Total
3713 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2014-0927 | 1 Ibm | 2 Sterling B2b Integrator, Sterling File Gateway | 2024-11-21 | 4.3 MEDIUM | 8.1 HIGH |
| The ActiveMQ admin user interface in IBM Sterling B2B Integrator 5.1 and 5.2 and Sterling File Gateway 2.1 and 2.2 allows remote attackers to bypass authentication by leveraging knowledge of the port number and webapp path. IBM X-Force ID: 92259. | |||||
| CVE-2013-7465 | 1 Icecoldapps | 1 Servers Ultimate | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| Ice Cold Apps Servers Ultimate 6.0.2(12) does not require authentication for TELNET, SSH, or FTP, which allows remote attackers to execute arbitrary code by uploading PHP scripts. | |||||
| CVE-2013-7051 | 1 Dlink | 2 Dir-100, Dir-100 Firmware | 2024-11-21 | 6.8 MEDIUM | 8.8 HIGH |
| D-Link DIR-100 4.03B07: cli.cgi security bypass due to failure to check authentication parameters | |||||
| CVE-2013-6360 | 1 Trendnet | 2 Ts-s402, Ts-s402 Firmware | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| TRENDnet TS-S402 has a backdoor to enable TELNET. | |||||
| CVE-2013-5582 | 1 Ammyy | 1 Ammyy Admin | 2024-11-21 | 6.8 MEDIUM | 7.8 HIGH |
| Ammyy Admin 3.2 and earlier stores the client ID at a fixed memory location, which might make it easier for user-assisted remote attackers to bypass authentication by running a local program that extracts a field from the AA_v3.2.exe file. | |||||
| CVE-2013-5123 | 5 Debian, Fedoraproject, Pypa and 2 more | 6 Debian Linux, Fedora, Pip and 3 more | 2024-11-21 | 4.3 MEDIUM | 5.9 MEDIUM |
| The mirroring support (-M, --use-mirrors) in Python Pip before 1.5 uses insecure DNS querying and authenticity checks which allows attackers to perform man-in-the-middle attacks. | |||||
| CVE-2013-5122 | 1 Cisco | 8 Linksys E4200, Linksys E4200 Firmware, Linksys Ea2700 and 5 more | 2024-11-21 | 10.0 HIGH | 9.8 CRITICAL |
| Cisco Linksys Routers EA2700, EA3500, E4200, EA4500: A bug can cause an unsafe TCP port to open which leads to unauthenticated access | |||||
| CVE-2013-5116 | 1 Evernote | 1 Evernote | 2024-11-21 | 6.6 MEDIUM | 7.1 HIGH |
| Evernote prior to 5.5.1 has insecure password change | |||||
| CVE-2013-5114 | 1 Logmein | 1 Lastpass | 2024-11-21 | 6.6 MEDIUM | 6.1 MEDIUM |
| LastPass prior to 2.5.1 allows secure wipe bypass. | |||||
| CVE-2013-5112 | 1 Evernote | 1 Evernote | 2024-11-21 | 2.1 LOW | 4.6 MEDIUM |
| Evernote before 5.5.1 has insecure PIN storage | |||||
| CVE-2013-4982 | 1 Avtech | 2 Avn801 Dvr, Avn801 Dvr Firmware | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| AVTECH AVN801 DVR has a security bypass via the administration login captcha | |||||
| CVE-2013-4976 | 1 Hikvision | 2 Ds-2cd7153-e, Ds-2cd7153-e Firmware | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| Hikvision DS-2CD7153-E IP Camera has security bypass via hardcoded credentials | |||||
| CVE-2013-4863 | 1 Micasaverde | 2 Veralite, Veralite Firmware | 2024-11-21 | 9.0 HIGH | 8.8 HIGH |
| The HomeAutomationGateway service in MiCasaVerde VeraLite with firmware 1.5.408 allows (1) remote attackers to execute arbitrary Lua code via a RunLua action in a request to upnp/control/hag on port 49451 or (2) remote authenticated users to execute arbitrary Lua code via a RunLua action in a request to port_49451/upnp/control/hag. | |||||
| CVE-2013-4621 | 1 Magdevgroup | 1 Magnolia Cms | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| Magnolia CMS before 4.5.9 has multiple access bypass vulnerabilities | |||||
| CVE-2013-4593 | 1 Omniauth-facebook Project | 1 Omniauth-facebook | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| RubyGem omniauth-facebook has an access token security vulnerability | |||||
| CVE-2013-4462 | 1 Portable Phpmyadmin Project | 1 Portable Phpmyadmin | 2024-11-21 | 6.4 MEDIUM | 9.1 CRITICAL |
| WordPress Portable phpMyAdmin Plugin has an authentication bypass vulnerability | |||||
| CVE-2013-4454 | 1 Getbutterfly | 1 Portable-phpmyadmin | 2024-11-21 | 6.4 MEDIUM | 9.1 CRITICAL |
| WordPress Portable phpMyAdmin Plugin 1.4.1 has Multiple Security Bypass Vulnerabilities | |||||
| CVE-2013-3367 | 1 Trendnet | 4 Tew-691gr, Tew-691gr Firmware, Tew-692gr and 1 more | 2024-11-21 | 10.0 HIGH | 9.8 CRITICAL |
| Undocumented TELNET service in TRENDnet TEW-691GR and TEW-692GR when a web page named backdoor contains an HTML parameter of password and a value of j78G¬DFdg_24Mhw3. | |||||
| CVE-2013-3317 | 1 Netgear | 2 Wnr1000, Wnr1000 Firmware | 2024-11-21 | 10.0 HIGH | 9.8 CRITICAL |
| Netgear WNR1000v3 with firmware before 1.0.2.60 contains an Authentication Bypass via the NtgrBak key. | |||||
| CVE-2013-3316 | 1 Netgear | 2 Wnr1000, Wnr1000 Firmware | 2024-11-21 | 10.0 HIGH | 9.8 CRITICAL |
| Netgear WNR1000v3 with firmware before 1.0.2.60 contains an Authentication Bypass due to the server skipping checks for URLs containing a ".jpg". | |||||