Export limit exceeded: 363701 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Export limit exceeded: 363701 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Search Results (363701 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2013-0715 1 Windriver 1 Vxworks 2025-04-11 N/A
The WebCLI component in Wind River VxWorks 5.5 through 6.9 allows remote authenticated users to cause a denial of service (CLI session crash) via a crafted command string.
CVE-2013-0716 1 Windriver 1 Vxworks 2025-04-11 N/A
The web server in Wind River VxWorks 5.5 through 6.9 allows remote attackers to cause a denial of service (daemon crash) via a crafted URI.
CVE-2013-0717 1 Nec 6 Atermwm3450rn, Atermwm3600r, Atermwr8160n and 3 more 2025-04-11 N/A
Multiple cross-site request forgery (CSRF) vulnerabilities in the web-based management utility on the NEC AtermWR9500N, AtermWR8600N, AtermWR8370N, AtermWR8160N, AtermWM3600R, and AtermWM3450RN routers allow remote attackers to hijack the authentication of administrators for requests that (1) initialize settings or (2) reboot the device.
CVE-2013-0718 1 Simeji 1 Simeji 2025-04-11 N/A
The Simeji application 4.8.1 and earlier for Android uses weak permissions for unspecified files, which allows attackers to obtain sensitive information via an application that accesses the local filesystem.
CVE-2013-0719 1 Codedesign 1 Artime Japanese Input 2025-04-11 N/A
The ArtIME Japanese Input application 1.1.2 and earlier for Android uses weak permissions for unspecified files, which allows attackers to obtain sensitive information via an application that accesses the local filesystem.
CVE-2013-0720 1 Cob\'s Products 1 Cobime 2025-04-11 N/A
The COBIME application before 0.9.4 for Android uses weak permissions for unspecified files, which allows attackers to obtain sensitive information via an application that accesses the local filesystem.
CVE-2013-0721 2 Wordpress, Wp Php Widget Project 2 Wordpress, Wp Php Widget 2025-04-11 N/A
wp-php-widget.php in the WP PHP widget plugin 1.0.2 for WordPress allows remote attackers to obtain sensitive information via a direct request, which reveals the full path in an error message.
CVE-2013-0722 1 Ettercap-project 1 Ettercap 2025-04-11 N/A
Stack-based buffer overflow in the scan_load_hosts function in ec_scan.c in Ettercap 0.7.5.1 and earlier might allow local users to gain privileges via a Trojan horse hosts list containing a long line.
CVE-2013-0723 1 Kingsoft 1 Spreadsheets 2012 2025-04-11 N/A
Multiple heap-based buffer overflows in etxrw.dll in Kingsoft Spreadsheets 2012 8.1.0.3030 allow remote attackers to cause a denial of service (memory corruption and crash) or possibly execute arbitrary code via a crafted spreadsheet file.
CVE-2013-0726 1 Hexagon 1 Erdas Er Viewer 2025-04-11 N/A
Stack-based buffer overflow in the ERM_convert_to_correct_webpath function in ermapper_u.dll in ERDAS ER Viewer before 13.00.0001 allows remote attackers to execute arbitrary code via a crafted pathname in an ERS file.
CVE-2013-0727 1 Bluemarblegeo 1 Global Mapper 2025-04-11 N/A
Multiple untrusted search path vulnerabilities in Global Mapper 14.1.0 allow local users to gain privileges via a Trojan horse (1) dwmapi.dll or (2) ibfs32.dll file in the current working directory, as demonstrated by a directory that contains a .gmc, .gmg, .gmp, .gms, .gmw, or .opt file.
CVE-2013-0728 1 Hexagon 1 Erdas Apollo Ecwp 2025-04-11 N/A
Multiple stack-based buffer overflows in NCSAddOn.dll in the ERDAS APOLLO ECWP plugin before 13.00.0001 for Internet Explorer, Firefox, and Chrome allow remote attackers to execute arbitrary code via a long property value.
CVE-2013-0730 1 Sourcefabric 1 Newscoop 2025-04-11 N/A
Multiple cross-site scripting (XSS) vulnerabilities in Newscoop 4.x through 4.1.0 allow remote attackers to inject arbitrary web script or HTML via vectors involving the (1) language parameter to application/modules/admin/controllers/LanguagesController.php or (2) user parameter to application/modules/admin/controllers/UserController.php.
CVE-2013-0731 2 Mailup, Wordpress 2 Wp-mailup, Wordpress 2025-04-11 N/A
ajax.functions.php in the MailUp plugin before 1.3.3 for WordPress does not properly restrict access to unspecified Ajax functions, which allows remote attackers to modify plugin settings and conduct cross-site scripting (XSS) attacks by setting the wordpress_logged_in cookie. NOTE: this is due to an incomplete fix for a similar issue that was fixed in 1.3.2.
CVE-2013-0736 2 Cartpauj, Wordpress 2 Mingle-forum, Wordpress 2025-04-11 N/A
Multiple cross-site request forgery (CSRF) vulnerabilities in the Mingle Forum plugin 1.0.34 and possibly earlier for WordPress allow remote attackers to hijack the authentication of administrators for requests that (1) modify user privileges or (2) conduct cross-site scripting (XSS) attacks via unspecified vectors.
CVE-2013-0741 1 Percipientstudios 1 Imagen 2025-04-11 N/A
Cross-site scripting (XSS) vulnerability in imagegen.ashx in Percipient Studios ImageGen before 2.9.0 for Umbraco CMS allows remote attackers to inject arbitrary web script or HTML via the font parameter.
CVE-2013-0742 1 Corel 1 Pdf Fusion 2025-04-11 N/A
Stack-based buffer overflow in Corel PDF Fusion 1.11 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a long ZIP directory entry name in an XPS file.
CVE-2013-0744 5 Canonical, Mozilla, Opensuse and 2 more 16 Ubuntu Linux, Firefox, Seamonkey and 13 more 2025-04-11 N/A
Use-after-free vulnerability in the TableBackgroundPainter::TableBackgroundData::Destroy function in Mozilla Firefox before 18.0, Firefox ESR 10.x before 10.0.12 and 17.x before 17.0.2, Thunderbird before 17.0.2, Thunderbird ESR 10.x before 10.0.12 and 17.x before 17.0.2, and SeaMonkey before 2.15 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via an HTML document with a table containing many columns and column groups.
CVE-2013-0745 4 Canonical, Mozilla, Opensuse and 1 more 9 Ubuntu Linux, Firefox, Seamonkey and 6 more 2025-04-11 N/A
The AutoWrapperChanger class in Mozilla Firefox before 18.0, Firefox ESR 17.x before 17.0.2, Thunderbird before 17.0.2, Thunderbird ESR 17.x before 17.0.2, and SeaMonkey before 2.15 does not properly interact with garbage collection, which allows remote attackers to execute arbitrary code via a crafted HTML document referencing JavaScript objects.
CVE-2013-0746 5 Canonical, Mozilla, Opensuse and 2 more 16 Ubuntu Linux, Firefox, Seamonkey and 13 more 2025-04-11 N/A
Mozilla Firefox before 18.0, Firefox ESR 10.x before 10.0.12 and 17.x before 17.0.2, Thunderbird before 17.0.2, Thunderbird ESR 10.x before 10.0.12 and 17.x before 17.0.2, and SeaMonkey before 2.15 do not properly implement quickstubs that use the jsval data type for their return values, which allows remote attackers to execute arbitrary code or cause a denial of service (compartment mismatch and application crash) via crafted JavaScript code that is not properly handled during garbage collection.