CVEs from 2013
Total
5,692
critical
critical 917
high
high 949
medium
medium 3,166
low
low 557
% Critical
16.1%
% with KEV
0.7%
% with exploit
11.6%
Top vendors
Top products
- chrome 11,665
- ffmpeg 3,379
- seamonkey 2,231
- acrobat_reader 1,911
- acrobat 1,909
- itunes 1,678
- firefox 1,634
- moodle 1,560
| CVE | Severity | CVSS | Risk | Flags | OS | Vendor | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2013-5303 | critical | — | 10.0 | 13y ago | Unspecified vulnerability in the Store Locator (locator) extension before 3.1.5 for TYPO3 has unknown impact and remote attack vectors, related to "Insecure Unserialize." | |||
| CVE-2013-2250 | critical | — | 10.0 | 13y ago | Apache Open For Business Project (aka OFBiz) 10.04.01 through 10.04.05, 11.04.01 through 11.04.02, and 12.04.01 allows remote attackers to execute arbitrary Unified Expression Language (UEL) function… | |||
| CVE-2013-3184 | critical | — | 10.0 | 13y ago | Microsoft Internet Explorer 7 through 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corru… | |||
| CVE-2013-3175 | critical | — | 10.0 | 13y ago | Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows Server 2012, and Windows RT allow remote attackers … | |||
| CVE-2013-4031 | critical | — | 10.0 | 13y ago | The Intelligent Platform Management Interface (IPMI) implementation in Integrated Management Module (IMM) and Integrated Management Module II (IMM2) on IBM BladeCenter, Flex System, System x iDataPle… | |||
| CVE-2013-2577 | critical | — | 10.0 | 13y ago | Buffer overflow in XnView before 2.04 allows remote attackers to execute arbitrary code via a crafted PCT file. | |||
| CVE-2013-3454 | critical | — | 10.0 | 13y ago | Cisco TelePresence System Software 1.10.1 and earlier on 500, 13X0, 1X00, 30X0, and 3X00 devices, and 6.0.3 and earlier on TX 9X00 devices, has a default password for the pwrecovery account, which ma… | |||
| CVE-2013-1710 | critical | — | 10.0 | 13y ago | The crypto.generateCRMFRequest function in Mozilla Firefox before 23.0, Firefox ESR 17.x before 17.0.8, Thunderbird before 17.0.8, Thunderbird ESR 17.x before 17.0.8, and SeaMonkey before 2.20 allows… | |||
| CVE-2013-1705 | critical | — | 10.0 | 13y ago | Heap-based buffer underflow in the cryptojs_interpret_key_gen_type function in Mozilla Firefox before 23.0 and SeaMonkey before 2.20 allows remote attackers to execute arbitrary code or cause a denia… | |||
| CVE-2013-1702 | critical | — | 10.0 | 13y ago | Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 23.0 and SeaMonkey before 2.20 allow remote attackers to cause a denial of service (memory corruption and applicat… | |||
| CVE-2013-1701 | critical | — | 10.0 | 13y ago | Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 23.0, Firefox ESR 17.x before 17.0.8, Thunderbird before 17.0.8, Thunderbird ESR 17.x before 17.0.8, and SeaMonkey… | |||
| CVE-2013-5022 | critical | — | 10.0 | 13y ago | Absolute path traversal vulnerability in the 3D Graph ActiveX control in cw3dgrph.ocx in National Instruments LabWindows/CVI 2012 SP1 and earlier, LabVIEW 2012 SP1 and earlier, and other products all… | |||
| CVE-2013-3443 | critical | — | 10.0 | 13y ago | The web service framework in Cisco WAAS Software 4.x and 5.x before 5.0.3e, 5.1.x before 5.1.1c, and 5.2.x before 5.2.1 in a Central Manager (CM) configuration allows remote attackers to execute arbi… | |||
| CVE-2013-4652 | critical | — | 10.0 | 13y ago | Unspecified vulnerability in the command-line management interface on Siemens Scalance W7xx devices with firmware before 4.5.4 allows remote attackers to bypass authentication and execute arbitrary c… | |||
| CVE-2013-5019 | critical | — | 10.0 | 13y ago | Stack-based buffer overflow in Ultra Mini HTTPD 1.21 allows remote attackers to execute arbitrary code via a long resource name in an HTTP request. | |||
| CVE-2013-2367 | critical | — | 10.0 | 13y ago | Multiple unspecified vulnerabilities in HP SiteScope 11.20 and 11.21, when SOAP is used, allow remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-1678. | |||
| CVE-2013-1377 | critical | — | 10.0 | 13y ago | Adobe Digital Editions 2.x before 2.0.1 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors. | |||
| CVE-2013-4800 | critical | — | 10.0 | 13y ago | Unspecified vulnerability in HP LoadRunner before 11.52 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-1735. | |||
| CVE-2013-4798 | critical | — | 10.0 | 13y ago | Unspecified vulnerability in HP LoadRunner before 11.52 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-1705. | |||
| CVE-2013-4937 | critical | — | 10.0 | 13y ago | Multiple unspecified vulnerabilities in the AiCloud feature on the ASUS RT-AC66U, RT-N66U, RT-N65U, RT-N14U, RT-N16, RT-N56U, and DSL-N55U with firmware before 3.0.4.372 have unknown impact and attac… | |||
| CVE-2013-3430 | critical | — | 10.0 | 13y ago | Cisco Video Surveillance Manager (VSM) before 7.0.0 allows remote attackers to obtain sensitive configuration, archive, and log information via unspecified vectors, related to the Cisco_VSBWT (aka Br… | |||
| CVE-2013-4781 | critical | — | 10.0 | 13y ago | core/getLog.php on the Siemens Enterprise OpenScape Branch appliance and OpenScape Session Border Controller (SBC) before 2 R0.32.0, and 7 before 7 R1.7.0, allows remote attackers to execute arbitrar… | |||
| CVE-2013-2134 | critical | — | 10.0 | 13y ago | Arbitrary code execution in Apache Struts 2 | |||
| CVE-2013-1777 | critical | — | 10.0 | 13y ago | Apache Geronimo JMX Remoting functionality allows remote code execution in 3.x before v3.0.1 | |||
| CVE-2013-4685 | critical | — | 10.0 | 13y ago | Buffer overflow in flowd in Juniper Junos 10.4 before 10.4S14, 11.4 before 11.4R7, 12.1 before 12.1R6, and 12.1X44 before 12.1X44-D15 on SRX devices, when Captive Portal is enabled with the UAC enfor… | |||
| CVE-2013-1966 | critical | — | 10.0 | 13y ago | Arbitrary code execution in Apache Struts | |||
| CVE-2013-1868 | critical | — | 10.0 | 13y ago | Multiple buffer overflows in VideoLAN VLC media player 2.0.4 and earlier allow remote attackers to cause a denial of service (crash) and execute arbitrary code via vectors related to the (1) freetype… | |||
| CVE-2013-3350 | critical | — | 10.0 | 13y ago | Adobe ColdFusion 10 before Update 11 allows remote attackers to call ColdFusion Components (CFC) public methods via WebSockets. | |||
| CVE-2013-3348 | critical | — | 10.0 | 13y ago | Adobe Shockwave Player before 12.0.3.133 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors. | |||
| CVE-2013-3347 | critical | — | 10.0 | 13y ago | Integer overflow in Adobe Flash Player before 11.7.700.232 and 11.8.x before 11.8.800.94 on Windows and Mac OS X, before 11.2.202.297 on Linux, before 11.1.111.64 on Android 2.x and 3.x, and before 1… | |||
| CVE-2013-3345 | critical | — | 10.0 | 13y ago | Adobe Flash Player before 11.7.700.232 and 11.8.x before 11.8.800.94 on Windows and Mac OS X, before 11.2.202.297 on Linux, before 11.1.111.64 on Android 2.x and 3.x, and before 11.1.115.69 on Androi… | |||
| CVE-2013-3344 | critical | — | 10.0 | 13y ago | Heap-based buffer overflow in Adobe Flash Player before 11.7.700.232 and 11.8.x before 11.8.800.94 on Windows and Mac OS X, before 11.2.202.297 on Linux, before 11.1.111.64 on Android 2.x and 3.x, an… | |||
| CVE-2013-3174 | critical | — | 10.0 | 13y ago | DirectShow in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, and Windows Server 2012 allows remote attacke… | |||
| CVE-2013-3164 | critical | — | 10.0 | 13y ago | Microsoft Internet Explorer 8 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulne… | |||
| CVE-2013-3162 | critical | — | 10.0 | 13y ago | Microsoft Internet Explorer 7 through 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corru… | |||
| CVE-2013-3161 | critical | — | 10.0 | 13y ago | Microsoft Internet Explorer 9 and 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruptio… | |||
| CVE-2013-3153 | critical | — | 10.0 | 13y ago | Microsoft Internet Explorer 6 through 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corru… | |||
| CVE-2013-3152 | critical | — | 10.0 | 13y ago | Microsoft Internet Explorer 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vuln… | |||
| CVE-2013-3151 | critical | — | 10.0 | 13y ago | Microsoft Internet Explorer 8 through 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corru… | |||
| CVE-2013-3150 | critical | — | 10.0 | 13y ago | Microsoft Internet Explorer 9 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulne… | |||
| CVE-2013-3149 | critical | — | 10.0 | 13y ago | Microsoft Internet Explorer 7 and 8 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption… | |||
| CVE-2013-3148 | critical | — | 10.0 | 13y ago | Microsoft Internet Explorer 6 through 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corru… | |||
| CVE-2013-3147 | critical | — | 10.0 | 13y ago | Microsoft Internet Explorer 6 through 9 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corrup… | |||
| CVE-2013-3146 | critical | — | 10.0 | 13y ago | Microsoft Internet Explorer 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vuln… | |||
| CVE-2013-3145 | critical | — | 10.0 | 13y ago | Microsoft Internet Explorer 9 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulne… | |||
| CVE-2013-3144 | critical | — | 10.0 | 13y ago | Microsoft Internet Explorer 8 through 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corru… | |||
| CVE-2013-3143 | critical | — | 10.0 | 13y ago | Microsoft Internet Explorer 9 and 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruptio… | |||
| CVE-2013-3115 | critical | — | 10.0 | 13y ago | Microsoft Internet Explorer 7 through 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corru… | |||
| CVE-2013-4787 | critical | — | 10.0 | 13y ago | Android 1.6 Donut through 4.2 Jelly Bean does not properly check cryptographic signatures for applications, which allows attackers to execute arbitrary code via an application package file (APK) that… | |||
| CVE-2013-4785 | critical | — | 10.0 | 13y ago | The web interface on the Dell iDRAC6 with firmware before 1.95 allows remote attackers to modify the CLP interface for arbitrary users and possibly have other impact via a request to an unspecified f… | |||
| CVE-2013-4784 | critical | — | 10.0 | 13y ago | The HP Integrated Lights-Out (iLO) BMC implementation allows remote attackers to bypass authentication and execute arbitrary IPMI commands by using cipher suite 0 (aka cipher zero) and an arbitrary p… | |||
| CVE-2013-4783 | critical | — | 10.0 | 13y ago | The Dell iDRAC6 with firmware 1.x before 1.92 and 2.x and 3.x before 3.42, and iDRAC7 with firmware before 1.23.23, allows remote attackers to bypass authentication and execute arbitrary IPMI command… | |||
| CVE-2013-4782 | critical | — | 10.0 | 13y ago | The Supermicro BMC implementation allows remote attackers to bypass authentication and execute arbitrary IPMI commands by using cipher suite 0 (aka cipher zero) and an arbitrary password. | |||
| CVE-2013-2340 | critical | — | 10.0 | 13y ago | Unspecified vulnerability on the HP ProCurve JC###A, JC###B, JD###A, JD###B, JE###A, JF###A, JF###B, JF###C, JG###A, 658250-B21, and 658247-B21; HP 3COM routers and switches; and HP H3C routers and s… | |||
| CVE-2013-2343 | critical | — | 10.0 | 13y ago | Unspecified vulnerability on the HP LeftHand Virtual SAN Appliance hydra with software before 10.0 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-1510. | |||
| CVE-2013-4735 | critical | — | 10.0 | 13y ago | The Digital Alert Systems DASDEC EAS device before 2.0-2 and the Monroe Electronics R189 One-Net EAS device before 2.0-2 have a default password for an administrative account, which makes it easier f… | |||
| CVE-2013-4732 | critical | — | 10.0 | 13y ago | The administrative web server on the Digital Alert Systems DASDEC EAS device through 2.0-2 and the Monroe Electronics R189 One-Net EAS device through 2.0-2 uses predictable session ID values, which m… | |||
| CVE-2013-0137 | critical | — | 10.0 | 13y ago | The default configuration of the Digital Alert Systems DASDEC EAS device before 2.0-2 and the Monroe Electronics R189 One-Net EAS device before 2.0-2 contains a known SSH private key, which makes it … | |||
| CVE-2013-4096 | critical | — | 10.0 | 13y ago | ServerAdmin/TestTelnetConnection.jsp in DS3 Authentication Server allows remote authenticated users to execute arbitrary commands via shell metacharacters in the HOST_NAME field. | |||
| CVE-2013-1686 | critical | — | 10.0 | 13y ago | Use-after-free vulnerability in the mozilla::ResetDir function in Mozilla Firefox before 22.0, Firefox ESR 17.x before 17.0.7, Thunderbird before 17.0.7, and Thunderbird ESR 17.x before 17.0.7 allows… | |||
| CVE-2013-1683 | critical | — | 10.0 | 13y ago | Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 22.0 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly exe… | |||
| CVE-2013-1682 | critical | — | 10.0 | 13y ago | Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 22.0, Firefox ESR 17.x before 17.0.7, Thunderbird before 17.0.7, and Thunderbird ESR 17.x before 17.0.7 allow remo… | |||
| CVE-2013-2473 | critical | — | 10.0 | 13y ago | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier, 6 Update 45 and earlier, and 5.0 Update 45 and earlier, and OpenJDK 7, allows remo… | |||
| CVE-2013-2472 | critical | — | 10.0 | 13y ago | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier, 6 Update 45 and earlier, and 5.0 Update 45 and earlier, and OpenJDK 7, allows remo… | |||
| CVE-2013-2471 | critical | — | 10.0 | 13y ago | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier, 6 Update 45 and earlier, and 5.0 Update 45 and earlier, and OpenJDK 7, allows remo… | |||
| CVE-2013-2470 | critical | — | 10.0 | 13y ago | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier, 6 Update 45 and earlier, and 5.0 Update 45 and earlier, and OpenJDK 7, allows remo… | |||
| CVE-2013-2469 | critical | — | 10.0 | 13y ago | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier, 6 Update 45 and earlier, and 5.0 Update 45 and earlier, and OpenJDK 7, allows remo… | |||
| CVE-2013-2468 | critical | — | 10.0 | 13y ago | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier and 6 Update 45 and earlier allows remote attackers to affect confidentiality, inte… | |||
| CVE-2013-2466 | critical | — | 10.0 | 13y ago | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier and 6 Update 45 and earlier allows remote attackers to affect confidentiality, inte… | |||
| CVE-2013-2464 | critical | — | 10.0 | 13y ago | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier, 6 Update 45 and earlier, and 5.0 Update 45 and earlier allows remote attackers to … | |||
| CVE-2013-2463 | critical | — | 10.0 | 13y ago | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier, 6 Update 45 and earlier, and 5.0 Update 45 and earlier, and OpenJDK 7, allows remo… | |||
| CVE-2013-2460 | critical | — | 10.0 | 13y ago | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier, and OpenJDK 7, allows remote attackers to affect confidentiality, integrity, and a… | |||
| CVE-2013-2459 | critical | — | 10.0 | 13y ago | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier, 6 Update 45 and earlier, and 5.0 Update 45 and earlier, and OpenJDK 7, allows remo… | |||
| CVE-2013-3644 | critical | — | 10.0 | 13y ago | Unspecified vulnerability in JustSystems Ichitaro 2006 through 2013; Ichitaro Pro through 2; Ichitaro Government 6, 7, and 2006 through 2010; Ichitaro Portable with oreplug; Ichitaro Viewer; and Ichi… | |||
| CVE-2013-4611 | critical | — | 10.0 | 13y ago | Multiple unspecified vulnerabilities in REDCap before 5.1.1 allow remote attackers to have an unknown impact via vectors involving (1) the Online Designer page or (2) the Manage Survey Participants p… | |||
| CVE-2013-4610 | critical | — | 10.0 | 13y ago | Unspecified vulnerability in the Data Search utility in data-entry forms in REDCap before 5.0.3 and 5.1.x before 5.1.2 has unknown impact and remote attack vectors. | |||
| CVE-2013-2338 | critical | — | 10.0 | 13y ago | Unspecified vulnerability on HP Integrated Lights-Out 3 (aka iLO3) cards with firmware before 1.57 and 4 (aka iLO4) cards with firmware before 1.22, when Single-Sign-On (SSO) is used, allows remote a… | |||
| CVE-2013-3576 | critical | — | 10.0 | 13y ago | ginkgosnmp.inc in HP System Management Homepage (SMH) allows remote authenticated users to execute arbitrary commands via shell metacharacters in the PATH_INFO to smhutil/snmpchp.php.en. | |||
| CVE-2013-3573 | critical | — | 10.0 | 13y ago | HP Insight Diagnostics 9.4.0.4710 allows remote attackers to conduct unspecified injection attacks via unknown vectors. | |||
| CVE-2013-3343 | critical | — | 10.0 | 13y ago | Adobe Flash Player before 10.3.183.90 and 11.x before 11.7.700.224 on Windows, before 10.3.183.90 and 11.x before 11.7.700.225 on Mac OS X, before 10.3.183.90 and 11.x before 11.2.202.291 on Linux, b… | |||
| CVE-2013-3120 | critical | — | 10.0 | 13y ago | Microsoft Internet Explorer 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vuln… | |||
| CVE-2013-3111 | critical | — | 10.0 | 13y ago | Microsoft Internet Explorer 8 through 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corru… | |||
| CVE-2013-2335 | critical | — | 10.0 | 13y ago | Unspecified vulnerability in HP Storage Data Protector 6.20, 6.21, 7.00, and 7.01 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-1733. | |||
| CVE-2013-2334 | critical | — | 10.0 | 13y ago | Unspecified vulnerability in HP Storage Data Protector 6.20, 6.21, 7.00, and 7.01 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-1681. | |||
| CVE-2013-2333 | critical | — | 10.0 | 13y ago | Unspecified vulnerability in HP Storage Data Protector 6.20, 6.21, 7.00, and 7.01 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-1680. | |||
| CVE-2013-2332 | critical | — | 10.0 | 13y ago | Unspecified vulnerability in HP Storage Data Protector 6.20, 6.21, 7.00, and 7.01 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-1654. | |||
| CVE-2013-2331 | critical | — | 10.0 | 13y ago | Unspecified vulnerability in HP Storage Data Protector 6.20, 6.21, 7.00, and 7.01 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-1652. | |||
| CVE-2013-2330 | critical | — | 10.0 | 13y ago | Unspecified vulnerability in HP Storage Data Protector 6.20, 6.21, 7.00, and 7.01 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-1638. | |||
| CVE-2013-2329 | critical | — | 10.0 | 13y ago | Unspecified vulnerability in HP Storage Data Protector 6.20, 6.21, 7.00, and 7.01 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-1637. | |||
| CVE-2013-2328 | critical | — | 10.0 | 13y ago | Unspecified vulnerability in HP Storage Data Protector 6.20, 6.21, 7.00, and 7.01 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-1636. | |||
| CVE-2013-2327 | critical | — | 10.0 | 13y ago | Unspecified vulnerability in HP Storage Data Protector 6.20, 6.21, 7.00, and 7.01 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-1635. | |||
| CVE-2013-2326 | critical | — | 10.0 | 13y ago | Unspecified vulnerability in HP Storage Data Protector 6.20, 6.21, 7.00, and 7.01 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-1634. | |||
| CVE-2013-2325 | critical | — | 10.0 | 13y ago | Unspecified vulnerability in HP Storage Data Protector 6.20, 6.21, 7.00, and 7.01 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-1633. | |||
| CVE-2013-2324 | critical | — | 10.0 | 13y ago | Unspecified vulnerability in HP Storage Data Protector 6.20, 6.21, 7.00, and 7.01 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-1629. | |||
| CVE-2013-0984 | critical | — | 10.0 | 13y ago | Directory Service in Apple Mac OS X through 10.6.8 allows remote attackers to execute arbitrary code or cause a denial of service (daemon crash) via a crafted message. | |||
| CVE-2013-2863 | critical | — | 10.0 | 13y ago | Google Chrome before 27.0.1453.110 does not properly handle SSL sockets, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vecto… | |||
| CVE-2013-1017 | critical | — | 10.0 | 13y ago | Buffer overflow in Apple QuickTime before 7.7.4 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via crafted dref atoms in a movie file. | |||
| CVE-2013-2781 | critical | — | 10.0 | 13y ago | Use-after-free vulnerability in the server application in 3S CODESYS Gateway 2.3.9.27 allows remote attackers to cause a denial of service (daemon crash) or possibly execute arbitrary code via unspec… | |||
| CVE-2013-3342 | critical | — | 10.0 | 13y ago | Adobe Reader and Acrobat 9.x before 9.5.5, 10.x before 10.1.7, and 11.x before 11.0.03 do not properly handle operating-system domain blacklists, which has unspecified impact and attack vectors. | |||
| CVE-2013-3341 | critical | — | 10.0 | 13y ago | Adobe Reader and Acrobat 9.x before 9.5.5, 10.x before 10.1.7, and 11.x before 11.0.03 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vecto… |