Export limit exceeded: 363281 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Search Results (363281 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2013-2305 1 Cybozu 3 Cybozu Dezie, Cybozu Office, Mailwise 2025-04-11 N/A
Cross-site request forgery (CSRF) vulnerability in Cybozu Office before 8.1.6 and 9.x before 9.3.0, Cybozu Dezie before 8.0.7, and Cybozu Mailwise before 5.0.4 allows remote attackers to hijack the authentication of arbitrary users for requests that change passwords.
CVE-2013-2306 1 Jb\+ 1 Jigbrowser\+ 2025-04-11 N/A
The jigbrowser+ application before 1.6.4 for Android does not properly open windows, which allows remote attackers to spoof the address bar via a crafted web site.
CVE-2013-2307 1 Yahoo 1 Yahoo\! Browser 2025-04-11 N/A
The Yahoo! Browser application before 1.4.3 for Android allows remote attackers to spoof the address bar via a crafted web site.
CVE-2013-2308 1 Softbanktech 1 Online Service Gate 2025-04-11 N/A
The (1) OWA Helper and (2) OSG Lite programs in SoftBank Online Service Gate allow remote authenticated users to discover their own passwords, and consequently bypass an Office 365 restriction, via unspecified vectors.
CVE-2013-2309 1 Tejimaya 1 Openpne 2025-04-11 N/A
Cross-site scripting (XSS) vulnerability in the management screen in OpenPNE 3.4.x before 3.4.21.1, 3.6.x before 3.6.9.1, and 3.8.x before 3.8.5.1 allows remote attackers to inject arbitrary web script or HTML via vectors involving the "mobile version color scheme."
CVE-2013-2310 2 Softbank, Willcom-inc 13 Android Smartphone, Disney Mobile Android Smartphone, Mobile Wi-fi Router and 10 more 2025-04-11 N/A
SoftBank Wi-Fi Spot Configuration Software, as used on SoftBank SHARP 3G handsets, SoftBank Panasonic 3G handsets, SoftBank NEC 3G handsets, SoftBank Samsung 3G handsets, SoftBank mobile Wi-Fi routers, SoftBank Android smartphones with the Wi-Fi application before 1.7.1, SoftBank Windows Mobile smartphones with the WISPrClient application before 1.3.1, SoftBank Disney Mobile Android smartphones with the Wi-Fi application before 1.7.1, and WILLCOM Android smartphones with the Wi-Fi application before 1.7.1, does not properly connect to access points, which allows remote attackers to obtain sensitive information by leveraging access to an 802.11 network.
CVE-2013-2311 1 Web2py 1 Web2py 2025-04-11 N/A
Cross-site scripting (XSS) vulnerability in static/js/share.js (aka the social bookmarking widget) in Web2py before 2.3.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
CVE-2013-2312 1 Lockon 1 Ec-cube 2025-04-11 N/A
Cross-site scripting (XSS) vulnerability in the shopping-cart screen in LOCKON EC-CUBE 2.11.0 through 2.12.3enP2 allows remote attackers to inject arbitrary web script or HTML via a crafted URL.
CVE-2013-2313 1 Lockon 1 Ec-cube 2025-04-11 N/A
Session fixation vulnerability in LOCKON EC-CUBE 2.11.0 through 2.12.3enP2 allows remote attackers to hijack web sessions via unspecified vectors.
CVE-2013-2314 1 Lockon 1 Ec-cube 2025-04-11 N/A
Cross-site scripting (XSS) vulnerability in the adminAuthorization function in data/class/helper/SC_Helper_Session.php in LOCKON EC-CUBE 2.11.0 through 2.12.3enP2 allows remote attackers to inject arbitrary web script or HTML via a crafted URL associated with the management screen.
CVE-2013-2315 1 Lockon 1 Ec-cube 2025-04-11 N/A
data/class/pages/forgot/LC_Page_Forgot.php in LOCKON EC-CUBE 2.11.0 through 2.12.3enP2 does not properly validate the input to the password reminder function, which allows remote attackers to obtain sensitive information via a crafted request.
CVE-2013-2316 1 Yahoo 1 Yahoo\! Browser 2025-04-11 N/A
The Yahoo! Browser application 1.4.4 and earlier for Android allows remote attackers to spoof the address bar via vectors related to URL display, a different vulnerability than CVE-2013-2307.
CVE-2013-2317 2 Fenrir-inc, Google 2 Sleipnir Mobile, Android 2025-04-11 N/A
The Sleipnir Mobile application 2.9.1 and earlier and Sleipnir Mobile Black Edition application 2.9.1 and earlier for Android allow remote attackers to spoof the address bar via vectors involving the opening of a new window.
CVE-2013-2318 1 Jig 2 Movatwitouch, Movatwitouch Paid 2025-04-11 N/A
The Content Provider in the MovatwiTouch application before 1.793 and MovatwiTouch Paid application before 1.793 for Android does not properly restrict access to authorization information, which allows attackers to hijack Twitter accounts via a crafted application.
CVE-2013-2319 1 Filemaker 2 Filemaker Pro, Filemaker Pro Advanced 2025-04-11 N/A
FileMaker Pro before 12 and Pro Advanced before 12 does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
CVE-2013-2321 2 Hp, Microsoft 2 Service Manager Web Tier, Windows 2025-04-11 N/A
Cross-site scripting (XSS) vulnerability in HP Service Manager Web Tier 9.31 before 9.31.2004 p2 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
CVE-2013-2322 1 Hp 1 Nonstop Sql\/mx 2025-04-11 N/A
HP SQL/MX 3.2 and earlier on NonStop servers, when SQL/MP Objects are used, allows remote authenticated users to obtain sensitive information via unspecified vectors, aka the "SQL/MP index" issue.
CVE-2013-2323 1 Hp 1 Nonstop Sql\/mx 2025-04-11 N/A
HP SQL/MX 3.0 through 3.2 on NonStop servers, when SQL/MP Objects are used, allows remote authenticated users to bypass intended access restrictions and modify data via unspecified vectors, aka the "SQL/MP tables" issue.
CVE-2013-2324 1 Hp 1 Storage Data Protector 2025-04-11 N/A
Unspecified vulnerability in HP Storage Data Protector 6.20, 6.21, 7.00, and 7.01 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-1629.
CVE-2013-2325 1 Hp 1 Storage Data Protector 2025-04-11 N/A
Unspecified vulnerability in HP Storage Data Protector 6.20, 6.21, 7.00, and 7.01 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-1633.