Export limit exceeded: 25077 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (25077 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2013-4780 | 1 Siemens | 2 Enterprise Openscape Branch, Openscape Session Border Controller | 2025-04-11 | N/A |
| core/getLog.php on the Siemens Enterprise OpenScape Branch appliance and OpenScape Session Border Controller (SBC) before 2 R0.32.0, and 7 before 7 R1.7.0, allows remote attackers to read arbitrary files via unspecified vectors. | ||||
| CVE-2013-4788 | 1 Gnu | 2 Eglibc, Glibc | 2025-04-11 | N/A |
| The PTR_MANGLE implementation in the GNU C Library (aka glibc or libc6) 2.4, 2.17, and earlier, and Embedded GLIBC (EGLIBC) does not initialize the random value for the pointer guard, which makes it easier for context-dependent attackers to control execution flow by leveraging a buffer-overflow vulnerability in an application and using the known zero value pointer guard to calculate a pointer address. | ||||
| CVE-2012-1890 | 1 Microsoft | 5 Windows 7, Windows Server 2003, Windows Server 2008 and 2 more | 2025-04-11 | N/A |
| win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 does not properly handle keyboard-layout files, which allows local users to gain privileges via a crafted application, aka "Keyboard Layout Vulnerability." | ||||
| CVE-2013-4826 | 1 Hp | 2 Imc Service Operation Management Software Module, Intelligent Management Center | 2025-04-11 | N/A |
| Unspecified vulnerability in HP Intelligent Management Center (iMC) and HP IMC Service Operation Management Software Module allows remote attackers to obtain sensitive information via unknown vectors, aka ZDI-CAN-1647. | ||||
| CVE-2013-4829 | 1 Hp | 22 Color Laserjet Cm4540, Color Laserjet Cm4540f, Color Laserjet Cm4540fskm and 19 more | 2025-04-11 | N/A |
| HP LaserJet M4555, M525, and M725; LaserJet flow MFP M525c; LaserJet Enterprise color flow MFP M575c; Color LaserJet CM4540, M575, and M775; and ScanJet Enterprise 8500fn1 FutureSmart devices allow local users to read images of arbitrary scanned documents via unspecified vectors. | ||||
| CVE-2013-4832 | 1 Hp | 1 Service Manager | 2025-04-11 | N/A |
| HP Service Manager 9.30 through 9.32 allows remote authenticated users to obtain sensitive information via unspecified vectors. | ||||
| CVE-2013-4912 | 1 Siemens | 1 Wincc | 2025-04-11 | N/A |
| Open redirect vulnerability in Siemens WinCC (TIA Portal) 11 and 12 before 12 SP1 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks by leveraging improper configuration of SIMATIC HMI panels by the WinCC product. | ||||
| CVE-2013-4924 | 1 Wireshark | 1 Wireshark | 2025-04-11 | N/A |
| epan/dissectors/packet-dcom-sysact.c in the DCOM ISystemActivator dissector in Wireshark 1.10.x before 1.10.1 does not properly validate certain index values, which allows remote attackers to cause a denial of service (assertion failure and application exit) via a crafted packet. | ||||
| CVE-2013-4926 | 1 Wireshark | 1 Wireshark | 2025-04-11 | N/A |
| epan/dissectors/packet-dcom-sysact.c in the DCOM ISystemActivator dissector in Wireshark 1.10.x before 1.10.1 does not properly determine whether there is remaining packet data to process, which allows remote attackers to cause a denial of service (application crash) via a crafted packet. | ||||
| CVE-2013-4930 | 1 Wireshark | 1 Wireshark | 2025-04-11 | N/A |
| The dissect_dvbci_tpdu_hdr function in epan/dissectors/packet-dvbci.c in the DVB-CI dissector in Wireshark 1.8.x before 1.8.9 and 1.10.x before 1.10.1 does not validate a certain length value before decrementing it, which allows remote attackers to cause a denial of service (assertion failure and application exit) via a crafted packet. | ||||
| CVE-2013-4932 | 2 Redhat, Wireshark | 2 Enterprise Linux, Wireshark | 2025-04-11 | N/A |
| Multiple array index errors in epan/dissectors/packet-gsm_a_common.c in the GSM A Common dissector in Wireshark 1.8.x before 1.8.9 and 1.10.x before 1.10.1 allow remote attackers to cause a denial of service (application crash) via a crafted packet. | ||||
| CVE-2013-4955 | 1 Puppet | 1 Puppet Enterprise | 2025-04-11 | N/A |
| Open redirect vulnerability in the login page in Puppet Enterprise before 3.0.1 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the service parameter. | ||||
| CVE-2013-4959 | 1 Puppet | 1 Puppet Enterprise | 2025-04-11 | N/A |
| Puppet Enterprise before 3.0.1 uses HTTP responses that contain sensitive information without the "no-cache" setting, which might allow local users to obtain sensitive information such as (1) host name, (2) MAC address, and (3) SSH keys via the web browser cache. | ||||
| CVE-2013-4961 | 1 Puppet | 1 Puppet Enterprise | 2025-04-11 | N/A |
| Puppet Enterprise before 3.0.1 includes version information for the Apache and Phusion Passenger products in its HTTP response headers, which allows remote attackers to obtain sensitive information. | ||||
| CVE-2013-4998 | 1 Phpmyadmin | 1 Phpmyadmin | 2025-04-11 | N/A |
| phpMyAdmin 3.5.x before 3.5.8.2 and 4.0.x before 4.0.4.2 allows remote attackers to obtain sensitive information via an invalid request, which reveals the installation path in an error message, related to pmd_common.php and other files. | ||||
| CVE-2013-4999 | 1 Phpmyadmin | 1 Phpmyadmin | 2025-04-11 | N/A |
| phpMyAdmin 4.0.x before 4.0.4.2 allows remote attackers to obtain sensitive information via an invalid request, which reveals the installation path in an error message, related to Error.class.php and Error_Handler.class.php. | ||||
| CVE-2013-5000 | 1 Phpmyadmin | 1 Phpmyadmin | 2025-04-11 | N/A |
| phpMyAdmin 3.5.x before 3.5.8.2 allows remote attackers to obtain sensitive information via an invalid request, which reveals the installation path in an error message, related to config.default.php and other files. | ||||
| CVE-2013-5008 | 1 Symantec | 1 Management Platform | 2025-04-11 | N/A |
| The agent and task-agent components in Symantec Management Platform 7.0 and 7.1 before 7.1 SP2 Mp1.1v7 rollup, as used in certain Altiris products, use the same registry-entry encryption key across different customers' installations, which makes it easier for local users to obtain sensitive information about package-server access, or cause a denial of service, by leveraging knowledge of this key. | ||||
| CVE-2013-5029 | 2 Opensuse, Phpmyadmin | 2 Opensuse, Phpmyadmin | 2025-04-11 | N/A |
| phpMyAdmin 3.5.x and 4.0.x before 4.0.5 allows remote attackers to bypass the clickjacking protection mechanism via certain vectors related to Header.class.php. | ||||
| CVE-2013-5045 | 1 Microsoft | 1 Internet Explorer | 2025-04-11 | N/A |
| Microsoft Internet Explorer 10 and 11 allows local users to bypass the Protected Mode protection mechanism, and consequently gain privileges, by leveraging the ability to execute sandboxed code, aka "Internet Explorer Elevation of Privilege Vulnerability." | ||||