Total
11549 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2013-0740 | 1 Dell | 1 Openmanage Server Administrator | 2026-06-16 | 5.8 MEDIUM | N/A |
| Open redirect vulnerability in Dell OpenManage Server Administrator (OMSA) before 7.3.0 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the file parameter to HelpViewer. | |||||
| CVE-2013-0716 | 1 Windriver | 1 Vxworks | 2026-06-16 | 5.0 MEDIUM | N/A |
| The web server in Wind River VxWorks 5.5 through 6.9 allows remote attackers to cause a denial of service (daemon crash) via a crafted URI. | |||||
| CVE-2013-0715 | 1 Windriver | 1 Vxworks | 2026-06-16 | 4.0 MEDIUM | N/A |
| The WebCLI component in Wind River VxWorks 5.5 through 6.9 allows remote authenticated users to cause a denial of service (CLI session crash) via a crafted command string. | |||||
| CVE-2013-0714 | 1 Windriver | 1 Vxworks | 2026-06-16 | 10.0 HIGH | N/A |
| IPSSH (aka the SSH server) in Wind River VxWorks 6.5 through 6.9 allows remote attackers to execute arbitrary code or cause a denial of service (daemon hang) via a crafted public-key authentication request. | |||||
| CVE-2013-0713 | 1 Windriver | 1 Vxworks | 2026-06-16 | 6.8 MEDIUM | N/A |
| IPSSH (aka the SSH server) in Wind River VxWorks 6.5 through 6.9 allows remote authenticated users to cause a denial of service (daemon outage) via a crafted pty request. | |||||
| CVE-2013-0712 | 1 Windriver | 1 Vxworks | 2026-06-16 | 6.8 MEDIUM | N/A |
| IPSSH (aka the SSH server) in Wind River VxWorks 6.5 through 6.9 allows remote authenticated users to cause a denial of service (daemon outage) via a crafted packet. | |||||
| CVE-2013-0711 | 1 Windriver | 1 Vxworks | 2026-06-16 | 7.8 HIGH | N/A |
| IPSSH (aka the SSH server) in Wind River VxWorks 6.5 through 6.9 allows remote attackers to cause a denial of service (daemon outage) via a crafted authentication request. | |||||
| CVE-2013-0699 | 1 Galilmc | 1 Rio-47100 Plc | 2026-06-16 | 7.1 HIGH | N/A |
| The Galil RIO-47100 Pocket PLC allows remote attackers to cause a denial of service via a session that includes "repeated requests." | |||||
| CVE-2013-0686 | 1 Invensys | 1 Wonderware Information Server | 2026-06-16 | 9.3 HIGH | N/A |
| Invensys Wonderware Information Server (WIS) 4.0 SP1SP1, 4.5- Portal, and 5.0- Portal allows remote attackers to read arbitrary files, send HTTP requests to intranet servers, or cause a denial of service (CPU and memory consumption) via an XML document containing an external entity declaration in conjunction with an entity reference, related to an XML External Entity (XXE) issue. | |||||
| CVE-2013-0681 | 2 Cogentdatahub, Microsoft | 5 Cascade Datahub, Cogent Datahub, Datahub Quicktrend and 2 more | 2026-06-16 | 5.0 MEDIUM | N/A |
| Cogent Real-Time Systems Cogent DataHub before 7.3.0, OPC DataHub before 6.4.22, Cascade DataHub before 6.4.22 on Windows, and DataHub QuickTrend before 7.3.0 allow remote attackers to cause a denial of service (NULL pointer dereference and application crash) via malformed data in a formatted text command. | |||||
| CVE-2013-0670 | 1 Siemens | 1 Wincc Tia Portal | 2026-06-16 | 4.3 MEDIUM | N/A |
| CRLF injection vulnerability in the HMI web application in Siemens WinCC (TIA Portal) 11 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via a crafted URL. | |||||
| CVE-2013-0669 | 1 Siemens | 1 Wincc Tia Portal | 2026-06-16 | 4.0 MEDIUM | N/A |
| The HMI web application in Siemens WinCC (TIA Portal) 11 allows remote authenticated users to cause a denial of service (daemon crash) via a crafted HTTP request. | |||||
| CVE-2013-0655 | 1 Schneider-electric | 1 Software Update Utility | 2026-06-16 | 9.3 HIGH | N/A |
| The client in Schneider Electric Software Update (SESU) Utility 1.0.x and 1.1.x does not ensure that updates have a valid origin, which allows man-in-the-middle attackers to spoof updates, and consequently execute arbitrary code, by modifying the data stream on TCP port 80. | |||||
| CVE-2013-0654 | 1 Ge | 3 Intelligent Platforms Proficy Hmi\/scada Cimplicity, Intelligent Platforms Proficy Process Systems, Intelligent Platforms Proficy Process Systems With Cimplicity | 2026-06-16 | 9.3 HIGH | N/A |
| CimWebServer in GE Intelligent Platforms Proficy HMI/SCADA - CIMPLICITY 4.01 through 8.0, and Proficy Process Systems with CIMPLICITY, allows remote attackers to execute arbitrary commands or cause a denial of service (daemon crash) via a crafted packet. | |||||
| CVE-2013-0551 | 1 Ibm | 2 Application Manager For Smart Business, Tivoli Monitoring | 2026-06-16 | 5.0 MEDIUM | N/A |
| The Basic Services component in IBM Tivoli Monitoring (ITM) 6.2.0 through FP3, 6.2.1 through FP4, 6.2.2 through FP9, and 6.2.3 before FP3, as used in IBM Application Manager for Smart Business (formerly Tivoli Foundations Application Manager) 1.2.1 before 1.2.1.0-TIV-IAMSB-FP0004 and other products, allows remote attackers to cause a denial of service (abend) via a crafted URL. | |||||
| CVE-2013-0526 | 1 Ibm | 3 Avocent 1754 Kvm, Global Console Manager 16 Firmware, Global Console Manager 32 Firmware | 2026-06-16 | 8.5 HIGH | N/A |
| ping.php in Global Console Manager 16 (GCM16) and Global Console Manager 32 (GCM32) before 1.20.0.22575 on the IBM Avocent 1754 KVM switch allows remote authenticated users to execute arbitrary commands via shell metacharacters in the (1) count or (2) size parameter. | |||||
| CVE-2013-0520 | 1 Ibm | 1 Sterling Secure Proxy | 2026-06-16 | 4.0 MEDIUM | N/A |
| IBM Sterling Secure Proxy 3.2.0 and 3.3.01 before 3.3.01.23 Interim Fix 1, 3.4.0 before 3.4.0.6 Interim Fix 1, and 3.4.1 before 3.4.1.7 allows remote authenticated users to obtain sensitive Java stack-trace information by providing invalid input data. | |||||
| CVE-2013-0518 | 1 Ibm | 1 Sterling Secure Proxy | 2026-06-16 | 4.3 MEDIUM | N/A |
| IBM Sterling Secure Proxy 3.2.0 and 3.3.01 before 3.3.01.23 Interim Fix 1, 3.4.0 before 3.4.0.6 Interim Fix 1, and 3.4.1 before 3.4.1.7 does not refuse to be rendered in different-origin frames, which makes it easier for remote attackers to conduct clickjacking attacks via a crafted web site. | |||||
| CVE-2013-0505 | 1 Ibm | 2 Sterling Multi-channel Fulfillment Solution, Sterling Selling And Fulfillment Foundation | 2026-06-16 | 5.5 MEDIUM | N/A |
| IBM Sterling Order Management 8.0 before HF127, 8.5 before HF89, 9.0 before HF69, 9.1.0 before FP41, and 9.2.0 before FP13 allows remote authenticated users to conduct XPath injection attacks, and read arbitrary XML files, via unspecified vectors. | |||||
| CVE-2013-0500 | 1 Ibm | 2 Storwize V7000 Unified, Storwize V7000 Unified Software | 2026-06-16 | 5.4 MEDIUM | N/A |
| IBM Storwize V7000 Unified 1.3.x and 1.4.x before 1.4.2.0 does not properly handle device files that are created with the NFS protocol but accessed with a non-NFS protocol, which allows remote authenticated users to obtain sensitive information, modify programs or files, or cause a denial of service (device crash) via a (1) CIFS, (2) HTTPS, (3) SCP, or (4) SFTP operation. | |||||
