Total
7102 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2013-3825 | 1 Oracle | 1 Supply Chain Products Suite | 2017-08-29 | 4.0 MEDIUM | N/A |
| Unspecified vulnerability in the Oracle Agile Product Collaboration component in Oracle Supply Chain Products Suite 9.3.1 allows remote authenticated users to affect confidentiality via unknown vectors related to Folders & Files Attachment. | |||||
| CVE-2013-2987 | 1 Ibm | 2 Sterling B2b Integrator, Sterling File Gateway | 2017-08-29 | 4.0 MEDIUM | N/A |
| IBM Sterling B2B Integrator 5.1 and 5.2 and Sterling File Gateway 2.1 and 2.2 allow remote authenticated users to obtain sensitive information about application implementation via unspecified vectors, a different vulnerability than CVE-2013-0463, CVE-2013-2985, CVE-2013-3020, CVE-2013-0568, CVE-2013-0475, and CVE-2013-0567. | |||||
| CVE-2013-0568 | 1 Ibm | 2 Sterling B2b Integrator, Sterling File Gateway | 2017-08-29 | 4.0 MEDIUM | N/A |
| IBM Sterling B2B Integrator 5.1 and 5.2 and Sterling File Gateway 2.1 and 2.2 allow remote authenticated users to obtain sensitive information about application implementation via unspecified vectors, a different vulnerability than CVE-2013-0463, CVE-2013-2985, CVE-2013-2987, CVE-2013-3020, CVE-2013-0475, and CVE-2013-0567. | |||||
| CVE-2013-4301 | 1 Mediawiki | 1 Mediawiki | 2017-08-29 | 5.0 MEDIUM | N/A |
| includes/resourceloader/ResourceLoaderContext.php in MediaWiki 1.19.x before 1.19.8, 1.20.x before 1.20.7, and 1.21.x before 1.21.2 allows remote attackers to obtain sensitive information via a "<" (open angle bracket) character in the lang parameter to w/load.php, which reveals the installation path in an error message. | |||||
| CVE-2013-5454 | 1 Ibm | 1 Websphere Portal | 2017-08-29 | 4.3 MEDIUM | N/A |
| IBM WebSphere Portal 6.0 through 6.0.1.7, 6.1.0 through 6.1.0.6 CF27, 6.1.5 through 6.1.5.3 CF27, 7.0 through 7.0.0.2 CF25, and 8.0 through 8.0.0.1 CF08 allows remote attackers to read arbitrary files via a modified URL. | |||||
| CVE-2013-1455 | 1 Joomla | 1 Joomla\! | 2017-08-29 | 5.0 MEDIUM | N/A |
| Joomla! 3.0.x through 3.0.2 allows attackers to obtain sensitive information via unspecified vectors related to an "Undefined variable." | |||||
| CVE-2013-0527 | 1 Ibm | 1 Sterling Connect Direct User Interface | 2017-08-29 | 1.9 LOW | N/A |
| The Browser in IBM Sterling Connect:Direct 1.4 before 1.4.0.11 and 1.5 through 1.5.0.1 does not close pages upon the timeout of a session, which allows physically proximate attackers to obtain sensitive administrative-console information by reading the screen of an unattended workstation. | |||||
| CVE-2013-5440 | 1 Ibm | 1 Infosphere Information Server | 2017-08-29 | 2.1 LOW | N/A |
| IBM InfoSphere Information Server 8.0, 8.1, 8.5, 8.7, and 9.1 allows local users to obtain sensitive information in opportunistic circumstances by leveraging the presence of file content after a failed installation. | |||||
| CVE-2013-5760 | 1 Qnap | 2 Photo Station, Photo Station Firmware | 2017-08-29 | 5.0 MEDIUM | N/A |
| QNAP Photo Station before firmware 4.0.3 build0912 allows remote attackers to list OS user accounts via a request to photo/p/api/list.php. | |||||
| CVE-2013-0475 | 1 Ibm | 2 Sterling B2b Integrator, Sterling File Gateway | 2017-08-29 | 4.0 MEDIUM | N/A |
| IBM Sterling B2B Integrator 5.1 and 5.2 and Sterling File Gateway 2.1 and 2.2 allow remote authenticated users to obtain sensitive information about application implementation via unspecified vectors, a different vulnerability than CVE-2013-0463, CVE-2013-2985, CVE-2013-2987, CVE-2013-3020, CVE-2013-0568, and CVE-2013-0567. | |||||
| CVE-2013-0505 | 1 Ibm | 2 Sterling Multi-channel Fulfillment Solution, Sterling Selling And Fulfillment Foundation | 2017-08-29 | 5.5 MEDIUM | N/A |
| IBM Sterling Order Management 8.0 before HF127, 8.5 before HF89, 9.0 before HF69, 9.1.0 before FP41, and 9.2.0 before FP13 allows remote authenticated users to conduct XPath injection attacks, and read arbitrary XML files, via unspecified vectors. | |||||
| CVE-2013-0347 | 1 Webfs | 1 Webfs | 2017-08-29 | 7.2 HIGH | N/A |
| The Gentoo init script for webfs uses world-readable permissions for /var/log/webfsd.log, which allows local users to have unspecified impact by reading the file. | |||||
| CVE-2013-2976 | 1 Ibm | 1 Websphere Application Server | 2017-08-29 | 1.9 LOW | N/A |
| The Administrative console in IBM WebSphere Application Server (WAS) 6.1 before 6.1.0.47, 7.0 before 7.0.0.29, 8.0 before 8.0.0.7, and 8.5 before 8.5.5.0 does not properly perform caching, which allows local users to obtain sensitive information via unspecified vectors. | |||||
| CVE-2013-6237 | 1 Islonline | 2 Isl Desktop Plugin, Isl Light | 2017-08-29 | 3.5 LOW | N/A |
| The ISL Desktop plugin for Windows before 1.4.7 for ISL Light 3.5.4 and earlier allows remote authenticated users to obtain sensitive information by pasting the clipboard contents that have been copied by another user in the session. | |||||
| CVE-2013-5453 | 1 Ibm | 1 Security Appscan | 2017-08-29 | 3.5 LOW | N/A |
| IBM Security AppScan Enterprise 5.6 through 8.7.0.1 allows remote authenticated users to read arbitrary report files by leveraging knowledge of filenames that cannot be easily predicted. | |||||
| CVE-2013-4039 | 1 Ibm | 1 Websphere Extended Deployment Compute Grid | 2017-08-29 | 4.0 MEDIUM | N/A |
| IBM WebSphere Extended Deployment Compute Grid 8.0 before 8.0.0.3 allows remote authenticated users to obtain sensitive information, and consequently bypass intended access restrictions on jobs, via unspecified vectors. | |||||
| CVE-2013-4069 | 1 Ibm | 1 Spss Collaboration And Deployment Services | 2017-08-29 | 5.0 MEDIUM | N/A |
| The Portal application in IBM SPSS Collaboration and Deployment Services 4.2.1 before 4.2.1.3 IF3 and 5.0 before FP3 allows remote attackers to read arbitrary files via an XML external entity declaration in conjunction with an entity reference, related to an XML External Entity (XXE) issue. | |||||
| CVE-2013-1923 | 1 Linux-nfs | 1 Nfs-utils | 2017-08-29 | 3.2 LOW | N/A |
| rpc-gssd in nfs-utils before 1.2.8 performs reverse DNS resolution for server names during GSSAPI authentication, which might allow remote attackers to read otherwise-restricted files via DNS spoofing attacks. | |||||
| CVE-2013-0721 | 2 Wordpress, Wp Php Widget Project | 2 Wordpress, Wp Php Widget | 2017-08-29 | 5.0 MEDIUM | N/A |
| wp-php-widget.php in the WP PHP widget plugin 1.0.2 for WordPress allows remote attackers to obtain sensitive information via a direct request, which reveals the full path in an error message. | |||||
| CVE-2013-4043 | 1 Ibm | 1 Spss Collaboration And Deployment Services | 2017-08-29 | 5.0 MEDIUM | N/A |
| The server in IBM SPSS Collaboration and Deployment Services 4.x before 4.2.1.3 IF3, 5.x before 5.0 FP3, and 6.x before 6.0 IF1 allows remote attackers to read arbitrary files via an unspecified HTTP request. | |||||