Search

Search Results (364488 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2013-4977 1 Hikvision 2 Ds-2cd7153-e, Ds-2cd7153-e Firmware 2025-04-12 N/A
Buffer overflow in the RTSP Packet Handler in Hikvision DS-2CD7153-E IP camera with firmware 4.1.0 b130111 (Jan 2013), and possibly other devices, allows remote attackers to cause a denial of service (device crash and reboot) and possibly execute arbitrary code via a long string in the Range header field in an RTSP transaction.
CVE-2013-4980 1 Avtech 2 Avn801 Dvr, Avn801 Dvr Firmware 2025-04-12 N/A
Buffer overflow in the RTSP Packet Handler in AVTECH AVN801 DVR with firmware 1017-1003-1009-1003 and earlier, and possibly other devices, allows remote attackers to cause a denial of service (device crash) and possibly execute arbitrary code via a long string in the URI in an RTSP SETUP request.
CVE-2013-4981 1 Avtech 2 Avn801 Dvr, Avn801 Dvr Firmware 2025-04-12 N/A
Buffer overflow in cgi-bin/user/Config.cgi in AVTECH AVN801 DVR with firmware 1017-1003-1009-1003 and earlier, and possibly other devices, allows remote attackers to cause a denial of service (device crash) and possibly execute arbitrary code via a long string in the Network.SMTP.Receivers parameter.
CVE-2013-5016 2 Broadcom, Microsoft 2 Symantec Critical System Protection, Windows 2003 Server 2025-04-12 N/A
Symantec Critical System Protection (SCSP) before 5.2.9, when installed on an unpatched Windows Server 2003 R2 platform, allows remote attackers to bypass policy settings via unspecified vectors.
CVE-2013-5017 1 Symantec 1 Web Gateway 2025-04-12 N/A
SNMPConfig.php in the management console in Symantec Web Gateway (SWG) before 5.2.1 allows remote attackers to execute arbitrary commands via unspecified vectors.
CVE-2013-5036 1 Squash 1 Square Squash 2025-04-12 N/A
The Square Squash allows remote attackers to execute arbitrary code via a YAML document in the (1) namespace parameter to the deobfuscation function or (2) sourcemap parameter to the sourcemap function in app/controllers/api/v1_controller.rb.
CVE-2013-5133 1 Apple 1 Iphone Os 2025-04-12 N/A
Backup in Apple iOS before 7.1 does not properly restrict symlinks, which allows remote attackers to overwrite files during a restore operation via crafted backup data.
CVE-2013-5229 1 Apple 2 Apple Remote Desktop, Mac Os X 2025-04-12 N/A
The Remote Desktop full-screen feature in Apple OS X before 10.9 and Apple Remote Desktop before 3.7 sends dialog-box text to a connected remote host upon being woken from sleep, which allows physically proximate attackers to bypass intended access restrictions by entering a command in this box.
CVE-2013-5352 1 Sharetronix 1 Sharetronix 2025-04-12 N/A
Sharetronix 3.1.1.3, 3.1.1, and earlier allows remote attackers to execute arbitrary PHP code via the (1) activities_text parameter to services/activities/set or (2) comments_text parameter to services/comments/set, which is not properly handled when executing the preg_replace function with the e modifier.
CVE-2013-5353 1 Sharetronix 1 Sharetronix 2025-04-12 N/A
Unrestricted file upload vulnerability in system/controllers/ajax/attachments.php in Sharetronix 3.1.1.3, 3.1.1, and earlier allows remote attackers to execute arbitrary code by uploading a file with an executable extension, then accessing it via a direct request to the file in an unspecified directory.
CVE-2013-5356 1 Sharetronix 1 Sharetronix 2025-04-12 N/A
Sharetronix 3.1.1.3, 3.1.1, and earlier does not properly restrict access to unspecified AJAX functionality, which allows remote attackers to bypass authentication via unknown vectors.
CVE-2013-5365 1 Autodesk 4 Sketchbook, Sketchbook Express, Sketchbook For Enterprise 2014 and 1 more 2025-04-12 N/A
Heap-based buffer overflow in Autodesk SketchBook for Enterprise 2014, Pro, and Express before 6.25, and Copic Edition before 2.0.2 allows remote attackers to execute arbitrary code via RLE-compressed channel data in a PSD file.
CVE-2013-5401 1 Ibm 1 Websphere Mq Internet Pass Thru 2025-04-12 N/A
The command-port listener in IBM WebSphere MQ Internet Pass-Thru (MQIPT) 2.x before 2.1.0.1 allows remote attackers to cause a denial of service (remote-administration outage) via unspecified vectors.
CVE-2013-5444 1 Ibm 1 Cognos Express 2025-04-12 N/A
The server in IBM Cognos Express 9.0 before IFIX 2, 9.5 before IFIX 2, 10.1 before IFIX 2, and 10.2.1 before FP1 allows remote attackers to read encrypted credentials via unspecified vectors.
CVE-2013-5423 1 Ibm 1 Flex System Manager 2025-04-12 N/A
IBM Flex System Manager (FSM) 1.1 through 1.3 before 1.3.2.0 allows remote attackers to enumerate user accounts via unspecified vectors.
CVE-2013-5433 1 Ibm 1 Infosphere Optim Data Growth Solution For Siebel Crm 2025-04-12 N/A
The Data Growth Solution for JD Edwards EnterpriseOne in IBM InfoSphere Optim 3.0 through 9.1 has hardcoded database credentials, which allows remote authenticated users to obtain sensitive information by reading an unspecified field in an XML document.
CVE-2013-5443 1 Ibm 1 Cognos Express 2025-04-12 N/A
Cross-site request forgery (CSRF) vulnerability in IBM Cognos Express 9.0 before IFIX 2, 9.5 before IFIX 2, 10.1 before IFIX 2, and 10.2.1 before FP1 allows remote attackers to hijack the authentication of arbitrary users.
CVE-2013-5445 1 Ibm 1 Cognos Express 2025-04-12 N/A
IBM Cognos Express 9.0 before IFIX 2, 9.5 before IFIX 2, 10.1 before IFIX 2, and 10.2.1 before FP1 allows local users to obtain sensitive cleartext information by leveraging knowledge of a static decryption key.
CVE-2013-5459 1 Ibm 2 Rational Software Architect Design Manager, Rhapsody Design Manager 2025-04-12 N/A
Unspecified vulnerability in IBM Rational Software Architect (RSA) Design Manager and Rational Rhapsody Design Manager 3.x through 3.0.1 and 4.x before 4.0.6 allows remote authenticated users to modify data by leveraging improper parameter checking.
CVE-2013-5460 1 Ibm 2 Maximo Asset Management, Smartcloud Control Desk 2025-04-12 N/A
IBM Maximo Asset Management 7.x before 7.5.0.6 and SmartCloud Control Desk 7.x before 7.5.0.3 and 7.5.1.x before 7.5.1.2 allow remote authenticated users to bypass intended access restrictions, and read communication logs associated with unrelated records, via unspecified vectors.