Total
1690 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2013-7381 | 1 Libnotify Project | 1 Libnotify | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| libnotify before 1.0.4 for Node.js allows remote attackers to execute arbitrary commands via unspecified characters in a call to libnotify.notify. | |||||
| CVE-2013-7380 | 1 Ep Imageconvert Project | 1 Ep Imageconvert | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| The Etherpad Lite ep_imageconvert Plugin has a Remote Command Injection Vulnerability | |||||
| CVE-2013-7378 | 1 Hubot Scripts Project | 1 Hubot Scripts | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| scripts/email.coffee in the Hubot Scripts module before 2.4.4 for Node.js allows remote attackers to execute arbitrary commands. | |||||
| CVE-2013-7324 | 1 Webkitgtk | 1 Webkitgtk | 2024-11-21 | 5.0 MEDIUM | 5.3 MEDIUM |
| Webkit-GTK 2.x (any version with HTML5 audio/video support based on GStreamer) allows remote attackers to trigger unexpectedly high sound volume via malicious javascript. NOTE: this WebKit-GTK behavior complies with existing W3C standards and existing practices for GNOME desktop integration. | |||||
| CVE-2013-7070 | 1 Fibranet | 1 Monitorix | 2024-11-21 | 10.0 HIGH | 9.8 CRITICAL |
| The handle_request function in lib/HTTPServer.pm in Monitorix before 3.3.1 allows remote attackers to execute arbitrary commands via shell metacharacters in the URI. | |||||
| CVE-2013-4486 | 2 Linux, Redhat | 2 Linux Kernel, Zanata | 2024-11-21 | 6.8 MEDIUM | 9.8 CRITICAL |
| Zanata 3.0.0 through 3.1.2 has RCE due to EL interpolation in logging | |||||
| CVE-2013-4318 | 1 Feature Project | 1 Feature | 2024-11-21 | 3.5 LOW | 5.4 MEDIUM |
| File injection vulnerability in Ruby gem Features 0.3.0 allows remote attackers to inject malicious html in the /tmp directory. | |||||
| CVE-2013-4144 | 1 Swfupload Project | 1 Swfupload | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| There is an object injection vulnerability in swfupload plugin for wordpress. | |||||
| CVE-2013-3628 | 1 Zabbix | 1 Zabbix | 2024-11-21 | 6.5 MEDIUM | 8.8 HIGH |
| Zabbix 2.0.9 has an Arbitrary Command Execution Vulnerability | |||||
| CVE-2013-3214 | 1 Vtiger | 1 Vtiger Crm | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| vtiger CRM 5.4.0 and earlier contain a PHP Code Injection Vulnerability in 'vtigerolservice.php'. | |||||
| CVE-2013-3212 | 1 Vtiger | 1 Vtiger Crm | 2024-11-21 | 6.8 MEDIUM | 8.1 HIGH |
| vtiger CRM 5.4.0 and earlier contain local file-include vulnerabilities in 'customerportal.php' which allows remote attackers to view files and execute local script code. | |||||
| CVE-2013-2678 | 1 Cisco | 2 Linksys E4200, Linksys E4200 Firmware | 2024-11-21 | 6.8 MEDIUM | 8.1 HIGH |
| Cisco Linksys E4200 1.0.05 Build 7 routers contain a Local File Include Vulnerability which could allow remote attackers to obtain sensitive information or execute arbitrary code by sending a crafted URL request to the apply.cgi script using the submit_type parameter. | |||||
| CVE-2013-2095 | 1 Openshift-origin-controller Project | 1 Openshift-origin-controller | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| rubygem-openshift-origin-controller: API can be used to create applications via cartridge_cache.rb URI.prase() to perform command injection | |||||
| CVE-2013-2010 | 2 Automattic, Boldgrid | 2 Wp Super Cache, W3 Total Cache | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| WordPress W3 Total Cache Plugin 0.9.2.8 has a Remote PHP Code Execution Vulnerability | |||||
| CVE-2013-1437 | 2 Fedoraproject, Module-metadata Project | 2 Fedora, Module-metadata | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| Eval injection vulnerability in the Module-Metadata module before 1.000015 for Perl allows remote attackers to execute arbitrary Perl code via the $Version value. | |||||
| CVE-2012-2931 | 1 Tinywebgallery | 1 Tinywebgallery | 2024-11-21 | 6.5 MEDIUM | 7.2 HIGH |
| PHP code injection in TinyWebGallery before 1.8.8 allows remote authenticated users with admin privileges to inject arbitrary code into the .htusers.php file. | |||||
| CVE-2012-1496 | 1 Webcalendar Project | 1 Webcalendar | 2024-11-21 | 6.5 MEDIUM | 8.8 HIGH |
| Local file inclusion in WebCalendar before 1.2.5. | |||||
| CVE-2012-1495 | 1 Webcalendar Project | 1 Webcalendar | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| install/index.php in WebCalendar before 1.2.5 allows remote attackers to execute arbitrary code via the form_single_user_login parameter. | |||||
| CVE-2012-0070 | 1 Spamdyke | 1 Spamdyke | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| spamdyke prior to 4.2.1: STARTTLS reveals plaintext | |||||
| CVE-2011-4558 | 1 Tiki | 1 Tiki | 2024-11-21 | 6.0 MEDIUM | 7.2 HIGH |
| Tiki 8.2 and earlier allows remote administrators to execute arbitrary PHP code via crafted input to the regexres and regex parameters. | |||||