Export limit exceeded: 11023 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (11023 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2013-6360 | 1 Trendnet | 2 Ts-s402, Ts-s402 Firmware | 2024-11-21 | 7.5 High |
| TRENDnet TS-S402 has a backdoor to enable TELNET. | ||||
| CVE-2013-6272 | 1 Google | 1 Android | 2024-11-21 | N/A |
| The NotificationBroadcastReceiver class in the com.android.phone process in Google Android 4.1.1 through 4.4.2 allows attackers to bypass intended access restrictions and consequently make phone calls to arbitrary numbers, send mmi or ussd codes, or hangup ongoing calls via a crafted application. | ||||
| CVE-2013-5654 | 1 Yingzhipython Project | 1 Yingzhipython | 2024-11-21 | N/A |
| Vulnerability in YingZhi Python Programming Language v1.9 allows arbitrary anonymous uploads to the phone's storage | ||||
| CVE-2013-5582 | 1 Ammyy | 1 Ammyy Admin | 2024-11-21 | 7.8 High |
| Ammyy Admin 3.2 and earlier stores the client ID at a fixed memory location, which might make it easier for user-assisted remote attackers to bypass authentication by running a local program that extracts a field from the AA_v3.2.exe file. | ||||
| CVE-2013-5123 | 5 Debian, Fedoraproject, Pypa and 2 more | 6 Debian Linux, Fedora, Pip and 3 more | 2024-11-21 | 5.9 Medium |
| The mirroring support (-M, --use-mirrors) in Python Pip before 1.5 uses insecure DNS querying and authenticity checks which allows attackers to perform man-in-the-middle attacks. | ||||
| CVE-2013-5122 | 1 Cisco | 8 Linksys E4200, Linksys E4200 Firmware, Linksys Ea2700 and 5 more | 2024-11-21 | 9.8 Critical |
| Cisco Linksys Routers EA2700, EA3500, E4200, EA4500: A bug can cause an unsafe TCP port to open which leads to unauthenticated access | ||||
| CVE-2013-5116 | 1 Evernote | 1 Evernote | 2024-11-21 | 7.1 High |
| Evernote prior to 5.5.1 has insecure password change | ||||
| CVE-2013-5114 | 1 Logmein | 1 Lastpass | 2024-11-21 | 6.1 Medium |
| LastPass prior to 2.5.1 allows secure wipe bypass. | ||||
| CVE-2013-5112 | 1 Evernote | 1 Evernote | 2024-11-21 | 4.6 Medium |
| Evernote before 5.5.1 has insecure PIN storage | ||||
| CVE-2013-4982 | 1 Avtech | 2 Avn801 Dvr, Avn801 Dvr Firmware | 2024-11-21 | 9.8 Critical |
| AVTECH AVN801 DVR has a security bypass via the administration login captcha | ||||
| CVE-2013-4976 | 1 Hikvision | 2 Ds-2cd7153-e, Ds-2cd7153-e Firmware | 2024-11-21 | 9.8 Critical |
| Hikvision DS-2CD7153-E IP Camera has security bypass via hardcoded credentials | ||||
| CVE-2013-4863 | 1 Micasaverde | 2 Veralite, Veralite Firmware | 2024-11-21 | 8.8 High |
| The HomeAutomationGateway service in MiCasaVerde VeraLite with firmware 1.5.408 allows (1) remote attackers to execute arbitrary Lua code via a RunLua action in a request to upnp/control/hag on port 49451 or (2) remote authenticated users to execute arbitrary Lua code via a RunLua action in a request to port_49451/upnp/control/hag. | ||||
| CVE-2013-4621 | 1 Magdevgroup | 1 Magnolia Cms | 2024-11-21 | 9.8 Critical |
| Magnolia CMS before 4.5.9 has multiple access bypass vulnerabilities | ||||
| CVE-2013-4593 | 1 Omniauth-facebook Project | 1 Omniauth-facebook | 2024-11-21 | 7.5 High |
| RubyGem omniauth-facebook has an access token security vulnerability | ||||
| CVE-2013-4462 | 1 Portable Phpmyadmin Project | 1 Portable Phpmyadmin | 2024-11-21 | 9.1 Critical |
| WordPress Portable phpMyAdmin Plugin has an authentication bypass vulnerability | ||||
| CVE-2013-4454 | 1 Getbutterfly | 1 Portable-phpmyadmin | 2024-11-21 | 9.1 Critical |
| WordPress Portable phpMyAdmin Plugin 1.4.1 has Multiple Security Bypass Vulnerabilities | ||||
| CVE-2013-4201 | 2 Katello, Redhat | 2 Katello, Satellite | 2024-11-21 | N/A |
| Katello allows remote authenticated users to call the "system remove_deletion" CLI command via vectors related to "remove system" permissions. | ||||
| CVE-2013-3367 | 1 Trendnet | 4 Tew-691gr, Tew-691gr Firmware, Tew-692gr and 1 more | 2024-11-21 | 9.8 Critical |
| Undocumented TELNET service in TRENDnet TEW-691GR and TEW-692GR when a web page named backdoor contains an HTML parameter of password and a value of j78G¬DFdg_24Mhw3. | ||||
| CVE-2013-3317 | 1 Netgear | 2 Wnr1000, Wnr1000 Firmware | 2024-11-21 | 9.8 Critical |
| Netgear WNR1000v3 with firmware before 1.0.2.60 contains an Authentication Bypass via the NtgrBak key. | ||||
| CVE-2013-3316 | 1 Netgear | 2 Wnr1000, Wnr1000 Firmware | 2024-11-21 | 9.8 Critical |
| Netgear WNR1000v3 with firmware before 1.0.2.60 contains an Authentication Bypass due to the server skipping checks for URLs containing a ".jpg". | ||||