Vulnerabilities (CVE)

Filtered by CWE-20
Total 11571 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2013-3594 1 Dell 3 Powerconnect 3348, Powerconnect 3524p, Powerconnect 5324 2026-06-16 10.0 HIGH N/A
The SSH service on Dell PowerConnect 3348 1.2.1.3, 3524p 2.0.0.48, and 5324 2.0.1.4 switches allows remote attackers to cause a denial of service (device reset) or possibly execute arbitrary code by sending many packets to TCP port 22.
CVE-2013-3588 1 Zyxel 11 P-660h-61, P-660h-63, P-660h-67 and 8 more 2026-06-16 7.8 HIGH N/A
The web management interface on Zyxel P660 devices allows remote attackers to cause a denial of service (reboot) via a flood of TCP SYN packets.
CVE-2013-3580 1 Trustgo 1 Antivirus \& Mobile Security 2026-06-16 4.3 MEDIUM N/A
The TrustGo Antivirus & Mobile Security application before 1.3.6 for Android allows attackers to cause a denial of service (application crash) via a crafted application that sends an intent to com.trustgo.mobile.security.USSDScannerActivity with zero arguments.
CVE-2013-3575 1 Hp 1 Insight Diagnostics 2026-06-16 5.0 MEDIUM N/A
hpdiags/frontend2/help/pageview.php in HP Insight Diagnostics 9.4.0.4710 does not properly restrict PHP include or require statements, which allows remote attackers to include arbitrary hpdiags/frontend2/help/ .html files via the path parameter.
CVE-2013-3574 1 Hp 1 Insight Diagnostics 2026-06-16 7.8 HIGH N/A
Absolute path traversal vulnerability in hpdiags/frontend2/commands/saveCompareConfig.php in HP Insight Diagnostics 9.4.0.4710 allows remote attackers to write data to arbitrary files via a full pathname in the argument to the devicePath (aka mount) parameter.
CVE-2013-3573 1 Hp 1 Insight Diagnostics 2026-06-16 10.0 HIGH N/A
HP Insight Diagnostics 9.4.0.4710 allows remote attackers to conduct unspecified injection attacks via unknown vectors.
CVE-2013-3567 4 Canonical, Novell, Puppet and 1 more 6 Ubuntu Linux, Suse Linux Enterprise Desktop, Suse Linux Enterprise Server and 3 more 2026-06-16 7.5 HIGH N/A
Puppet 2.7.x before 2.7.22 and 3.2.x before 3.2.2, and Puppet Enterprise before 2.8.2, deserializes untrusted YAML, which allows remote attackers to instantiate arbitrary Ruby classes and execute arbitrary code via a crafted REST API call.
CVE-2013-3556 3 Debian, Opensuse, Wireshark 3 Debian Linux, Opensuse, Wireshark 2026-06-16 5.0 MEDIUM N/A
The fragment_add_seq_common function in epan/reassemble.c in the ASN.1 BER dissector in Wireshark before r48943 has an incorrect pointer dereference during a comparison, which allows remote attackers to cause a denial of service (application crash) via a malformed packet.
CVE-2013-3555 3 Debian, Opensuse, Wireshark 3 Debian Linux, Opensuse, Wireshark 2026-06-16 5.0 MEDIUM N/A
epan/dissectors/packet-gtpv2.c in the GTPv2 dissector in Wireshark 1.8.x before 1.8.7 calls incorrect functions in certain contexts related to ciphers, which allows remote attackers to cause a denial of service (application crash) via a malformed packet.
CVE-2013-3512 1 Gwos 1 Groundwork Monitor 2026-06-16 6.5 MEDIUM N/A
The Cacti component in GroundWork Monitor Enterprise 6.7.0 does not properly perform authorization checks, which allows remote authenticated users to read or modify configuration settings via unspecified vectors, as demonstrated by reading credentials.
CVE-2013-3511 1 Gwos 1 Groundwork Monitor 2026-06-16 5.8 MEDIUM N/A
Open redirect vulnerability in the NeDi component in GroundWork Monitor Enterprise 6.7.0 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vectors.
CVE-2013-3470 1 Cisco 1 Ios Xr 2026-06-16 5.0 MEDIUM N/A
The RIP process in Cisco IOS XR allows remote attackers to cause a denial of service (process crash) via a crafted version-2 RIP packet, aka Bug ID CSCue46731.
CVE-2013-3468 1 Cisco 2 Unified Ip Phone 8945, Unified Ip Phone Firmware 2026-06-16 7.8 HIGH N/A
The Cisco Unified IP Phone 8945 with software 9.3(2) allows remote attackers to cause a denial of service (device hang) via a malformed PNG file, aka Bug ID CSCud04270.
CVE-2013-3446 1 Cisco 1 Digital Media Manager 2026-06-16 5.8 MEDIUM N/A
Open redirect vulnerability in the login page in Cisco Digital Media Manager (DMM) allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vectors, aka Bug ID CSCub23849.
CVE-2013-3443 1 Cisco 1 Wide Area Application Services 2026-06-16 10.0 HIGH N/A
The web service framework in Cisco WAAS Software 4.x and 5.x before 5.0.3e, 5.1.x before 5.1.1c, and 5.2.x before 5.2.1 in a Central Manager (CM) configuration allows remote attackers to execute arbitrary code via a crafted POST request, aka Bug ID CSCuh26626.
CVE-2013-3406 1 Cisco 1 Service Portal 2026-06-16 6.8 MEDIUM N/A
The "Files Available for Download" implementation in the Cisco Intelligent Automation for Cloud component in Cisco Services Portal 9.4(1) allows remote authenticated users to read arbitrary files via a crafted request, aka Bug ID CSCug65687.
CVE-2013-3400 1 Cisco 2 Nexus 1000v, Nx-os 2026-06-16 6.8 MEDIUM N/A
The license-installation module in Cisco NX-OS on Nexus 1000V devices allows local users to execute arbitrary commands via crafted "install license" arguments, aka Bug ID CSCuh30824.
CVE-2013-3393 1 Cisco 2 Jabber, Virtualization Experience Media Engine 2026-06-16 5.0 MEDIUM N/A
The Precision Video Engine component in Cisco Jabber for Windows and Cisco Virtualization Experience Media Engine allows remote attackers to cause a denial of service (process crash and call disconnection) via crafted RTP packets, aka Bug IDs CSCuh60706 and CSCue21117.
CVE-2013-3382 1 Cisco 1 Adaptive Security Appliance 2026-06-16 7.8 HIGH N/A
The Next-Generation Firewall (aka NGFW, formerly CX Context-Aware Security) module 9.x before 9.1.1.9 and 9.1.2.x before 9.1.2.12 for Cisco Adaptive Security Appliances (ASA) devices allows remote attackers to cause a denial of service (device reload or traffic-processing outage) via fragmented (1) IPv4 or (2) IPv6 traffic, aka Bug ID CSCue88387.
CVE-2013-3378 1 Cisco 2 Telepresence Tc Software, Telepresence Te Software 2026-06-16 7.8 HIGH N/A
Cisco TelePresence TC Software before 6.1 and TE Software before 4.1.3 allow remote attackers to cause a denial of service (temporary device hang) via crafted SIP packets, aka Bug ID CSCuf89557.