Export limit exceeded: 363638 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (363638 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2013-3051 | 2 Motorola, Qualcomm | 5 Android, Atrix Hd, Razr Hd and 2 more | 2025-04-11 | N/A |
| The TrustZone kernel, when used in conjunction with a certain Motorola build of Android 4.1.2, on Motorola Razr HD, Razr M, and Atrix HD devices with the Qualcomm MSM8960 chipset does not verify the association between a certain physical-address argument and a memory region, which allows local users to unlock the bootloader by using kernel mode to perform crafted 0x9 and 0x2 SMC operations, a different vulnerability than CVE-2013-2596. | ||||
| CVE-2013-3336 | 1 Adobe | 1 Coldfusion | 2025-04-11 | N/A |
| Unspecified vulnerability in Adobe ColdFusion 9.0, 9.0.1, 9.0.2, and 10 allows remote attackers to read arbitrary files via unknown vectors. | ||||
| CVE-2013-3055 | 1 Lexmark | 1 Markvision | 2025-04-11 | N/A |
| Lexmark Markvision Enterprise before 1.8 provides a diagnostic interface on TCP port 9789, which allows remote attackers to execute arbitrary code, change the configuration, or obtain sensitive fleet-management information via unspecified vectors. | ||||
| CVE-2013-3056 | 1 Joomla | 1 Joomla\! | 2025-04-11 | N/A |
| Joomla! 2.5.x before 2.5.10 and 3.0.x before 3.0.4 allows remote authenticated users to bypass intended privilege requirements and delete the private messages of arbitrary users via unspecified vectors. | ||||
| CVE-2013-3057 | 1 Joomla | 1 Joomla\! | 2025-04-11 | N/A |
| Joomla! 2.5.x before 2.5.10 and 3.0.x before 3.0.4 allows remote authenticated users to bypass intended privilege requirements and list the privileges of arbitrary users via unspecified vectors. | ||||
| CVE-2013-3058 | 1 Joomla | 1 Joomla\! | 2025-04-11 | N/A |
| Cross-site scripting (XSS) vulnerability in Joomla! 2.5.x before 2.5.10 and 3.0.x before 3.0.4 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | ||||
| CVE-2013-3059 | 1 Joomla | 1 Joomla\! | 2025-04-11 | N/A |
| Cross-site scripting (XSS) vulnerability in the Voting plugin in Joomla! 2.5.x before 2.5.10 and 3.0.x before 3.0.4 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | ||||
| CVE-2013-3060 | 2 Apache, Redhat | 3 Activemq, Fuse Message Broker, Fuse Mq Enterprise | 2025-04-11 | N/A |
| The web console in Apache ActiveMQ before 5.8.0 does not require authentication, which allows remote attackers to obtain sensitive information or cause a denial of service via HTTP requests. | ||||
| CVE-2013-3061 | 1 Sap | 2 Erp Central Component, Healthcare Industry Solution | 2025-04-11 | N/A |
| The ISHMED-PATRED_TRANSACT_RFCCALL function in the IS-H Industry-Specific Component Hospital subsystem in SAP Healthcare Industry Solution, and the SAP ERP central component (aka ECC 6), allows remote authenticated users to bypass intended transaction restrictions via unspecified vectors. | ||||
| CVE-2013-3062 | 1 Sap | 1 Production Planning And Control | 2025-04-11 | N/A |
| The CP_RC_TRANSACTION_CALL_BY_SET function in the Engineering Workbench component in SAP Production Planning and Control allows remote authenticated users to bypass intended transaction restrictions via unspecified vectors. | ||||
| CVE-2013-3063 | 1 Sap | 1 Basis Communication Services | 2025-04-11 | N/A |
| SAP BASIS Communication Services 4.6B through 7.30 allows remote authenticated users to execute arbitrary commands via unspecified vectors. | ||||
| CVE-2013-3075 | 2 Mitsubishi-automation, Schneider-electric | 3 Mitsubishi Mx Component, Citectfacilities, Citectscada | 2025-04-11 | N/A |
| Multiple buffer overflows in ActUWzd.dll 1.0.0.1 in Mitsubishi MX Component 3, as distributed in Citect CitectFacilities 7.10 and CitectScada 7.10r1, allow remote attackers to execute arbitrary code via a long string, as demonstrated by a long WzTitle property value to a certain ActiveX control. | ||||
| CVE-2013-3076 | 2 Linux, Redhat | 2 Linux Kernel, Enterprise Mrg | 2025-04-11 | N/A |
| The crypto API in the Linux kernel through 3.9-rc8 does not initialize certain length variables, which allows local users to obtain sensitive information from kernel stack memory via a crafted recvmsg or recvfrom system call, related to the hash_recvmsg function in crypto/algif_hash.c and the skcipher_recvmsg function in crypto/algif_skcipher.c. | ||||
| CVE-2013-3077 | 1 Freebsd | 1 Freebsd | 2025-04-11 | N/A |
| Multiple integer overflows in the IP_MSFILTER and IPV6_MSFILTER features in (1) sys/netinet/in_mcast.c and (2) sys/netinet6/in6_mcast.c in the multicast implementation in the kernel in FreeBSD 8.3 through 9.2-PRERELEASE allow local users to bypass intended restrictions on kernel-memory read and write operations, and consequently gain privileges, via vectors involving a large number of source-filter entries. | ||||
| CVE-2013-3079 | 1 Vmware | 1 Vcenter Server Appliance | 2025-04-11 | N/A |
| VMware vCenter Server Appliance (vCSA) 5.1 before Update 1 allows remote authenticated users to execute arbitrary programs with root privileges by leveraging Virtual Appliance Management Interface (VAMI) access. | ||||
| CVE-2013-3080 | 1 Vmware | 1 Vcenter Server Appliance | 2025-04-11 | N/A |
| VMware vCenter Server Appliance (vCSA) 5.1 before Update 1 allows remote authenticated users to create or overwrite arbitrary files, and consequently execute arbitrary code or cause a denial of service, by leveraging Virtual Appliance Management Interface (VAMI) web-interface access. | ||||
| CVE-2013-3084 | 1 Belkin | 1 F5d8236-4 | 2025-04-11 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in Belkin Model F5D8236-4 v2 router allow remote attackers to inject arbitrary web script or HTML via unspecified vectors. | ||||
| CVE-2013-3087 | 1 Belkin | 1 N900 | 2025-04-11 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in Belkin N900 router allow remote attackers to inject arbitrary web script or HTML via the (1) ssid2 parameter to wl_channel.html or (2) guest_psk parameter to wl_guest.html. | ||||
| CVE-2013-3090 | 1 Belkin | 1 N300 | 2025-04-11 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in Belkin N300 router allow remote attackers to inject arbitrary web script or HTML via the Guest Access PSK field to wireless_guest2_print.stm or other unspecified vectors. | ||||
| CVE-2013-3095 | 1 Dlink | 2 Dir865l, Dir865l Firmware | 2025-04-11 | N/A |
| Multiple cross-site request forgery (CSRF) vulnerabilities in D-Link DIR865L router (Rev. A1) with firmware before 1.05b07 allow remote attackers to hijack the authentication of administrators for requests that (1) change the administrator password or (2) enable remote management via a request to hedwig.cgi or (3) activate configuration changes via a request to pigwidgeon.cgi. | ||||