Export limit exceeded: 365171 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (365171 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2013-6830 | 1 Pineapp | 1 Mail-secure 5099sk | 2025-04-11 | N/A |
| admin/confnetworking.html in PineApp Mail-SeCure 3.70 and earlier on 5099SK and earlier platforms allows remote attackers to execute arbitrary commands via shell metacharacters in the nsserver parameter during an nslookup operation. | ||||
| CVE-2013-6829 | 1 Pineapp | 1 Mail-secure | 2025-04-11 | N/A |
| admin/confnetworking.html in PineApp Mail-SeCure allows remote attackers to execute arbitrary commands via shell metacharacters in the pinghost parameter during a ping operation. | ||||
| CVE-2013-6828 | 1 Pineapp | 1 Mail-secure | 2025-04-11 | N/A |
| admin/management.html in PineApp Mail-SeCure allows remote attackers to bypass authentication and perform a sys_usermng operation via the it parameter. | ||||
| CVE-2013-6827 | 1 Pineapp | 1 Mail-secure | 2025-04-11 | N/A |
| Absolute path traversal vulnerability in admin/viewmsg.php in PineApp Mail-SeCure allows remote attackers to read arbitrary files via a full pathname in the msg parameter. | ||||
| CVE-2013-6826 | 1 Fortinet | 7 Fortianalyzer-1000d, Fortianalyzer-2000b, Fortianalyzer-200d and 4 more | 2025-04-11 | N/A |
| cgi-bin/module//sysmanager/admin/SYSAdminUserDialog in Fortinet FortiAnalyzer before 5.0.5 does not properly validate the csrf_token parameter, which allows remote attackers to perform cross-site request forgery (CSRF) attacks. | ||||
| CVE-2013-6824 | 1 Zabbix | 1 Zabbix | 2025-04-11 | N/A |
| Zabbix before 1.8.19rc1, 2.0 before 2.0.10rc1, and 2.2 before 2.2.1rc1 allows remote Zabbix servers and proxies to execute arbitrary commands via a newline in a flexible user parameter. | ||||
| CVE-2013-6340 | 2 Redhat, Wireshark | 2 Enterprise Linux, Wireshark | 2025-04-11 | N/A |
| epan/dissectors/packet-tcp.c in the TCP dissector in Wireshark 1.8.x before 1.8.11 and 1.10.x before 1.10.3 does not properly determine the amount of remaining data, which allows remote attackers to cause a denial of service (application crash) via a crafted packet. | ||||
| CVE-2013-6341 | 1 Dokeos | 1 Dokeos | 2025-04-11 | N/A |
| SQL injection vulnerability in Dokeos 2.2 RC2 and earlier allows remote attackers to execute arbitrary SQL commands via the language parameter to index.php. | ||||
| CVE-2013-6342 | 1 Tweet-blender | 1 Tweet-blender | 2025-04-11 | N/A |
| Cross-site scripting (XSS) vulnerability in the Tweet Blender plugin before 4.0.2 for WordPress allows remote attackers to inject arbitrary web script or HTML via the tb_tab_index parameter to wp-admin/options-general.php. | ||||
| CVE-2013-6344 | 1 Novell | 1 Zenworks Configuration Management | 2025-04-11 | N/A |
| The ZCC page in Novell ZENworks Configuration Management (ZCM) before 11.2.4 allows attackers to conduct cross-frame scripting attacks via unknown vectors. | ||||
| CVE-2013-6345 | 1 Novell | 1 Zenworks Configuration Management | 2025-04-11 | N/A |
| Unspecified vulnerability in the ZCC page in Novell ZENworks Configuration Management (ZCM) before 11.2.4 has unknown impact and attack vectors related to an "Application Exception." | ||||
| CVE-2013-6346 | 1 Novell | 1 Zenworks Configuration Management | 2025-04-11 | N/A |
| Cross-site request forgery (CSRF) vulnerability in the ZCC page in Novell ZENworks Configuration Management (ZCM) before 11.2.4 allows remote attackers to hijack the authentication of unspecified victims via unknown vectors. | ||||
| CVE-2013-6347 | 1 Novell | 1 Zenworks Configuration Management | 2025-04-11 | N/A |
| Session fixation vulnerability in Novell ZENworks Configuration Management (ZCM) before 11.2.4 allows remote attackers to hijack web sessions via unspecified vectors. | ||||
| CVE-2013-6348 | 1 Apache | 1 Struts | 2025-04-11 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in Apache Struts 2.3.15.3 allow remote attackers to inject arbitrary web script or HTML via the namespace parameter to (1) actionNames.action and (2) showConfig.action in config-browser/. | ||||
| CVE-2013-6349 | 1 Mcafee | 1 Email Gateway | 2025-04-11 | N/A |
| McAfee Email Gateway (MEG) 7.0 before 7.0.4 and 7.5 before 7.5.1 allows remote authenticated users to execute arbitrary commands via unspecified vectors. | ||||
| CVE-2013-6359 | 1 Munin-monitoring | 1 Munin | 2025-04-11 | N/A |
| Munin::Master::Node in Munin before 2.0.18 allows remote attackers to cause a denial of service (abort data collection for node) via a plugin that uses "multigraph" as a multigraph service name. | ||||
| CVE-2013-6367 | 2 Linux, Redhat | 4 Linux Kernel, Enterprise Linux, Rhel Eus and 1 more | 2025-04-11 | N/A |
| The apic_get_tmcct function in arch/x86/kvm/lapic.c in the KVM subsystem in the Linux kernel through 3.12.5 allows guest OS users to cause a denial of service (divide-by-zero error and host OS crash) via crafted modifications of the TMICT value. | ||||
| CVE-2013-6368 | 2 Linux, Redhat | 4 Linux Kernel, Enterprise Linux, Rhel Eus and 1 more | 2025-04-11 | N/A |
| The KVM subsystem in the Linux kernel through 3.12.5 allows local users to gain privileges or cause a denial of service (system crash) via a VAPIC synchronization operation involving a page-end address. | ||||
| CVE-2013-6373 | 1 Jenkins-ci | 1 Exclusion | 2025-04-11 | N/A |
| The Exclusion plugin before 0.9 for Jenkins does not properly prevent access to resource locks, which allows remote authenticated users to list and release resources via unspecified vectors. | ||||
| CVE-2013-6374 | 1 Jenkins-ci | 1 Build Failure Analyzer | 2025-04-11 | N/A |
| Cross-site scripting (XSS) vulnerability in the Build Failure Analyzer plugin before 1.5.1 for Jenkins allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors. | ||||