Vulnerabilities (CVE)

Filtered by NVD-CWE-noinfo
Total 35900 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2013-2872 2 Apple, Google 2 Mac Os X, Chrome 2026-06-16 5.0 MEDIUM N/A
Google Chrome before 28.0.1500.71 on Mac OS X does not ensure a sufficient source of entropy for renderer processes, which might make it easier for remote attackers to defeat cryptographic protection mechanisms in third-party components via unspecified vectors.
CVE-2013-2868 2 Debian, Google 2 Debian Linux, Chrome 2026-06-16 5.0 MEDIUM N/A
common/extensions/sync_helper.cc in Google Chrome before 28.0.1500.71 proceeds with sync operations for NPAPI extensions without checking for a certain plugin permission setting, which might allow remote attackers to trigger unwanted extension changes via unspecified vectors.
CVE-2013-2867 2 Debian, Google 2 Debian Linux, Chrome 2026-06-16 7.5 HIGH N/A
Google Chrome before 28.0.1500.71 does not properly prevent pop-under windows, which allows remote attackers to have an unspecified impact via a crafted web site.
CVE-2013-2865 2 Debian, Google 2 Debian Linux, Chrome 2026-06-16 7.5 HIGH N/A
Multiple unspecified vulnerabilities in Google Chrome before 27.0.1453.110 allow attackers to cause a denial of service or possibly have other impact via unknown vectors.
CVE-2013-2859 2 Debian, Google 2 Debian Linux, Chrome 2026-06-16 7.5 HIGH N/A
Google Chrome before 27.0.1453.110 allows remote attackers to bypass the Same Origin Policy and trigger namespace pollution via unspecified vectors.
CVE-2013-2854 2 Google, Microsoft 2 Chrome, Windows 2026-06-16 7.5 HIGH N/A
Google Chrome before 27.0.1453.110 on Windows provides an incorrect handle to a renderer process in unspecified circumstances, which allows remote attackers to cause a denial of service or possibly have other impact via unknown vectors.
CVE-2013-2853 1 Google 1 Chrome 2026-06-16 6.8 MEDIUM N/A
The HTTPS implementation in Google Chrome before 28.0.1500.71 does not ensure that headers are terminated by \r\n\r\n (carriage return, newline, carriage return, newline), which allows man-in-the-middle attackers to have an unspecified impact via vectors that trigger header truncation.
CVE-2013-2836 1 Google 1 Chrome 2026-06-16 7.5 HIGH N/A
Multiple unspecified vulnerabilities in Google Chrome before 27.0.1453.93 allow attackers to cause a denial of service or possibly have other impact via unknown vectors.
CVE-2013-2780 1 Siemens 18 Simatic S7-1200, Simatic S7-1200 Cpu 1211c, Simatic S7-1200 Cpu 1211c Firmware and 15 more 2026-06-16 7.8 HIGH N/A
Siemens SIMATIC S7-1200 PLCs 2.x and 3.x allow remote attackers to cause a denial of service (defect-mode transition and control outage) via crafted packets to UDP port 161 (aka the SNMP port).
CVE-2013-2767 1 Citrix 2 Netscaler Access Gateway, Netscaler Access Gateway Firmware 2026-06-16 5.4 MEDIUM N/A
Unspecified vulnerability in Citrix NetScaler Access Gateway Enterprise Edition (AGEE) before 9.3.62.4 and 10.x through 10.0.74.4, and NetScaler AGEE Common Criteria build before 9.3.53.6, allows remote attackers to bypass intended intranet access restrictions via unknown vectors.
CVE-2013-2720 1 Adobe 2 Acrobat, Acrobat Reader 2026-06-16 10.0 HIGH N/A
Adobe Reader and Acrobat 9.x before 9.5.5, 10.x before 10.1.7, and 11.x before 11.0.03 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2013-2718, CVE-2013-2719, CVE-2013-2721, CVE-2013-2722, CVE-2013-2723, CVE-2013-2725, CVE-2013-2726, CVE-2013-2731, CVE-2013-2732, CVE-2013-2734, CVE-2013-2735, CVE-2013-2736, CVE-2013-3337, CVE-2013-3338, CVE-2013-3339, CVE-2013-3340, and CVE-2013-3341.
CVE-2013-2717 1 Emc 1 Smarts Network Configuration Manager 2026-06-16 9.3 HIGH N/A
Multiple unspecified vulnerabilities in the System Management (aka SysAdmin) Console in EMC Smarts Network Configuration Manager (NCM) through 9.2 have unknown impact and attack vectors, a different issue than CVE-2013-0935. NOTE: this might overlap CVEs for open-source server components or other third-party components.
CVE-2013-2646 1 Tp-link 2 Tl-wr1043nd, Tl-wr1043nd Firmware 2026-06-16 5.0 MEDIUM 7.5 HIGH
TP-LINK TL-WR1043ND V1_120405 devices contain an unspecified denial of service vulnerability.
CVE-2013-2558 1 Microsoft 1 Windows 8 2026-06-16 10.0 HIGH N/A
Unspecified vulnerability in Microsoft Windows 8 allows remote attackers to cause a denial of service (reboot) or possibly have unknown other impact via a crafted TrueType Font (TTF) file, as demonstrated by the 120612-69701-01.dmp error report.
CVE-2013-2556 1 Microsoft 3 Windows 7, Windows Server 2008, Windows Vista 2026-06-16 7.5 HIGH N/A
Unspecified vulnerability in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, and Windows 7 through SP1 allows attackers to bypass the ASLR protection mechanism via unknown vectors, as demonstrated against Adobe Flash Player by VUPEN during a Pwn2Own competition at CanSecWest 2013, aka "ASLR Security Feature Bypass Vulnerability."
CVE-2013-2554 1 Microsoft 1 Windows 7 2026-06-16 7.5 HIGH N/A
Unspecified vulnerability in Microsoft Windows 7 allows attackers to bypass the ASLR and DEP protection mechanisms via unknown vectors, as demonstrated against Firefox by VUPEN during a Pwn2Own competition at CanSecWest 2013, a different vulnerability than CVE-2013-0787.
CVE-2013-2553 1 Microsoft 1 Windows 7 2026-06-16 7.2 HIGH N/A
Unspecified vulnerability in the kernel in Microsoft Windows 7 allows local users to gain privileges via unknown vectors, as demonstrated by Nils and Jon of MWR Labs during a Pwn2Own competition at CanSecWest 2013, a different vulnerability than CVE-2013-0912.
CVE-2013-2552 1 Microsoft 2 Internet Explorer, Windows 8 2026-06-16 7.5 HIGH N/A
Unspecified vulnerability in Microsoft Internet Explorer 10 on Windows 8 allows remote attackers to bypass the sandbox protection mechanism by leveraging access to a Medium integrity process, as demonstrated by VUPEN during a Pwn2Own competition at CanSecWest 2013.
CVE-2013-2550 1 Adobe 1 Acrobat Reader 2026-06-16 7.5 HIGH N/A
Unspecified vulnerability in Adobe Reader 11.0.02 allows attackers to bypass the sandbox protection mechanism via unknown vectors, as demonstrated by George Hotz during a Pwn2Own competition at CanSecWest 2013.
CVE-2013-2485 3 Debian, Opensuse, Wireshark 3 Debian Linux, Opensuse, Wireshark 2026-06-16 6.1 MEDIUM N/A
The FCSP dissector in Wireshark 1.6.x before 1.6.14 and 1.8.x before 1.8.6 allows remote attackers to cause a denial of service (infinite loop) via a malformed packet.