Export limit exceeded: 363530 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (363530 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2013-3910 | 1 Microsoft | 1 Internet Explorer | 2025-04-11 | N/A |
| Microsoft Internet Explorer 6 through 9 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability." | ||||
| CVE-2013-3911 | 1 Microsoft | 1 Internet Explorer | 2025-04-11 | N/A |
| Microsoft Internet Explorer 9 and 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability." | ||||
| CVE-2013-3912 | 1 Microsoft | 1 Internet Explorer | 2025-04-11 | N/A |
| Microsoft Internet Explorer 8 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2013-3916. | ||||
| CVE-2013-3914 | 1 Microsoft | 1 Internet Explorer | 2025-04-11 | N/A |
| Microsoft Internet Explorer 9 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability." | ||||
| CVE-2013-3915 | 1 Microsoft | 1 Internet Explorer | 2025-04-11 | N/A |
| Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2013-3917. | ||||
| CVE-2013-3916 | 1 Microsoft | 1 Internet Explorer | 2025-04-11 | N/A |
| Microsoft Internet Explorer 8 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2013-3912. | ||||
| CVE-2013-3917 | 1 Microsoft | 1 Internet Explorer | 2025-04-11 | N/A |
| Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2013-3915. | ||||
| CVE-2013-3934 | 1 Kingsoft | 2 Office 2012, Writer 2012 | 2025-04-11 | N/A |
| Stack-based buffer overflow in Kingsoft Writer 2012 8.1.0.3030, as used in Kingsoft Office 2013 before 9.1.0.4256, allows remote attackers to execute arbitrary code via a long font name in a WPS file. | ||||
| CVE-2013-3919 | 1 Isc | 1 Bind | 2025-04-11 | N/A |
| resolver.c in ISC BIND 9.8.5 before 9.8.5-P1, 9.9.3 before 9.9.3-P1, and 9.6-ESV-R9 before 9.6-ESV-R9-P1, when a recursive resolver is configured, allows remote attackers to cause a denial of service (assertion failure and named daemon exit) via a query for a record in a malformed zone. | ||||
| CVE-2013-3920 | 1 Jahia | 1 Jahia Xcm | 2025-04-11 | N/A |
| Cross-site scripting (XSS) vulnerability in Jahia xCM before 6.6.2 allows remote authenticated users to inject arbitrary web script or HTML via the "about me" field. | ||||
| CVE-2013-3921 | 1 Easytimestudio | 1 Easy File Manager | 2025-04-11 | N/A |
| Directory traversal vulnerability in Easytime Studio Easy File Manager 1.1 for iOS allows remote attackers to read arbitrary files via a ..%2f (encoded dot dot slash) to the default URI. | ||||
| CVE-2013-3922 | 1 Gummybearstudios | 1 Ftp Drive \+ Http Server | 2025-04-11 | N/A |
| Directory traversal vulnerability in Gummy Bear Studios FTP Drive + HTTP Server 1.0.4 and earlier allows remote attackers to read arbitrary files via a ..%2f (encoded dot dot slash) in a GET request. | ||||
| CVE-2013-3923 | 1 Savysoda | 1 Wifi Free Hd | 2025-04-11 | N/A |
| Directory traversal vulnerability in SavySoda WiFi HD Free before 7.0 allows remote attackers to read arbitrary files via a ..%2f (encoded dot dot slash) in a GET request. | ||||
| CVE-2013-3925 | 1 Atlassian | 1 Crowd | 2025-04-11 | N/A |
| Atlassian Crowd 2.5.x before 2.5.4, 2.6.x before 2.6.3, 2.3.8, and 2.4.9 allows remote attackers to read arbitrary files and send HTTP requests to intranet servers via a request to (1) /services/2 or (2) services/latest with a DTD containing an XML external entity declaration in conjunction with an entity reference. | ||||
| CVE-2013-3926 | 1 Atlassian | 1 Crowd | 2025-04-11 | N/A |
| Atlassian Crowd 2.6.3 allows remote attackers to execute arbitrary commands via unspecified vectors related to a "symmetric backdoor." NOTE: as of 20130704, the vendor could not reproduce the issue, stating "We've been unable to substantiate the existence of [CVE-2013-3926]. The author of the article has not contacted Atlassian and has provided no detail, making it difficult to validate the claim... If we can confirm that there is a vulnerability, a patch will be issued. | ||||
| CVE-2013-3927 | 1 Siemens | 1 Comos | 2025-04-11 | N/A |
| Unspecified vulnerability in the client library in Siemens COMOS 9.2 before 9.2.0.6.10 and 10.0 before 10.0.3.0.4 allows local users to obtain unintended write access to the database by leveraging read access. | ||||
| CVE-2013-3929 | 1 Cmsmadesimple | 1 Cms Made Simple | 2025-04-11 | N/A |
| Cross-site scripting (XSS) vulnerability in admin/editevent.php in CMS Made Simple (CMSMS) 1.11.9 allows remote authenticated users with the "Modify Events" permission to inject arbitrary web script or HTML via the handler parameter. | ||||
| CVE-2013-3933 | 1 Maxxmarketing | 1 Joomshopping | 2025-04-11 | N/A |
| Cross-site scripting (XSS) vulnerability in the JoomShopping (com_joomshopping) component before 4.3.1 for Joomla! allows remote attackers to inject arbitrary web script or HTML via the user_name parameter to index.php. | ||||
| CVE-2013-3940 | 1 Microsoft | 10 Windows 7, Windows 8, Windows 8.1 and 7 more | 2025-04-11 | N/A |
| Integer overflow in the Graphics Device Interface (GDI) in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted image in a Windows Write (.wri) document, which is not properly handled in WordPad, aka "Graphics Device Interface Integer Overflow Vulnerability." | ||||
| CVE-2013-3948 | 1 Apple | 1 Iphone Os | 2025-04-11 | N/A |
| Apple iOS 6.1.3 does not follow redirects during determination of the hostname to display in an iOS Enterprise Deployment installation dialog, which makes it easier for remote attackers to trigger installation of arbitrary applications via a download-manifest itms-services:// URL that leverages an open redirect vulnerability within a trusted domain. | ||||