Total
11397 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2013-2814 | 1 Cooperindustries | 1 Dnp3 Master Opc Server | 2026-06-16 | 7.1 HIGH | N/A |
| Cooper Power Systems Cybectec DNP3 Master OPC Server allows remote attackers to cause a denial of service (unhandled exception and process crash) via unspecified vectors. | |||||
| CVE-2013-2813 | 1 Cooperindustries | 3 Smp 16 Gateway \(data Concentrator\), Smp 4\/dp Gateway \(data Concentrator\), Smp 4 Gateway \(data Concentrator\) | 2026-06-16 | 7.1 HIGH | N/A |
| The DNP3 component in Cooper Power Systems SMP 4, 4/DP, and 16 gateways allows remote attackers to cause a denial of service (reboot or link outage) via a crafted DNP3 TCP packet. | |||||
| CVE-2013-2811 | 2 Catapultsoftware, Ge | 4 Catapult Dnp3 I\/o Driver, Intelligent Platforms Proficy Dnp3 I\/o Driver, Intelligent Platforms Proficy Hmi\/scada Cimplicity and 1 more | 2026-06-16 | 7.1 HIGH | N/A |
| The (1) Catapult DNP3 I/O driver before 7.2.0.60 and the (2) GE Intelligent Platforms Proficy DNP3 I/O driver before 7.20k, as used in DNPDrv.exe (aka the DNP master station server) in GE Intelligent Platforms Proficy HMI/SCADA - CIMPLICITY and iFIX, allow remote attackers to cause a denial of service (infinite loop) via a crafted DNP3 TCP packet. | |||||
| CVE-2013-2804 | 1 Softwaretoolbox | 1 Top Server | 2026-06-16 | 7.1 HIGH | N/A |
| The DNP Master Driver in Software Toolbox TOP Server before 5.12.140.0 allows remote attackers to cause a denial of service (master-station infinite loop) via crafted DNP3 packets to TCP port 20000 and allows physically proximate attackers to cause a denial of service (master-station infinite loop) via crafted input over a serial line. | |||||
| CVE-2013-2798 | 1 Selinc | 4 Sel-2241, Sel-3505, Sel-3530 and 1 more | 2026-06-16 | 4.7 MEDIUM | N/A |
| Schweitzer Engineering Laboratories (SEL) SEL-2241, SEL-3505, and SEL-3530 RTAC master devices allow physically proximate attackers to cause a denial of service (infinite loop) via crafted input over a serial line. | |||||
| CVE-2013-2792 | 1 Selinc | 4 Sel-2241, Sel-3505, Sel-3530 and 1 more | 2026-06-16 | 7.1 HIGH | N/A |
| Schweitzer Engineering Laboratories (SEL) SEL-2241, SEL-3505, and SEL-3530 RTAC master devices allow remote attackers to cause a denial of service (infinite loop) via a crafted DNP3 TCP packet. | |||||
| CVE-2013-2790 | 1 Ioserver | 1 Ioserver | 2026-06-16 | 7.8 HIGH | N/A |
| The master-station DNP3 driver before driver19.exe, and Beta2041.exe, in IOServer allows remote attackers to cause a denial of service (infinite loop) via crafted DNP3 packets to TCP port 20000. | |||||
| CVE-2013-2788 | 1 Subnet | 1 Substation Server | 2026-06-16 | 4.3 MEDIUM | N/A |
| The DNP3 Slave service in SUBNET Solutions SubSTATION Server 2.7.0033 and 2.8.0106 allows remote attackers to cause a denial of service (unhandled exception and process crash) via unspecified vectors. | |||||
| CVE-2013-2787 | 1 Alstom | 1 E-terracontrol | 2026-06-16 | 7.8 HIGH | N/A |
| Alstom e-terracontrol 3.5, 3.6, and 3.7 allows remote attackers to cause a denial of service (infinite loop) via crafted DNP3 packets. | |||||
| CVE-2013-2783 | 1 Ioserver | 1 Ioserver | 2026-06-16 | 7.1 HIGH | N/A |
| The DNP3 driver in IOServer drivers 1.0.19.0 allows remote attackers to cause a denial of service (infinite loop) or obtain unspecified control via crafted data to TCP port 20000. | |||||
| CVE-2013-2779 | 1 Cisco | 9 Asr 1001, Asr 1002, Asr 1002-x and 6 more | 2026-06-16 | 7.8 HIGH | N/A |
| Cisco IOS XE 3.4 before 3.4.5S, and 3.5 through 3.7 before 3.7.1S, on 1000 series Aggregation Services Routers (ASR) does not properly implement the Cisco Multicast Leaf Recycle Elimination (MLRE) feature, which allows remote attackers to cause a denial of service (card reload) via fragmented IPv6 MVPN (aka MVPNv6) packets, aka Bug ID CSCub34945, a different vulnerability than CVE-2013-1164. | |||||
| CVE-2013-2770 | 1 Novell | 2 Kanaka, Open Enterprise Server | 2026-06-16 | 5.8 MEDIUM | N/A |
| The installation functionality in the Novell Kanaka component before 2.8 for Novell Open Enterprise Server (OES) on Mac OS X does not verify the server's X.509 certificate during an SSL session, which allows man-in-the-middle attackers to spoof servers via an arbitrary certificate. | |||||
| CVE-2013-2653 | 1 Silverstripe | 1 Silverstripe | 2026-06-16 | 5.8 MEDIUM | N/A |
| security/MemberLoginForm.php in SilverStripe 3.0.3 supports login using a GET request, which makes it easier for remote attackers to conduct phishing attacks without detection by the victim. | |||||
| CVE-2013-2633 | 1 Matomo | 1 Matomo | 2026-06-16 | 5.0 MEDIUM | N/A |
| Piwik before 1.11 accepts input from a POST request instead of a GET request in unspecified circumstances, which might allow attackers to obtain sensitive information by leveraging the logging of parameters. | |||||
| CVE-2013-2629 | 1 Idleman | 1 Leed | 2026-06-16 | 5.0 MEDIUM | N/A |
| Leed (Light Feed), possibly before 1.5 Stable, allows remote attackers to bypass authorization via vectors related to the (1) importForm, (2) importFeed, (3) addFavorite, or (4) removeFavorite actions in action.php. | |||||
| CVE-2013-2503 | 1 Privoxy | 1 Privoxy | 2026-06-16 | 5.8 MEDIUM | N/A |
| Privoxy before 3.0.21 does not properly handle Proxy-Authenticate and Proxy-Authorization headers in the client-server data stream, which makes it easier for remote HTTP servers to spoof the intended proxy service via a 407 (aka Proxy Authentication Required) HTTP status code. | |||||
| CVE-2013-2488 | 3 Debian, Opensuse, Wireshark | 3 Debian Linux, Opensuse, Wireshark | 2026-06-16 | 5.0 MEDIUM | N/A |
| The DTLS dissector in Wireshark 1.6.x before 1.6.14 and 1.8.x before 1.8.6 does not validate the fragment offset before invoking the reassembly state machine, which allows remote attackers to cause a denial of service (application crash) via a large offset value that triggers write access to an invalid memory location. | |||||
| CVE-2013-2315 | 1 Lockon | 1 Ec-cube | 2026-06-16 | 5.0 MEDIUM | N/A |
| data/class/pages/forgot/LC_Page_Forgot.php in LOCKON EC-CUBE 2.11.0 through 2.12.3enP2 does not properly validate the input to the password reminder function, which allows remote attackers to obtain sensitive information via a crafted request. | |||||
| CVE-2013-2279 | 3 Siteminder Agent For Sharepoint, Siteminder Federation, Siteminder For Secure Proxy Server | 8 2010, 12.0, 12.1 and 5 more | 2026-06-16 | 7.5 HIGH | N/A |
| CA SiteMinder Federation (FSS) 12.5, 12.0, and r6; Federation (Standalone) 12.1 and 12.0; Agent for SharePoint 2010; and SiteMinder for Secure Proxy Server 6.0, 12.0, and 12.5 does not properly verify XML signatures for SAML statements, which allows remote attackers to spoof other users and gain privileges. | |||||
| CVE-2013-2250 | 1 Apache | 1 Ofbiz | 2026-06-16 | 10.0 HIGH | N/A |
| Apache Open For Business Project (aka OFBiz) 10.04.01 through 10.04.05, 11.04.01 through 11.04.02, and 12.04.01 allows remote attackers to execute arbitrary Unified Expression Language (UEL) functions via JUEL metacharacters in unspecified parameters, related to nested expressions. | |||||