Export limit exceeded: 363167 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Export limit exceeded: 363167 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Export limit exceeded: 26237 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Search Results (26237 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2013-5452 1 Ibm 1 Filenet Business Process Framework 2025-04-11 N/A
IBM FileNet Business Process Framework 4.1.0 allows remote authenticated users to read arbitrary files or send TCP requests to intranet servers via XML data containing an external entity declaration in conjunction with an entity reference, related to an XML External Entity (XXE) issue.
CVE-2013-5453 1 Ibm 1 Security Appscan 2025-04-11 N/A
IBM Security AppScan Enterprise 5.6 through 8.7.0.1 allows remote authenticated users to read arbitrary report files by leveraging knowledge of filenames that cannot be easily predicted.
CVE-2013-5454 1 Ibm 1 Websphere Portal 2025-04-11 N/A
IBM WebSphere Portal 6.0 through 6.0.1.7, 6.1.0 through 6.1.0.6 CF27, 6.1.5 through 6.1.5.3 CF27, 7.0 through 7.0.0.2 CF25, and 8.0 through 8.0.0.1 CF08 allows remote attackers to read arbitrary files via a modified URL.
CVE-2013-5462 1 Ibm 1 Content Navigator 2025-04-11 N/A
IBM/ECMClient/configure/explodedformat/navigator/header.jsp in IBM Content Navigator 2.0.0, 2.0.1 before 2.0.1.2-ICN-FP002, and 2.0.2 before 2.0.2.1-ICN-FP001 allows remote attackers to conduct clickjacking attacks via vectors involving FRAME elements.
CVE-2013-5490 1 Cisco 1 Prime Data Center Network Manager 2025-04-11 N/A
Cisco Prime Data Center Network Manager (DCNM) before 6.2(1) allows remote attackers to read arbitrary text files via an XML external entity declaration in conjunction with an entity reference, related to an XML External Entity (XXE) issue, aka Bug ID CSCud80148.
CVE-2013-5493 1 Cisco 2 Virtualization Experience Client 6000, Virtualization Experience Client 6000 Series Firmware 2025-04-11 N/A
The diagnostic module in the firmware on Cisco Virtualization Experience Client 6000 devices allows local users to bypass intended access restrictions and execute arbitrary commands via unspecified vectors, aka Bug ID CSCug68407.
CVE-2013-5496 1 Cisco 1 Nx-os 2025-04-11 N/A
Open Network Environment Platform (ONEP) in Cisco NX-OS allows remote authenticated users to cause a denial of service (network-element reload) via a crafted packet, aka Bug ID CSCui51551.
CVE-2013-5498 1 Cisco 1 Ios Xr 2025-04-11 N/A
The PPTP-ALG component in CRS Carrier Grade Services Engine (CGSE) and ASR 9000 Integrated Service Module (ISM) in Cisco IOS XR allows remote attackers to cause a denial of service (module reset) via crafted packet streams, aka Bug ID CSCue91963.
CVE-2013-5526 1 Cisco 2 Unified Ip Phone 9951, Unified Ip Phone 9971 2025-04-11 N/A
Cisco 9900 fourth-generation IP phones do not properly perform SDP negotiation, which allows remote attackers to cause a denial of service (device reboot) via crafted SDP packets, aka Bug ID CSCuf06698.
CVE-2013-5527 1 Cisco 2 Ios, Ios Xe 2025-04-11 N/A
The OSPF functionality in Cisco IOS and IOS XE allows remote attackers to cause a denial of service (device reload) via crafted options in an LSA type 11 packet, aka Bug ID CSCui21030.
CVE-2013-5529 1 Cisco 1 Webex Meetings Server 2025-04-11 N/A
The deployment module in the server in Cisco WebEx Meeting Center does not properly validate the passphrase, which allows remote attackers to launch a deployment or cause a denial of service (deployment interruption) via a direct request, aka Bug ID CSCuf52200.
CVE-2013-5532 1 Cisco 3 Unified Ip Phone 9951, Unified Ip Phone 9971, Unified Ip Phones 9900 Series Firmware 2025-04-11 N/A
Buffer overflow in the web-application interface on Cisco 9900 IP phones allows remote attackers to cause a denial of service (webapp interface outage) via long values in unspecified fields, aka Bug ID CSCuh10343.
CVE-2013-5533 1 Cisco 3 Unified Ip Phone 9951, Unified Ip Phone 9971, Unified Ip Phones 9900 Series Firmware 2025-04-11 N/A
The image-upgrade functionality on Cisco 9900 Unified IP phones allows local users to gain privileges by placing shell commands in an unspecified parameter, aka Bug ID CSCuh10334.
CVE-2013-5537 1 Cisco 3 Content Security Management Appliance, Email Security Appliance Firmware, Web Security Appliance 2025-04-11 N/A
The web framework on Cisco Web Security Appliance (WSA), Email Security Appliance (ESA), and Content Security Management Appliance (SMA) devices does not properly manage the state of HTTP and HTTPS sessions, which allows remote attackers to cause a denial of service (management GUI outage) via multiple TCP connections, aka Bug IDs CSCuj59411, CSCuf89818, and CSCuh05635.
CVE-2013-5560 1 Cisco 1 Adaptive Security Appliance Software 2025-04-11 N/A
The IPv6 implementation in Cisco Adaptive Security Appliance (ASA) Software 9.1.3 and earlier, when NAT64 or NAT66 is enabled, does not properly process NAT rules, which allows remote attackers to cause a denial of service (device reload) via crafted packets, aka Bug ID CSCue34342.
CVE-2013-5561 1 Cisco 1 Adaptive Security Appliance Cx Context-aware Security Software 2025-04-11 N/A
The Safe Search enforcement feature in Cisco Adaptive Security Appliance (ASA) CX Context-Aware Security Software does not properly perform filtering, which allows remote attackers to bypass intended policy restrictions via unspecified vectors, aka Bug ID CSCui94622.
CVE-2013-5568 1 Cisco 1 Adaptive Security Appliance Software 2025-04-11 N/A
The auto-update implementation in Cisco Adaptive Security Appliance (ASA) Software 9.0.3.6 and earlier allows remote attackers to cause a denial of service (device reload) via crafted update data, aka Bug ID CSCui33308.
CVE-2013-5576 1 Joomla 1 Joomla\! 2025-04-11 N/A
administrator/components/com_media/helpers/media.php in the media manager in Joomla! 2.5.x before 2.5.14 and 3.x before 3.1.5 allows remote authenticated users or remote attackers to bypass intended access restrictions and upload files with dangerous extensions via a filename with a trailing . (dot), as exploited in the wild in August 2013.
CVE-2013-5580 1 Barton 1 Ngircd 2025-04-11 N/A
The (1) Conn_StartLogin and (2) cb_Read_Resolver_Result functions in conn.c in ngIRCd 18 through 20.2, when the configuration option NoticeAuth is enabled, does not properly handle the return code for the Handle_Write function, which allows remote attackers to cause a denial of service (assertion failure and server crash) via unspecified vectors, related to a "notice auth" message not being sent to a new client.
CVE-2013-6283 1 Videolan 1 Vlc Media Player 2025-04-11 N/A
VideoLAN VLC Media Player 2.0.8 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long string in a URL in a m3u file.