CVEs from 2013
Total
5,688
critical
critical 917
high
high 949
medium
medium 3,166
low
low 557
% Critical
16.1%
% with KEV
0.7%
% with exploit
11.6%
Top vendors
Top products
- chrome 11,665
- ffmpeg 3,379
- seamonkey 2,231
- acrobat_reader 1,911
- acrobat 1,909
- itunes 1,678
- firefox 1,634
- moodle 1,560
| CVE | Severity | CVSS | Risk | Flags | OS | Vendor | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2013-1545 | medium | — | 5.0 | 13y ago | Unspecified vulnerability in the Oracle HTTP Server component in Oracle Fusion Middleware 10.1.3.5, 11.1.1.5.0, and 11.1.1.6.0 allows remote attackers to affect availability via unknown vectors relat… | |||
| CVE-2013-1538 | medium | — | 5.0 | 13y ago | Unspecified vulnerability in the Network Layer component in Oracle Database Server 11.2.0.2 and 11.2.0.3 allows remote attackers to affect availability via unknown vectors. | |||
| CVE-2013-1535 | medium | — | 5.0 | 13y ago | Unspecified vulnerability in the Oracle FLEXCUBE Direct Banking component in Oracle Financial Services Software 2.8.0 through 4.1.0, 5.1.0, 5.2.0, 5.3.4, and 6.0.1 allows remote attackers to affect c… | |||
| CVE-2013-1519 | medium | — | 5.0 | 13y ago | Unspecified vulnerability in the Application Express component in Oracle Database Server before 4.2.1 allows remote attackers to affect integrity via unknown vectors. | |||
| CVE-2013-1510 | medium | — | 5.0 | 13y ago | Unspecified vulnerability in the Siebel UI Framework component in Oracle Siebel CRM 8.1.1 and 8.2.2 allows remote attackers to affect confidentiality via unknown vectors related to Portal Framework, … | |||
| CVE-2013-1509 | medium | — | 5.0 | 13y ago | Unspecified vulnerability in the Oracle WebCenter Sites component in Oracle Fusion Middleware 7.6.2, 11.1.1.6.0, and 11.1.1.6.1 allows remote authenticated users to affect integrity via unknown vecto… | |||
| CVE-2013-0408 | medium | — | 5.0 | 13y ago | Unspecified vulnerability in Oracle Sun Solaris 10 allows local users to affect availability via vectors related to CPU performance counters drivers. | |||
| CVE-2013-2835 | medium | — | 5.0 | 13y ago | Google Chrome OS before 26.0.1410.57 does not properly enforce origin restrictions for the O3D and Google Talk plug-ins, which allows remote attackers to bypass the domain-whitelist protection mechan… | |||
| CVE-2013-2834 | medium | — | 5.0 | 13y ago | Google Chrome OS before 26.0.1410.57 does not properly enforce origin restrictions for the O3D and Google Talk plug-ins, which allows remote attackers to bypass the domain-whitelist protection mechan… | |||
| CVE-2013-2832 | medium | — | 5.0 | 13y ago | The Buffer::Set function in core/cross/buffer.cc in the O3D plug-in in Google Chrome OS before 26.0.1410.57 does not prevent uninitialized data from remaining in a buffer, which might allow remote at… | |||
| CVE-2013-2303 | medium | — | 5.0 | 13y ago | Sleipnir 4.0.0.4000 and earlier on Windows allows remote attackers to spoof the SSL lock icon and address-bar colors via unspecified vectors. | |||
| CVE-2013-1193 | medium | — | 5.0 | 13y ago | The Secure Shell (SSH) implementation on Cisco Adaptive Security Appliances (ASA) devices, and in Cisco Firewall Services Module (FWSM), does not properly terminate sessions, which allows remote atta… | |||
| CVE-2013-1187 | medium | — | 5.0 | 13y ago | The Connection Manager in Cisco Jabber Extensible Communications Platform (aka Jabber XCP) does not properly validate login data, which allows remote attackers to cause a denial of service (service c… | |||
| CVE-2013-0315 | medium | — | 5.0 | 13y ago | The GateIn Portal export/import gadget in JBoss Enterprise Portal Platform 5.2.2 allows remote attackers to read arbitrary files via a crafted external XML entity in an XML document, aka an XML Entit… | |||
| CVE-2013-0282 | medium | — | 5.0 | 13y ago | OpenStack Keystone Grizzly before 2013.1, Folsom 2012.1.3 and earlier, and Essex does not properly check if the (1) user, (2) tenant, or (3) domain is enabled when using EC2-style authentication, whi… | |||
| CVE-2013-2716 | medium | — | 5.0 | 13y ago | Puppet Labs Puppet Enterprise before 2.8.0 does not use a "randomized secret" in the CAS client config file (cas_client_config.yml) when upgrading from older 1.2.x or 2.0.x versions, which allows rem… | |||
| CVE-2013-1282 | medium | — | 5.0 | 13y ago | The LDAP service in Microsoft Active Directory, Active Directory Application Mode (ADAM), Active Directory Lightweight Directory Service (AD LDS), and Active Directory Services allows remote attacker… | |||
| CVE-2013-1821 | medium | — | 5.0 | 13y ago | Ruby vulnerable to denial of service | |||
| CVE-2013-0681 | medium | — | 5.0 | 13y ago | Cogent Real-Time Systems Cogent DataHub before 7.3.0, OPC DataHub before 6.4.22, Cascade DataHub before 6.4.22 on Windows, and DataHub QuickTrend before 7.3.0 allow remote attackers to cause a denial… | |||
| CVE-2013-1174 | medium | — | 5.0 | 13y ago | Cisco Tivoli Business Service Manager (TBSM) in Hosted Collaboration Mediation (HCM) in Cisco Hosted Collaboration Solution allows remote attackers to cause a denial of service (temporary service han… | |||
| CVE-2013-0483 | medium | — | 5.0 | 13y ago | The login component in SOAP Gateway in IBM IMS Enterprise Suite 1.1, 2.1, and 2.2 uses cleartext credentials, which allows remote attackers to obtain sensitive information by sniffing the network. | |||
| CVE-2013-0128 | medium | — | 5.0 | 13y ago | The Contact Customer Support feature in the TigerText Free Private Texting app before 3.1.402 for iOS sends a log-file e-mail message with unencrypted credentials, which allows remote attackers to ob… | |||
| CVE-2013-2763 | medium | — | 5.0 | 13y ago | The Schneider Electric M340 PLC modules allow remote attackers to cause a denial of service (resource consumption) via unspecified vectors. NOTE: the vendor reportedly disputes this issue because it… | |||
| CVE-2013-0791 | medium | — | 5.0 | 13y ago | The CERT_DecodeCertPackage function in Mozilla Network Security Services (NSS), as used in Mozilla Firefox before 20.0, Firefox ESR 17.x before 17.0.5, Thunderbird before 17.0.5, Thunderbird ESR 17.x… | |||
| CVE-2013-1665 | medium | — | 5.0 | 13y ago | The XML libraries for Python 3.4, 3.3, 3.2, 3.1, 2.7, and 2.6, as used in OpenStack Keystone Essex and Folsom, Django, and possibly other products allow remote attackers to read arbitrary files via a… | |||
| CVE-2013-1664 | medium | — | 5.0 | 13y ago | The XML libraries for Python 3.4, 3.3, 3.2, 3.1, 2.7, and 2.6, as used in OpenStack Keystone Essex, Folsom, and Grizzly; Compute (Nova) Essex and Folsom; Cinder Folsom; Django; and possibly other pro… | |||
| CVE-2013-2744 | medium | — | 5.0 | 13y ago | importbuddy.php in the BackupBuddy plugin 2.2.25 for WordPress allows remote attackers to obtain configuration information via a step 0 phpinfo action, which calls the phpinfo function. | |||
| CVE-2013-2686 | medium | — | 5.0 | 13y ago | main/http.c in the HTTP server in Asterisk Open Source 1.8.x before 1.8.20.2, 10.x before 10.12.2, and 11.x before 11.2.2; Certified Asterisk 1.8.15 before 1.8.15-cert2; and Asterisk Digiumphones 10.… | |||
| CVE-2013-2264 | medium | — | 5.0 | 13y ago | The SIP channel driver in Asterisk Open Source 1.8.x before 1.8.20.2, 10.x before 10.12.2, and 11.x before 11.2.2; Certified Asterisk 1.8.15 before 1.8.15-cert2; Asterisk Business Edition (BE) C.3.x … | |||
| CVE-2013-1747 | medium | — | 5.0 | 13y ago | channel.c in ngIRCd 20 and 20.1 allows remote attackers to cause a denial of service (assertion failure and crash) via a KICK command for a user who is not on the associated channel. | |||
| CVE-2013-0923 | medium | — | 5.0 | 13y ago | The USB Apps API in Google Chrome before 26.0.1410.43 allows remote attackers to cause a denial of service (memory corruption) via unspecified vectors. | |||
| CVE-2013-0917 | medium | — | 5.0 | 13y ago | The URL loader in Google Chrome before 26.0.1410.43 allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors. | |||
| CVE-2013-0316 | medium | — | 5.0 | 13y ago | The Image module in Drupal 7.x before 7.20 allows remote attackers to cause a denial of service (CPU and disk space consumption) via a large number of new derivative requests. | |||
| CVE-2013-0257 | medium | — | 5.0 | 13y ago | The email2image module 6.x-1.x and 6.x-2.x for Drupal does not properly restrict access to nodes, which allows remote attackers to read images of user email addresses and email fields. | |||
| CVE-2013-0182 | medium | — | 5.0 | 13y ago | The Payment module 7.x-1.x before 7.x-1.3 for Drupal does not properly restrict access to payments, which allows remote attackers to read arbitrary payments. | |||
| CVE-2013-2300 | medium | — | 5.0 | 13y ago | The FlickWnn (aka OpenWnn/Flick support) application 2.02 and earlier for Android uses weak permissions for unspecified files, which allows attackers to obtain sensitive information via an applicatio… | |||
| CVE-2013-0720 | medium | — | 5.0 | 13y ago | The COBIME application before 0.9.4 for Android uses weak permissions for unspecified files, which allows attackers to obtain sensitive information via an application that accesses the local filesyst… | |||
| CVE-2013-0719 | medium | — | 5.0 | 13y ago | The ArtIME Japanese Input application 1.1.2 and earlier for Android uses weak permissions for unspecified files, which allows attackers to obtain sensitive information via an application that accesse… | |||
| CVE-2013-0718 | medium | — | 5.0 | 13y ago | The Simeji application 4.8.1 and earlier for Android uses weak permissions for unspecified files, which allows attackers to obtain sensitive information via an application that accesses the local fil… | |||
| CVE-2013-1162 | medium | — | 5.0 | 13y ago | The traffic engineering (TE) processing subsystem in Cisco IOS XR allows remote attackers to cause a denial of service (process restart) via crafted TE packets, aka Bug ID CSCue04000. | |||
| CVE-2013-1831 | medium | — | 5.0 | 13y ago | Moodle reveals absolute path in exception message | |||
| CVE-2013-1830 | medium | — | 5.0 | 13y ago | Moodle does not enforce the forceloginforprofiles setting | |||
| CVE-2013-2640 | medium | — | 5.0 | 13y ago | ajax.functions.php in the MailUp plugin before 1.3.2 for WordPress does not properly restrict access to unspecified Ajax functions, which allows remote attackers to modify plugin settings and conduct… | |||
| CVE-2013-0731 | medium | — | 5.0 | 13y ago | ajax.functions.php in the MailUp plugin before 1.3.3 for WordPress does not properly restrict access to unspecified Ajax functions, which allows remote attackers to modify plugin settings and conduct… | |||
| CVE-2013-2633 | medium | — | 5.0 | 13y ago | Piwik (now Matomo) Reveals Sensitive Information by Accepting Input from `POST` Requests | |||
| CVE-2013-0716 | medium | — | 5.0 | 13y ago | The web server in Wind River VxWorks 5.5 through 6.9 allows remote attackers to cause a denial of service (daemon crash) via a crafted URI. | |||
| CVE-2013-1654 | medium | — | 5.0 | 13y ago | Puppet 2.7.x before 2.7.21 and 3.1.x before 3.1.1, and Puppet Enterprise 2.7.x before 2.7.2, does not properly negotiate the SSL protocol between client and master, which allows remote attackers to c… | |||
| CVE-2013-2263 | medium | — | 5.0 | 13y ago | Unspecified vulnerability in Citrix Access Gateway Standard Edition 5.0.x before 5.0.4.223524 allows remote attackers to access network resources via unknown attack vectors. | |||
| CVE-2013-1854 | medium | — | 5.0 | 13y ago | The Active Record component in Ruby on Rails 2.3.x before 2.3.18, 3.1.x before 3.1.12, and 3.2.x before 3.2.13 processes certain queries by converting hash keys to symbols, which allows remote attack… | |||
| CVE-2013-2371 | medium | — | 5.0 | 13y ago | The Web API in the Statistics Server in TIBCO Spotfire Statistics Services 3.3.x before 3.3.1, 4.5.x before 4.5.1, and 5.0.x before 5.0.1 allows remote attackers to obtain sensitive information via a… | |||
| CVE-2013-1795 | medium | — | 5.0 | 13y ago | Integer overflow in ptserver in OpenAFS before 1.6.2 allows remote attackers to cause a denial of service (crash) via a large list from the IdToName RPC, which triggers a heap-based buffer overflow. | |||
| CVE-2013-1814 | medium | — | 5.0 | 13y ago | Apache Rave information disclosure vulnerability | |||
| CVE-2013-1469 | medium | — | 5.0 | 13y ago | Directory traversal vulnerability in install.php in Piwigo before 2.4.7 allows remote attackers to read and delete arbitrary files via a .. (dot dot) in the dl parameter. | |||
| CVE-2013-0312 | medium | — | 5.0 | 13y ago | 389 Directory Server before 1.3.0.4 allows remote attackers to cause a denial of service (crash) via a zero length LDAP control sequence. | |||
| CVE-2013-0095 | medium | — | 5.0 | 13y ago | Outlook in Microsoft Office for Mac 2008 before 12.3.6 and Office for Mac 2011 before 14.3.2 allows remote attackers to trigger access to a remote URL and consequently confirm the rendering of an HTM… | |||
| CVE-2013-0086 | medium | — | 5.0 | 13y ago | Microsoft OneNote 2010 SP1 does not properly determine buffer sizes during memory allocation, which allows remote attackers to obtain sensitive information via a crafted OneNote file, aka "Buffer Siz… | |||
| CVE-2013-0239 | medium | — | 5.0 | 13y ago | Improper Authentication in Apache CXF | |||
| CVE-2013-0252 | medium | — | 5.0 | 13y ago | boost::locale::utf::utf_traits in the Boost.Locale library in Boost 1.48 through 1.52 does not properly detect certain invalid UTF-8 sequences, which might allow remote attackers to bypass input vali… | |||
| CVE-2013-2293 | medium | — | 5.0 | 13y ago | The CTransaction::FetchInputs method in bitcoind and Bitcoin-Qt before 0.8.0rc1 copies transactions from disk to memory without incrementally checking for spent prevouts, which allows remote attacker… | |||
| CVE-2013-2273 | medium | — | 5.0 | 13y ago | bitcoind and Bitcoin-Qt before 0.4.9rc1, 0.5.x before 0.5.8rc1, 0.6.0 before 0.6.0.11rc1, 0.6.1 through 0.6.5 before 0.6.5rc1, and 0.7.x before 0.7.3rc1 make it easier for remote attackers to obtain … | |||
| CVE-2013-2272 | medium | — | 5.0 | 13y ago | The penny-flooding protection mechanism in the CTxMemPool::accept method in bitcoind and Bitcoin-Qt before 0.4.9rc1, 0.5.x before 0.5.8rc1, 0.6.0 before 0.6.0.11rc1, 0.6.1 through 0.6.5 before 0.6.5r… | |||
| CVE-2013-1154 | medium | — | 5.0 | 13y ago | The Cisco Small Business 200 Series Smart Switch 1.2.7.76 and earlier, Small Business 300 Series Managed Switch 1.2.7.76 and earlier, and Small Business 500 Series Stackable Managed Switch 1.2.7.76 a… | |||
| CVE-2013-2488 | medium | — | 5.0 | 13y ago | The DTLS dissector in Wireshark 1.6.x before 1.6.14 and 1.8.x before 1.8.6 does not validate the fragment offset before invoking the reassembly state machine, which allows remote attackers to cause a… | |||
| CVE-2013-1643 | medium | — | 5.0 | 13y ago | The SOAP parser in PHP before 5.3.23 and 5.4.x before 5.4.13 allows remote attackers to read arbitrary files via a SOAP WSDL file containing an XML external entity declaration in conjunction with an … | |||
| CVE-2013-0909 | medium | — | 5.0 | 13y ago | The XSS Auditor in Google Chrome before 25.0.1364.152 allows remote attackers to obtain sensitive HTTP Referer information via unspecified vectors. | |||
| CVE-2013-0198 | medium | — | 5.0 | 13y ago | Dnsmasq before 2.66test2, when used with certain libvirt configurations, replies to queries from prohibited interfaces, which allows remote attackers to cause a denial of service (traffic amplificati… | |||
| CVE-2013-1415 | medium | — | 5.0 | 13y ago | The pkinit_check_kdc_pkid function in plugins/preauth/pkinit/pkinit_crypto_openssl.c in the PKINIT implementation in the Key Distribution Center (KDC) in MIT Kerberos 5 (aka krb5) before 1.10.4 and 1… | |||
| CVE-2013-1138 | medium | — | 5.0 | 13y ago | The NAT process on Cisco Adaptive Security Appliances (ASA) devices allows remote attackers to cause a denial of service (connections-table memory consumption) via crafted packets, aka Bug ID CSCue46… | |||
| CVE-2013-0247 | medium | — | 5.0 | 13y ago | OpenStack Keystone Essex 2012.1.3 and earlier, Folsom 2012.2.3 and earlier, and Grizzly grizzly-2 and earlier allows remote attackers to cause a denial of service (disk consumption) via many invalid … | |||
| CVE-2013-0220 | medium | — | 5.0 | 13y ago | The (1) sss_autofs_cmd_getautomntent and (2) sss_autofs_cmd_getautomntbyname function in responder/autofs/autofssrv_cmd.c and the (3) ssh_cmd_parse_request function in responder/ssh/sshsrv_cmd.c in S… | |||
| CVE-2013-0786 | medium | — | 5.0 | 13y ago | The Bugzilla::Search::build_subselect function in Bugzilla 2.x and 3.x before 3.6.13 and 3.7.x and 4.0.x before 4.0.10 generates different error messages for invalid product queries depending on whet… | |||
| CVE-2013-0118 | medium | — | 5.0 | 13y ago | CS-Cart before 3.0.6, when PayPal Standard Payments is configured, allows remote attackers to set the payment recipient via a modified value of the merchant's e-mail address, as demonstrated by setti… | |||
| CVE-2013-0899 | medium | — | 5.0 | 14y ago | Integer overflow in the padding implementation in the opus_packet_parse_impl function in src/opus_decoder.c in Opus before 1.0.2, as used in Google Chrome before 25.0.1364.97 on Windows and Linux and… | |||
| CVE-2013-0888 | medium | — | 5.0 | 14y ago | Skia, as used in Google Chrome before 25.0.1364.97 on Windows and Linux, and before 25.0.1364.99 on Mac OS X, allows remote attackers to cause a denial of service (out-of-bounds read) via vectors rel… | |||
| CVE-2013-0883 | medium | — | 5.0 | 14y ago | Skia, as used in Google Chrome before 25.0.1364.97 on Windows and Linux, and before 25.0.1364.99 on Mac OS X, allows remote attackers to cause a denial of service (incorrect read operation) via unspe… | |||
| CVE-2013-0881 | medium | — | 5.0 | 14y ago | Google Chrome before 25.0.1364.97 on Windows and Linux, and before 25.0.1364.99 on Mac OS X, allows remote attackers to cause a denial of service (incorrect read operation) via crafted data in the Ma… | |||
| CVE-2013-1485 | medium | — | 5.0 | 14y ago | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 13 and earlier allows remote attackers to affect integrity via unknown vectors related to Librarie… | |||
| CVE-2013-1129 | medium | — | 5.0 | 14y ago | Memory leak in Cisco Unity Connection 9.x allows remote attackers to cause a denial of service (memory consumption and process crash) by sending many TCP requests, aka Bug ID CSCud59736. | |||
| CVE-2013-0273 | medium | — | 5.0 | 14y ago | sametime.c in the Sametime protocol plugin in libpurple in Pidgin before 2.10.7 does not properly terminate long user IDs, which allows remote servers to cause a denial of service (application crash)… | |||
| CVE-2013-0271 | medium | — | 5.0 | 14y ago | The MXit protocol plugin in libpurple in Pidgin before 2.10.7 might allow remote attackers to create or overwrite files via a crafted (1) mxit or (2) mxit/imagestrips pathname. | |||
| CVE-2013-0705 | medium | — | 5.0 | 14y ago | Directory traversal vulnerability in LSI 3ware Disk Manager (3DM) before 2 allows remote attackers to read arbitrary files via unspecified vectors. | |||
| CVE-2013-1122 | medium | — | 5.0 | 14y ago | Cisco NX-OS on the Nexus 7000, when a certain Overlay Transport Virtualization (OTV) configuration is used, allows remote attackers to cause a denial of service (M1-Series module reload) via crafted … | |||
| CVE-2013-1455 | medium | — | 5.0 | 14y ago | Joomla! 3.0.x through 3.0.2 allows attackers to obtain sensitive information via unspecified vectors related to an "Undefined variable." | |||
| CVE-2013-1454 | medium | — | 5.0 | 14y ago | Joomla! 3.0.x through 3.0.2 allows attackers to obtain sensitive information via unspecified vectors related to "Coding errors." | |||
| CVE-2013-0637 | medium | — | 5.0 | 14y ago | Adobe Flash Player before 10.3.183.63 and 11.x before 11.6.602.168 on Windows, before 10.3.183.61 and 11.x before 11.6.602.167 on Mac OS X, before 10.3.183.61 and 11.x before 11.2.202.270 on Linux, b… | |||
| CVE-2013-0242 | medium | — | 5.0 | 14y ago | Buffer overflow in the extend_buffers function in the regular expression matcher (posix/regexec.c) in glibc, possibly 2.17 and earlier, allows context-dependent attackers to cause a denial of service… | |||
| CVE-2013-0189 | medium | — | 5.0 | 14y ago | cachemgr.cgi in Squid 3.1.x and 3.2.x, possibly 3.1.22, 3.2.4, and other versions, allows remote attackers to cause a denial of service (resource consumption) via a crafted request. NOTE: this issue… | |||
| CVE-2013-0166 | medium | — | 5.0 | 14y ago | OpenSSL before 0.9.8y, 1.0.0 before 1.0.0k, and 1.0.1 before 1.0.1d does not properly perform signature verification for OCSP responses, which allows remote OCSP servers to cause a denial of service … | |||
| CVE-2013-1473 | medium | — | 5.0 | 14y ago | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 through Update 11 and 6 through Update 38 allows remote attackers to affect integrity via unknown vectors… | |||
| CVE-2013-0449 | medium | — | 5.0 | 14y ago | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 through Update 11 allows remote attackers to affect confidentiality via unknown vectors related to Deploy… | |||
| CVE-2013-0448 | medium | — | 5.0 | 14y ago | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 through Update 11 allows remote attackers to affect integrity via unknown vectors related to Libraries. | |||
| CVE-2013-0440 | medium | — | 5.0 | 14y ago | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 through Update 11, 6 through Update 38, 5.0 through Update 38, and 1.4.2_40 and earlier, and OpenJDK 7, a… | |||
| CVE-2013-0435 | medium | — | 5.0 | 14y ago | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 through Update 11 and 6 through Update 38, and OpenJDK 6 and 7, allows remote attackers to affect confide… | |||
| CVE-2013-0434 | medium | — | 5.0 | 14y ago | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 through Update 11, 6 through Update 38, 5.0 through Update 38, and 1.4.2_40 and earlier, and OpenJDK 6 an… | |||
| CVE-2013-0433 | medium | — | 5.0 | 14y ago | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 through Update 11, 6 through Update 38, and 5.0 through Update 38, and OpenJDK 6 and 7, allows remote att… | |||
| CVE-2013-0427 | medium | — | 5.0 | 14y ago | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 through Update 11, 6 through Update 38, and 5.0 through Update 38, and OpenJDK 6 and 7, allows remote att… | |||
| CVE-2013-0424 | medium | — | 5.0 | 14y ago | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 through Update 11, 6 through Update 38, 5.0 through Update 38, and 1.4.2_40 and earlier, and OpenJDK 7, a… | |||
| CVE-2013-0409 | medium | — | 5.0 | 14y ago | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 through Update 11, 6 through Update 38, and 5.0 through Update 38 allows remote attackers to affect confi… | |||
| CVE-2013-1112 | medium | — | 5.0 | 14y ago | Cisco Carrier Routing System (CRS) allows remote attackers to cause a denial of service (packet loss) via short malformed packets that trigger inefficient processing, aka Bug ID CSCud79136. | |||
| CVE-2013-1451 | medium | — | 5.0 | 14y ago | Microsoft Internet Explorer 8 and 9, when the Proxy Settings configuration has the same Proxy address and Port values in the HTTP and Secure rows, does not ensure that the SSL lock icon is consistent… |