Vulnerabilities (CVE)

Filtered by CWE-20
Total 11567 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2013-2822 1 Novatech 6 Orion5 Dnp Master, Orion5 Dnp Slave, Orion5r Dnp Master and 3 more 2026-06-16 4.7 MEDIUM N/A
NovaTech Orion Substation Automation Platform OrionLX DNP Master 1.27.38 and DNP Slave 1.23.10 and earlier and Orion5/Orion5r DNP Master 1.27.38 and DNP Slave 1.23.10 and earlier allow physically proximate attackers to cause a denial of service (driver crash and process restart) via crafted input over a serial line.
CVE-2013-2821 1 Novatech 6 Orion5 Dnp Master, Orion5 Dnp Slave, Orion5r Dnp Master and 3 more 2026-06-16 7.1 HIGH N/A
NovaTech Orion Substation Automation Platform OrionLX DNP Master 1.27.38 and DNP Slave 1.23.10 and earlier and Orion5/Orion5r DNP Master 1.27.38 and DNP Slave 1.23.10 and earlier allow remote attackers to cause a denial of service (driver crash and process restart) via a crafted DNP3 TCP packet.
CVE-2013-2818 1 Alstom 1 E-terracontrol 2026-06-16 4.7 MEDIUM N/A
The DNP Master Driver in Alstom e-terracontrol 3.5, 3.6, and 3.7 allows physically proximate attackers to cause a denial of service (infinite loop and DNP3 service disruption) via crafted input over a serial line.
CVE-2013-2816 1 Cooperindustries 3 Smp 16 Gateway \(data Concentrator\), Smp 4\/dp Gateway \(data Concentrator\), Smp 4 Gateway \(data Concentrator\) 2026-06-16 4.7 MEDIUM N/A
The DNP3 component in Cooper Power Systems SMP 4, 4/DP, and 16 gateways allows physically proximate attackers to cause a denial of service (reboot or link outage) via crafted input over a serial line.
CVE-2013-2814 1 Cooperindustries 1 Dnp3 Master Opc Server 2026-06-16 7.1 HIGH N/A
Cooper Power Systems Cybectec DNP3 Master OPC Server allows remote attackers to cause a denial of service (unhandled exception and process crash) via unspecified vectors.
CVE-2013-2813 1 Cooperindustries 3 Smp 16 Gateway \(data Concentrator\), Smp 4\/dp Gateway \(data Concentrator\), Smp 4 Gateway \(data Concentrator\) 2026-06-16 7.1 HIGH N/A
The DNP3 component in Cooper Power Systems SMP 4, 4/DP, and 16 gateways allows remote attackers to cause a denial of service (reboot or link outage) via a crafted DNP3 TCP packet.
CVE-2013-2811 2 Catapultsoftware, Ge 4 Catapult Dnp3 I\/o Driver, Intelligent Platforms Proficy Dnp3 I\/o Driver, Intelligent Platforms Proficy Hmi\/scada Cimplicity and 1 more 2026-06-16 7.1 HIGH N/A
The (1) Catapult DNP3 I/O driver before 7.2.0.60 and the (2) GE Intelligent Platforms Proficy DNP3 I/O driver before 7.20k, as used in DNPDrv.exe (aka the DNP master station server) in GE Intelligent Platforms Proficy HMI/SCADA - CIMPLICITY and iFIX, allow remote attackers to cause a denial of service (infinite loop) via a crafted DNP3 TCP packet.
CVE-2013-2809 1 Osisoft 1 Pi Interface 2026-06-16 7.1 HIGH N/A
The DNP Master Driver in the OSIsoft PI Interface before 3.1.2.54 for DNP3 allows remote attackers to cause a denial of service (interface shutdown) via a crafted TCP packet.
CVE-2013-2804 1 Softwaretoolbox 1 Top Server 2026-06-16 7.1 HIGH N/A
The DNP Master Driver in Software Toolbox TOP Server before 5.12.140.0 allows remote attackers to cause a denial of service (master-station infinite loop) via crafted DNP3 packets to TCP port 20000 and allows physically proximate attackers to cause a denial of service (master-station infinite loop) via crafted input over a serial line.
CVE-2013-2798 1 Selinc 4 Sel-2241, Sel-3505, Sel-3530 and 1 more 2026-06-16 4.7 MEDIUM N/A
Schweitzer Engineering Laboratories (SEL) SEL-2241, SEL-3505, and SEL-3530 RTAC master devices allow physically proximate attackers to cause a denial of service (infinite loop) via crafted input over a serial line.
CVE-2013-2792 1 Selinc 4 Sel-2241, Sel-3505, Sel-3530 and 1 more 2026-06-16 7.1 HIGH N/A
Schweitzer Engineering Laboratories (SEL) SEL-2241, SEL-3505, and SEL-3530 RTAC master devices allow remote attackers to cause a denial of service (infinite loop) via a crafted DNP3 TCP packet.
CVE-2013-2790 1 Ioserver 1 Ioserver 2026-06-16 7.8 HIGH N/A
The master-station DNP3 driver before driver19.exe, and Beta2041.exe, in IOServer allows remote attackers to cause a denial of service (infinite loop) via crafted DNP3 packets to TCP port 20000.
CVE-2013-2788 1 Subnet 1 Substation Server 2026-06-16 4.3 MEDIUM N/A
The DNP3 Slave service in SUBNET Solutions SubSTATION Server 2.7.0033 and 2.8.0106 allows remote attackers to cause a denial of service (unhandled exception and process crash) via unspecified vectors.
CVE-2013-2787 1 Alstom 1 E-terracontrol 2026-06-16 7.8 HIGH N/A
Alstom e-terracontrol 3.5, 3.6, and 3.7 allows remote attackers to cause a denial of service (infinite loop) via crafted DNP3 packets.
CVE-2013-2783 1 Ioserver 1 Ioserver 2026-06-16 7.1 HIGH N/A
The DNP3 driver in IOServer drivers 1.0.19.0 allows remote attackers to cause a denial of service (infinite loop) or obtain unspecified control via crafted data to TCP port 20000.
CVE-2013-2779 1 Cisco 9 Asr 1001, Asr 1002, Asr 1002-x and 6 more 2026-06-16 7.8 HIGH N/A
Cisco IOS XE 3.4 before 3.4.5S, and 3.5 through 3.7 before 3.7.1S, on 1000 series Aggregation Services Routers (ASR) does not properly implement the Cisco Multicast Leaf Recycle Elimination (MLRE) feature, which allows remote attackers to cause a denial of service (card reload) via fragmented IPv6 MVPN (aka MVPNv6) packets, aka Bug ID CSCub34945, a different vulnerability than CVE-2013-1164.
CVE-2013-2770 1 Novell 2 Kanaka, Open Enterprise Server 2026-06-16 5.8 MEDIUM N/A
The installation functionality in the Novell Kanaka component before 2.8 for Novell Open Enterprise Server (OES) on Mac OS X does not verify the server's X.509 certificate during an SSL session, which allows man-in-the-middle attackers to spoof servers via an arbitrary certificate.
CVE-2013-2694 1 Wpsymposiumpro 1 Wp Symposium 2026-06-16 5.8 MEDIUM N/A
Open redirect vulnerability in invite.php in the WP Symposium plugin 13.04 for WordPress allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the u parameter.
CVE-2013-2653 1 Silverstripe 1 Silverstripe 2026-06-16 5.8 MEDIUM N/A
security/MemberLoginForm.php in SilverStripe 3.0.3 supports login using a GET request, which makes it easier for remote attackers to conduct phishing attacks without detection by the victim.
CVE-2013-2633 1 Matomo 1 Matomo 2026-06-16 5.0 MEDIUM N/A
Piwik before 1.11 accepts input from a POST request instead of a GET request in unspecified circumstances, which might allow attackers to obtain sensitive information by leveraging the logging of parameters.