Total
11574 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2013-5385 | 1 Ibm | 2 I, Z\/os | 2026-06-16 | 8.5 HIGH | N/A |
| The OSPF implementation in IBM i 6.1 and 7.1, in z/OS on zSeries servers, and in Networking Operating System (aka NOS, formerly BLADE Operating System) does not properly validate Link State Advertisement (LSA) type 1 packets before performing operations on the LSA database, which allows remote attackers to cause a denial of service (routing disruption) or obtain sensitive packet information via a crafted LSA packet, a related issue to CVE-2013-0149. | |||||
| CVE-2013-5350 | 1 Tejimaya | 1 Openpne | 2026-06-16 | 7.5 HIGH | N/A |
| The "Remember me" feature in the opSecurityUser::getRememberLoginCookie function in lib/user/opSecurityUser.class.php in OpenPNE 3.6.13 before 3.6.13.1 and 3.8.9 before 3.8.9.1 does not properly validate login data in HTTP Cookie headers, which allows remote attackers to conduct PHP object injection attacks, and execute arbitrary PHP code, via a crafted serialized object. | |||||
| CVE-2013-5220 | 1 Hot | 2 Hotbox Router, Hotbox Router Firmware | 2026-06-16 | 6.1 MEDIUM | N/A |
| goform/login on the HOT HOTBOX router with software 2.1.11 allows remote attackers to cause a denial of service (device crash) via crafted HTTP POST data. | |||||
| CVE-2013-5211 | 3 Ntp, Opensuse, Oracle | 3 Ntp, Opensuse, Linux | 2026-06-16 | 5.0 MEDIUM | N/A |
| The monlist feature in ntp_request.c in ntpd in NTP before 4.2.7p26 allows remote attackers to cause a denial of service (traffic amplification) via forged (1) REQ_MON_GETLIST or (2) REQ_MON_GETLIST_1 requests, as exploited in the wild in December 2013. | |||||
| CVE-2013-5192 | 1 Apple | 1 Mac Os X | 2026-06-16 | 4.9 MEDIUM | N/A |
| The USB hub controller in Apple Mac OS X before 10.9 allows local users to cause a denial of service (system crash) via a request with a crafted (1) port or (2) port number. | |||||
| CVE-2013-5175 | 1 Apple | 1 Mac Os X | 2026-06-16 | 6.6 MEDIUM | N/A |
| The kernel in Apple Mac OS X before 10.9 allows local users to obtain sensitive information or cause a denial of service (out-of-bounds read and system crash) via a crafted Mach-O file. | |||||
| CVE-2013-5168 | 1 Apple | 1 Mac Os X | 2026-06-16 | 6.8 MEDIUM | N/A |
| Console in Apple Mac OS X before 10.9 allows user-assisted remote attackers to execute arbitrary applications by triggering a log entry with a crafted attached URL. | |||||
| CVE-2013-5155 | 1 Apple | 1 Iphone Os | 2026-06-16 | 7.1 HIGH | N/A |
| The Sandbox subsystem in Apple iOS before 7 allows attackers to cause a denial of service (infinite loop) via an application that writes crafted values to /dev/random. | |||||
| CVE-2013-5152 | 1 Apple | 1 Iphone Os | 2026-06-16 | 4.3 MEDIUM | N/A |
| Mobile Safari in Apple iOS before 7 allows remote attackers to spoof the URL bar via a crafted web site. | |||||
| CVE-2013-5140 | 1 Apple | 1 Iphone Os | 2026-06-16 | 7.8 HIGH | N/A |
| The kernel in Apple iOS before 7 allows remote attackers to cause a denial of service (assertion failure and device restart) via an invalid packet fragment. | |||||
| CVE-2013-5106 | 1 Python-mode Project | 1 Python-mode | 2026-06-16 | 6.8 MEDIUM | 8.8 HIGH |
| A Code Execution vulnerability exists in select.py when using python-mode 2012-12-19. | |||||
| CVE-2013-5046 | 1 Microsoft | 1 Internet Explorer | 2026-06-16 | 6.2 MEDIUM | N/A |
| Microsoft Internet Explorer 7 through 11 allows local users to bypass the Protected Mode protection mechanism, and consequently gain privileges, by leveraging the ability to execute sandboxed code, aka "Internet Explorer Elevation of Privilege Vulnerability." | |||||
| CVE-2013-5045 | 1 Microsoft | 1 Internet Explorer | 2026-06-16 | 6.2 MEDIUM | N/A |
| Microsoft Internet Explorer 10 and 11 allows local users to bypass the Protected Mode protection mechanism, and consequently gain privileges, by leveraging the ability to execute sandboxed code, aka "Internet Explorer Elevation of Privilege Vulnerability." | |||||
| CVE-2013-5029 | 2 Opensuse, Phpmyadmin | 2 Opensuse, Phpmyadmin | 2026-06-16 | 4.3 MEDIUM | N/A |
| phpMyAdmin 3.5.x and 4.0.x before 4.0.5 allows remote attackers to bypass the clickjacking protection mechanism via certain vectors related to Header.class.php. | |||||
| CVE-2013-4955 | 1 Puppet | 1 Puppet Enterprise | 2026-06-16 | 5.8 MEDIUM | N/A |
| Open redirect vulnerability in the login page in Puppet Enterprise before 3.0.1 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the service parameter. | |||||
| CVE-2013-4932 | 1 Wireshark | 1 Wireshark | 2026-06-16 | 5.0 MEDIUM | N/A |
| Multiple array index errors in epan/dissectors/packet-gsm_a_common.c in the GSM A Common dissector in Wireshark 1.8.x before 1.8.9 and 1.10.x before 1.10.1 allow remote attackers to cause a denial of service (application crash) via a crafted packet. | |||||
| CVE-2013-4930 | 1 Wireshark | 1 Wireshark | 2026-06-16 | 5.0 MEDIUM | N/A |
| The dissect_dvbci_tpdu_hdr function in epan/dissectors/packet-dvbci.c in the DVB-CI dissector in Wireshark 1.8.x before 1.8.9 and 1.10.x before 1.10.1 does not validate a certain length value before decrementing it, which allows remote attackers to cause a denial of service (assertion failure and application exit) via a crafted packet. | |||||
| CVE-2013-4926 | 1 Wireshark | 1 Wireshark | 2026-06-16 | 5.0 MEDIUM | N/A |
| epan/dissectors/packet-dcom-sysact.c in the DCOM ISystemActivator dissector in Wireshark 1.10.x before 1.10.1 does not properly determine whether there is remaining packet data to process, which allows remote attackers to cause a denial of service (application crash) via a crafted packet. | |||||
| CVE-2013-4924 | 1 Wireshark | 1 Wireshark | 2026-06-16 | 5.0 MEDIUM | N/A |
| epan/dissectors/packet-dcom-sysact.c in the DCOM ISystemActivator dissector in Wireshark 1.10.x before 1.10.1 does not properly validate certain index values, which allows remote attackers to cause a denial of service (assertion failure and application exit) via a crafted packet. | |||||
| CVE-2013-4912 | 1 Siemens | 1 Wincc | 2026-06-16 | 5.8 MEDIUM | N/A |
| Open redirect vulnerability in Siemens WinCC (TIA Portal) 11 and 12 before 12 SP1 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks by leveraging improper configuration of SIMATIC HMI panels by the WinCC product. | |||||
