Search

Search Results (363680 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2013-6799 1 Apple 1 Mac Os X 2025-04-11 N/A
Apple Mac OS X 10.9 allows local users to cause a denial of service (memory corruption or panic) by creating a hard link to a directory. NOTE: this vulnerability exists because of an incomplete fix for CVE-2010-0105.
CVE-2013-6800 2 Mit, Redhat 3 Kerberos, Kerberos 5, Enterprise Linux 2025-04-11 N/A
An unspecified third-party database module for the Key Distribution Center (KDC) in MIT Kerberos 5 (aka krb5) 1.10.x allows remote authenticated users to cause a denial of service (NULL pointer dereference and daemon crash) via a crafted request, a different vulnerability than CVE-2013-1418.
CVE-2013-6801 1 Microsoft 2 Windows Xp, Word 2025-04-11 N/A
Microsoft Word 2003 SP2 and SP3 on Windows XP SP3 allows remote attackers to cause a denial of service (CPU consumption) via a malformed .doc file containing an embedded image, as demonstrated by word2003forkbomb.doc, related to a "fork bomb" issue.
CVE-2013-6802 1 Google 1 Chrome 2025-04-11 N/A
Google Chrome before 31.0.1650.57 allows remote attackers to bypass intended sandbox restrictions by leveraging access to a renderer process, as demonstrated during a Mobile Pwn2Own competition at PacSec 2013, a different vulnerability than CVE-2013-6632.
CVE-2013-6804 1 Jamroom 1 Search Module 2025-04-11 N/A
Cross-site scripting (XSS) vulnerability in the Search module before 1.1.1 for Jamroom allows remote attackers to inject arbitrary web script or HTML via the search_string parameter to search/results/all/1/4.
CVE-2013-6808 1 Zend 1 Zendto 2025-04-11 N/A
Cross-site scripting (XSS) vulnerability in lib/NSSDropoff.php in ZendTo before 4.11-13 allows remote attackers to inject arbitrary web script or HTML via a modified emailAddr field to pickup.php.
CVE-2013-6809 1 Philippe Jounin 1 Tftpd32 2025-04-11 N/A
Format string vulnerability in the client in Tftpd32 before 4.50 allows remote servers to cause a denial of service (crash) or possibly execute arbitrary code via format string specifiers in the Remote File field.
CVE-2013-6810 1 Emc 1 Connectrix Manager 2025-04-11 N/A
The server in Brocade Network Advisor before 12.1.0, as used in EMC Connectrix Manager Converged Network Edition (CMCNE), HP B-series SAN Network Advisor, and possibly other products, allows remote attackers to execute arbitrary code by using a servlet to upload an executable file.
CVE-2013-6812 1 Nextdc 1 Onedc 2025-04-11 N/A
The ONEDC app before 1.7 for iOS does not properly verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
CVE-2013-6814 1 Sap 1 Netweaver 2025-04-11 N/A
The J2EE Engine in SAP NetWeaver 6.40, 7.02, and earlier allows remote attackers to redirect users to arbitrary web sites, conduct phishing attacks, and obtain sensitive information (cookies and SAPPASSPORT) via unspecified vectors.
CVE-2013-6815 1 Sap 1 Netweaver 2025-04-11 N/A
The SHSTI_UPLOAD_XML function in the Application Server for ABAP (AS ABAP) in SAP NetWeaver 7.31 and earlier allows remote attackers to cause a denial of service via unspecified vectors, related to an XML External Entity (XXE) issue.
CVE-2013-6816 1 Sap 1 Netweaver 2025-04-11 N/A
Multiple cross-site scripting (XSS) vulnerabilities in the (1) JavaDumpService and (2) DataCollector servlets in SAP NetWeaver allow remote attackers to inject arbitrary web script or HTML via unspecified vectors.
CVE-2013-6817 1 Sap 1 Network Interface Router 2025-04-11 N/A
Heap-based buffer overflow in SAP Network Interface Router (SAProuter) 7.30 allows remote attackers to cause a denial of service and execute arbitrary code via crafted NI Route messages.
CVE-2013-6818 1 Sap 1 Netweaver Logviewer 2025-04-11 N/A
SAP NetWeaver Logviewer 6.30, when running on Windows, allows remote attackers to bypass intended access restrictions via unspecified vectors.
CVE-2013-6819 1 Sap 1 Netweaver 2025-04-11 N/A
Cross-site scripting (XSS) vulnerability in Performance Provider in SAP NetWeaver allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
CVE-2013-6820 1 Sap 1 Netweaver Development Infrastructure 2025-04-11 N/A
Unrestricted file upload vulnerability in the SAP NetWeaver Development Infrastructure (NWDI) allows remote attackers to execute arbitrary code by uploading a file with an executable extension via unspecified vectors.
CVE-2013-6821 1 Sap 1 Netweaver 2025-04-11 N/A
Directory traversal vulnerability in the Exportability Check Service in SAP NetWeaver allows remote attackers to read arbitrary files via unspecified vectors.
CVE-2013-6822 1 Sap 1 Netweaver 2025-04-11 N/A
GRMGApp in SAP NetWeaver allows remote attackers to have unspecified impact and attack vectors, related to an XML External Entity (XXE) issue.
CVE-2013-6824 1 Zabbix 1 Zabbix 2025-04-11 N/A
Zabbix before 1.8.19rc1, 2.0 before 2.0.10rc1, and 2.2 before 2.2.1rc1 allows remote Zabbix servers and proxies to execute arbitrary commands via a newline in a flexible user parameter.
CVE-2013-6826 1 Fortinet 7 Fortianalyzer-1000d, Fortianalyzer-2000b, Fortianalyzer-200d and 4 more 2025-04-11 N/A
cgi-bin/module//sysmanager/admin/SYSAdminUserDialog in Fortinet FortiAnalyzer before 5.0.5 does not properly validate the csrf_token parameter, which allows remote attackers to perform cross-site request forgery (CSRF) attacks.