Export limit exceeded: 363866 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Search Results (363866 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2013-4488 1 Libgadu 1 Libgadu 2025-04-12 N/A
libgadu before 1.12.0 does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers.
CVE-2013-4489 1 Gitlab 1 Gitlab 2025-04-12 N/A
The Grit gem for Ruby, as used in GitLab 5.2 before 5.4.1 and 6.x before 6.2.3, allows remote authenticated users to execute arbitrary commands, as demonstrated by the search box for the GitLab code search feature.
CVE-2013-4490 1 Gitlab 2 Gitlab, Gitlab-shell 2025-04-12 N/A
The SSH key upload feature (lib/gitlab_keys.rb) in gitlab-shell before 1.7.3, as used in GitLab 5.0 before 5.4.1 and 6.x before 6.2.3, allows remote authenticated users to execute arbitrary commands via shell metacharacters in the public key.
CVE-2013-4498 2 Drupal, Florian Weber 2 Drupal, Spaces 2025-04-12 N/A
The Spaces OG submodule in the Spaces module 6.x-3.x before 6.x-3.7 for Drupal does not properly delete organic group group spaces content when using the option to move to a new group, which causes the content to be "orphaned" and allows remote authenticated users with the "access content" permission to obtain sensitive information via vectors involving a rebuild access for the site or content.
CVE-2013-4500 1 Quiz Module Project 1 Quiz 2025-04-12 N/A
The Quiz module 6.x-4.x before 6.x-4.5 for Drupal allows remote authenticated users with the "view any quiz results" or "view results for own quiz" permission to delete arbitrary results via the delete option.
CVE-2013-4501 1 Quiz Module Project 1 Quiz 2025-04-12 N/A
The default views in the Quiz module 6.x-4.x before 6.x-4.5 for Drupal allows remote attackers to obtain sensitive quiz results via unspecified vectors.
CVE-2013-4502 2 Drupal, Nathan Haug 2 Drupal, Filefield Sources 2025-04-12 N/A
The FileField Sources module 6.x-1.x before 6.x-1.9 and 7.x-1.x before 7.x-1.9 for Drupal does not properly check file permissions, which allows remote authenticated users to read arbitrary files by attaching a file.
CVE-2013-4503 1 Feed Element Mapper Project 1 Feed Element Mapper 2025-04-12 N/A
Cross-site scripting (XSS) vulnerability in the Feed Element Mapper module for Drupal allows remote authenticated users with the "administer taxonomy" permission to inject arbitrary web script or HTML via vectors related to options.
CVE-2013-4526 1 Qemu 1 Qemu 2025-04-12 N/A
Buffer overflow in hw/ide/ahci.c in QEMU before 1.7.2 allows remote attackers to cause a denial of service and possibly execute arbitrary code via vectors related to migrating ports.
CVE-2013-4527 2 Qemu, Redhat 3 Qemu, Enterprise Linux, Openstack 2025-04-12 N/A
Buffer overflow in hw/timer/hpet.c in QEMU before 1.7.2 might allow remote attackers to execute arbitrary code via vectors related to the number of timers.
CVE-2013-4529 2 Qemu, Redhat 3 Qemu, Enterprise Linux, Openstack 2025-04-12 N/A
Buffer overflow in hw/pci/pcie_aer.c in QEMU before 1.7.2 allows remote attackers to cause a denial of service and possibly execute arbitrary code via a large log_num value in a savevm image.
CVE-2013-4530 1 Qemu 1 Qemu 2025-04-12 N/A
Buffer overflow in hw/ssi/pl022.c in QEMU before 1.7.2 allows remote attackers to cause a denial of service or possibly execute arbitrary code via crafted tx_fifo_head and rx_fifo_head values in a savevm image.
CVE-2013-4531 1 Qemu 1 Qemu 2025-04-12 N/A
Buffer overflow in target-arm/machine.c in QEMU before 1.7.2 allows remote attackers to cause a denial of service and possibly execute arbitrary code via a negative value in cpreg_vmstate_array_len in a savevm image.
CVE-2013-4533 1 Qemu 1 Qemu 2025-04-12 N/A
Buffer overflow in the pxa2xx_ssp_load function in hw/arm/pxa2xx.c in QEMU before 1.7.2 allows remote attackers to cause a denial of service or possibly execute arbitrary code via a crafted s->rx_level value in a savevm image.
CVE-2013-4534 1 Qemu 1 Qemu 2025-04-12 N/A
Buffer overflow in hw/intc/openpic.c in QEMU before 1.7.2 allows remote attackers to cause a denial of service or possibly execute arbitrary code via vectors related to IRQDest elements.
CVE-2013-4537 1 Qemu 1 Qemu 2025-04-12 N/A
The ssi_sd_transfer function in hw/sd/ssi-sd.c in QEMU before 1.7.2 allows remote attackers to execute arbitrary code via a crafted arglen value in a savevm image.
CVE-2013-4538 1 Qemu 1 Qemu 2025-04-12 N/A
Multiple buffer overflows in the ssd0323_load function in hw/display/ssd0323.c in QEMU before 1.7.2 allow remote attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via crafted (1) cmd_len, (2) row, or (3) col values; (4) row_start and row_end values; or (5) col_star and col_end values in a savevm image.
CVE-2013-4539 1 Qemu 1 Qemu 2025-04-12 N/A
Multiple buffer overflows in the tsc210x_load function in hw/input/tsc210x.c in QEMU before 1.7.2 might allow remote attackers to execute arbitrary code via a crafted (1) precision, (2) nextprecision, (3) function, or (4) nextfunction value in a savevm image.
CVE-2013-4540 2 Opensuse, Qemu 2 Opensuse, Qemu 2025-04-12 N/A
Buffer overflow in scoop_gpio_handler_update in QEMU before 1.7.2 might allow remote attackers to execute arbitrary code via a large (1) prev_level, (2) gpio_level, or (3) gpio_dir value in a savevm image.
CVE-2013-4541 2 Qemu, Redhat 3 Qemu, Enterprise Linux, Openstack 2025-04-12 N/A
The usb_device_post_load function in hw/usb/bus.c in QEMU before 1.7.2 might allow remote attackers to execute arbitrary code via a crafted savevm image, related to a negative setup_len or setup_index value.