Vulnerabilities (CVE)

Filtered by CWE-20
Total 11574 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2013-7015 1 Ffmpeg 1 Ffmpeg 2026-06-17 6.8 MEDIUM N/A
The flashsv_decode_frame function in libavcodec/flashsv.c in FFmpeg before 2.1 does not properly validate a certain height value, which allows remote attackers to cause a denial of service (out-of-bounds array access) or possibly have unspecified other impact via crafted Flash Screen Video data.
CVE-2013-7001 1 Nowsms 1 Now Sms \& Mms Gateway 2026-06-17 4.3 MEDIUM N/A
The Multimedia Messaging Centre (MMSC) in NowSMS Now SMS & MMS Gateway before 2013.11.15 allows remote attackers to cause a denial of service via a malformed MM1 message that is routed to a (1) MM4 or (2) MM7 connection.
CVE-2013-7000 1 Nowsms 1 Now Sms \& Mms Gateway 2026-06-17 4.3 MEDIUM N/A
The Multimedia Messaging Centre (MMSC) in NowSMS Now SMS & MMS Gateway 2013.09.26 allows remote attackers to cause a denial of service via a malformed message to a MM4 connection.
CVE-2013-6982 1 Cisco 1 Nx-os 2026-06-17 4.3 MEDIUM N/A
The BGP implementation in Cisco NX-OS 6.2(2a) and earlier does not properly handle the interaction of UPDATE messages with IPv6, VPNv4, and VPNv6 labeled unicast-address families, which allows remote attackers to cause a denial of service (peer reset) via a crafted message, aka Bug ID CSCuj03174.
CVE-2013-6981 1 Cisco 1 Ios Xe 2026-06-17 5.4 MEDIUM N/A
Cisco IOS XE 3.7S(.1) and earlier allows remote attackers to cause a denial of service (Packet Processor crash) via fragmented MPLS IP packets, aka Bug ID CSCul00709.
CVE-2013-6971 1 Cisco 1 Webex Training Center 2026-06-17 5.8 MEDIUM N/A
Open redirect vulnerability in Cisco WebEx Training Center allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vectors, aka Bug ID CSCul57140.
CVE-2013-6969 1 Cisco 1 Webex Training Center 2026-06-17 4.3 MEDIUM N/A
The training-registration page in Cisco WebEx Training Center allows remote attackers to modify unspecified fields via unknown vectors, aka Bug ID CSCul35990.
CVE-2013-6967 1 Cisco 1 Webex Sales Center 2026-06-17 5.8 MEDIUM N/A
Open redirect vulnerability in the mobile-browser subsystem in Cisco WebEx Sales Center allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vectors, aka Bug ID CSCul36020.
CVE-2013-6966 1 Cisco 1 Webex Training Center 2026-06-17 5.8 MEDIUM N/A
Open redirect vulnerability in Cisco WebEx Training Center allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vectors, aka Bug ID CSCul36031.
CVE-2013-6959 1 Cisco 1 Webex Sales Center 2026-06-17 5.8 MEDIUM N/A
Open redirect vulnerability in Cisco WebEx Sales Center allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vectors, aka Bug ID CSCul25557.
CVE-2013-6887 1 Uclouvain 1 Openjpeg 2026-06-17 6.4 MEDIUM N/A
OpenJPEG 1.5.1 allows remote attackers to cause a denial of service via unspecified vectors that trigger NULL pointer dereferences, division-by-zero, and other errors.
CVE-2013-6834 1 Freebsd 1 Freebsd 2026-06-17 4.9 MEDIUM N/A
The ql_eioctl function in sys/dev/qlxgbe/ql_ioctl.c in the kernel in FreeBSD 10 and earlier does not validate a certain size parameter, which allows local users to obtain sensitive information from kernel memory via a crafted ioctl call.
CVE-2013-6833 1 Freebsd 1 Freebsd 2026-06-17 4.9 MEDIUM N/A
The qls_eioctl function in sys/dev/qlxge/qls_ioctl.c in the kernel in FreeBSD 10 and earlier does not validate a certain size parameter, which allows local users to obtain sensitive information from kernel memory via a crafted ioctl call.
CVE-2013-6815 1 Sap 1 Netweaver 2026-06-17 5.0 MEDIUM N/A
The SHSTI_UPLOAD_XML function in the Application Server for ABAP (AS ABAP) in SAP NetWeaver 7.31 and earlier allows remote attackers to cause a denial of service via unspecified vectors, related to an XML External Entity (XXE) issue.
CVE-2013-6814 1 Sap 1 Netweaver 2026-06-17 5.8 MEDIUM N/A
The J2EE Engine in SAP NetWeaver 6.40, 7.02, and earlier allows remote attackers to redirect users to arbitrary web sites, conduct phishing attacks, and obtain sensitive information (cookies and SAPPASSPORT) via unspecified vectors.
CVE-2013-6769 2 Google, Koushik Dutta 2 Android, Superuser 2026-06-17 10.0 HIGH N/A
The CyanogenMod/ClockWorkMod/Koush Superuser package 1.0.2.1 for Android allows attackers to gain privileges via shell metacharacters in the -c option to /system/xbin/su.
CVE-2013-6747 1 Ibm 3 Global Security Kit, Security Directory Server, Tivoli Directory Server 2026-06-17 7.1 HIGH N/A
IBM GSKit 7.x before 7.0.4.48 and 8.x before 8.0.50.16, as used in IBM Security Directory Server (ISDS) and Tivoli Directory Server (TDS), allows remote attackers to cause a denial of service (application crash or hang) via a malformed X.509 certificate chain.
CVE-2013-6706 1 Cisco 1 Ios Xe 2026-06-17 5.4 MEDIUM N/A
The Cisco Express Forwarding processing module in Cisco IOS XE allows remote attackers to cause a denial of service (device reload) via crafted MPLS packets that are not properly handled during IP header validation, aka Bug ID CSCuj23992.
CVE-2013-6705 1 Cisco 2 Ios, Ios Xe 2026-06-17 6.1 MEDIUM N/A
The IP Device Tracking (IPDT) feature in Cisco IOS and IOS XE allows remote attackers to cause a denial of service (IPDT AVL corruption and device reload) via a crafted sequence of ARP packets, aka Bug ID CSCuh38133.
CVE-2013-6703 1 Cisco 1 Ons 15454 2026-06-17 7.1 HIGH N/A
The TLS/SSLv3 module on Cisco ONS 15454 controller cards allows remote attackers to cause a denial of service (card reset) via crafted (1) TLS or (2) SSLv3 packets, aka Bug ID CSCuh34787.