Total
2596 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2013-1843 | 1 Typo3 | 1 Typo3 | 2013-06-04 | 6.4 MEDIUM | N/A |
Open redirect vulnerability in the Access tracking mechanism in TYPO3 4.5.x before 4.5.24, 4.6.x before 4.6.17, 4.7.x before 4.7.9, and 6.0.x before 6.0.3 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vectors. | |||||
CVE-2013-1213 | 1 Cisco | 2 Nexus 1000v, Nx-os | 2013-06-03 | 5.0 MEDIUM | N/A |
Cisco NX-OS on the Nexus 1000V does not assign the proper priority to heartbeat messages from a Virtual Ethernet Module (VEM) to a Virtual Supervisor Module (VSM), which allows remote attackers to cause a denial of service (false VEM unavailability report) via a flood of UDP packets, aka Bug ID CSCud14840. | |||||
CVE-2013-1246 | 1 Cisco | 1 Telepresence System Software | 2013-06-02 | 6.8 MEDIUM | N/A |
Cisco TelePresence System Software does not properly handle inactive t-shell sessions, which allows remote authenticated users to cause a denial of service (memory consumption and service outage) by establishing multiple SSH connections, aka Bug ID CSCug77610. | |||||
CVE-2013-2781 | 1 3s-software | 1 Codesys Gateway-server | 2013-05-23 | 10.0 HIGH | N/A |
Use-after-free vulnerability in the server application in 3S CODESYS Gateway 2.3.9.27 allows remote attackers to cause a denial of service (daemon crash) or possibly execute arbitrary code via unspecified vectors. | |||||
CVE-2013-1204 | 1 Cisco | 1 Ios Xr | 2013-05-23 | 5.0 MEDIUM | N/A |
Memory leak in the SNMP process in Cisco IOS XR allows remote attackers to cause a denial of service (memory consumption or process reload) by sending many port-162 UDP packets, aka Bug ID CSCug80345. | |||||
CVE-2010-2432 | 1 Apple | 1 Cups | 2013-05-14 | 5.0 MEDIUM | N/A |
The cupsDoAuthentication function in auth.c in the client in CUPS before 1.4.4, when HAVE_GSSAPI is omitted, does not properly handle a demand for authorization, which allows remote CUPS servers to cause a denial of service (infinite loop) via HTTP_UNAUTHORIZED responses. | |||||
CVE-2013-1136 | 1 Cisco | 2 Aggregation Services Router Route Processor, Ios | 2013-05-13 | 4.6 MEDIUM | N/A |
The crypto engine process in Cisco IOS on Aggregation Services Router (ASR) Route Processor 2 does not properly manage memory, which allows local users to cause a denial of service (route processor crash) by creating multiple tunnels and then examining encryption statistics, aka Bug ID CSCuc52193. | |||||
CVE-2013-1242 | 1 Cisco | 1 Unified Presence Server | 2013-05-10 | 5.0 MEDIUM | N/A |
Memory leak in the web framework in the server in Cisco Unified Presence (CUP) allows remote attackers to cause a denial of service (memory consumption) via malformed TCP packets, aka Bug ID CSCug38080. | |||||
CVE-2012-6532 | 1 Zend | 1 Zend Framework | 2013-05-03 | 5.0 MEDIUM | N/A |
(1) Zend_Dom, (2) Zend_Feed, (3) Zend_Soap, and (4) Zend_XmlRpc in Zend Framework 1.x before 1.11.13 and 1.12.x before 1.12.0 allow remote attackers to cause a denial of service (CPU consumption) via recursive or circular references in an XML entity definition in an XML DOCTYPE declaration, aka an XML Entity Expansion (XEE) attack. | |||||
CVE-2011-4609 | 1 Gnu | 1 Glibc | 2013-05-02 | 5.0 MEDIUM | N/A |
The svc_run function in the RPC implementation in glibc before 2.15 allows remote attackers to cause a denial of service (CPU consumption) via a large number of RPC connections. | |||||
CVE-2013-0666 | 1 Matrikonopc | 1 Matrikonopc Security Gateway | 2013-05-01 | 5.0 MEDIUM | N/A |
The configuration utility in MatrikonOPC Security Gateway 1.0 allows remote attackers to cause a denial of service (unhandled exception and application crash) via a TCP RST packet. | |||||
CVE-2012-3812 | 1 Digium | 3 Asterisk, Asteriske, Certified Asterisk | 2013-04-18 | 4.0 MEDIUM | N/A |
Double free vulnerability in apps/app_voicemail.c in Asterisk Open Source 1.8.x before 1.8.13.1 and 10.x before 10.5.2, Certified Asterisk 1.8.11-certx before 1.8.11-cert4, and Asterisk Digiumphones 10.x.x-digiumphones before 10.5.2-digiumphones allows remote authenticated users to cause a denial of service (daemon crash) by establishing multiple voicemail sessions and accessing both the Urgent mailbox and the INBOX mailbox. | |||||
CVE-2012-2655 | 1 Postgresql | 1 Postgresql | 2013-04-18 | 4.0 MEDIUM | N/A |
PostgreSQL 8.3.x before 8.3.19, 8.4.x before 8.4.12, 9.0.x before 9.0.8, and 9.1.x before 9.1.4 allows remote authenticated users to cause a denial of service (server crash) by adding the (1) SECURITY DEFINER or (2) SET attributes to a procedural language's call handler. | |||||
CVE-2013-2833 | 1 Google | 1 Chrome Os | 2013-04-16 | 10.0 HIGH | N/A |
Use-after-free vulnerability in the O3D plug-in in Google Chrome OS before 26.0.1410.57 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to improper management of ownership relationships involving Elements and DrawElements. | |||||
CVE-2012-4619 | 1 Cisco | 1 Ios | 2013-04-10 | 7.8 HIGH | N/A |
The NAT implementation in Cisco IOS 12.2, 12.4, and 15.0 through 15.2 allows remote attackers to cause a denial of service (device reload) via transit IP packets, aka Bug ID CSCtr46123. | |||||
CVE-2012-5048 | 1 Optimalog | 1 Optima Plc | 2013-04-10 | 7.8 HIGH | N/A |
APIFTP Server in Optimalog Optima PLC 1.5.2 and earlier allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via a crafted packet. | |||||
CVE-2012-4618 | 1 Cisco | 1 Ios | 2013-04-10 | 7.8 HIGH | N/A |
The SIP ALG feature in the NAT implementation in Cisco IOS 12.2, 12.4, and 15.0 through 15.2 allows remote attackers to cause a denial of service (device reload) via transit IP packets, aka Bug ID CSCtn76183. | |||||
CVE-2013-2636 | 1 Linux | 1 Linux Kernel | 2013-04-04 | 1.9 LOW | N/A |
net/bridge/br_mdb.c in the Linux kernel before 3.8.4 does not initialize certain structures, which allows local users to obtain sensitive information from kernel memory via a crafted application. | |||||
CVE-2012-4629 | 1 Cisco | 3 Adaptive Security Appliance, Asa Cx Context-aware Security, Prime Security Manager | 2013-04-04 | 7.8 HIGH | N/A |
The Cisco ASA-CX Context-Aware Security module before 9.0.2-103 for Adaptive Security Appliances (ASA) devices, and Prime Security Manager (aka PRSM) before 9.0.2-103, allows remote attackers to cause a denial of service (disk consumption and application hang) via unspecified IPv4 packets that trigger log entries, aka Bug ID CSCub70603. | |||||
CVE-2013-0919 | 2 Google, Linux | 2 Chrome, Linux Kernel | 2013-04-02 | 7.5 HIGH | N/A |
Use-after-free vulnerability in Google Chrome before 26.0.1410.43 on Linux allows remote attackers to cause a denial of service or possibly have unspecified other impact by leveraging the presence of an extension that creates a pop-up window. |