Total
31934 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2012-3482 | 1 Fetchmail | 1 Fetchmail | 2013-04-05 | 5.8 MEDIUM | N/A |
| Fetchmail 5.0.8 through 6.3.21, when using NTLM authentication in debug mode, allows remote NTLM servers to (1) cause a denial of service (crash and delayed delivery of inbound mail) via a crafted NTLM response that triggers an out-of-bounds read in the base64 decoder, or (2) obtain sensitive information from memory via an NTLM Type 2 message with a crafted Target Name structure, which triggers an out-of-bounds read. | |||||
| CVE-2013-0664 | 1 Schneider-electric | 3 Modicon M340, Modicon Premium, Modicon Quantum Plc | 2013-04-04 | 8.5 HIGH | N/A |
| The FactoryCast service on the Schneider Electric Quantum 140NOE77111 and 140NWM10000, M340 BMXNOE0110x, and Premium TSXETY5103 PLC modules allows remote authenticated users to send Modbus messages, and consequently execute arbitrary code, by embedding these messages in SOAP HTTP POST requests. | |||||
| CVE-2013-1299 | 1 Microsoft | 4 Modern Mail, Windows 8, Windows Rt and 1 more | 2013-04-02 | 5.8 MEDIUM | N/A |
| Microsoft Windows Modern Mail allows remote attackers to spoof link targets via a crafted HTML e-mail message. | |||||
| CVE-2013-1083 | 1 Novell | 1 Identity Manager Roles Based Provisioning Module | 2013-04-02 | 10.0 HIGH | N/A |
| Unspecified vulnerability in the login functionality in the Reporting Module in Novell Identity Manager (aka IDM) Roles Based Provisioning Module 4.0.2 before Field Patch C has unknown impact and attack vectors. | |||||
| CVE-2013-0659 | 1 Siemens | 4 Cp 1604, Cp 1604 Firmware, Cp 1616 and 1 more | 2013-04-01 | 10.0 HIGH | N/A |
| The debugging feature on the Siemens CP 1604 and CP 1616 interface cards with firmware before 2.5.2 allows remote attackers to execute arbitrary code via a crafted packet to UDP port 17185. | |||||
| CVE-2013-2717 | 1 Emc | 1 Smarts Network Configuration Manager | 2013-03-29 | 9.3 HIGH | N/A |
| Multiple unspecified vulnerabilities in the System Management (aka SysAdmin) Console in EMC Smarts Network Configuration Manager (NCM) through 9.2 have unknown impact and attack vectors, a different issue than CVE-2013-0935. NOTE: this might overlap CVEs for open-source server components or other third-party components. | |||||
| CVE-2013-0260 | 2 Drupal, Elliot Pahl | 2 Drupal, Drush Debian Packaging | 2013-03-28 | 2.1 LOW | N/A |
| Unspecified vulnerability in the Drush Debian Packaging module for Drupal allows local users to obtain database credentials via unknown vectors. | |||||
| CVE-2012-2469 | 1 Cisco | 5 Nexus 7000, Nexus 7000 10-slot, Nexus 7000 18-slot and 2 more | 2013-03-23 | 7.8 HIGH | N/A |
| Cisco NX-OS 4.2, 5.0, 5.1, and 5.2 on Nexus 7000 series switches, when the High Availability (HA) policy is configured for Reset, allows remote attackers to cause a denial of service (device reset) via a malformed Cisco Discovery Protocol (CDP) packet, aka Bug IDs CSCtk34535 and CSCtk19132. | |||||
| CVE-2012-3247 | 1 Hp | 3 Integrity, Integrity Firmware, Itegrity | 2013-03-22 | 4.9 MEDIUM | N/A |
| Unspecified vulnerability on the HP Integrity Server BL860c i2, BL870c i2, and BL890c i2 with firmware before 26.31 and the HP Integrity Server rx2800 i2 with firmware before 26.30 allows local users to cause a denial of service via unknown vectors. | |||||
| CVE-2012-3257 | 1 Hp | 1 Business Availability Center | 2013-03-22 | 4.6 MEDIUM | N/A |
| HP Business Availability Center (BAC) 8.07 allows remote authenticated users to hijack web sessions via unspecified vectors. | |||||
| CVE-2012-3051 | 1 Cisco | 5 Nexus 7000, Nexus 7000 10-slot, Nexus 7000 18-slot and 2 more | 2013-03-22 | 6.1 MEDIUM | N/A |
| Cisco NX-OS 5.2 and 6.1 on Nexus 7000 series switches allows remote attackers to cause a denial of service (process crash or packet loss) via a large number of ARP packets, aka Bug ID CSCtr44822. | |||||
| CVE-2012-2017 | 1 Hp | 6 Photosmart E-all-in-one Printer Series, Photosmart Estation All-in-one-printer Series, Photosmart Ink Advantage E-all-in-one and 3 more | 2013-03-22 | 7.8 HIGH | N/A |
| Unspecified vulnerability on HP Photosmart Wireless e-All-in-One B110, e-All-in-One D110, Plus e-All-in-One B210, eStation All-in-One C510, Ink Advantage e-All-in-One K510, and Premium Fax e-All-in-One C410 printers allows remote attackers to cause a denial of service via unknown vectors. | |||||
| CVE-2013-0960 | 1 Apple | 3 Mac Os X, Mac Os X Server, Safari | 2013-03-18 | 6.8 MEDIUM | N/A |
| WebKit in Apple Safari before 6.0.3 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, a different vulnerability than CVE-2013-0961. | |||||
| CVE-2013-0966 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2013-03-18 | 6.4 MEDIUM | N/A |
| The Apple mod_hfs_apple module for the Apache HTTP Server in Apple Mac OS X before 10.8.3 does not properly handle ignorable Unicode characters, which allows remote attackers to bypass intended directory authentication requirements via a crafted pathname in a URI. | |||||
| CVE-2013-0967 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2013-03-18 | 4.3 MEDIUM | N/A |
| CoreTypes in Apple Mac OS X before 10.8.3 includes JNLP files in the list of safe file types, which allows remote attackers to bypass a Java plug-in disabled setting, and trigger the launch of Java Web Start applications, via a crafted web site. | |||||
| CVE-2013-0961 | 1 Apple | 3 Mac Os X, Mac Os X Server, Safari | 2013-03-18 | 6.8 MEDIUM | N/A |
| WebKit in Apple Safari before 6.0.3 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, a different vulnerability than CVE-2013-0960. | |||||
| CVE-2013-0973 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2013-03-18 | 6.8 MEDIUM | N/A |
| Software Update in Apple Mac OS X through 10.7.5 does not prevent plugin loading within the marketing-text WebView, which allows man-in-the-middle attackers to execute plugin code by modifying the client-server data stream. | |||||
| CVE-2013-2558 | 1 Microsoft | 1 Windows 8 | 2013-03-16 | 10.0 HIGH | N/A |
| Unspecified vulnerability in Microsoft Windows 8 allows remote attackers to cause a denial of service (reboot) or possibly have unknown other impact via a crafted TrueType Font (TTF) file, as demonstrated by the 120612-69701-01.dmp error report. | |||||
| CVE-2013-2552 | 1 Microsoft | 2 Internet Explorer, Windows 8 | 2013-03-16 | 7.5 HIGH | N/A |
| Unspecified vulnerability in Microsoft Internet Explorer 10 on Windows 8 allows remote attackers to bypass the sandbox protection mechanism by leveraging access to a Medium integrity process, as demonstrated by VUPEN during a Pwn2Own competition at CanSecWest 2013. | |||||
| CVE-2013-0970 | 1 Apple | 1 Mac Os X | 2013-03-15 | 4.3 MEDIUM | N/A |
| Messages in Apple Mac OS X before 10.8.3 allows remote attackers to bypass the FaceTime call-confirmation prompt via a crafted FaceTime: URL. | |||||