Total
35865 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2013-0277 | 1 Rubyonrails | 2 Rails, Ruby On Rails | 2026-06-16 | 10.0 HIGH | N/A |
| ActiveRecord in Ruby on Rails before 2.3.17 and 3.x before 3.1.0 allows remote attackers to cause a denial of service or execute arbitrary code via crafted serialized attributes that cause the +serialize+ helper to deserialize arbitrary YAML. | |||||
| CVE-2013-0274 | 1 Pidgin | 1 Pidgin | 2026-06-16 | 2.9 LOW | N/A |
| upnp.c in libpurple in Pidgin before 2.10.7 does not properly terminate long strings in UPnP responses, which allows remote attackers to cause a denial of service (application crash) by leveraging access to the local network. | |||||
| CVE-2013-0273 | 1 Pidgin | 1 Pidgin | 2026-06-16 | 5.0 MEDIUM | N/A |
| sametime.c in the Sametime protocol plugin in libpurple in Pidgin before 2.10.7 does not properly terminate long user IDs, which allows remote servers to cause a denial of service (application crash) via a crafted packet. | |||||
| CVE-2013-0271 | 1 Pidgin | 1 Pidgin | 2026-06-16 | 5.0 MEDIUM | N/A |
| The MXit protocol plugin in libpurple in Pidgin before 2.10.7 might allow remote attackers to create or overwrite files via a crafted (1) mxit or (2) mxit/imagestrips pathname. | |||||
| CVE-2013-0263 | 1 Rack Project | 1 Rack | 2026-06-16 | 5.1 MEDIUM | N/A |
| Rack::Session::Cookie in Rack 1.5.x before 1.5.2, 1.4.x before 1.4.5, 1.3.x before 1.3.10, 1.2.x before 1.2.8, and 1.1.x before 1.1.6 allows remote attackers to guess the session cookie, gain privileges, and execute arbitrary code via a timing attack involving an HMAC comparison function that does not run in constant time. | |||||
| CVE-2013-0260 | 2 Drupal, Elliot Pahl | 2 Drupal, Drush Debian Packaging | 2026-06-16 | 2.1 LOW | N/A |
| Unspecified vulnerability in the Drush Debian Packaging module for Drupal allows local users to obtain database credentials via unknown vectors. | |||||
| CVE-2013-0232 | 1 Zoneminder | 1 Zoneminder | 2026-06-16 | 7.5 HIGH | N/A |
| includes/functions.php in ZoneMinder Video Server 1.24.0, 1.25.0, and earlier allows remote attackers to execute arbitrary commands via shell metacharacters in the (1) runState parameter in the packageControl function; or (2) key or (3) command parameter in the setDeviceStatusX10 function. | |||||
| CVE-2013-0229 | 1 Miniupnp Project | 1 Miniupnpd | 2026-06-16 | 7.8 HIGH | N/A |
| The ProcessSSDPRequest function in minissdp.c in the SSDP handler in MiniUPnP MiniUPnPd before 1.4 allows remote attackers to cause a denial of service (service crash) via a crafted request that triggers a buffer over-read. | |||||
| CVE-2013-0184 | 1 Rack Project | 1 Rack | 2026-06-16 | 4.3 MEDIUM | N/A |
| Unspecified vulnerability in Rack::Auth::AbstractRequest in Rack 1.1.x before 1.1.5, 1.2.x before 1.2.7, 1.3.x before 1.3.9, and 1.4.x before 1.4.4 allows remote attackers to cause a denial of service via unknown vectors related to "symbolized arbitrary strings." | |||||
| CVE-2013-0158 | 2 Cloudbees, Jenkins | 2 Jenkins, Jenkins | 2026-06-16 | 2.6 LOW | N/A |
| Unspecified vulnerability in Jenkins before 1.498, Jenkins LTS before 1.480.2, and Jenkins Enterprise 1.447.x before 1.447.6.1 and 1.466.x before 1.466.12.1, when a slave is attached and anonymous read access is enabled, allows remote attackers to obtain the master cryptographic key via unknown vectors. | |||||
| CVE-2013-0154 | 1 Xen | 1 Xen | 2026-06-16 | 1.9 LOW | N/A |
| The get_page_type function in xen/arch/x86/mm.c in Xen 4.2, when debugging is enabled, allows local PV or HVM guest administrators to cause a denial of service (assertion failure and hypervisor crash) via unspecified vectors related to a hypercall. | |||||
| CVE-2013-0153 | 1 Xen | 1 Xen | 2026-06-16 | 4.7 MEDIUM | N/A |
| The AMD IOMMU support in Xen 4.2.x, 4.1.x, 3.3, and other versions, when using AMD-Vi for PCI passthrough, uses the same interrupt remapping table for the host and all guests, which allows guests to cause a denial of service by injecting an interrupt into other guests. | |||||
| CVE-2013-0149 | 1 Cisco | 7 Asa 5500, Fwsm, Ios and 4 more | 2026-06-16 | 5.8 MEDIUM | N/A |
| The OSPF implementation in Cisco IOS 12.0 through 12.4 and 15.0 through 15.3, IOS-XE 2.x through 3.9.xS, ASA and PIX 7.x through 9.1, FWSM, NX-OS, and StarOS before 14.0.50488 does not properly validate Link State Advertisement (LSA) type 1 packets before performing operations on the LSA database, which allows remote attackers to cause a denial of service (routing disruption) or obtain sensitive packet information via a (1) unicast or (2) multicast packet, aka Bug IDs CSCug34485, CSCug34469, CSCug39762, CSCug63304, and CSCug39795. | |||||
| CVE-2013-0139 | 1 Arecont | 1 Vision Av1355dn Megadome Camera | 2026-06-16 | 7.8 HIGH | N/A |
| The Arecont Vision AV1355DN MegaDome camera allows remote attackers to cause a denial of service (video-capture outage) via a packet to UDP port 69. | |||||
| CVE-2013-0079 | 1 Microsoft | 3 Office Filter Pack, Visio, Visio Viewer | 2026-06-16 | 9.3 HIGH | N/A |
| Microsoft Visio Viewer 2010 SP1 allows remote attackers to execute arbitrary code via a crafted Visio file that triggers incorrect memory allocation, aka "Visio Viewer Tree Object Type Confusion Vulnerability." | |||||
| CVE-2013-0074 | 1 Microsoft | 1 Silverlight | 2026-06-16 | 9.3 HIGH | 7.8 HIGH |
| Microsoft Silverlight 5, and 5 Developer Runtime, before 5.1.20125.0 does not properly validate pointers during HTML object rendering, which allows remote attackers to execute arbitrary code via a crafted Silverlight application, aka "Silverlight Double Dereference Vulnerability." | |||||
| CVE-2012-6653 | 1 All Video Gallery Plugin Project | 1 All Video Gallery Plugin | 2026-06-16 | 7.5 HIGH | N/A |
| Unspecified vulnerability in the All Video Gallery (all-video-gallery) plugin before 1.2.0 for WordPress has unspecified impact and attack vectors. | |||||
| CVE-2012-6646 | 1 F-secure | 3 Anti-virus, Psb Workstation Security, Safe Anywhere | 2026-06-16 | 2.1 LOW | N/A |
| F-Secure Anti-Virus, Safe Anywhere, and PSB Workstation Security before 11500 for Mac OS X allows local users to disable the Mac OS X firewall via unspecified vectors. | |||||
| CVE-2012-6613 | 1 Dlink | 2 Dsr-250n, Dsr-250n Firmware | 2026-06-16 | 9.0 HIGH | 7.2 HIGH |
| D-Link DSR-250N devices with firmware 1.05B73_WW allow Persistent Root Access because of the admin password for the admin account. | |||||
| CVE-2012-6612 | 1 Apache | 1 Solr | 2026-06-16 | 7.5 HIGH | N/A |
| The (1) UpdateRequestHandler for XSLT or (2) XPathEntityProcessor in Apache Solr before 4.1 allows remote attackers to have an unspecified impact via XML data containing an external entity declaration in conjunction with an entity reference, related to an XML External Entity (XXE) issue, different vectors than CVE-2013-6407. | |||||
