Total
11538 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2013-0252 | 1 Boost | 1 Boost | 2026-06-16 | 5.0 MEDIUM | N/A |
| boost::locale::utf::utf_traits in the Boost.Locale library in Boost 1.48 through 1.52 does not properly detect certain invalid UTF-8 sequences, which might allow remote attackers to bypass input validation protection mechanisms via crafted trailing bytes. | |||||
| CVE-2013-0243 | 1 Haskell | 1 Hs-tls | 2026-06-16 | 5.8 MEDIUM | 7.4 HIGH |
| haskell-tls-extra before 0.6.1 has Basic Constraints attribute vulnerability may lead to Man in the Middle attacks on TLS connections | |||||
| CVE-2013-0238 | 1 Ircd-hybrid | 1 Ircd-hybrid | 2026-06-16 | 5.0 MEDIUM | N/A |
| The try_parse_v4_netmask function in hostmask.c in IRCD-Hybrid before 8.0.6 does not properly validate masks, which allows remote attackers to cause a denial of service (crash) via a mask that causes a negative number to be parsed. | |||||
| CVE-2013-0221 | 2 Opensuse, Redhat | 2 Opensuse, Enterprise Linux | 2026-06-16 | 4.3 MEDIUM | N/A |
| The SUSE coreutils-i18n.patch for GNU coreutils allows context-dependent attackers to cause a denial of service (segmentation fault and crash) via a long string to the sort command, when using the (1) -d or (2) -M switch, which triggers a stack-based buffer overflow in the alloca function. | |||||
| CVE-2013-0216 | 1 Linux | 1 Linux Kernel | 2026-06-16 | 5.2 MEDIUM | N/A |
| The Xen netback functionality in the Linux kernel before 3.7.8 allows guest OS users to cause a denial of service (loop) by triggering ring pointer corruption. | |||||
| CVE-2013-0213 | 1 Samba | 1 Samba | 2026-06-16 | 5.1 MEDIUM | N/A |
| The Samba Web Administration Tool (SWAT) in Samba 3.x before 3.5.21, 3.6.x before 3.6.12, and 4.x before 4.0.2 allows remote attackers to conduct clickjacking attacks via a (1) FRAME or (2) IFRAME element. | |||||
| CVE-2013-0198 | 1 Thekelleys | 1 Dnsmasq | 2026-06-16 | 5.0 MEDIUM | N/A |
| Dnsmasq before 2.66test2, when used with certain libvirt configurations, replies to queries from prohibited interfaces, which allows remote attackers to cause a denial of service (traffic amplification) via spoofed TCP based DNS queries. NOTE: this vulnerability exists because of an incomplete fix for CVE-2012-3411. | |||||
| CVE-2013-0190 | 1 Linux | 1 Linux Kernel | 2026-06-16 | 4.9 MEDIUM | N/A |
| The xen_failsafe_callback function in Xen for the Linux kernel 2.6.23 and other versions, when running a 32-bit PVOPS guest, allows local users to cause a denial of service (guest crash) by triggering an iret fault, leading to use of an incorrect stack pointer and stack corruption. | |||||
| CVE-2013-0180 | 1 Redislabs | 1 Redis | 2026-06-16 | 3.6 LOW | 5.5 MEDIUM |
| Insecure temporary file vulnerability in Redis 2.6 related to /tmp/redis.ds. | |||||
| CVE-2013-0178 | 1 Redislabs | 1 Redis | 2026-06-16 | 3.6 LOW | 5.5 MEDIUM |
| Insecure temporary file vulnerability in Redis before 2.6 related to /tmp/redis-%p.vm. | |||||
| CVE-2013-0175 | 3 Erik Michaels-ober, Grape Project, Ruby-lang | 3 Multi Xml, Grape, Ruby | 2026-06-16 | 7.5 HIGH | N/A |
| multi_xml gem 0.5.2 for Ruby, as used in Grape before 0.2.6 and possibly other products, does not properly restrict casts of string values, which allows remote attackers to conduct object-injection attacks and execute arbitrary code, or cause a denial of service (memory and CPU consumption) involving nested XML entity references, by leveraging support for (1) YAML type conversion or (2) Symbol type conversion, a similar vulnerability to CVE-2013-0156. | |||||
| CVE-2013-0165 | 1 Redhat | 1 Openshift | 2026-06-16 | 7.5 HIGH | 7.3 HIGH |
| cartridges/openshift-origin-cartridge-mongodb-2.2/info/bin/dump.sh in OpenShift does not properly create files in /tmp. | |||||
| CVE-2013-0156 | 2 Debian, Rubyonrails | 3 Debian Linux, Rails, Ruby On Rails | 2026-06-16 | 7.5 HIGH | N/A |
| active_support/core_ext/hash/conversions.rb in Ruby on Rails before 2.3.15, 3.0.x before 3.0.19, 3.1.x before 3.1.10, and 3.2.x before 3.2.11 does not properly restrict casts of string values, which allows remote attackers to conduct object-injection attacks and execute arbitrary code, or cause a denial of service (memory and CPU consumption) involving nested XML entity references, by leveraging Action Pack support for (1) YAML type conversion or (2) Symbol type conversion. | |||||
| CVE-2013-0122 | 1 Avast | 1 Avast\! Mobile Security | 2026-06-16 | 1.9 LOW | N/A |
| The avast! Mobile Security application before 2.0.4400 for Android allows attackers to cause a denial of service (application crash) via a crafted application that sends an intent to com.avast.android.mobilesecurity.app.scanner.DeleteFileActivity with zero arguments. | |||||
| CVE-2013-0120 | 1 Dell | 1 Powerconnect 6248p | 2026-06-16 | 7.8 HIGH | N/A |
| The web interface on Dell PowerConnect 6248P switches allows remote attackers to cause a denial of service (device crash) via a malformed request. | |||||
| CVE-2013-0081 | 1 Microsoft | 4 Sharepoint Foundation, Sharepoint Portal Server, Sharepoint Server and 1 more | 2026-06-16 | 5.0 MEDIUM | N/A |
| Microsoft SharePoint Portal Server 2003 SP3 and SharePoint Server 2007 SP3, 2010 SP1 and SP2, and 2013 do not properly process unassigned workflows, which allows remote attackers to cause a denial of service (W3WP process hang) via a crafted URL, aka "SharePoint Denial of Service Vulnerability." | |||||
| CVE-2013-0078 | 1 Microsoft | 3 Windows 8, Windows Defender, Windows Rt | 2026-06-16 | 7.2 HIGH | N/A |
| The Microsoft Antimalware Client in Windows Defender on Windows 8 and Windows RT uses an incorrect pathname for MsMpEng.exe, which allows local users to gain privileges via a crafted application, aka "Microsoft Antimalware Improper Pathname Vulnerability." | |||||
| CVE-2013-0005 | 1 Microsoft | 9 .net Framework, Management Odata Iis Extension, Windows 7 and 6 more | 2026-06-16 | 7.8 HIGH | N/A |
| The WCF Replace function in the Open Data (aka OData) protocol implementation in Microsoft .NET Framework 3.5, 3.5 SP1, 3.5.1, and 4, and the Management OData IIS Extension on Windows Server 2012, allows remote attackers to cause a denial of service (resource consumption and daemon restart) via crafted values in HTTP requests, aka "Replace Denial of Service Vulnerability." | |||||
| CVE-2013-0004 | 1 Microsoft | 9 .net Framework, Windows 7, Windows 8 and 6 more | 2026-06-16 | 9.3 HIGH | N/A |
| Microsoft .NET Framework 1.0 SP3, 1.1 SP1, 2.0 SP2, 3.0 SP2, 3.5, 3.5.1, 4, and 4.5 does not properly validate the permissions of objects in memory, which allows remote attackers to execute arbitrary code via (1) a crafted XAML browser application (XBAP) or (2) a crafted .NET Framework application, aka "Double Construction Vulnerability." | |||||
| CVE-2012-6696 | 1 Inspircd | 1 Inspircd | 2026-06-16 | 7.5 HIGH | 9.8 CRITICAL |
| inspircd in Debian before 2.0.7 does not properly handle unsigned integers. NOTE: This vulnerability exists because of an incomplete fix to CVE-2012-1836. | |||||
