Total
6955 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2013-0567 | 1 Ibm | 2 Sterling B2b Integrator, Sterling File Gateway | 2017-08-28 | 4.0 MEDIUM | N/A |
| IBM Sterling B2B Integrator 5.1 and 5.2 and Sterling File Gateway 2.1 and 2.2 allow remote authenticated users to obtain sensitive information about application implementation via unspecified vectors, a different vulnerability than CVE-2013-0463, CVE-2013-2985, CVE-2013-2987, CVE-2013-3020, CVE-2013-0568, and CVE-2013-0475. | |||||
| CVE-2013-0568 | 1 Ibm | 2 Sterling B2b Integrator, Sterling File Gateway | 2017-08-28 | 4.0 MEDIUM | N/A |
| IBM Sterling B2B Integrator 5.1 and 5.2 and Sterling File Gateway 2.1 and 2.2 allow remote authenticated users to obtain sensitive information about application implementation via unspecified vectors, a different vulnerability than CVE-2013-0463, CVE-2013-2985, CVE-2013-2987, CVE-2013-3020, CVE-2013-0475, and CVE-2013-0567. | |||||
| CVE-2013-0584 | 1 Ibm | 1 Infosphere Replication Server | 2017-08-28 | 5.0 MEDIUM | N/A |
| The Data Replication Dashboard component in IBM InfoSphere Replication Server 9.7 and 10.x before 10.2.0.0-b113 allows remote attackers to obtain a list of all user accounts, along with information about whether each account requires a password, via unspecified vectors. | |||||
| CVE-2013-0599 | 1 Ibm | 1 Rational Directory Server | 2017-08-28 | 5.0 MEDIUM | N/A |
| IBM Eclipse Help System (IEHS), as used in IBM Rational Directory Server 5.1.1 through 5.1.1.2 and 5.2 through 5.2.1 and other products, allows remote attackers to obtain sensitive information by providing a crafted parameter path and then reading the debug information associated with the 500 HTTP status code. | |||||
| CVE-2013-0721 | 2 Wordpress, Wp Php Widget Project | 2 Wordpress, Wp Php Widget | 2017-08-28 | 5.0 MEDIUM | N/A |
| wp-php-widget.php in the WP PHP widget plugin 1.0.2 for WordPress allows remote attackers to obtain sensitive information via a direct request, which reveals the full path in an error message. | |||||
| CVE-2013-1455 | 1 Joomla | 1 Joomla\! | 2017-08-28 | 5.0 MEDIUM | N/A |
| Joomla! 3.0.x through 3.0.2 allows attackers to obtain sensitive information via unspecified vectors related to an "Undefined variable." | |||||
| CVE-2013-1454 | 1 Joomla | 1 Joomla\! | 2017-08-28 | 5.0 MEDIUM | N/A |
| Joomla! 3.0.x through 3.0.2 allows attackers to obtain sensitive information via unspecified vectors related to "Coding errors." | |||||
| CVE-2013-1818 | 1 Mediawiki | 1 Mediawiki | 2017-08-28 | 5.0 MEDIUM | N/A |
| maintenance/mwdoc-filter.php in MediaWiki before 1.20.3 allows remote attackers to read arbitrary files via unspecified vectors. | |||||
| CVE-2013-1840 | 2 Amazon, Openstack | 5 S3 Store, Essex, Folsom and 2 more | 2017-08-28 | 3.5 LOW | N/A |
| The v1 API in OpenStack Glance Essex (2012.1), Folsom (2012.2), and Grizzly, when using the single-tenant Swift or S3 store, reports the location field, which allows remote authenticated users to obtain the operator's backend credentials via a request for a cached image. | |||||
| CVE-2013-1923 | 1 Linux-nfs | 1 Nfs-utils | 2017-08-28 | 3.2 LOW | N/A |
| rpc-gssd in nfs-utils before 1.2.8 performs reverse DNS resolution for server names during GSSAPI authentication, which might allow remote attackers to read otherwise-restricted files via DNS spoofing attacks. | |||||
| CVE-2013-2976 | 1 Ibm | 1 Websphere Application Server | 2017-08-28 | 1.9 LOW | N/A |
| The Administrative console in IBM WebSphere Application Server (WAS) 6.1 before 6.1.0.47, 7.0 before 7.0.0.29, 8.0 before 8.0.0.7, and 8.5 before 8.5.5.0 does not properly perform caching, which allows local users to obtain sensitive information via unspecified vectors. | |||||
| CVE-2013-2985 | 1 Ibm | 2 Sterling B2b Integrator, Sterling File Gateway | 2017-08-28 | 4.0 MEDIUM | N/A |
| IBM Sterling B2B Integrator 5.1 and 5.2 and Sterling File Gateway 2.1 and 2.2 allow remote authenticated users to obtain sensitive information about application implementation via unspecified vectors, a different vulnerability than CVE-2013-0463, CVE-2013-2987, CVE-2013-3020, CVE-2013-0568, CVE-2013-0475, and CVE-2013-0567. | |||||
| CVE-2013-2987 | 1 Ibm | 2 Sterling B2b Integrator, Sterling File Gateway | 2017-08-28 | 4.0 MEDIUM | N/A |
| IBM Sterling B2B Integrator 5.1 and 5.2 and Sterling File Gateway 2.1 and 2.2 allow remote authenticated users to obtain sensitive information about application implementation via unspecified vectors, a different vulnerability than CVE-2013-0463, CVE-2013-2985, CVE-2013-3020, CVE-2013-0568, CVE-2013-0475, and CVE-2013-0567. | |||||
| CVE-2013-2998 | 1 Ibm | 2 Maximo Asset Management, Smartcloud Control Desk | 2017-08-28 | 3.5 LOW | N/A |
| frontcontroller.jsp in IBM Maximo Asset Management 7.x before 7.5.0.6 and SmartCloud Control Desk 7.x before 7.5.0.3 and 7.5.1.x before 7.5.1.2 allows remote authenticated users to obtain sensitive information via an invalid action_code. | |||||
| CVE-2013-3020 | 1 Ibm | 2 Sterling B2b Integrator, Sterling File Gateway | 2017-08-28 | 4.0 MEDIUM | N/A |
| IBM Sterling B2B Integrator 5.1 and 5.2 and Sterling File Gateway 2.1 and 2.2 allow remote authenticated users to obtain sensitive information about application implementation via unspecified vectors, a different vulnerability than CVE-2013-0463, CVE-2013-2985, CVE-2013-2987, CVE-2013-0568, CVE-2013-0475, and CVE-2013-0567. | |||||
| CVE-2013-3040 | 1 Ibm | 1 Infosphere Information Server | 2017-08-28 | 5.0 MEDIUM | N/A |
| IBM InfoSphere Information Server through 8.5 FP3, 8.7 through FP2, and 9.1 produces login-failure messages indicating whether the username or password is incorrect, which allows remote attackers to enumerate user accounts via a brute-force attack. | |||||
| CVE-2013-3319 | 1 Sap | 1 Netweaver | 2017-08-28 | 5.0 MEDIUM | N/A |
| The GetComputerSystem method in the HostControl service in SAP Netweaver 7.03 allows remote attackers to obtain sensitive information via a crafted SOAP request to TCP port 1128. | |||||
| CVE-2013-4301 | 1 Mediawiki | 1 Mediawiki | 2017-08-28 | 5.0 MEDIUM | N/A |
| includes/resourceloader/ResourceLoaderContext.php in MediaWiki 1.19.x before 1.19.8, 1.20.x before 1.20.7, and 1.21.x before 1.21.2 allows remote attackers to obtain sensitive information via a "<" (open angle bracket) character in the lang parameter to w/load.php, which reveals the installation path in an error message. | |||||
| CVE-2013-3825 | 1 Oracle | 1 Supply Chain Products Suite | 2017-08-28 | 4.0 MEDIUM | N/A |
| Unspecified vulnerability in the Oracle Agile Product Collaboration component in Oracle Supply Chain Products Suite 9.3.1 allows remote authenticated users to affect confidentiality via unknown vectors related to Folders & Files Attachment. | |||||
| CVE-2013-3972 | 1 Ibm | 1 Maximo Asset Management | 2017-08-28 | 4.0 MEDIUM | N/A |
| IBM Maximo Asset Management 7.1 before 7.1.1.12 and 7.5 before 7.5.0.5 allows remote authenticated users to obtain sensitive information via unspecified vectors. | |||||