Export limit exceeded: 26270 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (26270 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2013-5152 | 1 Apple | 1 Iphone Os | 2025-04-11 | N/A |
| Mobile Safari in Apple iOS before 7 allows remote attackers to spoof the URL bar via a crafted web site. | ||||
| CVE-2013-5155 | 1 Apple | 1 Iphone Os | 2025-04-11 | N/A |
| The Sandbox subsystem in Apple iOS before 7 allows attackers to cause a denial of service (infinite loop) via an application that writes crafted values to /dev/random. | ||||
| CVE-2013-5183 | 1 Apple | 1 Mac Os X | 2025-04-11 | N/A |
| Mail in Apple Mac OS X before 10.9, when Kerberos authentication is enabled and TLS is disabled, sends invalid cleartext data, which allows remote attackers to obtain sensitive information by sniffing the network. | ||||
| CVE-2013-5192 | 1 Apple | 1 Mac Os X | 2025-04-11 | N/A |
| The USB hub controller in Apple Mac OS X before 10.9 allows local users to cause a denial of service (system crash) via a request with a crafted (1) port or (2) port number. | ||||
| CVE-2013-5209 | 1 Freebsd | 1 Freebsd | 2025-04-11 | N/A |
| The sctp_send_initiate_ack function in sys/netinet/sctp_output.c in the SCTP implementation in the kernel in FreeBSD 8.3 through 9.2-PRERELEASE does not properly initialize the state-cookie data structure, which allows remote attackers to obtain sensitive information from kernel stack memory by reading packet data in INIT-ACK chunks. | ||||
| CVE-2013-5220 | 1 Hot | 2 Hotbox Router, Hotbox Router Firmware | 2025-04-11 | N/A |
| goform/login on the HOT HOTBOX router with software 2.1.11 allows remote attackers to cause a denial of service (device crash) via crafted HTTP POST data. | ||||
| CVE-2013-6283 | 1 Videolan | 1 Vlc Media Player | 2025-04-11 | N/A |
| VideoLAN VLC Media Player 2.0.8 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long string in a URL in a m3u file. | ||||
| CVE-2013-7015 | 1 Ffmpeg | 1 Ffmpeg | 2025-04-11 | N/A |
| The flashsv_decode_frame function in libavcodec/flashsv.c in FFmpeg before 2.1 does not properly validate a certain height value, which allows remote attackers to cause a denial of service (out-of-bounds array access) or possibly have unspecified other impact via crafted Flash Screen Video data. | ||||
| CVE-2013-7019 | 1 Ffmpeg | 1 Ffmpeg | 2025-04-11 | N/A |
| The get_cox function in libavcodec/jpeg2000dec.c in FFmpeg before 2.1 does not properly validate the reduction factor, which allows remote attackers to cause a denial of service (out-of-bounds array access) or possibly have unspecified other impact via crafted JPEG2000 data. | ||||
| CVE-2013-7079 | 1 Typo3 | 1 Typo3 | 2025-04-11 | N/A |
| Open redirect vulnerability in the OpenID extension in TYPO3 4.5.0 through 4.5.31, 4.7.0 through 4.7.16, 6.0.0 through 6.0.11, and 6.1.0 through 6.1.6 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vectors. | ||||
| CVE-2013-7085 | 1 Devscripts Devel Team | 1 Devscripts | 2025-04-11 | N/A |
| Uscan in devscripts 2.13.5, when USCAN_EXCLUSION is enabled, allows remote attackers to delete arbitrary files via a whitespace character in a filename. | ||||
| CVE-2013-7176 | 1 Fail2ban | 1 Fail2ban | 2025-04-11 | N/A |
| config/filter.d/postfix.conf in the postfix filter in Fail2ban before 0.8.11 allows remote attackers to trigger the blocking of an arbitrary IP address via a crafted e-mail address that matches an improperly designed regular expression. | ||||
| CVE-2013-7177 | 1 Fail2ban | 1 Fail2ban | 2025-04-11 | N/A |
| config/filter.d/cyrus-imap.conf in the cyrus-imap filter in Fail2ban before 0.8.11 allows remote attackers to trigger the blocking of an arbitrary IP address via a crafted e-mail address that matches an improperly designed regular expression. | ||||
| CVE-2013-7179 | 1 Seowonintech | 1 Swc-9100 | 2025-04-11 | N/A |
| The ping functionality in cgi-bin/diagnostic.cgi on Seowon Intech SWC-9100 routers allows remote attackers to execute arbitrary commands via shell metacharacters in the ping_ipaddr parameter. | ||||
| CVE-2013-7255 | 1 Opsview | 1 Opsview | 2025-04-11 | N/A |
| Open redirect vulnerability in Opsview before 4.4.2 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vectors. | ||||
| CVE-2013-7249 | 1 Fatfreecrm | 1 Fat Free Crm | 2025-04-11 | N/A |
| Fat Free CRM before 0.12.1 does not restrict XML serialization, which allows remote attackers to obtain sensitive information via a direct request, as demonstrated by a request for users/1.xml, a different vulnerability than CVE-2013-7224. | ||||
| CVE-2013-7263 | 2 Linux, Redhat | 3 Linux Kernel, Enterprise Linux, Enterprise Mrg | 2025-04-11 | N/A |
| The Linux kernel before 3.12.4 updates certain length values before ensuring that associated data structures have been initialized, which allows local users to obtain sensitive information from kernel stack memory via a (1) recvfrom, (2) recvmmsg, or (3) recvmsg system call, related to net/ipv4/ping.c, net/ipv4/raw.c, net/ipv4/udp.c, net/ipv6/raw.c, and net/ipv6/udp.c. | ||||
| CVE-2013-7264 | 1 Linux | 1 Linux Kernel | 2025-04-11 | N/A |
| The l2tp_ip_recvmsg function in net/l2tp/l2tp_ip.c in the Linux kernel before 3.12.4 updates a certain length value before ensuring that an associated data structure has been initialized, which allows local users to obtain sensitive information from kernel stack memory via a (1) recvfrom, (2) recvmmsg, or (3) recvmsg system call. | ||||
| CVE-2013-7266 | 2 Linux, Redhat | 2 Linux Kernel, Enterprise Linux | 2025-04-11 | N/A |
| The mISDN_sock_recvmsg function in drivers/isdn/mISDN/socket.c in the Linux kernel before 3.12.4 does not ensure that a certain length value is consistent with the size of an associated data structure, which allows local users to obtain sensitive information from kernel memory via a (1) recvfrom, (2) recvmmsg, or (3) recvmsg system call. | ||||
| CVE-2013-7267 | 1 Linux | 1 Linux Kernel | 2025-04-11 | N/A |
| The atalk_recvmsg function in net/appletalk/ddp.c in the Linux kernel before 3.12.4 updates a certain length value without ensuring that an associated data structure has been initialized, which allows local users to obtain sensitive information from kernel memory via a (1) recvfrom, (2) recvmmsg, or (3) recvmsg system call. | ||||