Total
27847 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2013-3763 | 1 Oracle | 1 Fusion Middleware | 2013-09-11 | 5.5 MEDIUM | N/A |
| Unspecified vulnerability in the Oracle Endeca Server component in Oracle Fusion Middleware 7.4.0 and 7.5.1.1 allows remote authenticated users to affect confidentiality and integrity via unknown vectors, a different vulnerability than CVE-2013-3764. | |||||
| CVE-2013-4139 | 2 Drupal, Stage File Proxy Project | 2 Drupal, Stage File Proxy | 2013-08-29 | 5.0 MEDIUM | N/A |
| The Stage File Proxy module 7.x-1.x before 7.x-1.4 for Drupal allows remote attackers to cause a denial of service (file operations performance degradation and failure) via a large number of requests. | |||||
| CVE-2013-0232 | 1 Zoneminder | 1 Zoneminder | 2013-08-29 | 7.5 HIGH | N/A |
| includes/functions.php in ZoneMinder Video Server 1.24.0, 1.25.0, and earlier allows remote attackers to execute arbitrary commands via shell metacharacters in the (1) runState parameter in the packageControl function; or (2) key or (3) command parameter in the setDeviceStatusX10 function. | |||||
| CVE-2013-3369 | 1 Bestpractical | 1 Rt | 2013-08-27 | 6.0 MEDIUM | N/A |
| Request Tracker (RT) 3.8.x before 3.8.17 and 4.0.x before 4.0.13 allows remote authenticated users with the permissions to view the administration pages to execute arbitrary private components via unspecified vectors. | |||||
| CVE-2013-3374 | 1 Bestpractical | 1 Rt | 2013-08-26 | 4.3 MEDIUM | N/A |
| Unspecified vulnerability in Request Tracker (RT) 3.8.x before 3.8.17 and 4.0.x before 4.0.13, when using the Apache::Session::File session store, allows remote attackers to obtain sensitive information (user preferences and caches) via unknown vectors, related to a "limited session re-use." | |||||
| CVE-2013-4805 | 1 Hp | 1 Integrated Lights-out Firmware | 2013-08-22 | 9.0 HIGH | N/A |
| Unspecified vulnerability in HP Integrated Lights-Out 3 (aka iLO3) firmware before 1.60 and 4 (aka iLO4) firmware before 1.30 allows remote attackers to bypass authentication via unknown vectors. | |||||
| CVE-2013-4688 | 1 Juniper | 13 Junos, Srx100, Srx110 and 10 more | 2013-08-22 | 7.8 HIGH | N/A |
| flowd in Juniper Junos 10.4 before 10.4R11 on SRX devices, when the MSRPC Application Layer Gateway (ALG) is enabled, allows remote attackers to cause a denial of service (daemon crash) via crafted MSRPC requests, aka PR 772834. | |||||
| CVE-2013-4687 | 1 Juniper | 13 Junos, Srx100, Srx110 and 10 more | 2013-08-22 | 7.8 HIGH | N/A |
| flowd in Juniper Junos 10.4 before 10.4S14, 11.2 and 11.4 before 11.4R6-S2, and 12.1 before 12.1R6 on SRX devices, when certain Application Layer Gateways (ALGs) are enabled, allows remote attackers to cause a denial of service (daemon crash) via crafted TCP packets, aka PRs 727980, 806269, and 835593. | |||||
| CVE-2013-4686 | 1 Juniper | 1 Junos | 2013-08-22 | 7.1 HIGH | N/A |
| The kernel in Juniper Junos 10.4 before 10.4R14, 11.4 before 11.4R8, 11.4X27 before 11.4X27.43, 12.1 before 12.1R6, 12.1X44 before 12.1X44-D20, 12.2 before 12.2R4, and 12.3 before 12.3R2, in certain VLAN configurations with unrestricted arp-resp and proxy-arp settings, allows remote attackers to cause a denial of service (device crash) via a crafted ARP request, aka PR 842091. | |||||
| CVE-2013-4684 | 1 Juniper | 13 Junos, Srx100, Srx110 and 10 more | 2013-08-22 | 7.8 HIGH | N/A |
| flowd in Juniper Junos 10.4 before 10.4S14, 11.4 before 11.4R8, 12.1 before 12.1R7, and 12.1X44 before 12.1X44-D15 on SRX devices, when PIM and NAT are enabled, allows remote attackers to cause a denial of service (daemon crash) via crafted PIM packets, aka PR 842253. | |||||
| CVE-2013-3779 | 1 Oracle | 2 Virtualization, Vm Virtualbox | 2013-08-22 | 7.5 HIGH | N/A |
| Unspecified vulnerability in the Secure Global Desktop component in Oracle Virtualization All 4.6 releases including 4.63 and 4.7 prior to 4.71 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Web UI. | |||||
| CVE-2013-3764 | 1 Oracle | 1 Fusion Middleware | 2013-08-22 | 5.5 MEDIUM | N/A |
| Unspecified vulnerability in the Oracle Endeca Server component in Oracle Fusion Middleware 7.4.0 and 7.5.1.1 allows remote authenticated users to affect confidentiality and integrity via unknown vectors, a different vulnerability than CVE-2013-3763. | |||||
| CVE-2013-3747 | 1 Oracle | 1 E-business Suite | 2013-08-22 | 4.0 MEDIUM | N/A |
| Unspecified vulnerability in the Oracle Applications Technology Stack component in Oracle E-Business Suite 11.5.10.2, 12.0.6, and 12.1.3 allows remote authenticated users to affect confidentiality via unknown vectors related to Client System Analyzer. | |||||
| CVE-2012-4419 | 1 Torproject | 1 Tor | 2013-08-22 | 5.0 MEDIUM | N/A |
| The compare_tor_addr_to_addr_policy function in or/policies.c in Tor before 0.2.2.39, and 0.2.3.x before 0.2.3.21-rc, allows remote attackers to cause a denial of service (assertion failure and daemon exit) via a zero-valued port field that is not properly handled during policy comparison. | |||||
| CVE-2013-3411 | 1 Cisco | 2 Idsm-2, Intrusion Prevention System | 2013-08-20 | 7.8 HIGH | N/A |
| The IDSM-2 drivers in Cisco Intrusion Prevention System (IPS) Software on Cisco Catalyst 6500 devices with an IDSM-2 module allow remote attackers to cause a denial of service (device hang) via malformed IPv4 TCP packets, aka Bug ID CSCuh27460. | |||||
| CVE-2013-0149 | 1 Cisco | 7 Asa 5500, Fwsm, Ios and 4 more | 2013-08-13 | 5.8 MEDIUM | N/A |
| The OSPF implementation in Cisco IOS 12.0 through 12.4 and 15.0 through 15.3, IOS-XE 2.x through 3.9.xS, ASA and PIX 7.x through 9.1, FWSM, NX-OS, and StarOS before 14.0.50488 does not properly validate Link State Advertisement (LSA) type 1 packets before performing operations on the LSA database, which allows remote attackers to cause a denial of service (routing disruption) or obtain sensitive packet information via a (1) unicast or (2) multicast packet, aka Bug IDs CSCug34485, CSCug34469, CSCug39762, CSCug63304, and CSCug39795. | |||||
| CVE-2007-5509 | 1 Oracle | 1 Database Server | 2013-08-09 | 6.5 MEDIUM | N/A |
| Unspecified vulnerability in the Spatial component in Oracle Database 9.2.0.8 and 9.2.0.8DV has unknown impact and remote attack vectors, aka DB06. | |||||
| CVE-2013-4652 | 1 Siemens | 17 Scalance W700 Series Firmware, Scalance W744-1, Scalance W744-1pro and 14 more | 2013-08-01 | 10.0 HIGH | N/A |
| Unspecified vulnerability in the command-line management interface on Siemens Scalance W7xx devices with firmware before 4.5.4 allows remote attackers to bypass authentication and execute arbitrary code via a (1) SSH or (2) TELNET connection. | |||||
| CVE-2012-3913 | 1 Cisco | 2 Vc240 Network Bullet Camera, Video Surveillance Vc220 Network Dome Camera | 2013-08-01 | 5.0 MEDIUM | N/A |
| The Cisco VC220 and VC240 cameras allow remote attackers to cause a denial of service (WebUI outage) via crafted packets, aka Bug IDs CSCtf73188, CSCtf88059, CSCtf87951, CSCtf87908, and CSCtf88019. | |||||
| CVE-2013-4697 | 1 Hitachi | 3 It Operations Director, Job Management Partner 1\/it Desktop Management-manager, Jp1\/it Desktop Management-manager | 2013-07-31 | 9.0 HIGH | N/A |
| Multiple unspecified vulnerabilities in Hitachi JP1/IT Desktop Management - Manager 09-50 through 09-50-03, 09-51 through 09-51-05, 10-00 through 10-00-02, and 10-01 through 10-01-02; Hitachi Job Management Partner 1/IT Desktop Management - Manager 09-50 through 09-50-03 and 10-01; and Hitachi IT Operations Director 02-50 through 02-50-07, 03-00 through 03-00-12, and 04-00 through 04-00-01 allow remote authenticated users to gain privileges via unknown vectors. | |||||