| ID | Summary | Flags | Max Score |
|---|---|---|---|
| CVE-2013-3000 | SQL injection vulnerability in IBM InfoSphere Data Replication Dashboard 9.7 and 10.1 allows remote ... | | |
| CVE-2013-3001 | Directory traversal vulnerability in IBM InfoSphere Data Replication Dashboard 9.7 and 10.1 allows r... | | |
| CVE-2013-3003 | Unspecified vulnerability in SOAP Gateway in IBM IMS Enterprise Suite 1.1, 2.1, and 2.2 allows remot... | | |
| CVE-2013-3004 | Directory traversal vulnerability in BIRT-Report Viewer in IBM Tivoli Application Dependency Discove... | | |
| CVE-2013-3005 | The TFTP client in IBM AIX 6.1 and 7.1, and VIOS 2.2.2.2-FP-26 SP-02, when RBAC is enabled, allows r... | | |
| CVE-2013-3006 | Unspecified vulnerability in the Java Runtime Environment (JRE) in IBM Java 7 before 7 SR5 allows re... | | |
| CVE-2013-3007 | Unspecified vulnerability in the Java Runtime Environment (JRE) in IBM Java 6.0.1 before 6.0.1 SR6 a... | | |
| CVE-2013-3008 | Unspecified vulnerability in the Java Runtime Environment (JRE) in IBM Java 7 before 7 SR5 allows re... | | |
| CVE-2013-3009 | The com.ibm.CORBA.iiop.ClientDelegate class in IBM Java 1.4.2 before 1.4.2 SR13-FP18, 5.0 before 5.0... | | |
| CVE-2013-3010 | Unspecified vulnerability in the Java Runtime Environment (JRE) in IBM Java 6.0.1 before 6.0.1 SR6 a... | | |
| CVE-2013-3011 | Unspecified vulnerability in the Java Runtime Environment (JRE) in IBM Java 1.4.2 before 1.4.2 SR13-... | | |
| CVE-2013-3012 | Unspecified vulnerability in the Java Runtime Environment (JRE) in IBM Java 1.4.2 before 1.4.2 SR13-... | | |
| CVE-2013-3016 | IBM WebSphere Portal 6.1, 7.0, and 8.0 allows remote attackers to access the user directory via a cr... | | |
| CVE-2013-3017 | IBM Tivoli Application Dependency Discovery Manager (TADDM) before 7.2.1.5 and 7.2.x before 7.2.2 ma... | | |
| CVE-2013-3018 | The AXIS webapp in deploy-tomcat/axis in IBM Tivoli Application Dependency Discovery Manager (TADDM)... | M | |
| CVE-2013-3020 | IBM Sterling B2B Integrator 5.1 and 5.2 and Sterling File Gateway 2.1 and 2.2 allow remote authentic... | | |
| CVE-2013-3022 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in... | R | |
| CVE-2013-3023 | IBM Tivoli Application Dependency Discovery Manager (TADDM) 7.1.2 and 7.2.0 through 7.2.1.4 might al... | M | |
| CVE-2013-3024 | IBM WebSphere Application Server (WAS) 8.5 through 8.5.0.2 on UNIX allows local users to gain privil... | | |
| CVE-2013-3025 | Multiple cross-site scripting (XSS) vulnerabilities in IBM Rational Focal Point 6.5.x and 6.6.x befo... | | |
| CVE-2013-3026 | Buffer overflow in the Lotus Quickr for Domino ActiveX control in qp2.cab in IBM Lotus Quickr 8.1 be... | | |
| CVE-2013-3027 | Integer overflow in the DWA9W ActiveX control in iNotes in IBM Domino 9.0 before IF3 allows remote a... | | |
| CVE-2013-3028 | Multiple buffer overflows in mqm programs in IBM WebSphere MQ 7.0.x before 7.0.1.11, 7.1.x before 7.... | | |
| CVE-2013-3029 | Cross-site request forgery (CSRF) vulnerability in the Administrative console in IBM WebSphere Appli... | | |
| CVE-2013-3030 | The servlet gateway in IBM Cognos Business Intelligence 8.4.1 before IF3, 10.1.0 before IF4, 10.1.1 ... | | |
| CVE-2013-3031 | A SQL stored procedure in the Universal Cache component in IBM solidDB 6.0.x before 6.0.1070, 6.3.x ... | | |
| CVE-2013-3032 | Cross-site scripting (XSS) vulnerability in the MIME e-mail functionality in iNotes in IBM Domino 9.... | S | |
| CVE-2013-3033 | SQL injection vulnerability in the server component in IBM Tivoli Remote Control 5.1.2 before 5.1.2-... | | |
| CVE-2013-3034 | Cross-site scripting (XSS) vulnerability in IBM InfoSphere Information Server through 8.5 FP3, 8.7 t... | S | |
| CVE-2013-3035 | The IPv6 implementation in the inet subsystem in IBM AIX 6.1 and 7.1, and VIOS 2.2.2.2-FP-26 SP-02, ... | | |
| CVE-2013-3036 | Open redirect vulnerability in IBM Rational Requirements Composer before 4.0.4 allows remote authent... | | |
| CVE-2013-3037 | Unspecified vulnerability in IBM Rational Requirements Composer before 4.0.4 makes it easier for loc... | | |
| CVE-2013-3038 | Unspecified vulnerability in IBM Rational Requirements Composer before 4.0.4 makes it easier for rem... | | |
| CVE-2013-3039 | IBM Rational Requirements Composer before 4.0.4 does not properly perform authentication, which has ... | | |
| CVE-2013-3040 | IBM InfoSphere Information Server through 8.5 FP3, 8.7 through FP2, and 9.1 produces login-failure m... | S | |
| CVE-2013-3041 | The Web Client in IBM Rational ClearQuest 7.1 before 7.1.2.12, 8.0 before 8.0.0.8, and 8.0.1 before ... | | |
| CVE-2013-3042 | Directory traversal vulnerability in the server in IBM Rational Software Architect Design Manager an... | | |
| CVE-2013-3043 | Directory traversal vulnerability in the client in IBM Rational Software Architect Design Manager an... | | |
| CVE-2013-3044 | The Enterprise Meeting Server in IBM Lotus Sametime 8.5.2 and 8.5.2.1 allows remote authenticated us... | | |
| CVE-2013-3045 | The Enterprise Meeting Server in IBM Lotus Sametime 8.5.2 and 8.5.2.1 allows remote authenticated us... | | |
| CVE-2013-3046 | The Meeting Server in IBM Sametime 8.x through 8.5.2.1 and 9.x through 9.0.0.1 does not send the HST... | | |
| CVE-2013-3047 | IBM Maximo Asset Management 7.1 before 7.1.1.12 and 7.5 before 7.5.0.5 allows remote authenticated u... | | |
| CVE-2013-3048 | Cross-site scripting (XSS) vulnerability in IBM Maximo Asset Management 6.2 through 6.2.8, 7.1 throu... | | |
| CVE-2013-3049 | IBM Maximo Asset Management 7.1 through 7.1.1.12 and 7.5 before 7.5.0.5 allows remote authenticated ... | | |
| CVE-2013-3050 | SQL injection vulnerability in ZAPms 1.41 and earlier allows remote attackers to execute arbitrary S... | E | |
| CVE-2013-3051 | The TrustZone kernel, when used in conjunction with a certain Motorola build of Android 4.1.2, on Mo... | E | |
| CVE-2013-3055 | Lexmark Markvision Enterprise before 1.8 provides a diagnostic interface on TCP port 9789, which all... | | |
| CVE-2013-3056 | Joomla! 2.5.x before 2.5.10 and 3.0.x before 3.0.4 allows remote authenticated users to bypass inten... | | |
| CVE-2013-3057 | Joomla! 2.5.x before 2.5.10 and 3.0.x before 3.0.4 allows remote authenticated users to bypass inten... | | |
| CVE-2013-3058 | Cross-site scripting (XSS) vulnerability in Joomla! 2.5.x before 2.5.10 and 3.0.x before 3.0.4 allow... | | |
| CVE-2013-3059 | Cross-site scripting (XSS) vulnerability in the Voting plugin in Joomla! 2.5.x before 2.5.10 and 3.0... | | |
| CVE-2013-3060 | The web console in Apache ActiveMQ before 5.8.0 does not require authentication, which allows remote... | | |
| CVE-2013-3061 | The ISHMED-PATRED_TRANSACT_RFCCALL function in the IS-H Industry-Specific Component Hospital subsyst... | | |
| CVE-2013-3062 | The CP_RC_TRANSACTION_CALL_BY_SET function in the Engineering Workbench component in SAP Production ... | | |
| CVE-2013-3063 | SAP BASIS Communication Services 4.6B through 7.30 allows remote authenticated users to execute arbi... | | |
| CVE-2013-3064 | Open redirect vulnerability in ui/dynamic/unsecured.html in Linksys EA6500 with firmware 1.1.28.1478... | E | |
| CVE-2013-3065 | Cross-site scripting (XSS) vulnerability in the Parental Controls section in Linksys EA6500 with fir... | E | |
| CVE-2013-3066 | Linksys EA6500 with firmware 1.1.28.147876 does not properly restrict access, which allows remote at... | E | |
| CVE-2013-3067 | Linksys WRT310Nv2 2.0.0.1 is vulnerable to XSS.... | E | |
| CVE-2013-3068 | Cross-site request forgery (CSRF) vulnerability in apply.cgi in Linksys WRT310Nv2 2.0.0.1 allows rem... | E | |
| CVE-2013-3069 | Multiple cross-site scripting (XSS) vulnerabilities in NETGEAR WNDR4700 with firmware 1.0.0.34 allow... | E | |
| CVE-2013-3070 | An Information Disclosure vulnerability exists in Netgear WNDR4700 running firmware 1.0.0.34 in the ... | S | |
| CVE-2013-3071 | NETGEAR Centria WNDR4700 devices with firmware 1.0.0.34 allow authentication bypass.... | | |
| CVE-2013-3072 | An Authentication Bypass vulnerability exists in NETGEAR Centria WNDR4700 Firmware 1.0.0.34 in http:... | E | |
| CVE-2013-3073 | A Symlink Traversal vulnerability exists in NETGEAR Centria WNDR4700 Firmware 1.0.0.34.... | S | |
| CVE-2013-3074 | NetGear WNDR4700 Media Server devices with firmware 1.0.0.34 allow remote attackers to cause a denia... | | |
| CVE-2013-3075 | Multiple buffer overflows in ActUWzd.dll 1.0.0.1 in Mitsubishi MX Component 3, as distributed in Cit... | E | |
| CVE-2013-3076 | The crypto API in the Linux kernel through 3.9-rc8 does not initialize certain length variables, whi... | | |
| CVE-2013-3077 | Multiple integer overflows in the IP_MSFILTER and IPV6_MSFILTER features in (1) sys/netinet/in_mcast... | S | |
| CVE-2013-3079 | VMware vCenter Server Appliance (vCSA) 5.1 before Update 1 allows remote authenticated users to exec... | | |
| CVE-2013-3080 | VMware vCenter Server Appliance (vCSA) 5.1 before Update 1 allows remote authenticated users to crea... | | |
| CVE-2013-3081 | SQL injection vulnerability in the checkEmailFormat function in plugins/jojo_core/classes/Jojo.php i... | E S | |
| CVE-2013-3082 | Cross-site scripting (XSS) vulnerability in plugins/jojo_core/forgot_password.php in Jojo before 1.2... | E S | |
| CVE-2013-3083 | Cross-site request forgery (CSRF) vulnerability in cgi-bin/system_setting.exe in Belkin F5D8236-4 v2... | E | |
| CVE-2013-3084 | Multiple cross-site scripting (XSS) vulnerabilities in Belkin Model F5D8236-4 v2 router allow remote... | E | |
| CVE-2013-3085 | An authentication bypass exists in the web management interface in Belkin F5D8236-4 v2.... | E | |
| CVE-2013-3086 | Cross-site request forgery (CSRF) vulnerability in util_system.html in Belkin N900 router allows rem... | E | |
| CVE-2013-3087 | Multiple cross-site scripting (XSS) vulnerabilities in Belkin N900 router allow remote attackers to ... | E | |
| CVE-2013-3088 | Belkin N900 router (F9K1104v1) contains an Authentication Bypass using "Javascript debugging".... | | |
| CVE-2013-3089 | Cross-site request forgery (CSRF) vulnerability in apply.cgi in Belkin N300 (F7D7301v1) router allow... | E | |
| CVE-2013-3090 | Multiple cross-site scripting (XSS) vulnerabilities in Belkin N300 router allow remote attackers to ... | E | |
| CVE-2013-3091 | An Authentication Bypass vulnerability in Belkin N300 (F7D7301v1) router allows remote attackers to ... | E | |
| CVE-2013-3092 | The Belkin N300 (F7D7301v1) router allows remote attackers to bypass authentication and gain privile... | E | |
| CVE-2013-3093 | ASUS RT-N56U devices allow CSRF.... | | |
| CVE-2013-3095 | Multiple cross-site request forgery (CSRF) vulnerabilities in D-Link DIR865L router (Rev. A1) with f... | E | |
| CVE-2013-3096 | D-Link DIR865L v1.03 suffers from an "Unauthenticated Hardware Linking" vulnerability.... | E | |
| CVE-2013-3097 | Unspecified Cross-site scripting (XSS) vulnerability in the Verizon FIOS Actiontec MI424WR-GEN3I rou... | M | |
| CVE-2013-3098 | Multiple cross-site request forgery (CSRF) vulnerabilities in TRENDnet TEW-812DRU router with firmwa... | E | |
| CVE-2013-3106 | Multiple cross-site scripting (XSS) vulnerabilities in Open-Xchange AppSuite and Server before 6.20.... | | |
| CVE-2013-3107 | VMware vCenter Server 5.1 before Update 1, when anonymous LDAP binding for Active Directory is enabl... | | |
| CVE-2013-3110 | Microsoft Internet Explorer 8 and 9 allows remote attackers to execute arbitrary code or cause a den... | | |
| CVE-2013-3111 | Microsoft Internet Explorer 8 through 10 allows remote attackers to execute arbitrary code or cause ... | E | |
| CVE-2013-3112 | Microsoft Internet Explorer 6 through 10 allows remote attackers to execute arbitrary code or cause ... | | |
| CVE-2013-3113 | Microsoft Internet Explorer 6 through 10 allows remote attackers to execute arbitrary code or cause ... | | |
| CVE-2013-3114 | Microsoft Internet Explorer 9 and 10 allows remote attackers to execute arbitrary code or cause a de... | | |
| CVE-2013-3115 | Microsoft Internet Explorer 7 through 10 allows remote attackers to execute arbitrary code or cause ... | | |
| CVE-2013-3116 | Microsoft Internet Explorer 7 through 9 allows remote attackers to execute arbitrary code or cause a... | | |
| CVE-2013-3117 | Microsoft Internet Explorer 9 allows remote attackers to execute arbitrary code or cause a denial of... | | |
| CVE-2013-3118 | Microsoft Internet Explorer 10 allows remote attackers to execute arbitrary code or cause a denial o... | | |
| CVE-2013-3119 | Microsoft Internet Explorer 9 and 10 allows remote attackers to execute arbitrary code or cause a de... | | |
| CVE-2013-3120 | Microsoft Internet Explorer 10 allows remote attackers to execute arbitrary code or cause a denial o... | E | |
| CVE-2013-3121 | Microsoft Internet Explorer 6 through 10 allows remote attackers to execute arbitrary code or cause ... | | |
| CVE-2013-3122 | Microsoft Internet Explorer 9 allows remote attackers to execute arbitrary code or cause a denial of... | | |
| CVE-2013-3123 | Microsoft Internet Explorer 8 through 10 allows remote attackers to execute arbitrary code or cause ... | | |
| CVE-2013-3124 | Microsoft Internet Explorer 9 allows remote attackers to execute arbitrary code or cause a denial of... | | |
| CVE-2013-3125 | Microsoft Internet Explorer 10 allows remote attackers to execute arbitrary code or cause a denial o... | | |
| CVE-2013-3126 | Microsoft Internet Explorer 9 and 10, when script debugging is enabled, does not properly handle obj... | | |
| CVE-2013-3127 | The Microsoft WMV video codec in wmv9vcm.dll, wmvdmod.dll in Windows Media Format Runtime 9 and 9.5,... | | |
| CVE-2013-3128 | The kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista ... | S | |
| CVE-2013-3129 | Microsoft .NET Framework 3.0 SP2, 3.5, 3.5.1, 4, and 4.5; Silverlight 5 before 5.1.20513.0; win32k.s... | | |
| CVE-2013-3130 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2013-3660, CVE-2013-3661. Reaso... | R | |
| CVE-2013-3131 | Microsoft .NET Framework 2.0 SP2, 3.5, 3.5.1, 4, and 4.5, and Silverlight 5 before 5.1.20513.0, does... | | |
| CVE-2013-3132 | Microsoft .NET Framework 1.0 SP3, 1.1 SP1, 2.0 SP2, 3.5, 3.5.1, 4, and 4.5 does not properly check t... | | |
| CVE-2013-3133 | Microsoft .NET Framework 2.0 SP2, 3.5, 3.5.1, 4, and 4.5 does not properly check the permissions of ... | | |
| CVE-2013-3134 | The Common Language Runtime (CLR) in Microsoft .NET Framework 2.0 SP2, 3.5, 3.5.1, 4, and 4.5 on 64-... | | |
| CVE-2013-3135 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2013-3136 | The kernel in Microsoft Windows XP SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2... | | |
| CVE-2013-3137 | Microsoft FrontPage 2003 SP3 does not properly parse DTDs, which allows remote attackers to obtain s... | | |
| CVE-2013-3138 | Integer overflow in the TCP/IP kernel-mode driver in Microsoft Windows Vista SP2, Windows Server 200... | | |
| CVE-2013-3139 | Microsoft Internet Explorer 6 through 10 allows remote attackers to execute arbitrary code or cause ... | | |
| CVE-2013-3140 | Use-after-free vulnerability in Microsoft Internet Explorer 9 allows remote attackers to execute arb... | | |
| CVE-2013-3141 | Microsoft Internet Explorer 8 and 9 allows remote attackers to execute arbitrary code or cause a den... | | |
| CVE-2013-3142 | Microsoft Internet Explorer 6 through 10 allows remote attackers to execute arbitrary code or cause ... | | |
| CVE-2013-3143 | Microsoft Internet Explorer 9 and 10 allows remote attackers to execute arbitrary code or cause a de... | E | |
| CVE-2013-3144 | Microsoft Internet Explorer 8 through 10 allows remote attackers to execute arbitrary code or cause ... | | |
| CVE-2013-3145 | Microsoft Internet Explorer 9 allows remote attackers to execute arbitrary code or cause a denial of... | | |
| CVE-2013-3146 | Microsoft Internet Explorer 10 allows remote attackers to execute arbitrary code or cause a denial o... | | |
| CVE-2013-3147 | Microsoft Internet Explorer 6 through 9 allows remote attackers to execute arbitrary code or cause a... | | |
| CVE-2013-3148 | Microsoft Internet Explorer 6 through 10 allows remote attackers to execute arbitrary code or cause ... | | |
| CVE-2013-3149 | Microsoft Internet Explorer 7 and 8 allows remote attackers to execute arbitrary code or cause a den... | | |
| CVE-2013-3150 | Microsoft Internet Explorer 9 allows remote attackers to execute arbitrary code or cause a denial of... | | |
| CVE-2013-3151 | Microsoft Internet Explorer 8 through 10 allows remote attackers to execute arbitrary code or cause ... | | |
| CVE-2013-3152 | Microsoft Internet Explorer 10 allows remote attackers to execute arbitrary code or cause a denial o... | | |
| CVE-2013-3153 | Microsoft Internet Explorer 6 through 10 allows remote attackers to execute arbitrary code or cause ... | | |
| CVE-2013-3154 | The signature-update functionality in Windows Defender on Microsoft Windows 7 and Windows Server 200... | | |
| CVE-2013-3155 | Microsoft Access 2007 SP3, 2010 SP1 and SP2, and 2013 in Microsoft Office allows remote attackers to... | | |
| CVE-2013-3156 | Microsoft Access 2007 SP3, 2010 SP1 and SP2, and 2013 in Microsoft Office allows remote attackers to... | | |
| CVE-2013-3157 | Microsoft Access 2007 SP3, 2010 SP1 and SP2, and 2013 in Microsoft Office allows remote attackers to... | | |
| CVE-2013-3158 | Microsoft Excel 2003 SP3 and 2007 SP3 allows remote attackers to execute arbitrary code or cause a d... | | |
| CVE-2013-3159 | Microsoft Excel 2003 SP3, 2007 SP3, and 2010 SP1 and SP2; Excel Viewer; and Microsoft Office Compati... | | |
| CVE-2013-3160 | Microsoft Office 2003 SP3 and 2007 SP3, Word 2003 SP3 and 2007 SP3, and Word Viewer allow remote att... | | |
| CVE-2013-3161 | Microsoft Internet Explorer 9 and 10 allows remote attackers to execute arbitrary code or cause a de... | | |
| CVE-2013-3162 | Microsoft Internet Explorer 7 through 10 allows remote attackers to execute arbitrary code or cause ... | | |
| CVE-2013-3163 | Microsoft Internet Explorer 8 through 10 allows remote attackers to execute arbitrary code or cause ... | KEV S | |
| CVE-2013-3164 | Microsoft Internet Explorer 8 allows remote attackers to execute arbitrary code or cause a denial of... | | |
| CVE-2013-3165 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2013-3166 | Cross-site scripting (XSS) vulnerability in Microsoft Internet Explorer 6 through 10 allows remote a... | | |
| CVE-2013-3167 | win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, ... | | |
| CVE-2013-3168 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2013-3169 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2013-3170 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2013-3171 | The serialization functionality in Microsoft .NET Framework 2.0 SP2, 3.5, 3.5 SP1, 3.5.1, 4, and 4.5... | | |
| CVE-2013-3172 | Buffer overflow in win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Window... | | |
| CVE-2013-3173 | Buffer overflow in win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Window... | | |
| CVE-2013-3174 | DirectShow in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows ... | | |
| CVE-2013-3175 | Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP... | | |
| CVE-2013-3176 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2013-3177 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2013-3178 | Microsoft Silverlight 5 before 5.1.20513.0 does not properly initialize arrays, which allows remote ... | | |
| CVE-2013-3179 | Cross-site scripting (XSS) vulnerability in Microsoft SharePoint Server 2007 SP3, 2010 SP1 and SP2, ... | | |
| CVE-2013-3180 | Cross-site scripting (XSS) vulnerability in Microsoft SharePoint Server 2010 SP1 and SP2 and 2013 al... | | |
| CVE-2013-3181 | usp10.dll in the Unicode Scripts Processor in Microsoft Windows XP SP2 and SP3 and Windows Server 20... | | |
| CVE-2013-3182 | The Windows NAT Driver (aka winnat) service in Microsoft Windows Server 2012 does not properly valid... | | |
| CVE-2013-3183 | The TCP/IP implementation in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Window... | | |
| CVE-2013-3184 | Microsoft Internet Explorer 7 through 10 allows remote attackers to execute arbitrary code or cause ... | | |
| CVE-2013-3185 | Microsoft Active Directory Federation Services (AD FS) 1.x through 2.1 on Windows Server 2003 R2 SP2... | | |
| CVE-2013-3186 | The Protected Mode feature in Microsoft Internet Explorer 7 through 10 on Windows Vista SP2, Windows... | | |
| CVE-2013-3187 | Microsoft Internet Explorer 9 and 10 allows remote attackers to execute arbitrary code or cause a de... | | |
| CVE-2013-3188 | Microsoft Internet Explorer 8 and 9 allows remote attackers to execute arbitrary code or cause a den... | | |
| CVE-2013-3189 | Microsoft Internet Explorer 8 and 9 allows remote attackers to execute arbitrary code or cause a den... | | |
| CVE-2013-3190 | Microsoft Internet Explorer 8 through 10 allows remote attackers to execute arbitrary code or cause ... | | |
| CVE-2013-3191 | Microsoft Internet Explorer 9 and 10 allows remote attackers to execute arbitrary code or cause a de... | | |
| CVE-2013-3192 | Cross-site scripting (XSS) vulnerability in Microsoft Internet Explorer 6 through 10 allows remote a... | | |
| CVE-2013-3193 | Microsoft Internet Explorer 9 and 10 allows remote attackers to execute arbitrary code or cause a de... | | |
| CVE-2013-3194 | Microsoft Internet Explorer 9 allows remote attackers to execute arbitrary code or cause a denial of... | | |
| CVE-2013-3195 | The DSA_InsertItem function in Comctl32.dll in the Windows common control library in Microsoft Windo... | S | |
| CVE-2013-3196 | The NT Virtual DOS Machine (NTVDM) subsystem in the kernel in Microsoft Windows XP SP3, Windows Serv... | | |
| CVE-2013-3197 | The NT Virtual DOS Machine (NTVDM) subsystem in the kernel in Microsoft Windows XP SP3, Windows Serv... | | |
| CVE-2013-3198 | The NT Virtual DOS Machine (NTVDM) subsystem in the kernel in Microsoft Windows XP SP3, Windows Serv... | | |
| CVE-2013-3199 | Microsoft Internet Explorer 6 through 10 allows remote attackers to execute arbitrary code or cause ... | | |
| CVE-2013-3200 | The USB drivers in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 ... | | |
| CVE-2013-3201 | Microsoft Internet Explorer 9 and 10 allows remote attackers to execute arbitrary code or cause a de... | | |
| CVE-2013-3202 | Microsoft Internet Explorer 10 allows remote attackers to execute arbitrary code or cause a denial o... | | |
| CVE-2013-3203 | Microsoft Internet Explorer 9 and 10 allows remote attackers to execute arbitrary code or cause a de... | | |
| CVE-2013-3204 | Microsoft Internet Explorer 7 through 10 allows remote attackers to execute arbitrary code or cause ... | | |
| CVE-2013-3205 | Microsoft Internet Explorer 6 through 8 allows remote attackers to execute arbitrary code or cause a... | | |
| CVE-2013-3206 | Microsoft Internet Explorer 9 and 10 allows remote attackers to execute arbitrary code or cause a de... | | |
| CVE-2013-3207 | Microsoft Internet Explorer 9 and 10 allows remote attackers to execute arbitrary code or cause a de... | | |
| CVE-2013-3208 | Microsoft Internet Explorer 8 through 10 allows remote attackers to execute arbitrary code or cause ... | | |
| CVE-2013-3209 | Microsoft Internet Explorer 9 and 10 allows remote attackers to execute arbitrary code or cause a de... | | |
| CVE-2013-3210 | Opera before 12.15 does not properly block top-level domains in Set-Cookie headers, which allows rem... | | |
| CVE-2013-3211 | Unspecified vulnerability in Opera before 12.15 has unknown impact and attack vectors, related to a ... | | |
| CVE-2013-3212 | vtiger CRM 5.4.0 and earlier contain local file-include vulnerabilities in 'customerportal.php' whic... | E | |
| CVE-2013-3213 | Multiple SQL injection vulnerabilities in vTiger CRM 5.0.0 through 5.4.0 allow remote attackers to e... | E | |
| CVE-2013-3214 | vtiger CRM 5.4.0 and earlier contain a PHP Code Injection Vulnerability in 'vtigerolservice.php'.... | E | |
| CVE-2013-3215 | vtiger CRM 5.4.0 and earlier contain an Authentication Bypass Vulnerability due to improper authenti... | | |
| CVE-2013-3219 | bitcoind and Bitcoin-Qt 0.8.x before 0.8.1 do not enforce a certain block protocol rule, which allow... | | |
| CVE-2013-3220 | bitcoind and Bitcoin-Qt before 0.4.9rc2, 0.5.x before 0.5.8rc2, 0.6.x before 0.6.5rc2, and 0.7.x bef... | | |
| CVE-2013-3221 | The Active Record component in Ruby on Rails 2.3.x, 3.0.x, 3.1.x, and 3.2.x does not ensure that the... | E | |
| CVE-2013-3222 | The vcc_recvmsg function in net/atm/common.c in the Linux kernel before 3.9-rc7 does not initialize ... | | |
| CVE-2013-3223 | The ax25_recvmsg function in net/ax25/af_ax25.c in the Linux kernel before 3.9-rc7 does not initiali... | | |
| CVE-2013-3224 | The bt_sock_recvmsg function in net/bluetooth/af_bluetooth.c in the Linux kernel before 3.9-rc7 does... | | |
| CVE-2013-3225 | The rfcomm_sock_recvmsg function in net/bluetooth/rfcomm/sock.c in the Linux kernel before 3.9-rc7 d... | | |
| CVE-2013-3226 | The sco_sock_recvmsg function in net/bluetooth/sco.c in the Linux kernel before 3.9-rc7 does not ini... | | |
| CVE-2013-3227 | The caif_seqpkt_recvmsg function in net/caif/caif_socket.c in the Linux kernel before 3.9-rc7 does n... | | |
| CVE-2013-3228 | The irda_recvmsg_dgram function in net/irda/af_irda.c in the Linux kernel before 3.9-rc7 does not in... | | |
| CVE-2013-3229 | The iucv_sock_recvmsg function in net/iucv/af_iucv.c in the Linux kernel before 3.9-rc7 does not ini... | | |
| CVE-2013-3230 | The l2tp_ip6_recvmsg function in net/l2tp/l2tp_ip6.c in the Linux kernel before 3.9-rc7 does not ini... | | |
| CVE-2013-3231 | The llc_ui_recvmsg function in net/llc/af_llc.c in the Linux kernel before 3.9-rc7 does not initiali... | | |
| CVE-2013-3232 | The nr_recvmsg function in net/netrom/af_netrom.c in the Linux kernel before 3.9-rc7 does not initia... | | |
| CVE-2013-3233 | The llcp_sock_recvmsg function in net/nfc/llcp/sock.c in the Linux kernel before 3.9-rc7 does not in... | | |
| CVE-2013-3234 | The rose_recvmsg function in net/rose/af_rose.c in the Linux kernel before 3.9-rc7 does not initiali... | | |
| CVE-2013-3235 | net/tipc/socket.c in the Linux kernel before 3.9-rc7 does not initialize a certain data structure an... | | |
| CVE-2013-3236 | The vmci_transport_dgram_dequeue function in net/vmw_vsock/vmci_transport.c in the Linux kernel befo... | | |
| CVE-2013-3237 | The vsock_stream_sendmsg function in net/vmw_vsock/af_vsock.c in the Linux kernel before 3.9-rc7 doe... | | |
| CVE-2013-3238 | phpMyAdmin 3.5.x before 3.5.8 and 4.x before 4.0.0-rc3 allows remote authenticated users to execute ... | E | |
| CVE-2013-3239 | phpMyAdmin 3.5.x before 3.5.8 and 4.x before 4.0.0-rc3, when a SaveDir directory is configured, allo... | E S | |
| CVE-2013-3240 | Directory traversal vulnerability in the Export feature in phpMyAdmin 4.x before 4.0.0-rc3 allows re... | | |
| CVE-2013-3241 | export.php (aka the export script) in phpMyAdmin 4.x before 4.0.0-rc3 overwrites global variables on... | | |
| CVE-2013-3242 | plugins/system/remember/remember.php in Joomla! 2.5.x before 2.5.10 and 3.0.x before 3.0.4 does not ... | E | |
| CVE-2013-3243 | Unspecified vulnerability in OpenText/IXOS ECM for SAP NetWeaver allows remote attackers to execute ... | E | |
| CVE-2013-3244 | Multiple unspecified vulnerabilities in the CJDB_FILL_MEMORY_FROM_PPB function in the Project System... | | |
| CVE-2013-3245 | plugins/demux/libmkv_plugin.dll in VideoLAN VLC Media Player 2.0.7, and possibly other versions, all... | E | |
| CVE-2013-3246 | Stack-based buffer overflow in xnview.exe in XnView before 2.03 allows remote attackers to execute a... | E | |
| CVE-2013-3247 | Heap-based buffer overflow in xnview.exe in XnView before 2.03 allows remote attackers to execute ar... | E | |
| CVE-2013-3248 | Untrusted search path vulnerability in Corel PDF Fusion 1.11 allows local users to gain privileges v... | | |
| CVE-2013-3249 | Stack-based buffer overflow in the "Add from text file" feature in the DameWare Exporter tool (DWExp... | | |
| CVE-2013-3250 | Cross-site request forgery (CSRF) vulnerability in the WP Maintenance Mode plugin before 1.8.8 for W... | | |
| CVE-2013-3251 | Cross-site request forgery (CSRF) vulnerability in the qTranslate plugin 2.5.34 and earlier for Word... | | |
| CVE-2013-3252 | Cross-site request forgery (CSRF) vulnerability in the options admin page in the WP-PostViews plugin... | | |
| CVE-2013-3253 | Cross-site request forgery (CSRF) vulnerability in admin/setting.php in the Xhanch - My Twitter plug... | E S | |
| CVE-2013-3254 | Cross-site scripting (XSS) vulnerability in wp-admin/admin.php in the WP Photo Album Plus plugin bef... | | |
| CVE-2013-3256 | Cross-site request forgery (CSRF) vulnerability in the Shareaholic SexyBookmarks plugin 6.1.4.0 for ... | | |
| CVE-2013-3257 | Cross-site request forgery (CSRF) vulnerability in the Related Posts plugin before 2.7.2 for WordPre... | S | |
| CVE-2013-3258 | Cross-site request forgery (CSRF) vulnerability in he Digg Digg plugin before 5.3.5 for WordPress al... | S | |
| CVE-2013-3259 | Stack-based buffer overflow in INMATRIX Zoom Player before 8.7 beta 11 allows remote attackers to ex... | | |
| CVE-2013-3260 | Heap-based buffer overflow in INMATRIX Zoom Player before 8.7 beta 11 allows remote attackers to exe... | | |
| CVE-2013-3261 | Cross-site scripting (XSS) vulnerability in wp-admin/admin.php in the GRAND FlAGallery plugin before... | | |
| CVE-2013-3262 | Cross-site scripting (XSS) vulnerability in admin/admin.php in the Download Monitor plugin before 3.... | E S | |
| CVE-2013-3263 | Multiple cross-site scripting (XSS) vulnerabilities in the WP Ultimate Email Marketer plugin 1.1.0 a... | | |
| CVE-2013-3264 | The WP Ultimate Email Marketer plugin 1.1.0 and possibly earlier for Wordpress does not properly res... | | |
| CVE-2013-3266 | The nfsrvd_readdir function in sys/fs/nfsserver/nfs_nfsdport.c in the new NFS server in FreeBSD 8.0 ... | S | |
| CVE-2013-3267 | Cross-site scripting (XSS) vulnerability in the highlighter plugin in Joomla! 2.5.x before 2.5.10 an... | | |
| CVE-2013-3268 | Novell iManager 2.7 before SP6 Patch 1 does not refresh a token after a logout action, which has uns... | | |
| CVE-2013-3269 | Cross-site request forgery (CSRF) vulnerability in Cybozu Office before 8.1.6 and 9.x before 9.3.0 a... | | |
| CVE-2013-3270 | EMC VNX Control Station before 7.1.70.2 and Celerra Control Station before 6.0.70.1 have an incorrec... | | |
| CVE-2013-3271 | EMC RSA Authentication Agent for PAM 7.0 before 7.0.2.1 enforces the maximum number of login attempt... | | |
| CVE-2013-3272 | EMC Replication Manager (RM) before 5.4.4 places encoded passwords in application log files, which m... | | |
| CVE-2013-3273 | EMC RSA Authentication Manager 8.0 before P2 and 7.1 before SP4 P26, as used in Appliance 3.0, does ... | | |
| CVE-2013-3274 | EMC Avamar Server and Avamar Virtual Edition before 7.0 on Data Store Gen3, Gen4, and Gen4s platform... | | |
| CVE-2013-3275 | EMC Avamar Server and Avamar Virtual Edition before 7.0 on Data Store Gen3, Gen4, and Gen4s platform... | | |
| CVE-2013-3276 | EMC RSA Archer GRC 5.x before 5.4 allows remote authenticated users to bypass intended access restri... | | |
| CVE-2013-3277 | Open redirect vulnerability in EMC RSA Archer GRC 5.x before 5.4 allows remote attackers to redirect... | | |
| CVE-2013-3278 | EMC VPLEX before VPLEX GeoSynchrony 5.2 SP1 uses cleartext for storage of the LDAP/AD bind password,... | | |
| CVE-2013-3279 | EMC Atmos before 2.1.4 has a blank password for the PostgreSQL account, which allows remote attacker... | | |
| CVE-2013-3280 | EMC RSA Authentication Agent 7.1.x before 7.1.2 for Web for Internet Information Services has a fail... | | |
| CVE-2013-3281 | Cross-site scripting (XSS) vulnerability in EMC Documentum Webtop before 6.7 SP2 P07, Documentum WDK... | | |
| CVE-2013-3282 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual... | R | |
| CVE-2013-3283 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual... | R | |
| CVE-2013-3284 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual... | R | |
| CVE-2013-3285 | The NetWorker Management Console (NMC) in EMC NetWorker 8.0.x before 8.0.2.3, when using Active Dire... | | |
| CVE-2013-3286 | Multiple cross-site scripting (XSS) vulnerabilities in EMC Documentum eRoom before 7.4.4 P11 allow r... | | |
| CVE-2013-3287 | EMC Unisphere for VMAX before 1.6.1.6, when using an unspecified level of debug logging in LDAP conf... | | |
| CVE-2013-3288 | Cross-site scripting (XSS) vulnerability on the EMC RSA Data Protection Manager (DPM) appliance 3.2.... | | |
| CVE-2013-3289 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual... | R | |
| CVE-2013-3294 | Multiple SQL injection vulnerabilities in Exponent CMS before 2.2.0 release candidate 1 allow remote... | | |
| CVE-2013-3295 | Directory traversal vulnerability in install/popup.php in Exponent CMS before 2.2.0 RC1 allows remot... | E | |
| CVE-2013-3299 | RealNetworks RealPlayer 16.0.2.32 and earlier allows remote attackers to cause a denial of service (... | | |
| CVE-2013-3300 | The JsonParser class in json/JsonParser.scala in Lift before 2.5 interprets a certain end-index valu... | E S | |
| CVE-2013-3301 | The ftrace implementation in the Linux kernel before 3.8.8 allows local users to cause a denial of s... | E | |
| CVE-2013-3302 | Race condition in the smb_send_rqst function in fs/cifs/transport.c in the Linux kernel before 3.7.2... | | |
| CVE-2013-3304 | Directory traversal vulnerability in Dell EqualLogic PS4000 with firmware 6.0 allows remote attacker... | E | |
| CVE-2013-3307 | Linksys E1000 devices through 2.1.02, E1200 devices before 2.0.05, and E3200 devices through 1.0.04 ... | | |
| CVE-2013-3311 | Directory traversal vulnerability in the Loftek Nexus 543 IP Camera allows remote attackers to read ... | E | |
| CVE-2013-3312 | Multiple cross-site request forgery (CSRF) vulnerabilities in the Loftek Nexus 543 IP Camera allow r... | E | |
| CVE-2013-3313 | The Loftek Nexus 543 IP Camera stores passwords in cleartext, which allows remote attackers to obtai... | E | |
| CVE-2013-3314 | The Loftek Nexus 543 IP Camera allows remote attackers to obtain (1) IP addresses via a request to g... | E | |
| CVE-2013-3315 | The server in TIBCO Silver Mobile 1.1.0 does not properly verify access to the administrator role be... | | |
| CVE-2013-3316 | Netgear WNR1000v3 with firmware before 1.0.2.60 contains an Authentication Bypass due to the server ... | E | |
| CVE-2013-3317 | Netgear WNR1000v3 with firmware before 1.0.2.60 contains an Authentication Bypass via the NtgrBak ke... | E | |
| CVE-2013-3318 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2013-3319 | The GetComputerSystem method in the HostControl service in SAP Netweaver 7.03 allows remote attacker... | | |
| CVE-2013-3320 | Cross-site Scripting (XSS) vulnerability in NetApp OnCommand System Manager before 2.2 allows remote... | | |
| CVE-2013-3321 | NetApp OnCommand System Manager 2.1 and earlier allows remote attackers to include arbitrary files t... | E | |
| CVE-2013-3322 | NetApp OnCommand System Manager 2.1 and earlier allows remote attackers to inject arbitrary commands... | | |
| CVE-2013-3323 | A Privilege Escalation Vulnerability exists in IBM Maximo Asset Management 7.5, 7.1, and 6.2, when W... | | |
| CVE-2013-3324 | Adobe Flash Player before 10.3.183.86 and 11.x before 11.7.700.202 on Windows and Mac OS X, before 1... | S | |
| CVE-2013-3325 | Adobe Flash Player before 10.3.183.86 and 11.x before 11.7.700.202 on Windows and Mac OS X, before 1... | S | |
| CVE-2013-3326 | Adobe Flash Player before 10.3.183.86 and 11.x before 11.7.700.202 on Windows and Mac OS X, before 1... | S | |
| CVE-2013-3327 | Adobe Flash Player before 10.3.183.86 and 11.x before 11.7.700.202 on Windows and Mac OS X, before 1... | S | |
| CVE-2013-3328 | Adobe Flash Player before 10.3.183.86 and 11.x before 11.7.700.202 on Windows and Mac OS X, before 1... | S | |
| CVE-2013-3329 | Adobe Flash Player before 10.3.183.86 and 11.x before 11.7.700.202 on Windows and Mac OS X, before 1... | S | |
| CVE-2013-3330 | Adobe Flash Player before 10.3.183.86 and 11.x before 11.7.700.202 on Windows and Mac OS X, before 1... | S | |
| CVE-2013-3331 | Adobe Flash Player before 10.3.183.86 and 11.x before 11.7.700.202 on Windows and Mac OS X, before 1... | S | |
| CVE-2013-3332 | Adobe Flash Player before 10.3.183.86 and 11.x before 11.7.700.202 on Windows and Mac OS X, before 1... | S | |
| CVE-2013-3333 | Adobe Flash Player before 10.3.183.86 and 11.x before 11.7.700.202 on Windows and Mac OS X, before 1... | S | |
| CVE-2013-3334 | Adobe Flash Player before 10.3.183.86 and 11.x before 11.7.700.202 on Windows and Mac OS X, before 1... | S | |
| CVE-2013-3335 | Adobe Flash Player before 10.3.183.86 and 11.x before 11.7.700.202 on Windows and Mac OS X, before 1... | S | |
| CVE-2013-3336 | Unspecified vulnerability in Adobe ColdFusion 9.0, 9.0.1, 9.0.2, and 10 allows remote attackers to r... | E | |
| CVE-2013-3337 | Adobe Reader and Acrobat 9.x before 9.5.5, 10.x before 10.1.7, and 11.x before 11.0.03 allow attacke... | S | |
| CVE-2013-3338 | Adobe Reader and Acrobat 9.x before 9.5.5, 10.x before 10.1.7, and 11.x before 11.0.03 allow attacke... | S | |
| CVE-2013-3339 | Adobe Reader and Acrobat 9.x before 9.5.5, 10.x before 10.1.7, and 11.x before 11.0.03 allow attacke... | S | |
| CVE-2013-3340 | Adobe Reader and Acrobat 9.x before 9.5.5, 10.x before 10.1.7, and 11.x before 11.0.03 allow attacke... | S | |
| CVE-2013-3341 | Adobe Reader and Acrobat 9.x before 9.5.5, 10.x before 10.1.7, and 11.x before 11.0.03 allow attacke... | S | |
| CVE-2013-3342 | Adobe Reader and Acrobat 9.x before 9.5.5, 10.x before 10.1.7, and 11.x before 11.0.03 do not proper... | S | |
| CVE-2013-3343 | Adobe Flash Player before 10.3.183.90 and 11.x before 11.7.700.224 on Windows, before 10.3.183.90 an... | S | |
| CVE-2013-3344 | Heap-based buffer overflow in Adobe Flash Player before 11.7.700.232 and 11.8.x before 11.8.800.94 o... | S | |
| CVE-2013-3345 | Adobe Flash Player before 11.7.700.232 and 11.8.x before 11.8.800.94 on Windows and Mac OS X, before... | S | |
| CVE-2013-3346 | Adobe Reader and Acrobat 9.x before 9.5.5, 10.x before 10.1.7, and 11.x before 11.0.03 allow attacke... | KEV | |
| CVE-2013-3347 | Integer overflow in Adobe Flash Player before 11.7.700.232 and 11.8.x before 11.8.800.94 on Windows ... | S | |
| CVE-2013-3348 | Adobe Shockwave Player before 12.0.3.133 allows attackers to execute arbitrary code or cause a denia... | S | |
| CVE-2013-3349 | Unspecified vulnerability in Adobe ColdFusion 9.0 through 9.0.2, when the JRun application server is... | | |
| CVE-2013-3350 | Adobe ColdFusion 10 before Update 11 allows remote attackers to call ColdFusion Components (CFC) pub... | S | |
| CVE-2013-3351 | Multiple stack-based buffer overflows in Adobe Reader and Acrobat before 10.1.8 and 11.x before 11.0... | S | |
| CVE-2013-3352 | Adobe Reader and Acrobat before 10.1.8 and 11.x before 11.0.04 on Windows and Mac OS X allow attacke... | S | |
| CVE-2013-3353 | Buffer overflow in Adobe Reader and Acrobat before 10.1.8 and 11.x before 11.0.04 on Windows and Mac... | S | |
| CVE-2013-3354 | Adobe Reader and Acrobat before 10.1.8 and 11.x before 11.0.04 on Windows and Mac OS X allow attacke... | S | |
| CVE-2013-3355 | Adobe Reader and Acrobat before 10.1.8 and 11.x before 11.0.04 on Windows and Mac OS X allow attacke... | S | |
| CVE-2013-3356 | Buffer overflow in Adobe Reader and Acrobat before 10.1.8 and 11.x before 11.0.04 on Windows and Mac... | S | |
| CVE-2013-3357 | Integer overflow in Adobe Reader and Acrobat before 10.1.8 and 11.x before 11.0.04 on Windows and Ma... | S | |
| CVE-2013-3358 | Integer overflow in Adobe Reader and Acrobat before 10.1.8 and 11.x before 11.0.04 on Windows and Ma... | S | |
| CVE-2013-3359 | Adobe Shockwave Player before 12.0.4.144 allows attackers to execute arbitrary code or cause a denia... | S | |
| CVE-2013-3360 | Adobe Shockwave Player before 12.0.4.144 allows attackers to execute arbitrary code or cause a denia... | S | |
| CVE-2013-3361 | Adobe Flash Player before 11.7.700.242 and 11.8.x before 11.8.800.168 on Windows and Mac OS X, befor... | S | |
| CVE-2013-3362 | Adobe Flash Player before 11.7.700.242 and 11.8.x before 11.8.800.168 on Windows and Mac OS X, befor... | S | |
| CVE-2013-3363 | Adobe Flash Player before 11.7.700.242 and 11.8.x before 11.8.800.168 on Windows and Mac OS X, befor... | S | |
| CVE-2013-3365 | TRENDnet TEW-812DRU router allows remote authenticated users to execute arbitrary commands via shell... | E | |
| CVE-2013-3366 | Undocumented TELNET service in TRENDnet TEW-812DRU when a web page named backdoor contains an HTML p... | M | |
| CVE-2013-3367 | Undocumented TELNET service in TRENDnet TEW-691GR and TEW-692GR when a web page named backdoor conta... | | |
| CVE-2013-3368 | bin/rt in Request Tracker (RT) 3.8.x before 3.8.17 and 4.0.x before 4.0.13 allows local users to ove... | S | |
| CVE-2013-3369 | Request Tracker (RT) 3.8.x before 3.8.17 and 4.0.x before 4.0.13 allows remote authenticated users w... | S | |
| CVE-2013-3370 | Request Tracker (RT) 3.8.x before 3.8.17 and 4.0.x before 4.0.13 does not properly restrict access t... | S | |
| CVE-2013-3371 | Cross-site scripting (XSS) vulnerability in Request Tracker (RT) 3.8.3 through 3.8.16 and 4.0.x befo... | S | |
| CVE-2013-3372 | Request Tracker (RT) 3.8.x before 3.8.17 and 4.0.x before 4.0.13 allows remote attackers to inject m... | S | |
| CVE-2013-3373 | CRLF injection vulnerability in Request Tracker (RT) 3.8.x before 3.8.17 and 4.0.x before 4.0.13 all... | S | |
| CVE-2013-3374 | Unspecified vulnerability in Request Tracker (RT) 3.8.x before 3.8.17 and 4.0.x before 4.0.13, when ... | S | |
| CVE-2013-3375 | Cross-site scripting (XSS) vulnerability in the portal page in Cisco Prime Central for Hosted Collab... | | |
| CVE-2013-3376 | Open redirect vulnerability in the help page in Cisco Video Surveillance Operations Manager allows r... | | |
| CVE-2013-3377 | Cisco TelePresence TC Software before 5.1.7 and TE Software before 4.1.3 allow remote attackers to c... | | |
| CVE-2013-3378 | Cisco TelePresence TC Software before 6.1 and TE Software before 4.1.3 allow remote attackers to cau... | | |
| CVE-2013-3379 | The firewall subsystem in Cisco TelePresence TC Software before 4.2 does not properly implement rule... | | |
| CVE-2013-3380 | The administrative web interface in the Access Control Server in Cisco Secure Access Control System ... | | |
| CVE-2013-3381 | Cisco Hosted Collaboration Mediation allows remote attackers to cause a denial of service (CPU consu... | | |
| CVE-2013-3382 | The Next-Generation Firewall (aka NGFW, formerly CX Context-Aware Security) module 9.x before 9.1.1.... | | |
| CVE-2013-3383 | The web framework in IronPort AsyncOS on Cisco Web Security Appliance devices before 7.1.3-013, 7.5 ... | | |
| CVE-2013-3384 | The web framework in IronPort AsyncOS on Cisco Web Security Appliance devices before 7.1.3-013, 7.5 ... | | |
| CVE-2013-3385 | The management GUI in the web framework in IronPort AsyncOS on Cisco Web Security Appliance devices ... | | |
| CVE-2013-3386 | The IronPort Spam Quarantine (ISQ) component in the web framework in IronPort AsyncOS on Cisco Email... | | |
| CVE-2013-3387 | Cisco Prime Central for Hosted Collaboration Solution (HCS) Assurance 8.6 and 9.x before 9.2(1) allo... | | |
| CVE-2013-3388 | Cisco Prime Central for Hosted Collaboration Solution (HCS) Assurance 8.6 and 9.x before 9.2(1) allo... | | |
| CVE-2013-3389 | Cisco Prime Central for Hosted Collaboration Solution (HCS) Assurance 8.6 and 9.x before 9.2(1) allo... | | |
| CVE-2013-3390 | Memory leak in Cisco Prime Central for Hosted Collaboration Solution (HCS) Assurance 8.6 and 9.x bef... | | |
| CVE-2013-3392 | Multiple cross-site request forgery (CSRF) vulnerabilities in Cisco WebEx Social allow remote attack... | | |
| CVE-2013-3393 | The Precision Video Engine component in Cisco Jabber for Windows and Cisco Virtualization Experience... | | |
| CVE-2013-3394 | Cross-site scripting (XSS) vulnerability in the web interface in Cisco Prime Network Registrar 8.1 a... | | |
| CVE-2013-3395 | Cross-site request forgery (CSRF) vulnerability in the web framework on Cisco IronPort Web Security ... | | |
| CVE-2013-3396 | Cross-site scripting (XSS) vulnerability in the web framework in Cisco Content Security Management o... | | |
| CVE-2013-3397 | Cross-site request forgery (CSRF) vulnerability in the Unified Serviceability component in Cisco Uni... | | |
| CVE-2013-3398 | The web framework in Cisco Prime Central for Hosted Collaboration Solution (HCS) Assurance provides ... | | |
| CVE-2013-3399 | Buffer overflow in an unspecified Android API on the Cisco Desktop Collaboration Experience DX650 al... | | |
| CVE-2013-3400 | The license-installation module in Cisco NX-OS on Nexus 1000V devices allows local users to execute ... | | |
| CVE-2013-3401 | The SIP implementation in Cisco TelePresence TC Software allows remote attackers to trigger unintend... | | |
| CVE-2013-3402 | An unspecified function in Cisco Unified Communications Manager (CUCM) 7.1(x) through 9.1(2) allows ... | | |
| CVE-2013-3403 | Multiple untrusted search path vulnerabilities in Cisco Unified Communications Manager (CUCM) 7.1(x)... | | |
| CVE-2013-3404 | SQL injection vulnerability in Cisco Unified Communications Manager (CUCM) 7.1(x) through 9.1(1a) al... | | |
| CVE-2013-3405 | The web portal in TC software on Cisco TelePresence endpoints does not require an exact password mat... | | |
| CVE-2013-3406 | The "Files Available for Download" implementation in the Cisco Intelligent Automation for Cloud comp... | | |
| CVE-2013-3407 | The web interface in Cisco Server Provisioner 6.4.0 Patch 5-1301292331 and earlier does not require ... | | |
| CVE-2013-3408 | The firmware on Cisco Virtualization Experience Client 6000 devices sets incorrect operating-system ... | | |
| CVE-2013-3409 | The portal in Cisco Prime Central for Hosted Collaboration Solution (HCS) places cleartext credentia... | | |
| CVE-2013-3410 | Cisco Intrusion Prevention System (IPS) Software on IPS NME devices before 7.0(9)E4 allows remote at... | | |
| CVE-2013-3411 | The IDSM-2 drivers in Cisco Intrusion Prevention System (IPS) Software on Cisco Catalyst 6500 device... | | |
| CVE-2013-3412 | SQL injection vulnerability in Cisco Unified Communications Manager (CUCM) 7.1(x) through 9.1(2) all... | | |
| CVE-2013-3413 | Cross-site scripting (XSS) vulnerability in the search form in the administration/monitoring panel o... | | |
| CVE-2013-3414 | Cross-site scripting (XSS) vulnerability in the WebVPN portal login page on Cisco Adaptive Security ... | | |
| CVE-2013-3415 | Cisco Adaptive Security Appliance (ASA) Software 8.4.x before 8.4(3) and 8.6.x before 8.6(1.3) does ... | | |
| CVE-2013-3416 | Cross-site scripting (XSS) vulnerability in the web framework in the unified-communications manageme... | | |
| CVE-2013-3417 | The administrative web interface in Cisco Video Surveillance Operations Manager does not properly pe... | | |
| CVE-2013-3418 | Cisco Unified Communications Domain Manager does not properly allocate memory for GET and POST reque... | | |
| CVE-2013-3419 | Cross-site scripting (XSS) vulnerability in Cisco Unified MeetingPlace Web Conferencing allows remot... | | |
| CVE-2013-3420 | Cross-site request forgery (CSRF) vulnerability in the web framework on the Cisco Identity Services ... | | |
| CVE-2013-3421 | Cross-site scripting (XSS) vulnerability in the Help index page in Cisco Secure Access Control Syste... | | |
| CVE-2013-3422 | Cross-site scripting (XSS) vulnerability in Administration pages in Cisco Secure Access Control Syst... | | |
| CVE-2013-3423 | Cross-site scripting (XSS) vulnerability in the web interface in Cisco Secure Access Control System ... | | |
| CVE-2013-3424 | Cross-site request forgery (CSRF) vulnerability in Administration and View pages in Cisco Secure Acc... | | |
| CVE-2013-3425 | The Meeting Center component in Cisco WebEx 11 generates different error messages for invalid file-a... | | |
| CVE-2013-3426 | The Serviceability servlet on Cisco 9900 IP phones does not properly restrict paths, which allows re... | | |
| CVE-2013-3428 | The web interface in Cisco Secure Access Control System (ACS) does not properly suppress error-condi... | | |
| CVE-2013-3429 | Multiple directory traversal vulnerabilities in Cisco Video Surveillance Manager (VSM) before 7.0.0 ... | | |
| CVE-2013-3430 | Cisco Video Surveillance Manager (VSM) before 7.0.0 allows remote attackers to obtain sensitive conf... | | |
| CVE-2013-3431 | Cisco Video Surveillance Manager (VSM) before 7.0.0 does not require authentication for access to VS... | | |
| CVE-2013-3433 | Untrusted search path vulnerability in Cisco Unified Communications Manager (CUCM) 7.1(x) through 9.... | | |
| CVE-2013-3434 | Untrusted search path vulnerability in Cisco Unified Communications Manager (CUCM) 7.1(x) through 9.... | | |
| CVE-2013-3435 | The Cisco Unified IP Conference Station 7937G allows remote attackers to cause a denial of service (... | | |
| CVE-2013-3436 | The default configuration of the Group Encrypted Transport VPN (GET VPN) feature on Cisco IOS uses a... | | |
| CVE-2013-3437 | SQL injection vulnerability in the management application in Cisco Unified Operations Manager allows... | | |
| CVE-2013-3438 | The web framework in the server in Cisco Unified MeetingPlace Web Conferencing allows remote attacke... | | |
| CVE-2013-3439 | Cross-site scripting (XSS) vulnerability in Cisco Unified Operations Manager allows remote attackers... | | |
| CVE-2013-3440 | Multiple cross-site scripting (XSS) vulnerabilities in the administrative web interface in Cisco Uni... | | |
| CVE-2013-3441 | Cisco Aironet 3600 access points allow remote attackers to cause a denial of service (memory corrupt... | | |
| CVE-2013-3442 | The web portal in Cisco Unified Communications Manager (Unified CM) allows remote authenticated user... | | |
| CVE-2013-3443 | The web service framework in Cisco WAAS Software 4.x and 5.x before 5.0.3e, 5.1.x before 5.1.1c, and... | | |
| CVE-2013-3444 | The web framework in Cisco WAAS Software before 4.x and 5.x before 5.0.3e, 5.1.x before 5.1.1c, and ... | | |
| CVE-2013-3445 | The firewall subsystem in Cisco Identity Services Engine has an incorrect rule for open ports, which... | | |
| CVE-2013-3446 | Open redirect vulnerability in the login page in Cisco Digital Media Manager (DMM) allows remote att... | | |
| CVE-2013-3448 | Cisco WebEx Meetings Server does not check whether a user account is active, which allows remote aut... | | |
| CVE-2013-3450 | Cross-site request forgery (CSRF) vulnerability in the User WebDialer page in Cisco Unified Communic... | | |
| CVE-2013-3451 | Multiple cross-site request forgery (CSRF) vulnerabilities in Cisco Unified Communications Manager (... | | |
| CVE-2013-3453 | Memory leak in Cisco Unified Communications Manager IM and Presence Service before 8.6(5)SU1 and 9.x... | | |
| CVE-2013-3454 | Cisco TelePresence System Software 1.10.1 and earlier on 500, 13X0, 1X00, 30X0, and 3X00 devices, an... | | |
| CVE-2013-3455 | Cisco Finesse allows remote attackers to obtain sensitive information by sniffing the network for HT... | | |
| CVE-2013-3457 | Absolute path traversal vulnerability in the web interface in Cisco Finesse allows remote attackers ... | | |
| CVE-2013-3458 | Cisco Adaptive Security Appliances (ASA) devices, when SMP is used, do not properly process X.509 ce... | | |
| CVE-2013-3459 | Cisco Unified Communications Manager (Unified CM) 7.1(x) before 7.1(5b)su6a does not properly handle... | | |
| CVE-2013-3460 | Memory leak in Cisco Unified Communications Manager (Unified CM) 8.5(x) before 8.5(1)su6, 8.6(x) bef... | | |
| CVE-2013-3461 | Cisco Unified Communications Manager (Unified CM) 8.5(x) and 8.6(x) before 8.6(2a)su3 and 9.x before... | | |
| CVE-2013-3462 | Buffer overflow in Cisco Unified Communications Manager (Unified CM) 7.1(x) before 7.1(5b)su6, 8.5(x... | | |
| CVE-2013-3463 | The protocol-inspection feature on Cisco Adaptive Security Appliances (ASA) devices does not properl... | | |
| CVE-2013-3464 | Cisco IOS XR allows local users to cause a denial of service (Silicon Packet Processor memory corrup... | | |
| CVE-2013-3466 | The EAP-FAST authentication module in Cisco Secure Access Control Server (ACS) 4.x before 4.2.1.15.1... | | |
| CVE-2013-3467 | Memory leak in the CLI component on Cisco Unified Computing System (UCS) 6100 Fabric Interconnect de... | | |
| CVE-2013-3468 | The Cisco Unified IP Phone 8945 with software 9.3(2) allows remote attackers to cause a denial of se... | | |
| CVE-2013-3469 | Cisco Mobility Services Engine does not properly set up the Oracle SSL service, which allows remote ... | | |
| CVE-2013-3470 | The RIP process in Cisco IOS XR allows remote attackers to cause a denial of service (process crash)... | | |
| CVE-2013-3471 | The captive portal application in Cisco Identity Services Engine (ISE) allows remote attackers to di... | | |
| CVE-2013-3472 | Cross-site request forgery (CSRF) vulnerability in the Enterprise License Manager (ELM) in Cisco Uni... | | |
| CVE-2013-3473 | The web framework in Cisco Prime Central for Hosted Collaboration Solution (HCS) Assurance before 9.... | | |
| CVE-2013-3474 | The Web Administrator Interface on Cisco Wireless LAN Controller (WLC) devices allows remote authent... | | |
| CVE-2013-3475 | Stack-based buffer overflow in db2aud in the Audit Facility in IBM DB2 and DB2 Connect 9.1, 9.5, 9.7... | | |
| CVE-2013-3476 | Cross-site request forgery (CSRF) vulnerability in the WordPress Related Posts plugin before 2.6.2 f... | S | |
| CVE-2013-3477 | Cross-site request forgery (CSRF) vulnerability in the Related Posts by Zemanta plugin before 1.3.2 ... | | |
| CVE-2013-3478 | SQL injection vulnerability in Apptha WordPress Video Gallery 2.0, 1.6, and earlier for WordPress al... | | |
| CVE-2013-3479 | Cross-site request forgery (CSRF) vulnerability in the ShareThis plugin before 7.0.6 for WordPress a... | | |
| CVE-2013-3480 | Integer overflow in Sagelight 4.4 and earlier allows remote attackers to execute arbitrary code via ... | | |
| CVE-2013-3481 | Stack-based buffer overflow in Artweaver Plus and Free before 3.1.5 allows remote attackers to execu... | S | |
| CVE-2013-3482 | Stack-based buffer overflow in the rf_report_error function in ermapper_u.dll in Intergraph ERDAS ER... | E | |
| CVE-2013-3483 | Stack-based buffer overflow in ermapper_u.dll in Intergraph ERDAS ER Viewer before 13.0.1.1301 allow... | | |
| CVE-2013-3484 | Multiple cross-site scripting (XSS) vulnerabilities in dotCMS before 2.3.2 allow remote attackers to... | E | |
| CVE-2013-3485 | Multiple untrusted search path vulnerabilities in Soda PDF 5.1.183.10520 allow local users to gain p... | | |
| CVE-2013-3486 | IrfanView FlashPix Plugin 4.3.4 0 has an Integer Overflow Vulnerability... | | |
| CVE-2013-3487 | Multiple cross-site scripting (XSS) vulnerabilities in the security log in the BulletProof Security ... | | |
| CVE-2013-3488 | Stack-based buffer overflow in Media Player Classic - Home Cinema (MPC-HC) before 1.7.0.7858 allows ... | | |
| CVE-2013-3489 | Buffer overflow in Media Player Classic - Home Cinema (MPC-HC) before 1.7.0 allows remote attackers ... | | |
| CVE-2013-3491 | Multiple cross-site request forgery (CSRF) vulnerabilities in the Sharebar plugin 1.2.5 for WordPres... | | |
| CVE-2013-3492 | XnView 2.03 has a stack-based buffer overflow vulnerability... | | |
| CVE-2013-3493 | XnView 2.03 has an integer overflow vulnerability... | | |
| CVE-2013-3494 | A Code Execution Vulnerability exists in UMPlayer 0.98 in wintab32.dll due to insufficient path rest... | | |
| CVE-2013-3495 | The Intel VT-d Interrupt Remapping engine in Xen 3.3.x through 4.3.x allows local guests to cause a ... | | |
| CVE-2013-3496 | Infotecs ViPNet Client 3.2.10 (15632) and earlier, ViPNet Coordinator 3.2.10 (15632) and earlier, Vi... | | |
| CVE-2013-3497 | Juniper Junos Space before 12.3P2.8, as used on the JA1500 appliance and in other contexts, includes... | | |
| CVE-2013-3498 | Cross-site scripting (XSS) vulnerability in Juniper SmartPass WLAN Security Management before 7.7 MR... | | |
| CVE-2013-3499 | GroundWork Monitor Enterprise 6.7.0 performs authentication on the basis of the HTTP Referer header,... | | |
| CVE-2013-3500 | The Foundation webapp admin interface in GroundWork Monitor Enterprise 6.7.0 uses the nagios account... | | |
| CVE-2013-3501 | Multiple cross-site scripting (XSS) vulnerabilities in GroundWork Monitor Enterprise 6.7.0 allow rem... | | |
| CVE-2013-3502 | monarch_scan.cgi in the MONARCH component in GroundWork Monitor Enterprise 6.7.0 allows remote authe... | E | |
| CVE-2013-3503 | The Profile Importer feature in monarch.cgi in the MONARCH component in GroundWork Monitor Enterpris... | | |
| CVE-2013-3504 | Directory traversal vulnerability in monarch.cgi in the MONARCH component in GroundWork Monitor Ente... | | |
| CVE-2013-3505 | The Nagios-App component in GroundWork Monitor Enterprise 6.7.0 allows remote authenticated users to... | | |
| CVE-2013-3506 | cgi-bin/performance/perfchart.cgi in the Performance component in GroundWork Monitor Enterprise 6.7.... | | |
| CVE-2013-3507 | The NeDi component in GroundWork Monitor Enterprise 6.7.0 allows remote authenticated users to obtai... | | |
| CVE-2013-3508 | html/System-Files.php in the System File Overview feature in the NeDi component in GroundWork Monito... | | |
| CVE-2013-3509 | html/System-NeDi.php in the NeDi component in GroundWork Monitor Enterprise 6.7.0 allows remote auth... | | |
| CVE-2013-3510 | Multiple SQL injection vulnerabilities in GroundWork Monitor Enterprise 6.7.0 allow remote authentic... | | |
| CVE-2013-3511 | Open redirect vulnerability in the NeDi component in GroundWork Monitor Enterprise 6.7.0 allows remo... | | |
| CVE-2013-3512 | The Cacti component in GroundWork Monitor Enterprise 6.7.0 does not properly perform authorization c... | | |
| CVE-2013-3513 | Multiple cross-site request forgery (CSRF) vulnerabilities in the Noma component in GroundWork Monit... | | |
| CVE-2013-3514 | Multiple directory traversal vulnerabilities in OpenX before 2.8.10 revision 82710 allow remote admi... | E | |
| CVE-2013-3515 | Multiple cross-site scripting (XSS) vulnerabilities in OpenX Source 2.8.10 and earlier allow remote ... | E S | |
| CVE-2013-3516 | NETGEAR WNR3500U and WNR3500L routers uses form tokens abased solely on router's current date and ti... | E M | |
| CVE-2013-3517 | Cross-site scripting (XSS) vulnerability in NETGEAR WNR3500U and WNR3500L.... | | |
| CVE-2013-3519 | lgtosync.sys in VMware Workstation 9.x before 9.0.3, VMware Player 5.x before 5.0.3, VMware Fusion 5... | | |
| CVE-2013-3520 | VMware vCenter Chargeback Manager (aka CBM) before 2.5.1 does not proper handle uploads, which allow... | | |
| CVE-2013-3521 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2013-3522 | SQL injection vulnerability in index.php/ajax/api/reputation/vote in vBulletin 5.0.0 Beta 11, 5.0.0 ... | E | |
| CVE-2013-3523 | SQL injection vulnerability in This HTML Is Simple (THIS) before 1.2.4 allows remote to execute arbi... | | |
| CVE-2013-3524 | SQL injection vulnerability in popupnewsitem/ in the Pop Up News module 2.0 and possibly earlier for... | E | |
| CVE-2013-3525 | SQL injection vulnerability in Approvals/ in Request Tracker (RT) 4.0.10 and earlier allows remote a... | E | |
| CVE-2013-3526 | Cross-site scripting (XSS) vulnerability in js/ta_loaded.js.php in the Traffic Analyzer plugin, poss... | E | |
| CVE-2013-3527 | Multiple SQL injection vulnerabilities in Vanilla Forums before 2.0.18.8 allow remote attackers to e... | E | |
| CVE-2013-3528 | Unspecified vulnerability in the update check in Vanilla Forums before 2.0.18.8 has unspecified impa... | E S | |
| CVE-2013-3529 | Multiple cross-site scripting (XSS) vulnerabilities in user/obits.php in the WP FuneralPress plugin ... | E | |
| CVE-2013-3530 | SQL injection vulnerability in playlist.php in the Spiffy XSPF Player plugin 0.1 for WordPress allow... | E | |
| CVE-2013-3531 | SQL injection vulnerability in meneger.php in RadioCMS 2.2 allows remote attackers to execute arbitr... | E | |
| CVE-2013-3532 | SQL injection vulnerability in settings.php in the Web Dorado Spider Video Player plugin 2.1 for Wor... | E | |
| CVE-2013-3533 | Multiple SQL injection vulnerabilities in Virtual Access Monitor 3.10.17 and earlier allow attackers... | E | |
| CVE-2013-3534 | Cross-site scripting (XSS) vulnerability in the aiContactSafe component before 2.0.21 for Joomla! al... | | |
| CVE-2013-3535 | Multiple cross-site scripting (XSS) vulnerabilities in CMSLogik 1.2.0 and 1.2.1 allow remote attacke... | E | |
| CVE-2013-3536 | SQL injection vulnerability in the gp_LoadUserFromHash function in functions_hash.php in the Group P... | E | |
| CVE-2013-3537 | Multiple SQL injection vulnerabilities in todooforum.php in Todoo Forum 2.0 allow remote attackers t... | E | |
| CVE-2013-3538 | Multiple cross-site scripting (XSS) vulnerabilities in todooforum.php in Todoo Forum 2.0 allow remot... | E | |
| CVE-2013-3539 | Cross-site request forgery (CSRF) vulnerability in the command/user.cgi in Sony SNC CH140, SNC CH180... | E | |
| CVE-2013-3540 | Cross-site request forgery (CSRF) vulnerability in cgi-bin/admin/usrgrp.cgi in AirLive POE2600HD, PO... | E | |
| CVE-2013-3541 | Directory traversal vulnerability in cgi-bin/admin/fileread in AirLive WL2600CAM and possibly other ... | E | |
| CVE-2013-3542 | Grandstream GXV3501, GXV3504, GXV3601, GXV3601HD/LL, GXV3611HD/LL, GXV3615W/P, GXV3651FHD, GXV3662HD... | E | |
| CVE-2013-3543 | The AXIS Media Control (AMC) ActiveX control (AxisMediaControlEmb.dll) 6.2.10.11 for AXIS network ca... | E | |
| CVE-2013-3544 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2012-3544. Reason: This candida... | R | |
| CVE-2013-3550 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2013-0237. Reason: This candida... | R | |
| CVE-2013-3551 | Kernel/Modules/AgentTicketPhone.pm in Open Ticket Request System (OTRS) 3.0.x before 3.0.20, 3.1.x b... | | |
| CVE-2013-3552 | Nitro Pro 7.5.0.29 and earlier and Nitro Reader 2.5.0.45 and earlier allow remote attackers to execu... | | |
| CVE-2013-3553 | Nitro Pro 7.5.0.22 and earlier and Nitro Reader 2.5.0.36 and earlier allow remote attackers to execu... | | |
| CVE-2013-3555 | epan/dissectors/packet-gtpv2.c in the GTPv2 dissector in Wireshark 1.8.x before 1.8.7 calls incorrec... | E S | |
| CVE-2013-3556 | The fragment_add_seq_common function in epan/reassemble.c in the ASN.1 BER dissector in Wireshark be... | | |
| CVE-2013-3557 | The dissect_ber_choice function in epan/dissectors/packet-ber.c in the ASN.1 BER dissector in Wiresh... | E S | |
| CVE-2013-3558 | The dissect_ccp_bsdcomp_opt function in epan/dissectors/packet-ppp.c in the PPP CCP dissector in Wir... | | |
| CVE-2013-3559 | epan/dissectors/packet-dcp-etsi.c in the DCP ETSI dissector in Wireshark 1.8.x before 1.8.7 uses inc... | E S | |
| CVE-2013-3560 | The dissect_dsmcc_un_download function in epan/dissectors/packet-mpeg-dsmcc.c in the MPEG DSM-CC dis... | E S | |
| CVE-2013-3561 | Multiple integer overflows in Wireshark 1.8.x before 1.8.7 allow remote attackers to cause a denial ... | S | |
| CVE-2013-3562 | Multiple integer signedness errors in the tvb_unmasked function in epan/dissectors/packet-websocket.... | E S | |
| CVE-2013-3563 | Stack-based buffer overflow in db_netserver in Lianja SQL Server before 1.0.0RC5.2 allows remote att... | E | |
| CVE-2013-3564 | The web interface in VideoLAN VLC media player before 2.0.7 has no access control which allows remot... | | |
| CVE-2013-3565 | Multiple cross-site scripting (XSS) vulnerabilities in the HTTP Interface in VideoLAN VLC Media Play... | E | |
| CVE-2013-3567 | Puppet 2.7.x before 2.7.22 and 3.2.x before 3.2.2, and Puppet Enterprise before 2.8.2, deserializes ... | | |
| CVE-2013-3568 | Cross-site request forgery (CSRF) vulnerability in Cisco Linksys WRT110 allows remote attackers to h... | E | |
| CVE-2013-3571 | socat 1.2.0.0 before 1.7.2.2 and 2.0.0-b1 before 2.0.0-b6, when used for a listen type address and t... | | |
| CVE-2013-3572 | Cross-site scripting (XSS) vulnerability in the administer interface in the UniFi Controller in Ubiq... | | |
| CVE-2013-3573 | HP Insight Diagnostics 9.4.0.4710 allows remote attackers to conduct unspecified injection attacks v... | | |
| CVE-2013-3574 | Absolute path traversal vulnerability in hpdiags/frontend2/commands/saveCompareConfig.php in HP Insi... | | |
| CVE-2013-3575 | hpdiags/frontend2/help/pageview.php in HP Insight Diagnostics 9.4.0.4710 does not properly restrict ... | | |
| CVE-2013-3576 | ginkgosnmp.inc in HP System Management Homepage (SMH) allows remote authenticated users to execute a... | E | |
| CVE-2013-3577 | SQL injection vulnerability in the Help Desk application in Wave EMBASSY Remote Administration Serve... | | |
| CVE-2013-3578 | SQL injection vulnerability in the Help Desk application in Wave EMBASSY Remote Administration Serve... | | |
| CVE-2013-3579 | The Lookout Mobile Security application before 8.17-8a39d3f for Android allows attackers to cause a ... | | |
| CVE-2013-3580 | The TrustGo Antivirus & Mobile Security application before 1.3.6 for Android allows attackers to cau... | | |
| CVE-2013-3581 | ajax.cgi in the web interface on the Choice Wireless Green Packet WIXFMR-111 4G WiMax modem allows r... | | |
| CVE-2013-3582 | Buffer overflow in Dell BIOS on Dell Latitude D###, E####, XT2, and Z600 devices, and Dell Precision... | E | |
| CVE-2013-3583 | Cross-site request forgery (CSRF) vulnerability in saveProperties.html in Corporater EPM Suite allow... | | |
| CVE-2013-3584 | Cross-site scripting (XSS) vulnerability in Corporater EPM Suite allows remote attackers to inject a... | | |
| CVE-2013-3585 | Samsung Web Viewer for Samsung DVR devices stores credentials in cleartext, which allows context-dep... | | |
| CVE-2013-3586 | Samsung Web Viewer for Samsung DVR devices allows remote attackers to bypass authentication via an a... | | |
| CVE-2013-3587 | The HTTPS protocol, as used in unspecified web applications, can encrypt compressed data without pro... | E | |
| CVE-2013-3588 | The web management interface on Zyxel P660 devices allows remote attackers to cause a denial of serv... | | |
| CVE-2013-3589 | Cross-site scripting (XSS) vulnerability in the login page in the Administrative Web Interface on De... | | |
| CVE-2013-3590 | Unrestricted file upload vulnerability in admin/uploadImage.html in SearchBlox before 7.5 build 1 al... | | |
| CVE-2013-3591 | vTiger CRM 5.3 and 5.4: 'files' Upload Folder Arbitrary PHP Code Execution Vulnerability... | E | |
| CVE-2013-3593 | Baramundi Management Suite 7.5 through 8.9 uses cleartext for (1) client-server communication and (2... | | |
| CVE-2013-3594 | The SSH service on Dell PowerConnect 3348 1.2.1.3, 3524p 2.0.0.48, and 5324 2.0.1.4 switches allows ... | | |
| CVE-2013-3595 | The OpenManage web application 2.5 build 1.19 on Dell PowerConnect 3348 1.2.1.3, 3524p 2.0.0.48, and... | | |
| CVE-2013-3596 | AdvancePro Advanceware allows remote authenticated users to obtain sensitive information about arbit... | | |
| CVE-2013-3597 | servlet/CollectionListServlet in SearchBlox before 7.5 build 1 allows remote attackers to read usern... | | |
| CVE-2013-3598 | Directory traversal vulnerability in servlet/CreateTemplateServlet in SearchBlox before 7.5 build 1 ... | | |
| CVE-2013-3599 | userlogin.jsp in Coursemill Learning Management System (LMS) 6.6 and 6.8 allows remote attackers to ... | | |
| CVE-2013-3600 | Coursemill Learning Management System (LMS) 6.6 allows remote authenticated users to gain privileges... | | |
| CVE-2013-3601 | Coursemill Learning Management System (LMS) 6.6 does not properly restrict JSP function calls, which... | | |
| CVE-2013-3602 | SQL injection vulnerability in admindocumentworker.jsp in Coursemill Learning Management System (LMS... | | |
| CVE-2013-3603 | Cross-site scripting (XSS) vulnerability in Coursemill Learning Management System (LMS) 6.6 allows r... | | |
| CVE-2013-3604 | Multiple cross-site scripting (XSS) vulnerabilities in Coursemill Learning Management System (LMS) 6... | | |
| CVE-2013-3605 | Cross-site request forgery (CSRF) vulnerability in Coursemill Learning Management System (LMS) 6.6 a... | | |
| CVE-2013-3606 | The login page in the GoAhead web server on Dell PowerConnect 3348 1.2.1.3, 3524p 2.0.0.48, and 5324... | | |
| CVE-2013-3607 | Multiple stack-based buffer overflows in the web interface in the Intelligent Platform Management In... | E | |
| CVE-2013-3608 | The web interface in the Intelligent Platform Management Interface (IPMI) implementation on Supermic... | E | |
| CVE-2013-3609 | The web interface in the Intelligent Platform Management Interface (IPMI) implementation on Supermic... | E | |
| CVE-2013-3610 | qis/QIS_finish.htm on the ASUS RT-N10E router with firmware before 2.0.0.25 does not require authent... | | |
| CVE-2013-3611 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was wi... | R | |
| CVE-2013-3612 | Dahua DVR appliances have a hardcoded password for (1) the root account and (2) an unspecified "back... | | |
| CVE-2013-3613 | Dahua DVR appliances do not properly restrict UPnP requests, which makes it easier for remote attack... | | |
| CVE-2013-3614 | Dahua DVR appliances have a small value for the maximum password length, which makes it easier for r... | | |
| CVE-2013-3615 | Dahua DVR appliances use a password-hash algorithm with a short hash length, which makes it easier f... | | |
| CVE-2013-3616 | Cross-site scripting (XSS) vulnerability in the KnowledgeView Editorial and Management application a... | | |
| CVE-2013-3617 | The XML API in Openbravo ERP 2.5, 3.0, and earlier allows remote authenticated users to read arbitra... | E | |
| CVE-2013-3619 | Intelligent Platform Management Interface (IPMI) with firmware for Supermicro X9 generation motherbo... | | |
| CVE-2013-3620 | Hardcoded WSMan credentials in Intelligent Platform Management Interface (IPMI) with firmware for Su... | | |
| CVE-2013-3621 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2013-3607. Reason: This candidate... | R | |
| CVE-2013-3622 | Buffer overflow in logout.cgi in the Intelligent Platform Management Interface (IPMI) with firmware ... | E | |
| CVE-2013-3623 | Multiple stack-based buffer overflows in cgi/close_window.cgi in the web interface in the Intelligen... | E | |
| CVE-2013-3624 | The OS deployment feature in Baramundi Management Suite 7.5 through 8.9 stores credentials in cleart... | | |
| CVE-2013-3625 | An unspecified DLL file in Baramundi Management Suite 7.5 through 8.9 uses a hardcoded encryption ke... | | |
| CVE-2013-3626 | Directory traversal vulnerability in the Session Server in Attachmate Verastream Host Integrator (VH... | | |
| CVE-2013-3627 | FrameworkService.exe in McAfee Framework Service in McAfee Managed Agent (MA) before 4.5.0.1927 and ... | | |
| CVE-2013-3628 | Zabbix 2.0.9 has an Arbitrary Command Execution Vulnerability... | E | |
| CVE-2013-3629 | ISPConfig 3.0.5.2 has Arbitrary PHP Code Execution... | E | |
| CVE-2013-3630 | Moodle through 2.5.2 allows remote authenticated administrators to execute arbitrary programs by con... | E | |
| CVE-2013-3631 | NAS4Free 9.1.0.1.804 and earlier allows remote authenticated users to execute arbitrary PHP code via... | E | |
| CVE-2013-3632 | The Cron service in rpc.php in OpenMediaVault allows remote authenticated users to execute cron jobs... | E | |
| CVE-2013-3633 | A vulnerability has been identified in SCALANCE X-200 switch family (incl. SIPLUS NET variants) (Ver... | | |
| CVE-2013-3634 | A vulnerability has been identified in SCALANCE X-200 switch family (incl. SIPLUS NET variants) (Ver... | | |
| CVE-2013-3635 | ProjectPier 0.8.8 has stored XSS... | E | |
| CVE-2013-3636 | ProjectPier 0.8.8 has a Remote Information Disclosure Weakness because of the lack of the HttpOnly c... | E | |
| CVE-2013-3637 | ProjectPier 0.8.8 does not use the Secure flag for cookies... | E | |
| CVE-2013-3638 | SQL injection vulnerability in Boonex Dolphin before 7.1.3 allows remote authenticated users to exec... | | |
| CVE-2013-3639 | Multiple cross-site scripting (XSS) vulnerabilities in Xaraya 2.4.0-b1 and earlier allow remote atta... | E | |
| CVE-2013-3640 | Cross-site scripting (XSS) vulnerability in the Instant Web Publish function in FileMaker Pro before... | | |
| CVE-2013-3641 | The Pizza Hut Japan Official Order application before 1.1.1.a for Android does not verify X.509 cert... | | |
| CVE-2013-3642 | The Angel Browser application 1.47b and earlier for Android 1.6 through 2.1, 1.62b and earlier for A... | | |
| CVE-2013-3643 | The Galapagos Browser application for Android does not properly implement the WebView class, which a... | | |
| CVE-2013-3644 | Unspecified vulnerability in JustSystems Ichitaro 2006 through 2013; Ichitaro Pro through 2; Ichitar... | | |
| CVE-2013-3645 | Cross-site scripting (XSS) vulnerability in the Orchard.Comments module in Orchard before 1.6.1 allo... | S | |
| CVE-2013-3646 | The Cybozu Live application before 2.0.1 for Android allows remote attackers to execute arbitrary Ja... | | |
| CVE-2013-3647 | The WebView class in the Cybozu Live application before 2.0.1 for Android allows attackers to execut... | | |
| CVE-2013-3648 | Cross-site scripting (XSS) vulnerability in KENT-WEB POST-MAIL before 6.7, when Internet Explorer 7 ... | | |
| CVE-2013-3649 | Cross-site scripting (XSS) vulnerability in KENT-WEB CLIP-MAIL before 3.4, when Internet Explorer 7 ... | | |
| CVE-2013-3650 | Directory traversal vulnerability in the lfCheckFileName function in data/class/pages/LC_Page_Resize... | | |
| CVE-2013-3651 | LOCKON EC-CUBE 2.11.2 through 2.12.4 allows remote attackers to conduct unspecified PHP code-injecti... | | |
| CVE-2013-3652 | Cross-site scripting (XSS) vulnerability in data/class/pages/products/LC_Page_Products_List.php in L... | | |
| CVE-2013-3653 | Multiple cross-site scripting (XSS) vulnerabilities in the RecommendSearch feature in the management... | | |
| CVE-2013-3654 | Directory traversal vulnerability in LOCKON EC-CUBE 2.12.0 through 2.12.4 allows remote attackers to... | | |
| CVE-2013-3655 | The Sharp AQUOS PhotoPlayer HN-PP150 with firmware before 1.04.00.04 allows remote attackers to caus... | | |
| CVE-2013-3656 | Cybozu Office 9.1.0 and earlier does not properly manage sessions, which allows remote attackers to ... | | |
| CVE-2013-3657 | Buffer overflow in VMware ESXi 4.0 through 5.0, and ESX 4.0 and 4.1, allows remote attackers to exec... | | |
| CVE-2013-3658 | Directory traversal vulnerability in VMware ESXi 4.0 through 5.0, and ESX 4.0 and 4.1, allows remote... | | |
| CVE-2013-3659 | The NTT DOCOMO overseas usage application 2.0.0 through 2.0.4 for Android does not properly connect ... | | |
| CVE-2013-3660 | The EPATHOBJ::pprFlattenRec function in win32k.sys in the kernel-mode drivers in Microsoft Windows X... | KEV E S | |
| CVE-2013-3661 | The EPATHOBJ::bFlatten function in win32k.sys in Microsoft Windows XP SP2 and SP3, Windows Server 20... | E | |
| CVE-2013-3662 | Timbre SketchUp (formerly Google SketchUp) before 8 Maintenance 2 allows remote attackers to execute... | E | |
| CVE-2013-3663 | Heap-based buffer overflow in paintlib, as used in Trimble SketchUp (formerly Google SketchUp) befor... | E | |
| CVE-2013-3664 | Trimble SketchUp (formerly Google SketchUp) before 2013 (13.0.3689) allows remote attackers to execu... | E | |
| CVE-2013-3665 | Unspecified vulnerability in Autodesk AutoCAD through 2014, AutoCAD LT through 2014, and DWG TrueVie... | S | |
| CVE-2013-3666 | The LG Hidden Menu component for Android on the LG Optimus G E973 allows physically proximate attack... | | |
| CVE-2013-3667 | The software update mechanism as used in Bare Bones Software Yojimbo before 4.0, TextWrangler before... | | |
| CVE-2013-3670 | The rle_unpack function in vmdav.c in libavcodec in FFmpeg git 20130328 through 20130501 does not pr... | | |
| CVE-2013-3671 | The format_line function in log.c in libavutil in FFmpeg before 1.2.1 uses inapplicable offset data ... | | |
| CVE-2013-3672 | The mm_decode_inter function in mmvideo.c in libavcodec in FFmpeg before 1.2.1 does not validate the... | | |
| CVE-2013-3673 | The gif_decode_frame function in gifdec.c in libavcodec in FFmpeg before 1.2.1 does not properly man... | | |
| CVE-2013-3674 | The cdg_decode_frame function in cdgraphics.c in libavcodec in FFmpeg before 1.2.1 does not validate... | | |
| CVE-2013-3675 | The process_frame_obj function in sanm.c in libavcodec in FFmpeg before 1.2.1 does not validate widt... | | |
| CVE-2013-3678 | Multiple unspecified vulnerabilities in SAP Governance, Risk, and Compliance (GRC) allow remote auth... | | |
| CVE-2013-3684 | NextGEN Gallery plugin before 1.9.13 for WordPress: ngggallery.php file upload... | | |
| CVE-2013-3685 | A Privilege Escalation Vulnerability exists in Sprite Software Spritebud 1.3.24 and 1.3.28 and Backu... | E | |
| CVE-2013-3686 | cgi-bin/operator/param in AirLive WL2600CAM and possibly other camera models allows remote attackers... | E | |
| CVE-2013-3687 | AirLive POE2600HD, POE250HD, POE200HD, OD-325HD, OD-2025HD, OD-2060HD, POE100HD, and possibly other ... | | |
| CVE-2013-3688 | The TP-Link IP Cameras TL-SC3171, TL-SC3130, TL-SC3130G, TL-SC3171G, and possibly other models befor... | E | |
| CVE-2013-3689 | Brickcom FB-100Ap, WCB-100Ap, MD-100Ap, WFB-100Ap, OB-100Ae, OSD-040E, and possibly other camera mod... | | |
| CVE-2013-3690 | Cross-site request forgery (CSRF) vulnerability in cgi-bin/users.cgi in Brickcom FB-100Ap, WCB-100Ap... | | |
| CVE-2013-3691 | AirLive POE-2600HD allows remote attackers to cause a denial of service (device reset) via a long UR... | E | |
| CVE-2013-3692 | BlackBerry 10 OS before 10.0.10.648 on BlackBerry Z10 smartphones uses weak permissions for a BlackB... | | |
| CVE-2013-3693 | The BlackBerry Universal Device Service in BlackBerry Enterprise Service (BES) 10.0 through 10.1.2 d... | | |
| CVE-2013-3694 | BlackBerry Link before 1.2.1.31 on Windows and before 1.1.1 build 39 on Mac OS X does not require au... | E | |
| CVE-2013-3697 | Integer overflow in the NWFS.SYS kernel driver 4.91.5.8 in Novell Client 4.91 SP5 on Windows XP and ... | E | |
| CVE-2013-3698 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2013-6346. Reason: This candida... | R | |
| CVE-2013-3699 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was wi... | R | |
| CVE-2013-3701 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2013-6345. Reason: This candida... | R | |
| CVE-2013-3702 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2013-6344. Reason: This candida... | R | |
| CVE-2013-3703 | No write permission check in change_role command | | |
| CVE-2013-3704 | The RPM GPG key import and handling feature in libzypp 12.15.0 and earlier reports a different key f... | | |
| CVE-2013-3705 | The VBA32 AntiRootKit component for Novell Client 2 SP3 before IR5 on Windows allows local users to ... | | |
| CVE-2013-3706 | Directory traversal vulnerability in the PreBoot service in Novell ZENworks Configuration Management... | S | |
| CVE-2013-3707 | The HTTPSTK service in the novell-nrm package before 2.0.2-297.305.302.3 in Novell Open Enterprise S... | | |
| CVE-2013-3708 | The id1.GetPrinterURLList function in Novell iPrint Client before 5.93 allows remote attackers to ca... | | |
| CVE-2013-3709 | WebYaST 1.3 uses weak permissions for config/initializers/secret_token.rb, which allows local users ... | E | |
| CVE-2013-3710 | SUSE Lifecycle Management Server (SLMS) before 1.3.7 does not generate a new secret key when the ser... | | |
| CVE-2013-3712 | SUSE Studio Onsite 1.3.x before 1.3.6 and SUSE Studio Extension for System z 1.3 uses "static" secre... | | |
| CVE-2013-3713 | The image creation configuration in aaa_base before 16.26.1 for openSUSE 13.1 KDE adds the root user... | E | |
| CVE-2013-3718 | evince is missing a check on number of pages which can lead to a segmentation fault... | S | |
| CVE-2013-3719 | Cross-site scripting (XSS) vulnerability in the aiContactSafe component before 2.0.21 for Joomla! al... | | |
| CVE-2013-3720 | Cross-site scripting (XSS) vulnerability in widget_remove.php in the Feedweb plugin before 1.9 for W... | E S | |
| CVE-2013-3721 | SQL injection vulnerability in awards.php in PsychoStats 3.2.2b allows remote attackers to execute a... | E | |
| CVE-2013-3722 | A Denial of Service (infinite loop) exists in OpenSIPS before 1.10 in lookup.c.... | S | |
| CVE-2013-3724 | The mk_request_header_process function in mk_request.c in Monkey 1.1.1 allows remote attackers to ca... | E S | |
| CVE-2013-3725 | Invision Power Board (IPB) through 3.x allows admin account takeover leading to code execution.... | | |
| CVE-2013-3726 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2013-1636. Reason: This candida... | R | |
| CVE-2013-3727 | SQL injection vulnerability in Kasseler CMS before 2 r1232 allows remote authenticated users to exec... | E | |
| CVE-2013-3728 | Cross-site scripting (XSS) vulnerability in Kasseler CMS before 2 r1232 allows remote authenticated ... | E S | |
| CVE-2013-3729 | Multiple cross-site request forgery (CSRF) vulnerabilities in Kasseler CMS before 2 r1232 allow remo... | E S | |
| CVE-2013-3734 | The Embedded Jopr component in JBoss Application Server includes the cleartext datasource password i... | | |
| CVE-2013-3735 | The Zend Engine in PHP before 5.4.16 RC1, and 5.5.0 before RC2, does not properly determine whether ... | E S | |
| CVE-2013-3736 | Cross-site scripting (XSS) vulnerability in the MobileUI (aka RT-Extension-MobileUI) extension befor... | S | |
| CVE-2013-3737 | The MobileUI (aka RT-Extension-MobileUI) extension before 1.04 in Request Tracker (RT) 4.0.0 before ... | S | |
| CVE-2013-3738 | A File Inclusion vulnerability exists in Zabbix 2.0.6 due to inadequate sanitization of request stri... | E S | |
| CVE-2013-3739 | Directory traversal vulnerability in editor.php in Network Weathermap 0.97c and earlier allows remot... | E | |
| CVE-2013-3742 | Cross-site scripting (XSS) vulnerability in view_create.php (aka the Create View page) in phpMyAdmin... | | |
| CVE-2013-3743 | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 6 Update... | | |
| CVE-2013-3744 | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update... | | |
| CVE-2013-3745 | Unspecified vulnerability in Oracle Solaris 8, 9, 10, and 11 allows local users to affect availabili... | S | |
| CVE-2013-3746 | Unspecified vulnerability in the Solaris Cluster component in Oracle and Sun Systems Products Suite ... | | |
| CVE-2013-3747 | Unspecified vulnerability in the Oracle Applications Technology Stack component in Oracle E-Business... | | |
| CVE-2013-3748 | Unspecified vulnerability in Oracle Solaris 11 allows remote attackers to affect availability via ve... | | |
| CVE-2013-3749 | Unspecified vulnerability in the Oracle Application Object Library component in Oracle E-Business Su... | | |
| CVE-2013-3750 | Unspecified vulnerability in Oracle Solaris 11 allows local users to affect confidentiality, integri... | | |
| CVE-2013-3751 | Unspecified vulnerability in the XML Parser component in Oracle Database Server 11.2.0.2, 11.2.0.3, ... | | |
| CVE-2013-3752 | Unspecified vulnerability in Oracle Solaris 11 allows remote attackers to affect integrity via vecto... | | |
| CVE-2013-3753 | Unspecified vulnerability in Oracle Solaris 11 allows remote attackers to affect availability via ve... | | |
| CVE-2013-3754 | Unspecified vulnerability in the Solaris Cluster component in Oracle and Sun Systems Products Suite ... | | |
| CVE-2013-3755 | Unspecified vulnerability in the Oracle Access Manager component in Oracle Fusion Middleware 11.1.1.... | S | |
| CVE-2013-3756 | Unspecified vulnerability in the Oracle Landed Cost Management component in Oracle E-Business Suite ... | | |
| CVE-2013-3757 | Unspecified vulnerability in Oracle Solaris 8, 9, 10, and 11 allows remote attackers to affect integ... | S | |
| CVE-2013-3758 | Unspecified vulnerability in the Enterprise Manager (EM) Base Platform 10.2.0.5 and 11.1.0.1; EM DB ... | | |
| CVE-2013-3759 | Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools component in Oracle PeopleSoft Pr... | | |
| CVE-2013-3760 | Unspecified vulnerability in the Oracle executable component in Oracle Database Server 10.2.0.4, 10.... | | |
| CVE-2013-3761 | Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools component in Oracle PeopleSoft Pr... | | |
| CVE-2013-3762 | Unspecified vulnerability in the Enterprise Manager Base Platform component in Oracle Enterprise Man... | | |
| CVE-2013-3763 | Unspecified vulnerability in the Oracle Endeca Server component in Oracle Fusion Middleware 7.4.0 an... | | |
| CVE-2013-3764 | Unspecified vulnerability in the Oracle Endeca Server component in Oracle Fusion Middleware 7.4.0 an... | | |
| CVE-2013-3765 | Unspecified vulnerability in Oracle Solaris 11 allows local users to affect availability via unknown... | | |
| CVE-2013-3766 | Unspecified vulnerability in the Primavera P6 Enterprise Project Portfolio Management component in O... | S | |
| CVE-2013-3767 | Unspecified vulnerability in the Oracle Application Object Library component in Oracle E-Business Su... | | |
| CVE-2013-3768 | Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools component in Oracle PeopleSoft Pr... | | |
| CVE-2013-3769 | Unspecified vulnerability in the Oracle WebCenter Content component in Oracle Fusion Middleware 10.1... | | |
| CVE-2013-3770 | Unspecified vulnerability in the Oracle WebCenter Content component in Oracle Fusion Middleware 10.1... | | |
| CVE-2013-3771 | Unspecified vulnerability in the Oracle executable component in Oracle Database Server 10.2.0.4, 10.... | | |
| CVE-2013-3772 | Unspecified vulnerability in the Oracle WebCenter Content component in Oracle Fusion Middleware 10.1... | | |
| CVE-2013-3773 | Unspecified vulnerability in the SPARC Enterprise M Series Servers component in Oracle and Sun Syste... | | |
| CVE-2013-3774 | Unspecified vulnerability in the Network Layer component in Oracle Database Server 10.2.0.4, 10.2.0.... | | |
| CVE-2013-3775 | Unspecified vulnerability in the Oracle iLearning component in Oracle iLearning 5.2.1 and 6.0 allows... | | |
| CVE-2013-3776 | Unspecified vulnerability in the Oracle Outside In Technology component in Oracle Fusion Middleware ... | | |
| CVE-2013-3777 | Unspecified vulnerability in the Oracle Application Object Library component in Oracle E-Business Su... | | |
| CVE-2013-3778 | Unspecified vulnerability in the Oracle Applications Technology Stack component in Oracle E-Business... | | |
| CVE-2013-3779 | Unspecified vulnerability in the Secure Global Desktop component in Oracle Virtualization All 4.6 re... | | |
| CVE-2013-3780 | Unspecified vulnerability in the PeopleSoft Enterprise Portal component in Oracle PeopleSoft Product... | | |
| CVE-2013-3781 | Unspecified vulnerability in the Oracle Outside In Technology component in Oracle Fusion Middleware ... | | |
| CVE-2013-3782 | Unspecified vulnerability in the Secure Global Desktop component in Oracle Virtualization 4.6 prior ... | | |
| CVE-2013-3783 | Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.31 and earlier allows re... | | |
| CVE-2013-3784 | Unspecified vulnerability in the PeopleSoft Enterprise HRMS component in Oracle PeopleSoft Products ... | | |
| CVE-2013-3785 | Unspecified vulnerability in the PeopleSoft Enterprise HRMS component in Oracle PeopleSoft Products ... | | |
| CVE-2013-3786 | Unspecified vulnerability in Oracle Solaris 9, 10, and 11 allows local users to affect confidentiali... | S | |
| CVE-2013-3787 | Unspecified vulnerability in Oracle Solaris 10 and 11 allows remote attackers to affect availability... | S | |
| CVE-2013-3788 | Unspecified vulnerability in the Oracle iSupplier Portal component in Oracle E-Business Suite 11.5.1... | | |
| CVE-2013-3789 | Unspecified vulnerability in the Core RDBMS component in Oracle Database Server 10.2.0.4, 10.2.0.5, ... | | |
| CVE-2013-3790 | Unspecified vulnerability in the Core RDBMS component in Oracle Database Server 10.2.0.4, 10.2.0.5, ... | | |
| CVE-2013-3791 | Unspecified vulnerability in Enterprise Manager (EM) Base Platform 10.2.0.5 and EM DB Control 11.1.0... | | |
| CVE-2013-3792 | Unspecified vulnerability in the Oracle VM VirtualBox component in Oracle Virtualization VirtualBox ... | | |
| CVE-2013-3793 | Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.31 and earlier and 5.6.1... | | |
| CVE-2013-3794 | Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.30 and earlier and 5.6.1... | | |
| CVE-2013-3795 | Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.6.11 and earlier allows re... | | |
| CVE-2013-3796 | Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.6.11 and earlier allows re... | | |
| CVE-2013-3797 | Unspecified vulnerability in Oracle Solaris 11 allows local users to affect availability via unknown... | | |
| CVE-2013-3798 | Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.6.11 and earlier allows re... | | |
| CVE-2013-3799 | Unspecified vulnerability in Oracle Solaris 10 and 11, when running on AMD64, allows local users to ... | S | |
| CVE-2013-3800 | Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools component in Oracle PeopleSoft Pr... | | |
| CVE-2013-3801 | Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.30 and earlier and 5.6.1... | | |
| CVE-2013-3802 | Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.69 and earlier, 5.5.31 a... | | |
| CVE-2013-3803 | Unspecified vulnerability in the Hyperion BI+ component in Oracle Hyperion 11.1.1.3, 11.1.1.4.107 an... | | |
| CVE-2013-3804 | Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.69 and earlier, 5.5.31 a... | | |
| CVE-2013-3805 | Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.30 and earlier and 5.6.1... | | |
| CVE-2013-3806 | Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.6.11 and earlier allows re... | | |
| CVE-2013-3807 | Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.6.11 and earlier allows re... | | |
| CVE-2013-3808 | Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.68 and earlier, 5.5.30 a... | | |
| CVE-2013-3809 | Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.31 and earlier and 5.6.1... | | |
| CVE-2013-3810 | Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.6.11 and earlier allows re... | | |
| CVE-2013-3811 | Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.6.11 and earlier allows re... | | |
| CVE-2013-3812 | Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.31 and earlier and 5.6.1... | | |
| CVE-2013-3813 | Unspecified vulnerability in Oracle Solaris 10 allows remote attackers to affect confidentiality and... | S | |
| CVE-2013-3814 | Unspecified vulnerability in the Oracle Retail Invoice Matching component in Oracle Industry Applica... | | |
| CVE-2013-3815 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2013-3816 | Unspecified vulnerability in the Oracle Policy Automation component in Oracle Industry Applications ... | | |
| CVE-2013-3817 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2013-3818 | Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools component in Oracle PeopleSoft Pr... | | |
| CVE-2013-3819 | Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools component in Oracle PeopleSoft Pr... | | |
| CVE-2013-3820 | Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools component in Oracle PeopleSoft Pr... | | |
| CVE-2013-3821 | Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools component in Oracle PeopleSoft Pr... | | |
| CVE-2013-3822 | Unspecified vulnerability in the Oracle Agile PLM Framework component in Oracle Supply Chain Product... | | |
| CVE-2013-3823 | Unspecified vulnerability in the Oracle Agile PLM Framework component in Oracle Supply Chain Product... | | |
| CVE-2013-3824 | Unspecified vulnerability in the Oracle Agile Collaboration Framework component in Oracle Supply Cha... | | |
| CVE-2013-3825 | Unspecified vulnerability in the Oracle Agile Product Collaboration component in Oracle Supply Chain... | | |
| CVE-2013-3826 | Unspecified vulnerability in the Core RDBMS component in Oracle Database Server 11.1.0.7, 11.2.0.2, ... | S | |
| CVE-2013-3827 | Unspecified vulnerability in the Oracle GlassFish Server component in Oracle Fusion Middleware 2.1.1... | | |
| CVE-2013-3828 | Unspecified vulnerability in the Oracle Web Services component in Oracle Fusion Middleware 10.1.3.5.... | S | |
| CVE-2013-3829 | Unspecified vulnerability in the Java SE, Java SE Embedded component in Oracle Java SE Java SE 7u40 ... | | |
| CVE-2013-3830 | Unspecified vulnerability in the Hyperion Strategic Finance component in Oracle Hyperion 11.1.2.1 an... | | |
| CVE-2013-3831 | Unspecified vulnerability in the Oracle Portal component in Oracle Fusion Middleware 11.1.1.6.0 allo... | S | |
| CVE-2013-3832 | Unspecified vulnerability in the Siebel Server Remote component in Oracle Siebel CRM 8.1.1 and 8.2.2... | S | |
| CVE-2013-3833 | Unspecified vulnerability in the Oracle Access Manager component in Oracle Fusion Middleware 11.1.1.... | S | |
| CVE-2013-3834 | Unspecified vulnerability in the Oracle Secure Global Desktop component in Oracle Virtualization 5 a... | | |
| CVE-2013-3835 | Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools component in Oracle PeopleSoft Pr... | | |
| CVE-2013-3836 | Unspecified vulnerability in the Oracle Web Cache component in Oracle Fusion Middleware 11.1.1.6 and... | S | |
| CVE-2013-3837 | Unspecified vulnerability in Oracle Solaris 10 and 11.1 allows remote attackers to affect availabili... | S | |
| CVE-2013-3838 | Unspecified vulnerability in Oracle SPARC Enterprise T & M Series Servers running Sun System Firmwar... | | |
| CVE-2013-3839 | Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.70 and earlier, 5.5.32 a... | | |
| CVE-2013-3840 | Unspecified vulnerability in the Siebel Core - EAI component in Oracle Siebel CRM 8.1.1 and 8.2.2 al... | S | |
| CVE-2013-3841 | Unspecified vulnerability in the Siebel Core - EAI component in Oracle Siebel CRM 8.1.1 and 8.2.2 al... | S | |
| CVE-2013-3842 | Unspecified vulnerability Oracle Solaris 10 allows local users to affect confidentiality via vectors... | S | |
| CVE-2013-3843 | Stack-based buffer overflow in the mk_request_header_process function in mk_request.c in Monkey HTTP... | | |
| CVE-2013-3844 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2013-3845 | Microsoft Internet Explorer 8 and 9 allows remote attackers to execute arbitrary code or cause a den... | | |
| CVE-2013-3846 | Use-after-free vulnerability in Microsoft Internet Explorer 9 and 10 allows remote attackers to exec... | | |
| CVE-2013-3847 | Microsoft Word Automation Services in SharePoint Server 2010 SP1, Word Web App 2010 SP1 in Office We... | | |
| CVE-2013-3848 | Microsoft Word Automation Services in SharePoint Server 2010 SP1, Word Web App 2010 SP1 in Office We... | | |
| CVE-2013-3849 | Microsoft Word Automation Services in SharePoint Server 2010 SP1, Word Web App 2010 SP1 in Office We... | | |
| CVE-2013-3850 | Microsoft Word 2003 SP3, 2007 SP3, and 2010 SP1 and SP2; Office Compatibility Pack SP3; and Word Vie... | | |
| CVE-2013-3851 | Microsoft Office 2003 SP3 and 2007 SP3, Word 2003 SP3 and 2007 SP3, Office Compatibility Pack SP3, a... | | |
| CVE-2013-3852 | Microsoft Word 2003 SP3, 2007 SP3, and 2010 SP1; Office Compatibility Pack SP3; and Word Viewer allo... | | |
| CVE-2013-3853 | Microsoft Office 2007 SP3 and Word 2007 SP3 allow remote attackers to execute arbitrary code or caus... | | |
| CVE-2013-3854 | Microsoft Office 2007 SP3 and Word 2007 SP3 allow remote attackers to execute arbitrary code or caus... | | |
| CVE-2013-3855 | Microsoft Word 2003 SP3 and 2007 SP3, Office Compatibility Pack SP3, and Word Viewer allow remote at... | | |
| CVE-2013-3856 | Microsoft Word 2003 SP3 and Word Viewer allow remote attackers to execute arbitrary code or cause a ... | | |
| CVE-2013-3857 | Microsoft Word Automation Services in SharePoint Server 2010 SP1 and SP2, Word Web App 2010 SP1 and ... | | |
| CVE-2013-3858 | Microsoft Word Automation Services in SharePoint Server 2010 SP1, Word Web App 2010 SP1 in Office We... | | |
| CVE-2013-3859 | Microsoft Pinyin IME 2010, when used in conjunction with Microsoft Office 2010 SP1, does not properl... | | |
| CVE-2013-3860 | Microsoft .NET Framework 2.0 SP2, 3.5, 3.5 SP1, 3.5.1, 4, and 4.5 does not properly parse a DTD duri... | | |
| CVE-2013-3861 | Microsoft .NET Framework 2.0 SP2, 3.5, 3.5 SP1, 3.5.1, 4, and 4.5 allows remote attackers to cause a... | | |
| CVE-2013-3862 | Double free vulnerability in Microsoft Windows 7 and Server 2008 R2 SP1 allows local users to gain p... | | |
| CVE-2013-3863 | Microsoft Windows XP SP2 and SP3 and Server 2003 SP2 allow remote attackers to execute arbitrary cod... | | |
| CVE-2013-3864 | win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, ... | | |
| CVE-2013-3865 | win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, ... | | |
| CVE-2013-3866 | win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, ... | | |
| CVE-2013-3867 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2013-3868 | Microsoft Active Directory Lightweight Directory Service (AD LDS) on Windows Vista SP2, Windows Serv... | | |
| CVE-2013-3869 | Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP... | S | |
| CVE-2013-3870 | Double free vulnerability in Microsoft Outlook 2007 SP3 and 2010 SP1 and SP2 allows remote attackers... | E | |
| CVE-2013-3871 | Microsoft Internet Explorer 6 through 10 allows remote attackers to execute arbitrary code or cause ... | | |
| CVE-2013-3872 | Microsoft Internet Explorer 10 allows remote attackers to execute arbitrary code or cause a denial o... | | |
| CVE-2013-3873 | Microsoft Internet Explorer 10 allows remote attackers to execute arbitrary code or cause a denial o... | | |
| CVE-2013-3874 | Microsoft Internet Explorer 9 allows remote attackers to execute arbitrary code or cause a denial of... | | |
| CVE-2013-3875 | Microsoft Internet Explorer 8 and 9 allows remote attackers to execute arbitrary code or cause a den... | | |
| CVE-2013-3876 | DirectAccess in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2... | | |
| CVE-2013-3877 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2013-3878 | Stack-based buffer overflow in the LRPC client in Microsoft Windows XP SP2 and SP3 and Server 2003 S... | | |
| CVE-2013-3879 | Use-after-free vulnerability in win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 an... | | |
| CVE-2013-3880 | The App Container feature in the kernel-mode drivers in Microsoft Windows 8, Windows Server 2012, an... | | |
| CVE-2013-3881 | win32k.sys in the kernel-mode drivers in Microsoft Windows 7 SP1 and Windows Server 2008 R2 SP1 allo... | | |
| CVE-2013-3882 | Microsoft Internet Explorer 10 allows remote attackers to execute arbitrary code or cause a denial o... | | |
| CVE-2013-3883 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2013-3884 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2013-3885 | Microsoft Internet Explorer 10 allows remote attackers to execute arbitrary code or cause a denial o... | | |
| CVE-2013-3886 | Microsoft Internet Explorer 9 and 10 allows remote attackers to execute arbitrary code or cause a de... | | |
| CVE-2013-3887 | The Ancillary Function Driver (AFD) in afd.sys in the kernel-mode drivers in Microsoft Windows XP SP... | | |
| CVE-2013-3888 | dxgkrnl.sys in the kernel-mode drivers in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R... | | |
| CVE-2013-3889 | Microsoft Excel 2007 SP3, 2010 SP1 and SP2, 2013, and 2013 RT; Office 2007 SP3, 2010 SP1 and SP2, 20... | | |
| CVE-2013-3890 | Microsoft Excel 2007 SP3, Excel Viewer, and Office Compatibility Pack SP3 allow remote attackers to ... | | |
| CVE-2013-3891 | Microsoft Word 2003 SP3 allows remote attackers to execute arbitrary code via a crafted Office docum... | | |
| CVE-2013-3892 | Microsoft Word 2007 SP3 and Office Compatibility Pack SP3 allow remote attackers to execute arbitrar... | | |
| CVE-2013-3893 | Use-after-free vulnerability in the SetMouseCapture implementation in mshtml.dll in Microsoft Intern... | KEV E | |
| CVE-2013-3894 | The kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista ... | | |
| CVE-2013-3895 | Microsoft SharePoint Server 2007 SP3 and 2010 SP1 and SP2 allows remote attackers to conduct clickja... | | |
| CVE-2013-3896 | Microsoft Silverlight 5 before 5.1.20913.0 does not properly validate pointers during access to Silv... | KEV S | |
| CVE-2013-3897 | Use-after-free vulnerability in the CDisplayPointer class in mshtml.dll in Microsoft Internet Explor... | KEV S | |
| CVE-2013-3898 | Microsoft Windows 8 and Windows Server 2012, when Hyper-V is used, does not ensure memory-address va... | | |
| CVE-2013-3899 | win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3 and Server 2003 SP2 does n... | | |
| CVE-2013-3900 | WinVerifyTrust Signature Validation Vulnerability | KEV S | |
| CVE-2013-3901 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2013-3902 | Use-after-free vulnerability in win32k.sys in the kernel-mode drivers in Microsoft Windows Server 20... | | |
| CVE-2013-3903 | Array index error in win32k.sys in the kernel-mode drivers in Microsoft Windows 8, Windows Server 20... | | |
| CVE-2013-3904 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2013-3905 | Microsoft Outlook 2007 SP3, 2010 SP1 and SP2, 2013, and 2013 RT does not properly expand metadata co... | | |
| CVE-2013-3906 | GDI+ in Microsoft Windows Vista SP2 and Server 2008 SP2; Office 2003 SP3, 2007 SP3, and 2010 SP1 and... | KEV E S | |
| CVE-2013-3907 | portcls.sys in the kernel-mode drivers in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R... | | |
| CVE-2013-3908 | Microsoft Internet Explorer 6 through 10 allows user-assisted remote attackers to bypass the Same Or... | | |
| CVE-2013-3909 | Microsoft Internet Explorer 6 through 8 allows remote attackers to read content from a different (1)... | | |
| CVE-2013-3910 | Microsoft Internet Explorer 6 through 9 allows remote attackers to execute arbitrary code or cause a... | | |
| CVE-2013-3911 | Microsoft Internet Explorer 9 and 10 allows remote attackers to execute arbitrary code or cause a de... | | |
| CVE-2013-3912 | Microsoft Internet Explorer 8 through 11 allows remote attackers to execute arbitrary code or cause ... | | |
| CVE-2013-3913 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2013-3914 | Microsoft Internet Explorer 9 through 11 allows remote attackers to execute arbitrary code or cause ... | | |
| CVE-2013-3915 | Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause ... | | |
| CVE-2013-3916 | Microsoft Internet Explorer 8 through 11 allows remote attackers to execute arbitrary code or cause ... | | |
| CVE-2013-3917 | Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause ... | | |
| CVE-2013-3918 | The InformationCardSigninHelper Class ActiveX control in icardie.dll in Microsoft Windows XP SP2 and... | S | |
| CVE-2013-3919 | resolver.c in ISC BIND 9.8.5 before 9.8.5-P1, 9.9.3 before 9.9.3-P1, and 9.6-ESV-R9 before 9.6-ESV-R... | S | |
| CVE-2013-3920 | Cross-site scripting (XSS) vulnerability in Jahia xCM before 6.6.2 allows remote authenticated users... | E | |
| CVE-2013-3921 | Directory traversal vulnerability in Easytime Studio Easy File Manager 1.1 for iOS allows remote att... | E | |
| CVE-2013-3922 | Directory traversal vulnerability in Gummy Bear Studios FTP Drive + HTTP Server 1.0.4 and earlier al... | E | |
| CVE-2013-3923 | Directory traversal vulnerability in SavySoda WiFi HD Free before 7.0 allows remote attackers to rea... | E | |
| CVE-2013-3925 | Atlassian Crowd 2.5.x before 2.5.4, 2.6.x before 2.6.3, 2.3.8, and 2.4.9 allows remote attackers to ... | E | |
| CVE-2013-3926 | Atlassian Crowd 2.6.3 allows remote attackers to execute arbitrary commands via unspecified vectors ... | E | |
| CVE-2013-3927 | Unspecified vulnerability in the client library in Siemens COMOS 9.2 before 9.2.0.6.10 and 10.0 befo... | | |
| CVE-2013-3928 | Stack-based buffer overflow in the ReadFile function in flt_BMP.dll in Chasys Draw IES before 4.11.0... | E | |
| CVE-2013-3929 | Cross-site scripting (XSS) vulnerability in admin/editevent.php in CMS Made Simple (CMSMS) 1.11.9 al... | | |
| CVE-2013-3930 | Stack-based buffer overflow in Core FTP before 2.2 build 1785 allows remote FTP servers to execute a... | S | |
| CVE-2013-3931 | Cross-site scripting (XSS) vulnerability in the Jomres (com_jomres) component before 7.3.1 for Jooml... | | |
| CVE-2013-3932 | SQL injection vulnerability in the Jomres (com_jomres) component before 7.3.1 for Joomla! allows rem... | | |
| CVE-2013-3933 | Cross-site scripting (XSS) vulnerability in the JoomShopping (com_joomshopping) component before 4.3... | | |
| CVE-2013-3934 | Stack-based buffer overflow in Kingsoft Writer 2012 8.1.0.3030, as used in Kingsoft Office 2013 befo... | | |
| CVE-2013-3935 | Cross-site request forgery (CSRF) vulnerability in Opsview before 4.4.1 and Opsview Core before 2013... | | |
| CVE-2013-3936 | Multiple cross-site scripting (XSS) vulnerabilities in Opsview before 4.4.1 and Opsview Core before ... | | |
| CVE-2013-3937 | Heap-based buffer overflow in xnview.exe in XnView before 2.13 allows remote attackers to execute ar... | | |
| CVE-2013-3938 | Integer overflow in xnview.exe in XnView 2.13 allows remote attackers to execute arbitrary code via ... | | |
| CVE-2013-3939 | xnview.exe in XnView before 2.13 does not properly handle RLE strip lengths during processing of RGB... | | |
| CVE-2013-3940 | Integer overflow in the Graphics Device Interface (GDI) in Microsoft Windows XP SP2 and SP3, Windows... | S | |
| CVE-2013-3941 | Xjp2.dll in XnView before 2.13 allows remote attackers to execute arbitrary code via (1) the Csiz pa... | | |
| CVE-2013-3942 | Potplayer prior to 1.5.39659: DLL Loading Arbitrary Code Execution Vulnerability... | | |
| CVE-2013-3943 | Cross-site scripting (XSS) vulnerability in DotNetNuke (DNN) before 6.2.9 and 7.x before 7.1.1 allow... | S | |
| CVE-2013-3944 | Stack-based buffer overflow in the MrSID plugin (MrSID.dll) before 4.37 for IrfanView allows remote ... | | |
| CVE-2013-3945 | The MrSID plugin (MrSID.dll) before 4.37 for IrfanView allows remote attackers to execute arbitrary ... | | |
| CVE-2013-3946 | Heap-based buffer overflow in the MrSID plugin (MrSID.dll) before 4.37 for IrfanView allows remote a... | | |
| CVE-2013-3947 | Buffer overflow in MedCoreD.sys in AhnLab V3 Internet Security 8.0.7.5 (Build 1373) allows local use... | | |
| CVE-2013-3948 | Apple iOS 6.1.3 does not follow redirects during determination of the hostname to display in an iOS ... | E | |
| CVE-2013-3949 | The posix_spawn system call in the XNU kernel in Apple Mac OS X 10.8.x does not prevent use of the _... | E | |
| CVE-2013-3950 | Stack-based buffer overflow in the openSharedCacheFile function in dyld.cpp in dyld in Apple iOS 5.1... | E | |
| CVE-2013-3951 | sys/openbsd/stack_protector.c in libc in Apple iOS 6.1.3 and Mac OS X 10.8.x does not properly parse... | E | |
| CVE-2013-3952 | The fill_pipeinfo function in bsd/kern/sys_pipe.c in the XNU kernel in Apple Mac OS X 10.8.x allows ... | E | |
| CVE-2013-3953 | The mach_port_space_info function in osfmk/ipc/mach_debug.c in the XNU kernel in Apple Mac OS X 10.8... | E | |
| CVE-2013-3954 | The posix_spawn system call in the XNU kernel in Apple Mac OS X 10.8.x does not properly validate th... | E | |
| CVE-2013-3955 | The get_xattrinfo function in the XNU kernel in Apple iOS 5.x and 6.x through 6.1.3 on iPad devices ... | E | |
| CVE-2013-3956 | The NICM.SYS kernel driver 3.1.11.0 in Novell Client 4.91 SP5 on Windows XP and Windows Server 2003;... | E | |
| CVE-2013-3957 | SQL injection vulnerability in the login screen in the Web Navigator in Siemens WinCC before 7.2 Upd... | | |
| CVE-2013-3958 | The login implementation in the Web Navigator in Siemens WinCC before 7.2 Update 1, as used in SIMAT... | | |
| CVE-2013-3959 | The Web Navigator in Siemens WinCC before 7.2 Update 1, as used in SIMATIC PCS7 8.0 SP1 and earlier ... | | |
| CVE-2013-3960 | Easytime Studio Easy File Manager 1.1 has a HTTP request security bypass... | E | |
| CVE-2013-3961 | SQL injection vulnerability in edit_event.php in Simple PHP Agenda before 2.2.9 allows remote authen... | E | |
| CVE-2013-3962 | Cross-site scripting (XSS) vulnerability in Grandstream GXV3501, GXV3504, GXV3601, GXV3601HD/LL, GXV... | | |
| CVE-2013-3963 | Cross-site request forgery (CSRF) vulnerability in goform/usermanage in Grandstream GXV3501, GXV3504... | | |
| CVE-2013-3964 | Cross-site scripting (XSS) vulnerability in Samsung SHR-5162, SHR-5082, and possibly other models, a... | | |
| CVE-2013-3969 | The find prototype in scripting/engine_v8.h in MongoDB 2.4.0 through 2.4.4 allows remote authenticat... | | |
| CVE-2013-3970 | Juniper Junos Pulse Secure Access Service (aka SSL VPN) with IVE OS 7.0r2 through 7.0r8 and 7.1r1 th... | S | |
| CVE-2013-3971 | IBM Maximo Asset Management 7.1 through 7.1.1.12 and 7.5 before 7.5.0.5 allows remote authenticated ... | | |
| CVE-2013-3972 | IBM Maximo Asset Management 7.1 before 7.1.1.12 and 7.5 before 7.5.0.5 allows remote authenticated u... | | |
| CVE-2013-3973 | SQL injection vulnerability in IBM Maximo Asset Management 7.1 before 7.1.1.12 and 7.5 before 7.5.0.... | | |
| CVE-2013-3975 | Unspecified vulnerability in the Meeting Server in IBM Sametime 8.x through 8.5.2.1 and 9.x through ... | | |
| CVE-2013-3976 | The (1) Data Protection for Exchange component 6.1 before 6.1.3.4 and 6.3 before 6.3.1 in IBM Tivoli... | | |
| CVE-2013-3977 | The Meeting Server in IBM Sametime 8.x through 8.5.2.1 and 9.x through 9.0.0.1 allows remote attacke... | | |
| CVE-2013-3978 | The Meeting Server in IBM Sametime 8.5.2 through 8.5.2.1 and 9.x through 9.0.0.1 does not send the a... | | |
| CVE-2013-3979 | Multiple cross-site scripting (XSS) vulnerabilities in the help pages in Web\Content\Help\ in the We... | | |
| CVE-2013-3980 | The Meeting Server in IBM Sametime 8.x through 8.5.2.1 and 9.x through 9.0.0.1 allows remote attacke... | | |
| CVE-2013-3981 | The Meeting Server in IBM Sametime 8.x through 8.5.2.1 and 9.x through 9.0.0.1 allows remote attacke... | | |
| CVE-2013-3982 | The Meeting Server in IBM Sametime 8.x through 8.5.2.1 and 9.x through 9.0.0.1 allows remote attacke... | | |
| CVE-2013-3983 | The Meeting Server in IBM Sametime 8.5.2 through 8.5.2.1 and 9.x through 9.0.0.1 does not validate U... | | |
| CVE-2013-3984 | The Meeting Server in IBM Sametime 8.x through 8.5.2.1 and 9.x through 9.0.0.1 does not set the secu... | | |
| CVE-2013-3985 | The Enterprise Meeting Server in IBM Lotus Sametime 8.5.2 and 8.5.2.1 does not properly restrict app... | | |
| CVE-2013-3986 | IBM Lotus Sametime 8.5.2 and 8.5.2.1 allows remote attackers to cause a denial of service (WebPlayer... | | |
| CVE-2013-3988 | The Meeting Server in IBM Sametime 8.5.2 through 8.5.2.1 and 9.x through 9.0.0.1 allows remote attac... | | |
| CVE-2013-3989 | IBM Security AppScan Enterprise 8.x before 8.8 sends a cleartext AppScan Source database password in... | | |
| CVE-2013-3990 | Cross-site scripting (XSS) vulnerability in the MIME e-mail functionality in iNotes in IBM Domino 9.... | | |
| CVE-2013-3992 | Cross-site request forgery (CSRF) vulnerability in IBM InfoSphere BigInsights 2.0 through 2.1 allows... | | |
| CVE-2013-3993 | IBM InfoSphere BigInsights before 2.1.0.3 allows remote authenticated users to bypass intended file ... | KEV | |
| CVE-2013-3995 | Cross-site scripting (XSS) vulnerability in IBM InfoSphere BigInsights 1.1 through 2.1 allows remote... | | |
| CVE-2013-3996 | IBM InfoSphere BigInsights 1.1 through 2.1 does not properly handle FRAME elements, which makes it e... | | |
| CVE-2013-3997 | Open redirect vulnerability in the Web Application Enterprise Console in IBM InfoSphere BigInsights ... | | |
| CVE-2013-3998 | CRLF injection vulnerability in the Web Application Enterprise Console in IBM InfoSphere BigInsights... | | |
| CVE-2013-3999 | Cross-site scripting (XSS) vulnerability in IBM Social Media Analytics 1.2 before FP1 allows remote ... | |