	lib/curl.rb in the Curl Gem for Ruby allows remote attackers to execute arbitrary commands via shell...
CVE-2013-2618	Cross-site scripting (XSS) vulnerability in editor.php in Network Weathermap before 0.97b allows rem...	E
CVE-2013-2619	Directory traversal vulnerability in Aspen before 0.22 allows remote attackers to read arbitrary fil...	E
CVE-2013-2621	Open Redirection Vulnerability in the redir.php script in Telaen before 1.3.1 allows remote attacker...	E
CVE-2013-2622	Cross-site Scripting (XSS) in UebiMiau 2.7.11 and earlier allows remote attackers to inject arbitrar...	E
CVE-2013-2623	Cross-site Scripting (XSS) in Telaen before 1.3.1 allows remote attackers to inject arbitrary web sc...	E
CVE-2013-2624	Telean before 1.3.1 contains a full path disclosure vulnerability which could allow remote attackers...	E
CVE-2013-2625	An Access Bypass issue exists in OTRS Help Desk before 3.2.4, 3.1.14, and 3.0.19, OTRS ITSM before 3...
CVE-2013-2627	SQL injection vulnerability in action.php in Leed (Light Feed), possibly before 1.5 Stable, allows r...	E
CVE-2013-2628	Multiple cross-site request forgery (CSRF) vulnerabilities in action.php in Leed (Light Feed), possi...	E
CVE-2013-2629	Leed (Light Feed), possibly before 1.5 Stable, allows remote attackers to bypass authorization via v...
CVE-2013-2630	Cross-site scripting (XSS) vulnerability in CA Service Desk Manager 12.5 through 12.7 allows remote ...
CVE-2013-2631	TinyWebGallery (TWG) 1.8.9 and earlier contains a full path disclosure vulnerability which allows re...	E
CVE-2013-2632	Google V8 before 3.17.13, as used in Google Chrome before 27.0.1444.3, allows remote attackers to ca...	E
CVE-2013-2633	Piwik before 1.11 accepts input from a POST request instead of a GET request in unspecified circumst...
CVE-2013-2634	net/dcb/dcbnl.c in the Linux kernel before 3.8.4 does not initialize certain structures, which allow...	S
CVE-2013-2635	The rtnl_fill_ifinfo function in net/core/rtnetlink.c in the Linux kernel before 3.8.4 does not init...	S
CVE-2013-2636	net/bridge/br_mdb.c in the Linux kernel before 3.8.4 does not initialize certain structures, which a...	S
CVE-2013-2637	A Cross-Site Scripting (XSS) Vulnerability exists in OTRS ITSM prior to 3.2.4, 3.1.8, and 3.0.7 and ...	E
CVE-2013-2639	Cross-site scripting (XSS) vulnerability in CTERA Cloud Storage OS before 3.2.29.0, 3.2.42.0, and ea...	E
CVE-2013-2640	ajax.functions.php in the MailUp plugin before 1.3.2 for WordPress does not properly restrict access...	E S
CVE-2013-2641	Directory traversal vulnerability in patience.cgi in Sophos Web Appliance before 3.7.8.2 allows remo...	E
CVE-2013-2642	Sophos Web Appliance before 3.7.8.2 allows (1) remote attackers to execute arbitrary commands via sh...	E
CVE-2013-2643	Multiple cross-site scripting (XSS) vulnerabilities in Sophos Web Appliance before 3.7.8.2 allow rem...	E
CVE-2013-2644	Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2013-2645, CVE-2014-2644. Reaso...	R
CVE-2013-2645	Multiple cross-site request forgery (CSRF) vulnerabilities on the TP-LINK WR1043N router with firmwa...
CVE-2013-2646	TP-LINK TL-WR1043ND V1_120405 devices contain an unspecified denial of service vulnerability....
CVE-2013-2651	Multiple cross-site scripting (XSS) vulnerabilities in BoltWire 3.5 and earlier allow remote attacke...	E
CVE-2013-2652	CRLF injection vulnerability in help/help_language.php in WebCollab 3.30 and earlier allows remote a...	E
CVE-2013-2653	security/MemberLoginForm.php in SilverStripe 3.0.3 supports login using a GET request, which makes i...	E S
CVE-2013-2670	Cross-site scripting (XSS) vulnerability in the Brother MFC-9970CDW printer with firmware G (1.03) a...	E
CVE-2013-2671	Multiple cross-site scripting (XSS) vulnerabilities in the Brother MFC-9970CDW printer with firmware...	E
CVE-2013-2672	Brother MFC-9970CDW devices with firmware 0D allow cleartext submission of passwords....	E
CVE-2013-2673	Brother MFC-9970CDW 1.10 firmware L devices contain a security bypass vulnerability which allows phy...	E
CVE-2013-2674	Brother MFC-9970CDW 1.10 firmware L devices contain an information disclosure vulnerability which al...	E
CVE-2013-2675	Brother MFC-9970CDW 1.10 devices with Firmware L contain a Frameable response (Clickjacking) vulnera...	E
CVE-2013-2676	Brother MFC-9970CDW 1.10 firmware L devices contain an information disclosure vulnerability which al...	E
CVE-2013-2678	Cisco Linksys E4200 1.0.05 Build 7 routers contain a Local File Include Vulnerability which could al...	E
CVE-2013-2679	Multiple cross-site scripting (XSS) vulnerabilities in Cisco Linksys E4200 router with firmware 1.0....	E
CVE-2013-2680	Cisco Linksys E4200 1.0.05 Build 7 devices store passwords in cleartext allowing remote attackers to...	E
CVE-2013-2681	Cisco Linksys E4200 1.0.05 Build 7 devices contain a Security Bypass Vulnerability which could allow...	E
CVE-2013-2682	Cisco Linksys E4200 1.0.05 Build 7 devices contain a Clickjacking Vulnerability which allows remote ...	E
CVE-2013-2683	Cisco Linksys E4200 1.0.05 Build 7 devices contain an Information Disclosure Vulnerability which all...	E
CVE-2013-2684	Cross-site Scripting (XSS) in Cisco Linksys E4200 1.0.05 Build 7 devices allows remote attackers to ...	E
CVE-2013-2685	Stack-based buffer overflow in res/res_format_attr_h264.c in Asterisk Open Source 11.x before 11.2.2...
CVE-2013-2686	main/http.c in the HTTP server in Asterisk Open Source 1.8.x before 1.8.20.2, 10.x before 10.12.2, a...
CVE-2013-2687	Stack-based buffer overflow in the bpe_decompress function in (1) BlackBerry QNX Neutrino RTOS throu...	E S
CVE-2013-2688	Buffer overflow in phrelay in BlackBerry QNX Neutrino RTOS through 6.5.0 SP1 in the QNX Software Dev...	E S
CVE-2013-2690	SQL injection vulnerability in index.php in Synchroweb Technology SynConnect 2.0 allows remote attac...	E
CVE-2013-2691	Stack-based buffer overflow in the JetMPG.ax module in jetAudio 8.0.17 allows remote attackers to ex...
CVE-2013-2692	Cross-site request forgery (CSRF) vulnerability in the Admin web interface in OpenVPN Access Server ...
CVE-2013-2693	Cross-site request forgery (CSRF) vulnerability in the Options in the WP-Print plugin before 2.52 fo...
CVE-2013-2694	Open redirect vulnerability in invite.php in the WP Symposium plugin 13.04 for WordPress allows remo...
CVE-2013-2695	Cross-site scripting (XSS) vulnerability in invite.php in the WP Symposium plugin before 13.04 for W...
CVE-2013-2696	Cross-site request forgery (CSRF) vulnerability in the All in One Webmaster plugin before 8.2.4 for ...
CVE-2013-2697	Cross-site request forgery (CSRF) vulnerability in the WP-DownloadManager plugin before 1.61 for Wor...
CVE-2013-2698	Cross-site request forgery (CSRF) vulnerability in the Calendar plugin before 1.3.3 for WordPress al...
CVE-2013-2699	Cross-site request forgery (CSRF) vulnerability in the underConstruction plugin before 1.09 for Word...
CVE-2013-2700	Cross-site request forgery (CSRF) vulnerability in the Add/Edit page (adminmenus.php) in the WP125 p...	E S
CVE-2013-2701	Cross-site request forgery (CSRF) vulnerability in the Social Sharing Toolkit plugin 2.1.1 for WordP...
CVE-2013-2702	Cross-site request forgery (CSRF) vulnerability in the Easy AdSense Lite plugin before 6.10 for Word...
CVE-2013-2703	Cross-site request forgery (CSRF) vulnerability in the Facebook Members plugin before 5.0.5 for Word...
CVE-2013-2704	Cross-site request forgery (CSRF) vulnerability in the Dropdown Menu Widget plugin 1.9.1 for WordPre...
CVE-2013-2705	Cross-site request forgery (CSRF) vulnerability in the WordPress Simple Paypal Shopping Cart plugin ...
CVE-2013-2706	Cross-site request forgery (CSRF) vulnerability in the Stream Video Player plugin 1.4.0 for WordPres...
CVE-2013-2707	Cross-site request forgery (CSRF) vulnerability in the Login With Ajax plugin before 3.1 for WordPre...	S
CVE-2013-2708	Cross-site request forgery (CSRF) vulnerability in the Content Slide plugin 1.4.2 for WordPress allo...
CVE-2013-2709	Cross-site request forgery (CSRF) vulnerability in the FourSquare Checkins plugin before 1.3 for Wor...
CVE-2013-2710	Cross-site request forgery (CSRF) vulnerability in the Contextual Related Posts plugin before 1.8.7 ...	S
CVE-2013-2712	Cross-site scripting (XSS) vulnerability in services/get_article.php in KrisonAV CMS before 3.0.2 al...	E
CVE-2013-2713	Cross-site request forgery (CSRF) vulnerability in users_maint.html in KrisonAV CMS before 3.0.2 all...	E
CVE-2013-2714	Cross-site Scripting (XSS) in WordPress podPress Plugin 8.8.10.13 could allow remote attackers to in...
CVE-2013-2715	Cross-site scripting (XSS) vulnerability in the admin view in the Search API (search_api) module 7.x...	S
CVE-2013-2716	Puppet Labs Puppet Enterprise before 2.8.0 does not use a "randomized secret" in the CAS client conf...
CVE-2013-2717	Multiple unspecified vulnerabilities in the System Management (aka SysAdmin) Console in EMC Smarts N...
CVE-2013-2718	Adobe Reader and Acrobat 9.x before 9.5.5, 10.x before 10.1.7, and 11.x before 11.0.03 allow attacke...	S
CVE-2013-2719	Adobe Reader and Acrobat 9.x before 9.5.5, 10.x before 10.1.7, and 11.x before 11.0.03 allow attacke...	S
CVE-2013-2720	Adobe Reader and Acrobat 9.x before 9.5.5, 10.x before 10.1.7, and 11.x before 11.0.03 allow attacke...
CVE-2013-2721	Adobe Reader and Acrobat 9.x before 9.5.5, 10.x before 10.1.7, and 11.x before 11.0.03 allow attacke...	S
CVE-2013-2722	Adobe Reader and Acrobat 9.x before 9.5.5, 10.x before 10.1.7, and 11.x before 11.0.03 allow attacke...	S
CVE-2013-2723	Adobe Reader and Acrobat 9.x before 9.5.5, 10.x before 10.1.7, and 11.x before 11.0.03 allow attacke...	S
CVE-2013-2724	Stack-based buffer overflow in Adobe Reader and Acrobat 9.x before 9.5.5, 10.x before 10.1.7, and 11...	S
CVE-2013-2725	Adobe Reader and Acrobat 9.x before 9.5.5, 10.x before 10.1.7, and 11.x before 11.0.03 allow attacke...	S
CVE-2013-2726	Adobe Reader and Acrobat 9.x before 9.5.5, 10.x before 10.1.7, and 11.x before 11.0.03 allow attacke...	S
CVE-2013-2727	Integer overflow in Adobe Reader and Acrobat 9.x before 9.5.5, 10.x before 10.1.7, and 11.x before 1...	S
CVE-2013-2728	Adobe Flash Player before 10.3.183.86 and 11.x before 11.7.700.202 on Windows and Mac OS X, before 1...	S
CVE-2013-2729	Integer overflow in Adobe Reader and Acrobat 9.x before 9.5.5, 10.x before 10.1.7, and 11.x before 1...	KEV S
CVE-2013-2730	Buffer overflow in Adobe Reader and Acrobat 9.x before 9.5.5, 10.x before 10.1.7, and 11.x before 11...	E S
CVE-2013-2731	Adobe Reader and Acrobat 9.x before 9.5.5, 10.x before 10.1.7, and 11.x before 11.0.03 allow attacke...	S
CVE-2013-2732	Adobe Reader and Acrobat 9.x before 9.5.5, 10.x before 10.1.7, and 11.x before 11.0.03 allow attacke...	S
CVE-2013-2733	Buffer overflow in Adobe Reader and Acrobat 9.x before 9.5.5, 10.x before 10.1.7, and 11.x before 11...	S
CVE-2013-2734	Adobe Reader and Acrobat 9.x before 9.5.5, 10.x before 10.1.7, and 11.x before 11.0.03 allow attacke...	S
CVE-2013-2735	Adobe Reader and Acrobat 9.x before 9.5.5, 10.x before 10.1.7, and 11.x before 11.0.03 allow attacke...	S
CVE-2013-2736	Adobe Reader and Acrobat 9.x before 9.5.5, 10.x before 10.1.7, and 11.x before 11.0.03 allow attacke...	S
CVE-2013-2737	A JavaScript API in Adobe Reader and Acrobat 9.x before 9.5.5, 10.x before 10.1.7, and 11.x before 1...	S
CVE-2013-2738	minidlna has SQL Injection that may allow retrieval of arbitrary files...	E
CVE-2013-2739	MiniDLNA has heap-based buffer overflow...
CVE-2013-2741	importbuddy.php in the BackupBuddy plugin 1.3.4, 2.1.4, 2.2.25, 2.2.28, and 2.2.4 for WordPress does...	E
CVE-2013-2742	importbuddy.php in the BackupBuddy plugin 1.3.4, 2.1.4, 2.2.25, 2.2.28, and 2.2.4 for WordPress does...	E
CVE-2013-2743	importbuddy.php in the BackupBuddy plugin 1.3.4, 2.1.4, 2.2.25, 2.2.28, and 2.2.4 for WordPress allo...	E
CVE-2013-2744	importbuddy.php in the BackupBuddy plugin 2.2.25 for WordPress allows remote attackers to obtain con...	E
CVE-2013-2745	An SQL Injection vulnerability exists in MiniDLNA prior to 1.1.0...
CVE-2013-2747	The password reset feature in Courion Access Risk Management Suite Version 8 Update 9 allows remote ...
CVE-2013-2748	Belkin Wemo Switch before WeMo_US_2.00.2176.PVT could allow remote attackers to upload arbitrary fil...	E
CVE-2013-2749	Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2013-3528. Reason: This candida...	R
CVE-2013-2750	Cross-site scripting (XSS) vulnerability in e107_plugins/content/handlers/content_preset.php in e107...
CVE-2013-2751	Eval injection vulnerability in frontview/lib/np_handler.pl in the FrontView web interface in NETGEA...	E S
CVE-2013-2752	Cross-site request forgery (CSRF) vulnerability in frontview/lib/np_handler.pl in NETGEAR ReadyNAS R...	S
CVE-2013-2754	Cross-site request forgery (CSRF) vulnerability in Umisoft UMI.CMS before 2.9 build 21905 allows rem...	E
CVE-2013-2756	Apache CloudStack 4.0.0 before 4.0.2 and Citrix CloudPlatform (formerly Citrix CloudStack) 3.0.x bef...	S
CVE-2013-2757	Citrix CloudPlatform (formerly Citrix CloudStack) 3.0.x before 3.0.6 Patch C does not properly restr...	S
CVE-2013-2758	Apache CloudStack 4.0.0 before 4.0.2 and Citrix CloudPlatform (formerly Citrix CloudStack) 3.0.x bef...	S
CVE-2013-2760	Buffer overflow in Groovy Media Player 3.2.0 allows remote attackers to execute arbitrary code via a...	E
CVE-2013-2761	The Schneider Electric M340 BMXNOE01xx and BMXP3420xx PLC modules allow remote authenticated users t...
CVE-2013-2762	The Schneider Electric Magelis XBT HMI controller has a default password for authentication of confi...
CVE-2013-2763	The Schneider Electric M340 PLC modules allow remote attackers to cause a denial of service (resourc...
CVE-2013-2764	Secure Entry Server before 4.7.0 contains a URI Redirection vulnerability which could allow remote a...
CVE-2013-2765	The ModSecurity module before 2.7.4 for the Apache HTTP Server allows remote attackers to cause a de...	E S
CVE-2013-2766	Cross-site scripting (XSS) vulnerability in Splunk Web in Splunk 4.3.0 through 4.3.5 allows remote a...	S
CVE-2013-2767	Unspecified vulnerability in Citrix NetScaler Access Gateway Enterprise Edition (AGEE) before 9.3.62...
CVE-2013-2770	The installation functionality in the Novell Kanaka component before 2.8 for Novell Open Enterprise ...
CVE-2013-2773	Nitro PDF 8.5.0.26: A specially crafted DLL file can facilitate Arbitrary Code Execution...
CVE-2013-2776	sudo 1.3.5 through 1.7.10p5 and 1.8.0 through 1.8.6p6, when running on systems without /proc or the ...
CVE-2013-2777	sudo before 1.7.10p5 and 1.8.x before 1.8.6p6, when the tty_tickets option is enabled, does not prop...
CVE-2013-2778	Cross-site request forgery (CSRF) vulnerability in addressbook/register/delete_user.php in PHP Addre...
CVE-2013-2779	Cisco IOS XE 3.4 before 3.4.5S, and 3.5 through 3.7 before 3.7.1S, on 1000 series Aggregation Servic...
CVE-2013-2780	Siemens SIMATIC S7-1200 PLCs 2.x and 3.x allow remote attackers to cause a denial of service (defect...
CVE-2013-2781	Use-after-free vulnerability in the server application in 3S CODESYS Gateway 2.3.9.27 allows remote ...
CVE-2013-2782	Schneider Electric Trio J-Series License Free Ethernet Radio with firmware 3.6.0 through 3.6.3 uses ...
CVE-2013-2783	The DNP3 driver in IOServer drivers 1.0.19.0 allows remote attackers to cause a denial of service (i...	S
CVE-2013-2784	Triangle Research International (aka Tri) Nano-10 PLC devices with firmware before r81 use an incorr...
CVE-2013-2785	Multiple buffer overflows in CimWebServer.exe in the WebView component in GE Intelligent Platforms P...
CVE-2013-2786	Alstom Grid MiCOM S1 Agile before 1.0.3 and Alstom Grid MiCOM S1 Studio use weak permissions for the...
CVE-2013-2787	Alstom e-terracontrol 3.5, 3.6, and 3.7 allows remote attackers to cause a denial of service (infini...
CVE-2013-2788	The DNP3 Slave service in SUBNET Solutions SubSTATION Server 2.7.0033 and 2.8.0106 allows remote att...
CVE-2013-2789	The Kepware DNP Master Driver for the KEPServerEX Communications Platform before 5.12.140.0 allows r...
CVE-2013-2790	The master-station DNP3 driver before driver19.exe, and Beta2041.exe, in IOServer allows remote atta...
CVE-2013-2791	MatrikonOPC SCADA DNP3 OPC Server 1.2.0 allows remote attackers to cause a denial of service (master...
CVE-2013-2792	Schweitzer Engineering Laboratories (SEL) SEL-2241, SEL-3505, and SEL-3530 RTAC master devices allow...
CVE-2013-2793	Triangle MicroWorks SCADA Data Gateway 2.50.0309 through 3.00.0616, DNP3 .NET Protocol components 3....
CVE-2013-2794	Triangle MicroWorks SCADA Data Gateway 2.50.0309 through 3.00.0616, DNP3 .NET Protocol components 3....
CVE-2013-2795	Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...	R
CVE-2013-2796	Schneider Electric Vijeo Citect 7.20 and earlier, CitectSCADA 7.20 and earlier, and PowerLogic SCADA...	S
CVE-2013-2798	Schweitzer Engineering Laboratories (SEL) SEL-2241, SEL-3505, and SEL-3530 RTAC master devices allow...
CVE-2013-2799	Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...	R
CVE-2013-2800	The OSIsoft PI Interface for IEEE C37.118 before 1.0.6.158 allows remote attackers to cause a denial...
CVE-2013-2801	The OSIsoft PI Interface for IEEE C37.118 before 1.0.6.158 allows remote attackers to cause a denial...
CVE-2013-2802	The universal protocol implementation in Sixnet UDR before 2.0 and RTU firmware before 4.8 allows re...
CVE-2013-2803	ProSoft RadioLinx ControlScape before 6.00.040 uses a deficient PRNG algorithm and seeding strategy ...
CVE-2013-2804	The DNP Master Driver in Software Toolbox TOP Server before 5.12.140.0 allows remote attackers to ca...
CVE-2013-2805	Rockwell Automation RSLinx Enterprise Software (LogReceiver.exe) CPR9, CPR9-SR1, CPR9-SR2, CPR9-SR3,...
CVE-2013-2806	Rockwell Automation RSLinx Enterprise Software (LogReceiver.exe) CPR9, CPR9-SR1, CPR9-SR2, CPR9-SR3,...
CVE-2013-2807	Rockwell Automation RSLinx Enterprise Software (LogReceiver.exe) CPR9, CPR9-SR1, CPR9-SR2, CPR9-SR3,...
CVE-2013-2808	Heap-based buffer overflow in Xper in Philips Xper Information Management Physiomonitoring 5 compone...
CVE-2013-2809	The DNP Master Driver in the OSIsoft PI Interface before 3.1.2.54 for DNP3 allows remote attackers t...
CVE-2013-2810	Emerson Process Management ROC800 RTU with software 3.50 and earlier, DL8000 RTU with software 2.30 ...
CVE-2013-2811	The (1) Catapult DNP3 I/O driver before 7.2.0.60 and the (2) GE Intelligent Platforms Proficy DNP3 I...
CVE-2013-2813	The DNP3 component in Cooper Power Systems SMP 4, 4/DP, and 16 gateways allows remote attackers to c...
CVE-2013-2814	Cooper Power Systems Cybectec DNP3 Master OPC Server allows remote attackers to cause a denial of se...
CVE-2013-2815	Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in...	R
CVE-2013-2816	The DNP3 component in Cooper Power Systems SMP 4, 4/DP, and 16 gateways allows physically proximate ...
CVE-2013-2817	An ActiveX control in IcoLaunch.dll in Mitsubishi Electric Automation MC-WorX Suite 8.02 allows user...	S
CVE-2013-2818	The DNP Master Driver in Alstom e-terracontrol 3.5, 3.6, and 3.7 allows physically proximate attacke...
CVE-2013-2819	The Sierra Wireless AirLink Raven X EV-DO gateway 4221_4.0.11.003 and 4228_4.0.11.003 allows remote ...
CVE-2013-2820	The Sierra Wireless AirLink Raven X EV-DO gateway 4221_4.0.11.003 and 4228_4.0.11.003 allows remote ...
CVE-2013-2821	NovaTech Orion Substation Automation Platform OrionLX DNP Master 1.27.38 and DNP Slave 1.23.10 and e...
CVE-2013-2822	NovaTech Orion Substation Automation Platform OrionLX DNP Master 1.27.38 and DNP Slave 1.23.10 and e...
CVE-2013-2823	The (1) Catapult DNP3 I/O driver before 7.2.0.60 and the (2) GE Intelligent Platforms Proficy DNP3 I...
CVE-2013-2824	Schneider Electric StruxureWare SCADA Expert Vijeo Citect 7.40, Vijeo Citect 7.20 through 7.30SP1, C...	S
CVE-2013-2825	The DNP3 service in the Outstation component on Elecsys Director Gateway devices with kernel 2.6.32....
CVE-2013-2826	WellinTech KingSCADA before 3.1.2, KingAlarm&Event before 3.1, and KingGraphic before 3.1.2 perform ...	S
CVE-2013-2827	An unspecified ActiveX control in WellinTech KingSCADA before 3.1.2, KingAlarm&Event before 3.1, and...	S
CVE-2013-2828	The DNP Master Driver in the OSIsoft PI Interface before 3.1.2.54 for DNP3 allows physically proxima...
CVE-2013-2829	MatrikonOPC SCADA DNP3 OPC Server 1.2.2.0 and earlier allows remote attackers to cause a denial of s...
CVE-2013-2830	Use-after-free vulnerability in SumatraPDF Reader 2.x before 2.2.1 allows remote attackers to execut...	S
CVE-2013-2832	The Buffer::Set function in core/cross/buffer.cc in the O3D plug-in in Google Chrome OS before 26.0....
CVE-2013-2833	Use-after-free vulnerability in the O3D plug-in in Google Chrome OS before 26.0.1410.57 allows remot...
CVE-2013-2834	Google Chrome OS before 26.0.1410.57 does not properly enforce origin restrictions for the O3D and G...
CVE-2013-2835	Google Chrome OS before 26.0.1410.57 does not properly enforce origin restrictions for the O3D and G...
CVE-2013-2836	Multiple unspecified vulnerabilities in Google Chrome before 27.0.1453.93 allow attackers to cause a...
CVE-2013-2837	Use-after-free vulnerability in the SVG implementation in Google Chrome before 27.0.1453.93 allows r...
CVE-2013-2838	Google V8, as used in Google Chrome before 27.0.1453.93, allows remote attackers to cause a denial o...
CVE-2013-2839	Google Chrome before 27.0.1453.93 does not properly perform a cast of an unspecified variable during...
CVE-2013-2840	Use-after-free vulnerability in the media loader in Google Chrome before 27.0.1453.93 allows remote ...
CVE-2013-2841	Use-after-free vulnerability in Google Chrome before 27.0.1453.93 allows remote attackers to cause a...
CVE-2013-2842	Use-after-free vulnerability in Google Chrome before 27.0.1453.93 allows remote attackers to cause a...
CVE-2013-2843	Use-after-free vulnerability in Google Chrome before 27.0.1453.93 allows remote attackers to cause a...
CVE-2013-2844	Use-after-free vulnerability in the Cascading Style Sheets (CSS) implementation in Google Chrome bef...
CVE-2013-2845	The Web Audio implementation in Google Chrome before 27.0.1453.93 allows remote attackers to cause a...
CVE-2013-2846	Use-after-free vulnerability in the media loader in Google Chrome before 27.0.1453.93 allows remote ...
CVE-2013-2847	Race condition in the workers implementation in Google Chrome before 27.0.1453.93 allows remote atta...
CVE-2013-2848	The XSS Auditor in Google Chrome before 27.0.1453.93 might allow remote attackers to obtain sensitiv...
CVE-2013-2849	Multiple cross-site scripting (XSS) vulnerabilities in Google Chrome before 27.0.1453.93 allow user-...
CVE-2013-2850	Heap-based buffer overflow in the iscsi_add_notunderstood_response function in drivers/target/iscsi/...
CVE-2013-2851	Format string vulnerability in the register_disk function in block/genhd.c in the Linux kernel throu...
CVE-2013-2852	Format string vulnerability in the b43_request_firmware function in drivers/net/wireless/b43/main.c ...
CVE-2013-2853	The HTTPS implementation in Google Chrome before 28.0.1500.71 does not ensure that headers are termi...
CVE-2013-2854	Google Chrome before 27.0.1453.110 on Windows provides an incorrect handle to a renderer process in ...
CVE-2013-2855	The Developer Tools API in Google Chrome before 27.0.1453.110 allows remote attackers to cause a den...
CVE-2013-2856	Use-after-free vulnerability in Google Chrome before 27.0.1453.110 allows remote attackers to cause ...
CVE-2013-2857	Use-after-free vulnerability in Google Chrome before 27.0.1453.110 allows remote attackers to cause ...
CVE-2013-2858	Use-after-free vulnerability in the HTML5 Audio implementation in Google Chrome before 27.0.1453.110...
CVE-2013-2859	Google Chrome before 27.0.1453.110 allows remote attackers to bypass the Same Origin Policy and trig...
CVE-2013-2860	Use-after-free vulnerability in Google Chrome before 27.0.1453.110 allows remote attackers to cause ...
CVE-2013-2861	Use-after-free vulnerability in the SVG implementation in Google Chrome before 27.0.1453.110 allows ...
CVE-2013-2862	Skia, as used in Google Chrome before 27.0.1453.110, does not properly handle GPU acceleration, whic...
CVE-2013-2863	Google Chrome before 27.0.1453.110 does not properly handle SSL sockets, which allows remote attacke...
CVE-2013-2864	The PDF functionality in Google Chrome before 27.0.1453.110 allows remote attackers to cause a denia...
CVE-2013-2865	Multiple unspecified vulnerabilities in Google Chrome before 27.0.1453.110 allow attackers to cause ...
CVE-2013-2866	The Flash plug-in in Google Chrome before 27.0.1453.116, as used on Google Chrome OS before 27.0.145...
CVE-2013-2867	Google Chrome before 28.0.1500.71 does not properly prevent pop-under windows, which allows remote a...
CVE-2013-2868	common/extensions/sync_helper.cc in Google Chrome before 28.0.1500.71 proceeds with sync operations ...
CVE-2013-2869	Google Chrome before 28.0.1500.71 allows remote attackers to cause a denial of service (out-of-bound...
CVE-2013-2870	Use-after-free vulnerability in Google Chrome before 28.0.1500.71 allows remote servers to execute a...
CVE-2013-2871	Use-after-free vulnerability in Google Chrome before 28.0.1500.71 allows remote attackers to cause a...
CVE-2013-2872	Google Chrome before 28.0.1500.71 on Mac OS X does not ensure a sufficient source of entropy for ren...
CVE-2013-2873	Use-after-free vulnerability in Google Chrome before 28.0.1500.71 allows remote attackers to cause a...
CVE-2013-2874	Google Chrome before 28.0.1500.71 on Windows, when an Nvidia GPU is used, allows remote attackers to...
CVE-2013-2875	core/rendering/svg/SVGInlineTextBox.cpp in the SVG implementation in Blink, as used in Google Chrome...
CVE-2013-2876	browser/extensions/api/tabs/tabs_api.cc in Google Chrome before 28.0.1500.71 does not properly enfor...
CVE-2013-2877	parser.c in libxml2 before 2.9.0, as used in Google Chrome before 28.0.1500.71 and other products, a...
CVE-2013-2878	Google Chrome before 28.0.1500.71 allows remote attackers to cause a denial of service (out-of-bound...
CVE-2013-2879	Google Chrome before 28.0.1500.71 does not properly determine the circumstances in which a renderer ...
CVE-2013-2880	Multiple unspecified vulnerabilities in Google Chrome before 28.0.1500.71 allow attackers to cause a...
CVE-2013-2881	Google Chrome before 28.0.1500.95 does not properly handle frames, which allows remote attackers to ...
CVE-2013-2882	Google V8, as used in Google Chrome before 28.0.1500.95, allows remote attackers to cause a denial o...
CVE-2013-2883	Use-after-free vulnerability in Google Chrome before 28.0.1500.95 allows remote attackers to cause a...
CVE-2013-2884	Use-after-free vulnerability in the DOM implementation in Google Chrome before 28.0.1500.95 allows r...
CVE-2013-2885	Use-after-free vulnerability in Google Chrome before 28.0.1500.95 allows remote attackers to cause a...
CVE-2013-2886	Multiple unspecified vulnerabilities in Google Chrome before 28.0.1500.95 allow attackers to cause a...
CVE-2013-2887	Multiple unspecified vulnerabilities in Google Chrome before 29.0.1547.57 allow attackers to cause a...
CVE-2013-2888	Multiple array index errors in drivers/hid/hid-core.c in the Human Interface Device (HID) subsystem ...
CVE-2013-2889	drivers/hid/hid-zpff.c in the Human Interface Device (HID) subsystem in the Linux kernel through 3.1...
CVE-2013-2890	drivers/hid/hid-sony.c in the Human Interface Device (HID) subsystem in the Linux kernel through 3.1...
CVE-2013-2891	drivers/hid/hid-steelseries.c in the Human Interface Device (HID) subsystem in the Linux kernel thro...
CVE-2013-2892	drivers/hid/hid-pl.c in the Human Interface Device (HID) subsystem in the Linux kernel through 3.11,...
CVE-2013-2893	The Human Interface Device (HID) subsystem in the Linux kernel through 3.11, when CONFIG_LOGITECH_FF...
CVE-2013-2894	drivers/hid/hid-lenovo-tpkbd.c in the Human Interface Device (HID) subsystem in the Linux kernel thr...
CVE-2013-2895	drivers/hid/hid-logitech-dj.c in the Human Interface Device (HID) subsystem in the Linux kernel thro...
CVE-2013-2896	drivers/hid/hid-ntrig.c in the Human Interface Device (HID) subsystem in the Linux kernel through 3....
CVE-2013-2897	Multiple array index errors in drivers/hid/hid-multitouch.c in the Human Interface Device (HID) subs...
CVE-2013-2898	drivers/hid/hid-sensor-hub.c in the Human Interface Device (HID) subsystem in the Linux kernel throu...
CVE-2013-2899	drivers/hid/hid-picolcd_core.c in the Human Interface Device (HID) subsystem in the Linux kernel thr...
CVE-2013-2900	The FilePath::ReferencesParent function in files/file_path.cc in Google Chrome before 29.0.1547.57 o...
CVE-2013-2901	Multiple integer overflows in (1) libGLESv2/renderer/Renderer9.cpp and (2) libGLESv2/renderer/Render...
CVE-2013-2902	Use-after-free vulnerability in the XSLT ProcessingInstruction implementation in Blink, as used in G...
CVE-2013-2903	Use-after-free vulnerability in the HTMLMediaElement::didMoveToNewDocument function in core/html/HTM...
CVE-2013-2904	Use-after-free vulnerability in the Document::finishedParsing function in core/dom/Document.cpp in B...
CVE-2013-2905	The SharedMemory::Create function in memory/shared_memory_posix.cc in Google Chrome before 29.0.1547...
CVE-2013-2906	Multiple race conditions in the Web Audio implementation in Blink, as used in Google Chrome before 3...
CVE-2013-2907	The Window.prototype object implementation in Google Chrome before 30.0.1599.66 allows remote attack...
CVE-2013-2908	Google Chrome before 30.0.1599.66 uses incorrect function calls to determine the values of Navigatio...
CVE-2013-2909	Use-after-free vulnerability in Blink, as used in Google Chrome before 30.0.1599.66, allows remote a...
CVE-2013-2910	Use-after-free vulnerability in modules/webaudio/AudioScheduledSourceNode.cpp in the Web Audio imple...
CVE-2013-2911	Use-after-free vulnerability in the XSLStyleSheet::compileStyleSheet function in core/xml/XSLStyleSh...
CVE-2013-2912	Use-after-free vulnerability in the PepperInProcessRouter::SendToHost function in content/renderer/p...
CVE-2013-2913	Use-after-free vulnerability in the XMLDocumentParser::append function in core/xml/parser/XMLDocumen...
CVE-2013-2914	Use-after-free vulnerability in the color-chooser dialog in Google Chrome before 30.0.1599.66 on Win...
CVE-2013-2915	Google Chrome before 30.0.1599.66 preserves pending NavigationEntry objects in certain invalid circu...
CVE-2013-2916	Blink, as used in Google Chrome before 30.0.1599.66, allows remote attackers to spoof the address ba...
CVE-2013-2917	The ReverbConvolverStage::ReverbConvolverStage function in core/platform/audio/ReverbConvolverStage....
CVE-2013-2918	Use-after-free vulnerability in the RenderBlock::collapseAnonymousBlockChild function in core/render...
CVE-2013-2919	Google V8, as used in Google Chrome before 30.0.1599.66, allows remote attackers to cause a denial o...
CVE-2013-2920	The DoResolveRelativeHost function in url/url_canon_relative.cc in Google Chrome before 30.0.1599.66...
CVE-2013-2921	Double free vulnerability in the ResourceFetcher::didLoadResource function in core/fetch/ResourceFet...
CVE-2013-2922	Use-after-free vulnerability in core/html/HTMLTemplateElement.cpp in Blink, as used in Google Chrome...
CVE-2013-2923	Multiple unspecified vulnerabilities in Google Chrome before 30.0.1599.66 allow attackers to cause a...
CVE-2013-2924	Use-after-free vulnerability in International Components for Unicode (ICU), as used in Google Chrome...
CVE-2013-2925	Use-after-free vulnerability in core/xml/XMLHttpRequest.cpp in Blink, as used in Google Chrome befor...
CVE-2013-2926	Use-after-free vulnerability in the IndentOutdentCommand::tryIndentingAsListItem function in core/ed...
CVE-2013-2927	Use-after-free vulnerability in the HTMLFormElement::prepareForSubmission function in core/html/HTML...
CVE-2013-2928	Multiple unspecified vulnerabilities in Google Chrome before 30.0.1599.101 allow attackers to cause ...
CVE-2013-2929	The Linux kernel before 3.12.2 does not properly use the get_dumpable function, which allows local u...
CVE-2013-2930	The perf_trace_event_perm function in kernel/trace/trace_event_perf.c in the Linux kernel before 3.1...
CVE-2013-2931	Multiple unspecified vulnerabilities in Google Chrome before 31.0.1650.48 allow attackers to execute...
CVE-2013-2933	Unspecified vulnerability in Citrix CloudPortal Services Manager (aka Cortex) 10.0 before Cumulative...
CVE-2013-2934	Citrix CloudPortal Services Manager (aka Cortex) 10.0 before Cumulative Update 3 does not properly r...
CVE-2013-2935	Unspecified vulnerability in Citrix CloudPortal Services Manager (aka Cortex) 10.0 before Cumulative...
CVE-2013-2936	Unspecified vulnerability in Citrix CloudPortal Services Manager (aka Cortex) 10.0 before Cumulative...
CVE-2013-2937	Unspecified vulnerability in Citrix CloudPortal Services Manager (aka Cortex) 10.0 before Cumulative...
CVE-2013-2938	Unspecified vulnerability in Citrix CloudPortal Services Manager (aka Cortex) 10.0 before Cumulative...
CVE-2013-2939	Unspecified vulnerability in Citrix CloudPortal Services Manager (aka Cortex) 10.0 before Cumulative...
CVE-2013-2940	Unspecified vulnerability in Citrix CloudPortal Services Manager (aka Cortex) 10.0 before Cumulative...
CVE-2013-2944	strongSwan 4.3.5 through 5.0.3, when using the OpenSSL plugin for ECDSA signature verification, allo...	S
CVE-2013-2945	SQL injection vulnerability in blogs/admin.php in b2evolution before 4.1.7 allows remote authenticat...	E S
CVE-2013-2950	CRLF injection vulnerability in IBM WebSphere Portal 6.1.0.x before 6.1.0.3 CF26, 6.1.5.x before 6.1...
CVE-2013-2951	IBM WebSphere Portal 7.0.0.x and 8.0.0.x write passwords to a trace file when tracing is enabled for...	S
CVE-2013-2953	IBM InfoSphere Optim Data Growth for Oracle E-Business Suite 6.x, 7.x, and 9.x before 9.1.0.3 relies...
CVE-2013-2954	The login page in the Console in IBM InfoSphere Optim Data Growth for Oracle E-Business Suite 6.x, 7...
CVE-2013-2955	Cross-site scripting (XSS) vulnerability in IBM InfoSphere Optim Data Growth for Oracle E-Business S...
CVE-2013-2956	SQL injection vulnerability in the Console in IBM InfoSphere Optim Data Growth for Oracle E-Business...
CVE-2013-2957	Cross-site scripting (XSS) vulnerability in IBM InfoSphere Optim Data Growth for Oracle E-Business S...
CVE-2013-2959	The Console in IBM InfoSphere Optim Data Growth for Oracle E-Business Suite 6.x, 7.x, and 9.x before...
CVE-2013-2960	Buffer overflow in KDSMAIN in the Basic Services component in IBM Tivoli Monitoring (ITM) 6.2.0 thro...
CVE-2013-2961	The internal web server in the Basic Services component in IBM Tivoli Monitoring (ITM) 6.2.0 through...
CVE-2013-2962	Buffer overflow in the Launcher in IBM WebSphere Transformation Extender 8.4.x before 8.4.0.4 allows...
CVE-2013-2964	Buffer overflow in dsmtca in IBM Tivoli Storage Manager (TSM) through 5.5.4.0, 6.1.0 through 6.1.5.4...
CVE-2013-2967	Cross-site scripting (XSS) vulnerability in the Administrative console in IBM WebSphere Application ...
CVE-2013-2968	An unspecified buffer-read method in IBM Sterling Control Center (SCC) 5.2 before 5.2.0.9, 5.3 befor...
CVE-2013-2969	Cross-site scripting (XSS) vulnerability in IBM Sterling Control Center (SCC) 5.2 before 5.2.0.9, 5....
CVE-2013-2970	Unspecified vulnerability in IBM QRadar Security Information and Event Manager (SIEM) 7.x before 7.1...
CVE-2013-2971	Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in...	R
CVE-2013-2972	IBM WebSphere Cast Iron 6.3 allows remote attackers to bypass intended access restrictions via unspe...	S
CVE-2013-2973	Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in...	R
CVE-2013-2974	The BIRT viewer in IBM Tivoli Application Dependency Discovery Manager (TADDM) 7.2.1.x before 7.2.1....
CVE-2013-2976	The Administrative console in IBM WebSphere Application Server (WAS) 6.1 before 6.1.0.47, 7.0 before...
CVE-2013-2977	Integer overflow in IBM Notes 8.5.x before 8.5.3 FP4 Interim Fix 1 and 9.x before 9.0 Interim Fix 1 ...
CVE-2013-2978	Absolute path traversal vulnerability in the server in IBM Cognos Business Intelligence (BI) 8.4.1, ...
CVE-2013-2979	Directory traversal vulnerability in IBM Optim Performance Manager 4.1.1 and IBM InfoSphere Optim Pe...
CVE-2013-2980	Cross-site request forgery (CSRF) vulnerability in the Web Console in IBM Data Studio 3.1.0 and 3.1....
CVE-2013-2981	Directory traversal vulnerability in the Web Console in IBM Data Studio 3.1.0 and 3.1.1 allows remot...
CVE-2013-2982	IBM Sterling B2B Integrator 5.1 and 5.2 and Sterling File Gateway 2.1 and 2.2 allow remote authentic...
CVE-2013-2983	Multiple cross-site scripting (XSS) vulnerabilities in IBM Sterling File Gateway 2.2 and Sterling B2...
CVE-2013-2984	Directory traversal vulnerability in IBM Sterling B2B Integrator 5.1 and 5.2 and Sterling File Gatew...
CVE-2013-2985	IBM Sterling B2B Integrator 5.1 and 5.2 and Sterling File Gateway 2.1 and 2.2 allow remote authentic...
CVE-2013-2986	Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in...	R
CVE-2013-2987	IBM Sterling B2B Integrator 5.1 and 5.2 and Sterling File Gateway 2.1 and 2.2 allow remote authentic...
CVE-2013-2988	Absolute path traversal vulnerability in the server in IBM Cognos Business Intelligence (BI) 8.4.1, ...
CVE-2013-2989	The file-copying functionality in IBM Sterling Connect:Direct 3.8.00, 4.0.00, and 4.1.0 for UNIX on ...
CVE-2013-2990	Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in...	R
CVE-2013-2991	Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in...	R
CVE-2013-2992	The Search component in IBM WebSphere Commerce 7.0 FP4 through FP6, in certain search-term associati...
CVE-2013-2993	IBM WebSphere Commerce 6.x through 6.0.0.11 and 7.x through 7.0.0.7 does not properly perform authen...
CVE-2013-2994	IBM WebSphere Commerce 7.0 Feature Pack 4 and Feature Pack 5 incorrectly maintains a valid session a...
CVE-2013-2997	IBM Security AppScan Enterprise before 8.7 does not invalidate the session context upon a logout act...
CVE-2013-2998	frontcontroller.jsp in IBM Maximo Asset Management 7.x before 7.5.0.6 and SmartCloud Control Desk 7....
CVE-2013-2999	Cross-site scripting (XSS) vulnerability in IBM InfoSphere Data Replication Dashboard 9.7 and 10.1 a...