Vulnerabilities (CVE)

  1. OpenCVE
  2. Vulnerabilities (CVE)
Total 346631 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2013-2198 1 Login Security Project 1 Login Security 2024-11-21 7.5 HIGH 9.8 CRITICAL
The Login Security module 6.x-1.x before 6.x-1.3 and 7.x-1.x before 7.x-1.3 for Drupal allows attackers to bypass intended restrictions via a crafted username.
CVE-2013-2183 1 Monkey-project 1 Monkey 2024-11-21 3.6 LOW 7.1 HIGH
Monkey HTTP Daemon has local security bypass
CVE-2013-2167 3 Debian, Openstack, Redhat 3 Debian Linux, Python-keystoneclient, Openstack 2024-11-21 7.5 HIGH 9.8 CRITICAL
python-keystoneclient version 0.2.3 to 0.2.5 has middleware memcache signing bypass
CVE-2013-2166 4 Debian, Fedoraproject, Openstack and 1 more 4 Debian Linux, Fedora, Python-keystoneclient and 1 more 2024-11-21 7.5 HIGH 9.8 CRITICAL
python-keystoneclient version 0.2.3 to 0.2.5 has middleware memcache encryption bypass
CVE-2013-2159 1 Monkey-project 1 Monkey 2024-11-21 7.5 HIGH 9.8 CRITICAL
Monkey HTTP Daemon: broken user name authentication
CVE-2013-2120 1 Kde 1 Paste Applet 2024-11-21 2.1 LOW 8.4 HIGH
The %{password(...)} macro in pastemacroexpander.cpp in the KDE Paste Applet before 4.10.5 in kdeplasma-addons does not properly generate passwords, which allows context-dependent attackers to bypass authentication via a brute-force attack.
CVE-2013-2109 1 Undolog 1 Wp Cleanfix 2024-11-21 6.8 MEDIUM 8.8 HIGH
WordPress plugin wp-cleanfix has Remote Code Execution
CVE-2013-2108 1 Undolog 1 Cleanfix 2024-11-21 4.3 MEDIUM 5.4 MEDIUM
WordPress WP Cleanfix Plugin 2.4.4 has CSRF
CVE-2013-2106 2 Debian, Stanford 2 Debian Linux, Webauth 2024-11-21 5.0 MEDIUM 7.5 HIGH
webauth before 4.6.1 has authentication credential disclosure
CVE-2013-2103 1 Redhat 1 Openshift 2024-11-21 5.5 MEDIUM 8.1 HIGH
OpenShift cartridge allows remote URL retrieval
CVE-2013-2101 2 Redhat, Theforeman 2 Satellite, Katello 2024-11-21 3.5 LOW 5.4 MEDIUM
Katello has multiple XSS issues in various entities
CVE-2013-2097 1 Zpanel Project 1 Zpanel 2024-11-21 9.3 HIGH 7.8 HIGH
ZPanel through 10.1.0 has Remote Command Execution
CVE-2013-2095 1 Openshift-origin-controller Project 1 Openshift-origin-controller 2024-11-21 7.5 HIGH 9.8 CRITICAL
rubygem-openshift-origin-controller: API can be used to create applications via cartridge_cache.rb URI.prase() to perform command injection
CVE-2013-2093 1 Dolibarr 1 Dolibarr Erp\/crm 2024-11-21 10.0 HIGH 9.8 CRITICAL
Dolibarr ERP/CRM 3.3.1 does not properly validate user input in viewimage.php and barcode.lib.php which allows remote attackers to execute arbitrary commands.
CVE-2013-2092 1 Dolibarr 1 Dolibarr Erp\/crm 2024-11-21 4.3 MEDIUM 6.1 MEDIUM
Cross-site Scripting (XSS) in Dolibarr ERP/CRM 3.3.1 allows remote attackers to inject arbitrary web script or HTML in functions.lib.php.
CVE-2013-2091 1 Dolibarr 1 Dolibarr Erp\/crm 2024-11-21 7.5 HIGH 9.8 CRITICAL
SQL injection vulnerability in Dolibarr ERP/CRM 3.3.1 allows remote attackers to execute arbitrary SQL commands via the 'pays' parameter in fiche.php.
CVE-2013-2075 1 Call-cc 1 Chicken 2024-11-21 7.5 HIGH 8.8 HIGH
Multiple buffer overflows in the (1) R5RS char-ready, (2) tcp-accept-ready, and (3) file-select procedures in Chicken through 4.8.0.3 allows attackers to cause a denial of service (crash) by opening a file descriptor with a large integer value. NOTE: this issue exists because of an incomplete fix for CVE-2012-6122.
CVE-2013-2060 1 Redhat 1 Openshift 2024-11-21 10.0 HIGH 9.8 CRITICAL
The download_from_url function in OpenShift Origin allows remote attackers to execute arbitrary commands via shell metacharacters in the URL of a request to download a cart.
CVE-2013-2057 1 Yabb 1 Yabb 2024-11-21 7.5 HIGH 9.8 CRITICAL
YaBB through 2.5.2: 'guestlanguage' Cookie Parameter Local File Include Vulnerability
CVE-2013-2049 1 Redhat 1 Cloudforms Management Engine 2024-11-21 5.0 MEDIUM 7.5 HIGH
Red Hat CloudForms 2 Management Engine (CFME) allows remote attackers to conduct session tampering attacks by leveraging use of a static secret_token.rb secret.