CVE List - 2013 / December
Showing 401 - 484 of 484 CVEs for December 2013 (Page 5 of 5)
| CVE ID | Date | Title |
|---|---|---|
| CVE-2013-2629 | 2013-12-23 | Leed (Light Feed), possibly before 1.5 Stable, allows remote attackers... |
| CVE-2013-4404 | 2013-12-23 | cumin in Red Hat Enterprise MRG Grid 2.4 does not... |
| CVE-2013-4405 | 2013-12-23 | Multiple cross-site request forgery (CSRF) vulnerabilities in the web interface... |
| CVE-2013-4414 | 2013-12-23 | Cross-site scripting (XSS) vulnerability in the web interface for cumin... |
| CVE-2013-4461 | 2013-12-23 | SQL injection vulnerability in the web interface for cumin in... |
| CVE-2013-4549 | 2013-12-23 | QXmlSimpleReader in Qt before 5.2 allows context-dependent attackers to cause... |
| CVE-2013-5420 | 2013-12-23 | The IMS server before Ifix 6 in IBM Security Access... |
| CVE-2013-6422 | 2013-12-23 | The GnuTLS backend in libcurl 7.21.4 through 7.33.0, when disabling... |
| CVE-2013-6439 | 2013-12-23 | Candlepin in Red Hat Subscription Asset Manager 1.0 through 1.3... |
| CVE-2013-6449 | 2013-12-23 | The ssl_get_algorithm2 function in ssl/s3_lib.c in OpenSSL before 1.0.2 obtains... |
| CVE-2013-6890 | 2013-12-23 | denyhosts 2.6 uses an incorrect regular expression when analyzing authentication... |
| CVE-2013-6979 | 2013-12-23 | The VTY authentication implementation in Cisco IOS XE 03.02.xxSE and... |
| CVE-2013-3709 | 2013-12-23 | WebYaST 1.3 uses weak permissions for config/initializers/secret_token.rb, which allows local... |
| CVE-2013-4424 | 2013-12-23 | Multiple cross-site scripting (XSS) vulnerabilities in the GateIn Portal component... |
| CVE-2013-7049 | 2013-12-23 | Stack-based buffer overflow in fish.cpp in the Fish plugin for... |
| CVE-2013-7073 | 2013-12-23 | The Content Editing Wizards component in TYPO3 4.5.0 through 4.5.31,... |
| CVE-2013-7075 | 2013-12-23 | The Content Editing Wizards component in TYPO3 4.5.0 through 4.5.31,... |
| CVE-2013-7079 | 2013-12-23 | Open redirect vulnerability in the OpenID extension in TYPO3 4.5.0... |
| CVE-2013-7080 | 2013-12-23 | The creating record functionality in Extension table administration library (feuser_adminLib.inc)... |
| CVE-2013-7081 | 2013-12-23 | The (old) Form Content Element component in TYPO3 4.5.0 through... |
| CVE-2013-7102 | 2013-12-23 | Multiple unrestricted file upload vulnerabilities in (1) media-upload.php, (2) media-upload-lncthumb.php,... |
| CVE-2013-4550 | 2013-12-24 | Bip before 0.8.9, when running as a daemon, writes SSL... |
| CVE-2013-6403 | 2013-12-24 | The admin page in ownCloud before 5.0.13 allows remote attackers... |
| CVE-2013-6795 | 2013-12-24 | The Updater in Rackspace Openstack Windows Guest Agent for XenServer... |
| CVE-2011-5268 | 2013-12-24 | connection.c in Bip before 0.8.9 does not properly close sockets,... |
| CVE-2013-4358 | 2013-12-24 | libavcodec/h264.c in FFmpeg before 0.11.4 allows remote attackers to cause... |
| CVE-2013-4452 | 2013-12-24 | Red Hat JBoss Operations Network 3.1.2 uses world-readable permissions for... |
| CVE-2013-4553 | 2013-12-24 | The XEN_DOMCTL_getmemlist hypercall in Xen 3.4.x through 4.3.x (possibly 4.3.1)... |
| CVE-2013-4554 | 2013-12-24 | Xen 3.0.3 through 4.1.x (possibly 4.1.6.1), 4.2.x (possibly 4.2.3), and... |
| CVE-2012-6618 | 2013-12-24 | The av_probe_input_buffer function in libavformat/utils.c in FFmpeg before 1.0.2, when... |
| CVE-2013-6387 | 2013-12-24 | Cross-site scripting (XSS) vulnerability in the Image module in Drupal... |
| CVE-2013-6388 | 2013-12-24 | Cross-site scripting (XSS) vulnerability in the Color module in Drupal... |
| CVE-2012-6615 | 2013-12-24 | The ff_ass_split_override_codes function in libavcodec/ass_split.c in FFmpeg before 1.0.2 allows... |
| CVE-2012-6616 | 2013-12-24 | The mov_text_decode_frame function in libavcodec/movtextdec.c in FFmpeg before 1.0.2 allows... |
| CVE-2012-6617 | 2013-12-24 | The prepare_sdp_description function in ffserver.c in FFmpeg before 1.0.2 allows... |
| CVE-2013-7216 | 2013-12-24 | Multiple SQL injection vulnerabilities in Classifieds Creator 2.0 allow remote... |
| CVE-2013-7217 | 2013-12-26 | Unspecified vulnerability in Zimbra Collaboration Server 7.2.5 and earlier, and... |
| CVE-2010-0430 | 2013-12-27 | libspice, as used in QEMU-KVM in Red Hat Enterprise Virtualization... |
| CVE-2010-1819 | 2013-12-27 | Untrusted search path vulnerability in the Picture Viewer in Apple... |
| CVE-2011-2519 | 2013-12-27 | Xen in the Linux kernel, when running a guest on... |
| CVE-2013-2030 | 2013-12-27 | keystone/middleware/auth_token.py in OpenStack Nova Folsom, Grizzly, and Havana uses an... |
| CVE-2013-2179 | 2013-12-27 | X.Org xdm 1.1.10, 1.1.11, and possibly other versions, when performing... |
| CVE-2013-1096 | 2013-12-28 | Cross-site scripting (XSS) vulnerability in the Roles Based Provisioning Module... |
| CVE-2013-6006 | 2013-12-28 | Cybozu Garoon 3.5 through 3.7 SP2 allows remote attackers to... |
| CVE-2013-6181 | 2013-12-28 | EMC Watch4Net before 6.3 stores cleartext polled-device passwords in the... |
| CVE-2013-6182 | 2013-12-28 | Unquoted Windows search path vulnerability in EMC Replication Manager before... |
| CVE-2013-6808 | 2013-12-28 | Cross-site scripting (XSS) vulnerability in lib/NSSDropoff.php in ZendTo before 4.11-13... |
| CVE-2013-6812 | 2013-12-28 | The ONEDC app before 1.7 for iOS does not properly... |
| CVE-2013-6886 | 2013-12-28 | RealVNC VNC 5.0.6 on Mac OS X, Linux, and UNIX... |
| CVE-2013-6929 | 2013-12-28 | SQL injection vulnerability in Cybozu Garoon 3.7 SP2 and earlier... |
| CVE-2013-6932 | 2013-12-28 | Buffer overflow in IrfanView before 4.37, when a multibyte-character directory... |
| CVE-2013-6981 | 2013-12-28 | Cisco IOS XE 3.7S(.1) and earlier allows remote attackers to... |
| CVE-2013-7149 | 2013-12-28 | SQL injection vulnerability in www/delivery/axmlrpc.php (aka the XML-RPC delivery invocation... |
| CVE-2013-2504 | 2013-12-29 | Cross-site scripting (XSS) vulnerability in SPS/Portal/default.aspx in Service Desk in... |
| CVE-2013-3846 | 2013-12-29 | Use-after-free vulnerability in Microsoft Internet Explorer 9 and 10 allows... |
| CVE-2013-5583 | 2013-12-29 | Cross-site scripting (XSS) vulnerability in libraries/idna_convert/example.php in Joomla! 3.1.5 allows... |
| CVE-2013-6189 | 2013-12-29 | Unspecified vulnerability in the Archive Query Server in HP Application... |
| CVE-2013-6197 | 2013-12-29 | Unspecified vulnerability in HP Service Manager WebTier and Windows Client... |
| CVE-2013-6198 | 2013-12-29 | Cross-site scripting (XSS) vulnerability in HP Service Manager WebTier and... |
| CVE-2013-4858 | 2013-12-30 | Microsoft Windows Movie Maker 2.1.4026.0 on Windows XP SP3 allows... |
| CVE-2013-5037 | 2013-12-30 | The HOT HOTBOX router with software 2.1.11 has a default... |
| CVE-2013-5038 | 2013-12-30 | The HOT HOTBOX router with software 2.1.11 allows remote attackers... |
| CVE-2013-5039 | 2013-12-30 | Cross-site request forgery (CSRF) vulnerability in goform/wlanBasicSecurity on the HOT... |
| CVE-2013-5210 | 2013-12-30 | Cross-site scripting (XSS) vulnerability in the GUI login page in... |
| CVE-2013-5218 | 2013-12-30 | Cross-site scripting (XSS) vulnerability on the HOT HOTBOX router with... |
| CVE-2013-5219 | 2013-12-30 | Directory traversal vulnerability on the HOT HOTBOX router with software... |
| CVE-2013-5220 | 2013-12-30 | goform/login on the HOT HOTBOX router with software 2.1.11 allows... |
| CVE-2013-5222 | 2013-12-30 | Multiple cross-site scripting (XSS) vulnerabilities in ESRI ArcGIS for Server... |
| CVE-2013-7231 | 2013-12-30 | Cross-site scripting (XSS) vulnerability in the Mobile Content Server in... |
| CVE-2013-7232 | 2013-12-30 | SQL injection vulnerability in ESRI ArcGIS for Server through 10.2... |
| CVE-2013-7233 | 2013-12-30 | Cross-site request forgery (CSRF) vulnerability in the retrospam component in... |
| CVE-2013-7209 | 2013-12-30 | Cross-site request forgery (CSRF) vulnerability in admBase/login.page in the Admin... |
| CVE-2013-6983 | 2013-12-31 | SQL injection vulnerability in the web interface in Cisco Unified... |
| CVE-2013-7241 | 2013-12-31 | Cross-site scripting (XSS) vulnerability in the export function in zp-core/zp-extensions/mergedRSS.php... |
| CVE-2013-7242 | 2013-12-31 | SQL injection vulnerability in zp-core/zp-extensions/wordpress_import.php in Zenphoto before 1.4.5.4 allows... |
| CVE-2013-5573 | 2013-12-31 | Cross-site scripting (XSS) vulnerability in the default markup formatter in... |
| CVE-2013-6459 | 2013-12-31 | Cross-site scripting (XSS) vulnerability in the will_paginate gem before 3.0.5... |
| CVE-2013-6987 | 2013-12-31 | Multiple directory traversal vulnerabilities in the FileBrowser components in Synology... |
| CVE-2012-0261 | 2013-12-31 | license.php in system-portal before 1.6.2 in op5 Monitor and op5... |
| CVE-2012-0262 | 2013-12-31 | op5config/welcome in system-op5config before 2.0.3 in op5 Monitor and op5... |
| CVE-2012-0263 | 2013-12-31 | monitor/index.php in op5 Monitor and op5 Appliance before 5.5.1 allows... |
| CVE-2012-0264 | 2013-12-31 | op5 Monitor and op5 Appliance before 5.5.0 do not properly... |
| CVE-2013-3572 | 2013-12-31 | Cross-site scripting (XSS) vulnerability in the administer interface in the... |
| CVE-2013-3667 | 2013-12-31 | The software update mechanism as used in Bare Bones Software... |