CVE List - 2013 / May
Showing 201 - 300 of 356 CVEs for May 2013 (Page 3 of 4)
| CVE ID | Date | Title |
|---|---|---|
| CVE-2013-2731 | 2013-05-16 | Adobe Reader and Acrobat 9.x before 9.5.5, 10.x before 10.1.7, and 11.x before 11.0.03 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified... |
| CVE-2013-2732 | 2013-05-16 | Adobe Reader and Acrobat 9.x before 9.5.5, 10.x before 10.1.7, and 11.x before 11.0.03 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified... |
| CVE-2013-2733 | 2013-05-16 | Buffer overflow in Adobe Reader and Acrobat 9.x before 9.5.5, 10.x before 10.1.7, and 11.x before 11.0.03 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than... |
| CVE-2013-2734 | 2013-05-16 | Adobe Reader and Acrobat 9.x before 9.5.5, 10.x before 10.1.7, and 11.x before 11.0.03 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified... |
| CVE-2013-2735 | 2013-05-16 | Adobe Reader and Acrobat 9.x before 9.5.5, 10.x before 10.1.7, and 11.x before 11.0.03 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified... |
| CVE-2013-2736 | 2013-05-16 | Adobe Reader and Acrobat 9.x before 9.5.5, 10.x before 10.1.7, and 11.x before 11.0.03 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified... |
| CVE-2013-2737 | 2013-05-16 | A JavaScript API in Adobe Reader and Acrobat 9.x before 9.5.5, 10.x before 10.1.7, and 11.x before 11.0.03 allows attackers to obtain sensitive information via unspecified vectors. |
| CVE-2013-3324 | 2013-05-16 | Adobe Flash Player before 10.3.183.86 and 11.x before 11.7.700.202 on Windows and Mac OS X, before 10.3.183.86 and 11.x before 11.2.202.285 on Linux, before 11.1.111.54 on Android 2.x and 3.x,... |
| CVE-2013-3325 | 2013-05-16 | Adobe Flash Player before 10.3.183.86 and 11.x before 11.7.700.202 on Windows and Mac OS X, before 10.3.183.86 and 11.x before 11.2.202.285 on Linux, before 11.1.111.54 on Android 2.x and 3.x,... |
| CVE-2013-3326 | 2013-05-16 | Adobe Flash Player before 10.3.183.86 and 11.x before 11.7.700.202 on Windows and Mac OS X, before 10.3.183.86 and 11.x before 11.2.202.285 on Linux, before 11.1.111.54 on Android 2.x and 3.x,... |
| CVE-2013-3327 | 2013-05-16 | Adobe Flash Player before 10.3.183.86 and 11.x before 11.7.700.202 on Windows and Mac OS X, before 10.3.183.86 and 11.x before 11.2.202.285 on Linux, before 11.1.111.54 on Android 2.x and 3.x,... |
| CVE-2013-3328 | 2013-05-16 | Adobe Flash Player before 10.3.183.86 and 11.x before 11.7.700.202 on Windows and Mac OS X, before 10.3.183.86 and 11.x before 11.2.202.285 on Linux, before 11.1.111.54 on Android 2.x and 3.x,... |
| CVE-2013-3329 | 2013-05-16 | Adobe Flash Player before 10.3.183.86 and 11.x before 11.7.700.202 on Windows and Mac OS X, before 10.3.183.86 and 11.x before 11.2.202.285 on Linux, before 11.1.111.54 on Android 2.x and 3.x,... |
| CVE-2013-3330 | 2013-05-16 | Adobe Flash Player before 10.3.183.86 and 11.x before 11.7.700.202 on Windows and Mac OS X, before 10.3.183.86 and 11.x before 11.2.202.285 on Linux, before 11.1.111.54 on Android 2.x and 3.x,... |
| CVE-2013-3331 | 2013-05-16 | Adobe Flash Player before 10.3.183.86 and 11.x before 11.7.700.202 on Windows and Mac OS X, before 10.3.183.86 and 11.x before 11.2.202.285 on Linux, before 11.1.111.54 on Android 2.x and 3.x,... |
| CVE-2013-3332 | 2013-05-16 | Adobe Flash Player before 10.3.183.86 and 11.x before 11.7.700.202 on Windows and Mac OS X, before 10.3.183.86 and 11.x before 11.2.202.285 on Linux, before 11.1.111.54 on Android 2.x and 3.x,... |
| CVE-2013-3333 | 2013-05-16 | Adobe Flash Player before 10.3.183.86 and 11.x before 11.7.700.202 on Windows and Mac OS X, before 10.3.183.86 and 11.x before 11.2.202.285 on Linux, before 11.1.111.54 on Android 2.x and 3.x,... |
| CVE-2013-3334 | 2013-05-16 | Adobe Flash Player before 10.3.183.86 and 11.x before 11.7.700.202 on Windows and Mac OS X, before 10.3.183.86 and 11.x before 11.2.202.285 on Linux, before 11.1.111.54 on Android 2.x and 3.x,... |
| CVE-2013-3335 | 2013-05-16 | Adobe Flash Player before 10.3.183.86 and 11.x before 11.7.700.202 on Windows and Mac OS X, before 10.3.183.86 and 11.x before 11.2.202.285 on Linux, before 11.1.111.54 on Android 2.x and 3.x,... |
| CVE-2013-3337 | 2013-05-16 | Adobe Reader and Acrobat 9.x before 9.5.5, 10.x before 10.1.7, and 11.x before 11.0.03 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified... |
| CVE-2013-3338 | 2013-05-16 | Adobe Reader and Acrobat 9.x before 9.5.5, 10.x before 10.1.7, and 11.x before 11.0.03 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified... |
| CVE-2013-3339 | 2013-05-16 | Adobe Reader and Acrobat 9.x before 9.5.5, 10.x before 10.1.7, and 11.x before 11.0.03 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified... |
| CVE-2013-3340 | 2013-05-16 | Adobe Reader and Acrobat 9.x before 9.5.5, 10.x before 10.1.7, and 11.x before 11.0.03 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified... |
| CVE-2013-3341 | 2013-05-16 | Adobe Reader and Acrobat 9.x before 9.5.5, 10.x before 10.1.7, and 11.x before 11.0.03 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified... |
| CVE-2013-3342 | 2013-05-16 | Adobe Reader and Acrobat 9.x before 9.5.5, 10.x before 10.1.7, and 11.x before 11.0.03 do not properly handle operating-system domain blacklists, which has unspecified impact and attack vectors. |
| CVE-2013-1675 | 2013-05-16 | Mozilla Firefox before 21.0, Firefox ESR 17.x before 17.0.6, Thunderbird before 17.0.6, and Thunderbird ESR 17.x before 17.0.6 do not properly initialize data structures for the nsDOMSVGZoomEvent::mPreviousScale and nsDOMSVGZoomEvent::mNewScale functions,... |
| CVE-2013-2729 | 2013-05-16 | Integer overflow in Adobe Reader and Acrobat 9.x before 9.5.5, 10.x before 10.1.7, and 11.x before 11.0.03 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than... |
| CVE-2013-1389 | 2013-05-16 | Unspecified vulnerability in Adobe ColdFusion 9.0 before Update 11, 9.0.1 before Update 10, 9.0.2 before Update 5, and 10 before Update 10 allows remote attackers to execute arbitrary code via... |
| CVE-2013-0991 | 2013-05-19 | WebKit, as used in Apple iTunes before 11.0.3, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to... |
| CVE-2013-0992 | 2013-05-19 | WebKit, as used in Apple iTunes before 11.0.3, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to... |
| CVE-2013-0993 | 2013-05-19 | WebKit, as used in Apple iTunes before 11.0.3, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to... |
| CVE-2013-0994 | 2013-05-19 | WebKit, as used in Apple iTunes before 11.0.3, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to... |
| CVE-2013-0995 | 2013-05-19 | WebKit, as used in Apple iTunes before 11.0.3, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to... |
| CVE-2013-0996 | 2013-05-19 | WebKit, as used in Apple iTunes before 11.0.3, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to... |
| CVE-2013-0997 | 2013-05-19 | WebKit, as used in Apple iTunes before 11.0.3, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to... |
| CVE-2013-0998 | 2013-05-19 | WebKit, as used in Apple iTunes before 11.0.3, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to... |
| CVE-2013-0999 | 2013-05-19 | WebKit, as used in Apple iTunes before 11.0.3, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to... |
| CVE-2013-1000 | 2013-05-19 | WebKit, as used in Apple iTunes before 11.0.3, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to... |
| CVE-2013-1001 | 2013-05-19 | WebKit, as used in Apple iTunes before 11.0.3, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to... |
| CVE-2013-1002 | 2013-05-19 | WebKit, as used in Apple iTunes before 11.0.3, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to... |
| CVE-2013-1003 | 2013-05-19 | WebKit, as used in Apple iTunes before 11.0.3, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to... |
| CVE-2013-1004 | 2013-05-19 | WebKit, as used in Apple iTunes before 11.0.3, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to... |
| CVE-2013-1005 | 2013-05-19 | WebKit, as used in Apple iTunes before 11.0.3, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to... |
| CVE-2013-1006 | 2013-05-19 | WebKit, as used in Apple iTunes before 11.0.3, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to... |
| CVE-2013-1007 | 2013-05-19 | WebKit, as used in Apple iTunes before 11.0.3, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to... |
| CVE-2013-1008 | 2013-05-19 | WebKit, as used in Apple iTunes before 11.0.3, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to... |
| CVE-2013-1010 | 2013-05-19 | WebKit, as used in Apple iTunes before 11.0.3, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to... |
| CVE-2013-1011 | 2013-05-19 | WebKit, as used in Apple iTunes before 11.0.3, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to... |
| CVE-2013-1014 | 2013-05-19 | Apple iTunes before 11.0.3 does not properly verify X.509 certificates, which allows man-in-the-middle attackers to spoof HTTPS servers via an arbitrary valid certificate. |
| CVE-2013-0145 | 2013-05-19 | Buffer overflow in the TFTPD service in Serva32 2.1.0 allows remote attackers to cause a denial of service (daemon crash) or possibly execute arbitrary code via a long string in... |
| CVE-2013-3270 | 2013-05-19 | EMC VNX Control Station before 7.1.70.2 and Celerra Control Station before 6.0.70.1 have an incorrect group ownership for unspecified script files, which allows local users to gain privileges by leveraging... |
| CVE-2007-6746 | 2013-05-21 | telepathy-idle before 0.1.15 does not verify (1) that the issuer is a trusted CA, (2) that the server hostname matches a domain name in the subject's Common Name (CN), or... |
| CVE-2012-6137 | 2013-05-21 | rhn-migrate-classic-to-rhsm tool in Red Hat subscription-manager does not verify the Red Hat Network Classic server's X.509 certificate when migrating to a Certificate-based Red Hat Network, which allows remote man-in-the-middle attackers... |
| CVE-2013-1964 | 2013-05-21 | Xen 4.0.x and 4.1.x incorrectly releases a grant reference when releasing a non-v1, non-transitive grant, which allows local guest administrators to cause a denial of service (host crash), obtain sensitive... |
| CVE-2013-2006 | 2013-05-21 | OpenStack Identity (Keystone) Grizzly 2013.1.1, when DEBUG mode logging is enabled, logs the (1) admin_token and (2) LDAP password in plaintext, which allows local users to obtain sensitive by reading... |
| CVE-2013-2007 | 2013-05-21 | The qemu guest agent in Qemu 1.4.1 and earlier, as used by Xen, when started in daemon mode, uses weak permissions for certain files, which allows local users to read... |
| CVE-2013-2059 | 2013-05-21 | OpenStack Identity (Keystone) Folsom 2012.2.4 and earlier, Grizzly before 2013.1.1, and Havana does not immediately revoke the authentication token when deleting a user through the Keystone v2 API, which allows... |
| CVE-2013-1977 | 2013-05-21 | OpenStack devstack uses world-readable permissions for keystone.conf, which allows local users to obtain sensitive information such as the LDAP password and admin_token secret by reading the file. |
| CVE-2013-2836 | 2013-05-22 | Multiple unspecified vulnerabilities in Google Chrome before 27.0.1453.93 allow attackers to cause a denial of service or possibly have other impact via unknown vectors. |
| CVE-2013-2837 | 2013-05-22 | Use-after-free vulnerability in the SVG implementation in Google Chrome before 27.0.1453.93 allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors. |
| CVE-2013-2838 | 2013-05-22 | Google V8, as used in Google Chrome before 27.0.1453.93, allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors. |
| CVE-2013-2839 | 2013-05-22 | Google Chrome before 27.0.1453.93 does not properly perform a cast of an unspecified variable during handling of clipboard data, which allows remote attackers to cause a denial of service or... |
| CVE-2013-2840 | 2013-05-22 | Use-after-free vulnerability in the media loader in Google Chrome before 27.0.1453.93 allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors, a... |
| CVE-2013-2841 | 2013-05-22 | Use-after-free vulnerability in Google Chrome before 27.0.1453.93 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to the handling of Pepper... |
| CVE-2013-2842 | 2013-05-22 | Use-after-free vulnerability in Google Chrome before 27.0.1453.93 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to the handling of widgets. |
| CVE-2013-2843 | 2013-05-22 | Use-after-free vulnerability in Google Chrome before 27.0.1453.93 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to the handling of speech... |
| CVE-2013-2844 | 2013-05-22 | Use-after-free vulnerability in the Cascading Style Sheets (CSS) implementation in Google Chrome before 27.0.1453.93 allows remote attackers to cause a denial of service or possibly have unspecified other impact via... |
| CVE-2013-2845 | 2013-05-22 | The Web Audio implementation in Google Chrome before 27.0.1453.93 allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via unknown vectors. |
| CVE-2013-2846 | 2013-05-22 | Use-after-free vulnerability in the media loader in Google Chrome before 27.0.1453.93 allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors, a... |
| CVE-2013-2847 | 2013-05-22 | Race condition in the workers implementation in Google Chrome before 27.0.1453.93 allows remote attackers to cause a denial of service (use-after-free and application crash) or possibly have unspecified other impact... |
| CVE-2013-2848 | 2013-05-22 | The XSS Auditor in Google Chrome before 27.0.1453.93 might allow remote attackers to obtain sensitive information via unspecified vectors. |
| CVE-2013-2849 | 2013-05-22 | Multiple cross-site scripting (XSS) vulnerabilities in Google Chrome before 27.0.1453.93 allow user-assisted remote attackers to inject arbitrary web script or HTML via vectors involving a (1) drag-and-drop or (2) copy-and-paste... |
| CVE-2013-0941 | 2013-05-22 | EMC RSA Authentication API before 8.1 SP1, RSA Web Agent before 5.3.5 for Apache Web Server, RSA Web Agent before 5.3.5 for IIS, RSA PAM Agent before 7.0, and RSA... |
| CVE-2013-0942 | 2013-05-22 | Cross-site scripting (XSS) vulnerability in EMC RSA Authentication Agent 7.1 before 7.1.1 for Web for Internet Information Services, and 7.1 before 7.1.1 for Web for Apache, allows remote attackers to... |
| CVE-2013-2311 | 2013-05-22 | Cross-site scripting (XSS) vulnerability in static/js/share.js (aka the social bookmarking widget) in Web2py before 2.3.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. |
| CVE-2013-3496 | 2013-05-22 | Infotecs ViPNet Client 3.2.10 (15632) and earlier, ViPNet Coordinator 3.2.10 (15632) and earlier, ViPNet Personal Firewall 3.1 and earlier, and ViPNet SafeDisk 4.1 (0.5643) and earlier use weak permissions (Everyone:... |
| CVE-2013-1204 | 2013-05-23 | Memory leak in the SNMP process in Cisco IOS XR allows remote attackers to cause a denial of service (memory consumption or process reload) by sending many port-162 UDP packets,... |
| CVE-2013-2781 | 2013-05-23 | Use-after-free vulnerability in the server application in 3S CODESYS Gateway 2.3.9.27 allows remote attackers to cause a denial of service (daemon crash) or possibly execute arbitrary code via unspecified vectors. |
| CVE-2012-6553 | 2013-05-23 | Heap-based buffer overflow in Resource Hacker 3.6.0.92 allows remote attackers to execute arbitrary code via a Portable Executable (PE) file with a resource section containing a string that has many... |
| CVE-2012-6554 | 2013-05-23 | functions/html_to_text.php in the Chat module before 1.5.2 for activeCollab allows remote authenticated users to execute arbitrary PHP code via the message[message_text] parameter to chat/add_messag, which is not properly handled when... |
| CVE-2012-6558 | 2013-05-23 | Heap-based buffer overflow in HeavenTools PE Explorer 1.99 R6 allows remote attackers to execute arbitrary code via the size value for a string in the resource section of a Portable... |
| CVE-2012-6559 | 2013-05-23 | Multiple cross-site scripting (XSS) vulnerabilities in FreeNAC 3.02 allow remote attackers to inject arbitrary web script or HTML via the (1) comment, (2) mac, (3) graphtype, (4) name, or (5)... |
| CVE-2012-6560 | 2013-05-23 | SQL injection vulnerability in deviceadd.php in FreeNAC 3.02 allows remote attackers to execute arbitrary SQL commands via the status parameter. |
| CVE-2012-6561 | 2013-05-23 | Cross-site scripting (XSS) vulnerability in engine/lib/views.php in Elgg before 1.8.5 allows remote attackers to inject arbitrary web script or HTML via the view parameter to index.php. NOTE: some of these... |
| CVE-2012-6562 | 2013-05-23 | engine/lib/users.php in Elgg before 1.8.5 does not properly specify permissions for the useradd action, which allows remote attackers to create arbitrary accounts. |
| CVE-2012-6563 | 2013-05-23 | engine/lib/access.php in Elgg before 1.8.5 does not properly clear cached access lists during plugin boot, which allows remote attackers to read private entities via unspecified vectors. |
| CVE-2012-6555 | 2013-05-23 | Cross-site scripting (XSS) vulnerability in the LatestComment plugin 1.1 for Vanilla Forums allows remote attackers to inject arbitrary web script or HTML via the discussion title. |
| CVE-2012-6556 | 2013-05-23 | Multiple cross-site scripting (XSS) vulnerabilities in the FirstLastNames plugin 1.1.1 for Vanilla Forums allow remote attackers to inject arbitrary web script or HTML via the (1) User/FirstName or (2) User/LastName... |
| CVE-2012-6557 | 2013-05-23 | Multiple cross-site scripting (XSS) vulnerabilities in the AboutMe plugin 1.1.1 for Vanilla Forums allow remote attackers to inject arbitrary web script or HTML via the (1) AboutMe/RealName, (2) AboutMe/Name, (3)... |
| CVE-2011-4518 | 2013-05-23 | Directory traversal vulnerability in the PmWebDir object in the web server in MICROSYS PROMOTIC before 8.1.5 allows remote attackers to read arbitrary files via unspecified vectors. |
| CVE-2011-4519 | 2013-05-23 | Stack-based buffer overflow in an ActiveX component in MICROSYS PROMOTIC before 8.1.5 allows remote attackers to cause a denial of service via a crafted web page. |
| CVE-2011-4520 | 2013-05-23 | Heap-based buffer overflow in an ActiveX component in MICROSYS PROMOTIC before 8.1.5 allows remote attackers to cause a denial of service via a crafted web page. |
| CVE-2012-4697 | 2013-05-23 | TURCK BL20 Programmable Gateway and BL67 Programmable Gateway have hardcoded accounts, which allows remote attackers to obtain administrative access via an FTP session. |
| CVE-2013-0986 | 2013-05-24 | Buffer overflow in Apple QuickTime before 7.7.4 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via crafted enof atoms in a movie file. |
| CVE-2013-0987 | 2013-05-24 | Apple QuickTime before 7.7.4 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted QTIF file. |
| CVE-2013-0988 | 2013-05-24 | Buffer overflow in Apple QuickTime before 7.7.4 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted FPX file. |
| CVE-2013-0989 | 2013-05-24 | Buffer overflow in Apple QuickTime before 7.7.4 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted MP3 file. |
| CVE-2013-1015 | 2013-05-24 | Apple QuickTime before 7.7.4 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted TeXML file. |
| CVE-2013-1016 | 2013-05-24 | Buffer overflow in Apple QuickTime before 7.7.4 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted movie file with H.263 encoding. |
| CVE-2013-1017 | 2013-05-24 | Buffer overflow in Apple QuickTime before 7.7.4 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via crafted dref atoms in a movie file. |