Export limit exceeded: 363855 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (363855 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2013-2896 | 2 Linux, Redhat | 2 Linux Kernel, Enterprise Mrg | 2025-04-11 | N/A |
| drivers/hid/hid-ntrig.c in the Human Interface Device (HID) subsystem in the Linux kernel through 3.11, when CONFIG_HID_NTRIG is enabled, allows physically proximate attackers to cause a denial of service (NULL pointer dereference and OOPS) via a crafted device. | ||||
| CVE-2013-2897 | 1 Linux | 1 Linux Kernel | 2025-04-11 | N/A |
| Multiple array index errors in drivers/hid/hid-multitouch.c in the Human Interface Device (HID) subsystem in the Linux kernel through 3.11, when CONFIG_HID_MULTITOUCH is enabled, allow physically proximate attackers to cause a denial of service (heap memory corruption, or NULL pointer dereference and OOPS) via a crafted device. | ||||
| CVE-2013-2898 | 1 Linux | 1 Linux Kernel | 2025-04-11 | N/A |
| drivers/hid/hid-sensor-hub.c in the Human Interface Device (HID) subsystem in the Linux kernel through 3.11, when CONFIG_HID_SENSOR_HUB is enabled, allows physically proximate attackers to obtain sensitive information from kernel memory via a crafted device. | ||||
| CVE-2013-2899 | 1 Linux | 1 Linux Kernel | 2025-04-11 | N/A |
| drivers/hid/hid-picolcd_core.c in the Human Interface Device (HID) subsystem in the Linux kernel through 3.11, when CONFIG_HID_PICOLCD is enabled, allows physically proximate attackers to cause a denial of service (NULL pointer dereference and OOPS) via a crafted device. | ||||
| CVE-2013-2634 | 2 Linux, Redhat | 4 Linux Kernel, Enterprise Linux, Enterprise Mrg and 1 more | 2025-04-11 | N/A |
| net/dcb/dcbnl.c in the Linux kernel before 3.8.4 does not initialize certain structures, which allows local users to obtain sensitive information from kernel stack memory via a crafted application. | ||||
| CVE-2013-2633 | 1 Matomo | 1 Matomo | 2025-04-11 | N/A |
| Piwik before 1.11 accepts input from a POST request instead of a GET request in unspecified circumstances, which might allow attackers to obtain sensitive information by leveraging the logging of parameters. | ||||
| CVE-2013-2305 | 1 Cybozu | 3 Cybozu Dezie, Cybozu Office, Mailwise | 2025-04-11 | N/A |
| Cross-site request forgery (CSRF) vulnerability in Cybozu Office before 8.1.6 and 9.x before 9.3.0, Cybozu Dezie before 8.0.7, and Cybozu Mailwise before 5.0.4 allows remote attackers to hijack the authentication of arbitrary users for requests that change passwords. | ||||
| CVE-2013-2306 | 1 Jb\+ | 1 Jigbrowser\+ | 2025-04-11 | N/A |
| The jigbrowser+ application before 1.6.4 for Android does not properly open windows, which allows remote attackers to spoof the address bar via a crafted web site. | ||||
| CVE-2013-2307 | 1 Yahoo | 1 Yahoo\! Browser | 2025-04-11 | N/A |
| The Yahoo! Browser application before 1.4.3 for Android allows remote attackers to spoof the address bar via a crafted web site. | ||||
| CVE-2013-2308 | 1 Softbanktech | 1 Online Service Gate | 2025-04-11 | N/A |
| The (1) OWA Helper and (2) OSG Lite programs in SoftBank Online Service Gate allow remote authenticated users to discover their own passwords, and consequently bypass an Office 365 restriction, via unspecified vectors. | ||||
| CVE-2013-2309 | 1 Tejimaya | 1 Openpne | 2025-04-11 | N/A |
| Cross-site scripting (XSS) vulnerability in the management screen in OpenPNE 3.4.x before 3.4.21.1, 3.6.x before 3.6.9.1, and 3.8.x before 3.8.5.1 allows remote attackers to inject arbitrary web script or HTML via vectors involving the "mobile version color scheme." | ||||
| CVE-2013-2310 | 2 Softbank, Willcom-inc | 13 Android Smartphone, Disney Mobile Android Smartphone, Mobile Wi-fi Router and 10 more | 2025-04-11 | N/A |
| SoftBank Wi-Fi Spot Configuration Software, as used on SoftBank SHARP 3G handsets, SoftBank Panasonic 3G handsets, SoftBank NEC 3G handsets, SoftBank Samsung 3G handsets, SoftBank mobile Wi-Fi routers, SoftBank Android smartphones with the Wi-Fi application before 1.7.1, SoftBank Windows Mobile smartphones with the WISPrClient application before 1.3.1, SoftBank Disney Mobile Android smartphones with the Wi-Fi application before 1.7.1, and WILLCOM Android smartphones with the Wi-Fi application before 1.7.1, does not properly connect to access points, which allows remote attackers to obtain sensitive information by leveraging access to an 802.11 network. | ||||
| CVE-2013-2311 | 1 Web2py | 1 Web2py | 2025-04-11 | N/A |
| Cross-site scripting (XSS) vulnerability in static/js/share.js (aka the social bookmarking widget) in Web2py before 2.3.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | ||||
| CVE-2013-2312 | 1 Lockon | 1 Ec-cube | 2025-04-11 | N/A |
| Cross-site scripting (XSS) vulnerability in the shopping-cart screen in LOCKON EC-CUBE 2.11.0 through 2.12.3enP2 allows remote attackers to inject arbitrary web script or HTML via a crafted URL. | ||||
| CVE-2013-2313 | 1 Lockon | 1 Ec-cube | 2025-04-11 | N/A |
| Session fixation vulnerability in LOCKON EC-CUBE 2.11.0 through 2.12.3enP2 allows remote attackers to hijack web sessions via unspecified vectors. | ||||
| CVE-2013-2314 | 1 Lockon | 1 Ec-cube | 2025-04-11 | N/A |
| Cross-site scripting (XSS) vulnerability in the adminAuthorization function in data/class/helper/SC_Helper_Session.php in LOCKON EC-CUBE 2.11.0 through 2.12.3enP2 allows remote attackers to inject arbitrary web script or HTML via a crafted URL associated with the management screen. | ||||
| CVE-2013-2315 | 1 Lockon | 1 Ec-cube | 2025-04-11 | N/A |
| data/class/pages/forgot/LC_Page_Forgot.php in LOCKON EC-CUBE 2.11.0 through 2.12.3enP2 does not properly validate the input to the password reminder function, which allows remote attackers to obtain sensitive information via a crafted request. | ||||
| CVE-2013-2316 | 1 Yahoo | 1 Yahoo\! Browser | 2025-04-11 | N/A |
| The Yahoo! Browser application 1.4.4 and earlier for Android allows remote attackers to spoof the address bar via vectors related to URL display, a different vulnerability than CVE-2013-2307. | ||||
| CVE-2013-2317 | 2 Fenrir-inc, Google | 2 Sleipnir Mobile, Android | 2025-04-11 | N/A |
| The Sleipnir Mobile application 2.9.1 and earlier and Sleipnir Mobile Black Edition application 2.9.1 and earlier for Android allow remote attackers to spoof the address bar via vectors involving the opening of a new window. | ||||
| CVE-2013-2318 | 1 Jig | 2 Movatwitouch, Movatwitouch Paid | 2025-04-11 | N/A |
| The Content Provider in the MovatwiTouch application before 1.793 and MovatwiTouch Paid application before 1.793 for Android does not properly restrict access to authorization information, which allows attackers to hijack Twitter accounts via a crafted application. | ||||