Total
22706 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2013-4785 | 1 Dell | 1 Idrac6 Firmware | 2013-09-26 | 10.0 HIGH | N/A |
| The web interface on the Dell iDRAC6 with firmware before 1.95 allows remote attackers to modify the CLP interface for arbitrary users and possibly have other impact via a request to an unspecified form that is accessible from testurls.html. NOTE: the vendor disputes the significance of this issue, stating "DRAC's are intended to be on a separate management network; they are not designed nor intended to be placed on or connected to the Internet." | |||||
| CVE-2013-5023 | 1 Ni | 5 Diadem, Labview, Labwindows and 2 more | 2013-09-25 | 4.3 MEDIUM | N/A |
| The ActiveX controls in the HelpAsst component in NI Help Links in National Instruments LabWindows/CVI 2012 SP1 and earlier, LabVIEW 2012 SP1 and earlier, and other products allow remote attackers to cause a denial of service by triggering the display of local .chm files. | |||||
| CVE-2013-5024 | 1 Ni | 1 Measurementstudio | 2013-09-25 | 4.3 MEDIUM | N/A |
| An ActiveX control in NationalInstruments.Help2.dll in National Instruments NI .NET Class Library Help, as used in Measurement Studio 2013 and earlier and other products, allows remote attackers to obtain sensitive information about the existence of registry keys via crafted (1) key-open or (2) key-close method calls. | |||||
| CVE-2013-5026 | 1 Ni | 1 Lookout | 2013-09-17 | 9.3 HIGH | N/A |
| An ActiveX control in lookout650.ocx, lookout660.ocx, and lookout670.ocx in National Instruments Lookout 6.5 through 6.7 allows remote attackers to execute arbitrary code by triggering the download of, and calls to, an arbitrary DLL file. | |||||
| CVE-2013-2933 | 1 Citrix | 1 Cloudportal Services Manager | 2013-09-13 | 10.0 HIGH | N/A |
| Unspecified vulnerability in Citrix CloudPortal Services Manager (aka Cortex) 10.0 before Cumulative Update 3 has unknown impact and attack vectors, a different vulnerability than other CVEs listed in CTX137162. | |||||
| CVE-2013-2935 | 1 Citrix | 1 Cloudportal Services Manager | 2013-09-13 | 10.0 HIGH | N/A |
| Unspecified vulnerability in Citrix CloudPortal Services Manager (aka Cortex) 10.0 before Cumulative Update 3 has unknown impact and attack vectors, a different vulnerability than other CVEs listed in CTX137162. | |||||
| CVE-2013-2937 | 1 Citrix | 1 Cloudportal Services Manager | 2013-09-13 | 10.0 HIGH | N/A |
| Unspecified vulnerability in Citrix CloudPortal Services Manager (aka Cortex) 10.0 before Cumulative Update 3 has unknown impact and attack vectors, related to debugging messages, a different vulnerability than other CVEs listed in CTX137162. | |||||
| CVE-2013-2938 | 1 Citrix | 1 Cloudportal Services Manager | 2013-09-13 | 10.0 HIGH | N/A |
| Unspecified vulnerability in Citrix CloudPortal Services Manager (aka Cortex) 10.0 before Cumulative Update 3 has unknown impact and attack vectors, a different vulnerability than other CVEs listed in CTX137162. | |||||
| CVE-2013-2939 | 1 Citrix | 1 Cloudportal Services Manager | 2013-09-13 | 10.0 HIGH | N/A |
| Unspecified vulnerability in Citrix CloudPortal Services Manager (aka Cortex) 10.0 before Cumulative Update 3 has unknown impact and attack vectors, a different vulnerability than other CVEs listed in CTX137162. | |||||
| CVE-2013-2940 | 1 Citrix | 1 Cloudportal Services Manager | 2013-09-13 | 10.0 HIGH | N/A |
| Unspecified vulnerability in Citrix CloudPortal Services Manager (aka Cortex) 10.0 before Cumulative Update 3 has unknown impact and attack vectors, a different vulnerability than other CVEs listed in CTX137162. | |||||
| CVE-2013-2936 | 1 Citrix | 1 Cloudportal Services Manager | 2013-09-13 | 10.0 HIGH | N/A |
| Unspecified vulnerability in Citrix CloudPortal Services Manager (aka Cortex) 10.0 before Cumulative Update 3 has unknown impact and attack vectors, a different vulnerability than other CVEs listed in CTX137162. | |||||
| CVE-2009-3473 | 1 Ibm | 1 Db2 | 2013-09-10 | 10.0 HIGH | N/A |
| IBM DB2 9.1 before FP8 does not require the SETSESSIONUSER privilege for the SET SESSION AUTHORIZATION statement, which has unspecified impact and remote attack vectors. | |||||
| CVE-2013-3763 | 1 Oracle | 1 Fusion Middleware | 2013-09-10 | 5.5 MEDIUM | N/A |
| Unspecified vulnerability in the Oracle Endeca Server component in Oracle Fusion Middleware 7.4.0 and 7.5.1.1 allows remote authenticated users to affect confidentiality and integrity via unknown vectors, a different vulnerability than CVE-2013-3764. | |||||
| CVE-2013-4139 | 2 Drupal, Stage File Proxy Project | 2 Drupal, Stage File Proxy | 2013-08-29 | 5.0 MEDIUM | N/A |
| The Stage File Proxy module 7.x-1.x before 7.x-1.4 for Drupal allows remote attackers to cause a denial of service (file operations performance degradation and failure) via a large number of requests. | |||||
| CVE-2013-0232 | 1 Zoneminder | 1 Zoneminder | 2013-08-28 | 7.5 HIGH | N/A |
| includes/functions.php in ZoneMinder Video Server 1.24.0, 1.25.0, and earlier allows remote attackers to execute arbitrary commands via shell metacharacters in the (1) runState parameter in the packageControl function; or (2) key or (3) command parameter in the setDeviceStatusX10 function. | |||||
| CVE-2013-3369 | 1 Bestpractical | 1 Rt | 2013-08-27 | 6.0 MEDIUM | N/A |
| Request Tracker (RT) 3.8.x before 3.8.17 and 4.0.x before 4.0.13 allows remote authenticated users with the permissions to view the administration pages to execute arbitrary private components via unspecified vectors. | |||||
| CVE-2013-3374 | 1 Bestpractical | 1 Rt | 2013-08-26 | 4.3 MEDIUM | N/A |
| Unspecified vulnerability in Request Tracker (RT) 3.8.x before 3.8.17 and 4.0.x before 4.0.13, when using the Apache::Session::File session store, allows remote attackers to obtain sensitive information (user preferences and caches) via unknown vectors, related to a "limited session re-use." | |||||
| CVE-2013-3764 | 1 Oracle | 1 Fusion Middleware | 2013-08-21 | 5.5 MEDIUM | N/A |
| Unspecified vulnerability in the Oracle Endeca Server component in Oracle Fusion Middleware 7.4.0 and 7.5.1.1 allows remote authenticated users to affect confidentiality and integrity via unknown vectors, a different vulnerability than CVE-2013-3763. | |||||
| CVE-2013-4687 | 1 Juniper | 13 Junos, Srx100, Srx110 and 10 more | 2013-08-21 | 7.8 HIGH | N/A |
| flowd in Juniper Junos 10.4 before 10.4S14, 11.2 and 11.4 before 11.4R6-S2, and 12.1 before 12.1R6 on SRX devices, when certain Application Layer Gateways (ALGs) are enabled, allows remote attackers to cause a denial of service (daemon crash) via crafted TCP packets, aka PRs 727980, 806269, and 835593. | |||||
| CVE-2013-4684 | 1 Juniper | 13 Junos, Srx100, Srx110 and 10 more | 2013-08-21 | 7.8 HIGH | N/A |
| flowd in Juniper Junos 10.4 before 10.4S14, 11.4 before 11.4R8, 12.1 before 12.1R7, and 12.1X44 before 12.1X44-D15 on SRX devices, when PIM and NAT are enabled, allows remote attackers to cause a denial of service (daemon crash) via crafted PIM packets, aka PR 842253. | |||||