Total
12273 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2013-1811 | 2 Debian, Mantisbt | 2 Debian Linux, Mantisbt | 2024-11-21 | 4.3 Medium |
| An access control issue in MantisBT before 1.2.13 allows users with "Reporter" permissions to change any issue to "New". | ||||
| CVE-2013-1751 | 1 Twiki | 1 Twiki | 2024-11-21 | 9.8 Critical |
| TWiki before 5.1.4 allows remote attackers to execute arbitrary shell commands by sending a crafted '%MAKETEXT{}%' parameter value containing Perl backtick characters. | ||||
| CVE-2013-1689 | 1 Mozilla | 1 Firefox | 2024-11-21 | 6.5 Medium |
| Mozilla Firefox 20.0a1 and earlier allows remote attackers to cause a denial of service (crash), related to event handling with frames. | ||||
| CVE-2013-1607 | 1 Pdfkit Project | 1 Pdfkit | 2024-11-21 | 9.8 Critical |
| Ruby PDFKit gem prior to 0.5.3 has a Code Execution Vulnerability | ||||
| CVE-2013-0342 | 1 Pyrad Project | 1 Pyrad | 2024-11-21 | 4.3 Medium |
| The CreateID function in packet.py in pyrad before 2.1 uses sequential packet IDs, which makes it easier for remote attackers to spoof packets by predicting the next ID, a different vulnerability than CVE-2013-0294. | ||||
| CVE-2013-0267 | 1 Apache | 1 Vcl | 2024-11-21 | N/A |
| The Privileges portion of the web GUI and the XMLRPC API in Apache VCL 2.3.x before 2.3.2, 2.2.x before 2.2.2 and 2.1 allow remote authenticated users with nodeAdmin, manageGroup, resourceGrant, or userGrant permissions to gain privileges, cause a denial of service, or conduct cross-site scripting (XSS) attacks by leveraging improper data validation. | ||||
| CVE-2013-0243 | 1 Haskell | 1 Hs-tls | 2024-11-21 | 7.4 High |
| haskell-tls-extra before 0.6.1 has Basic Constraints attribute vulnerability may lead to Man in the Middle attacks on TLS connections | ||||
| CVE-2013-0180 | 1 Redislabs | 1 Redis | 2024-11-21 | 5.5 Medium |
| Insecure temporary file vulnerability in Redis 2.6 related to /tmp/redis.ds. | ||||
| CVE-2013-0178 | 1 Redislabs | 1 Redis | 2024-11-21 | 5.5 Medium |
| Insecure temporary file vulnerability in Redis before 2.6 related to /tmp/redis-%p.vm. | ||||
| CVE-2013-0165 | 1 Redhat | 1 Openshift | 2024-11-21 | 7.3 High |
| cartridges/openshift-origin-cartridge-mongodb-2.2/info/bin/dump.sh in OpenShift does not properly create files in /tmp. | ||||
| CVE-2012-6135 | 2 Phusion, Redhat | 2 Passenger, Openshift | 2024-11-21 | 7.5 High |
| RubyGems passenger 4.0.0 betas 1 and 2 allows remote attackers to delete arbitrary files during the startup process. | ||||
| CVE-2012-6125 | 1 Call-cc | 1 Chicken | 2024-11-21 | 9.8 Critical |
| Chicken before 4.8.0 is susceptible to algorithmic complexity attacks related to hash table collisions. | ||||
| CVE-2012-6123 | 2 Call-cc, Debian | 2 Chicken, Debian Linux | 2024-11-21 | 6.5 Medium |
| Chicken before 4.8.0 does not properly handle NUL bytes in certain strings, which allows an attacker to conduct "poisoned NUL byte attack." | ||||
| CVE-2012-6111 | 2 Debian, Gnome | 2 Debian Linux, Gnome Keyring | 2024-11-21 | 7.5 High |
| gnome-keyring does not discard stored secrets when using gnome_keyring_lock_all_sync function | ||||
| CVE-2012-6070 | 1 Falconpl | 1 Falconpl | 2024-11-21 | 7.5 High |
| Falconpl before 0.9.6.9-git20120606 misuses the libcurl API which may allow remote attackers to interfere with security checks. | ||||
| CVE-2012-5699 | 1 Babygekko | 1 Babygekko | 2024-11-21 | 9.8 Critical |
| BabyGekko before 1.2.4 allows PHP file inclusion. | ||||
| CVE-2012-5582 | 1 Opendnssec | 1 Opendnssec | 2024-11-21 | 9.8 Critical |
| opendnssec misuses libcurl API | ||||
| CVE-2012-5360 | 1 Ffmpeg | 1 Ffmpeg | 2024-11-21 | N/A |
| Libavcodec in FFmpeg before 0.11 allows remote attackers to execute arbitrary code via a crafted QT file. | ||||
| CVE-2012-5359 | 1 Ffmpeg | 1 Ffmpeg | 2024-11-21 | N/A |
| Libavcodec in FFmpeg before 0.11 allows remote attackers to execute arbitrary code via a crafted ASF file. | ||||
| CVE-2012-4603 | 2 Citrix, Microsoft | 3 Receiver, Xenapp Online, Windows | 2024-11-21 | 7.8 High |
| Citrix XenApp Online Plug-in for Windows 12.1 and earlier, and Citrix Receiver for Windows 3.2 and earlier could allow remote attackers to execute arbitrary code by convincing a target to open a specially crafted file from an SMB or WebDAV fileserver. | ||||