Search
31,035 CVEs · Critical severity
CVEs (31,035, showing first 500)
Only the first 500 CVEs (by current sort) are shown when searching without a keyword. Add a search term above to narrow the results.
Showing 401–425 of 31,035 (capped at 500)
| CVE ID ↑ | Severity | Patch | CVSS | Published | Description |
|---|---|---|---|---|---|
| CVE-2013-2166 | CRITICAL | Patched | 9.8 | 2019-12-10 | python-keystoneclient version 0.2.3 to 0.2.5 has middleware memcache encryption bypass |
| CVE-2013-2167 | CRITICAL | Patched | 9.8 | 2019-12-10 | python-keystoneclient version 0.2.3 to 0.2.5 has middleware memcache signing bypass |
| CVE-2013-2198 | CRITICAL | Patched | 9.8 | 2020-01-30 | The Login Security module 6.x-1.x before 6.x-1.3 and 7.x-1.x before 7.x-1.3 for Drupal allows attackers to bypass intended restrictions via a crafted username. |
| CVE-2013-2251 | CRITICAL | Patched | 9.8 | 2013-07-20 | Apache Struts 2.0.0 through 2.3.15 allows remote attackers to execute arbitrary OGNL expressions via a parameter with a crafted (1) action:, (2) redirect:, or (3) redirectA… |
| CVE-2013-2259 | CRITICAL | Patched | 9.8 | 2019-11-04 | Cryptocat before 2.0.22 has Arbitrary Code Execution on Firefox Conversation Overview |
| CVE-2013-2260 | CRITICAL | Patched | 9.8 | 2019-11-04 | Cryptocat before 2.0.22: Cryptocat.random() Function Array Key has Entropy Weakness |
| CVE-2013-2465 | CRITICAL | 9.8 | 2013-06-18 | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier, 6 Update 45 and earlier, and 5.0 Update 45 and earlier,… | |
| CVE-2013-2512 | CRITICAL | 9.8 | 2021-01-26 | The ftpd gem 0.2.1 for Ruby allows remote attackers to execute arbitrary OS commands via shell metacharacters in a LIST or NLST command argument within FTP protocol traffic. | |
| CVE-2013-2513 | CRITICAL | Patched | 9.8 | 2023-12-12 | The flash_tool gem through 0.6.0 for Ruby allows command execution via shell metacharacters in the name of a downloaded file. |
| CVE-2013-2568 | CRITICAL | Patched | 9.8 | 2020-01-29 | A Command Injection vulnerability exists in Zavio IP Cameras through 1.6.3 via the ap parameter to /cgi-bin/mft/wireless_mft.cgi, which could let a remote malicious user ex… |
| CVE-2013-2570 | CRITICAL | Patched | 9.8 | 2020-01-29 | A Command Injection vulnerability exists in Zavio IP Cameras through 1.6.3 in the General.Time.NTP.Server parameter to the sub_C8C8 function of the binary /opt/cgi/view/par… |
| CVE-2013-2571 | CRITICAL | Patched | 9.8 | 2020-01-28 | Iris 3.8 before build 1548, as used in Xpient point of sale (POS) systems, allows remote attackers to execute arbitrary commands via a crafted request to TCP port 7510, as … |
| CVE-2013-2573 | CRITICAL | Patched | 9.8 | 2020-01-29 | A Command Injection vulnerability exists in the ap parameter to the /cgi-bin/mft/wireless_mft.cgi file in TP-Link IP Cameras TL-SC 3130, TL-SC 3130G, 3171G. and 4171G 1.6.1… |
| CVE-2013-2612 | CRITICAL | 9.8 | 2020-01-27 | Command-injection vulnerability in Huawei E587 3G Mobile Hotspot 11.203.27 allows remote attackers to execute arbitrary shell commands with root privileges due to an error … | |
| CVE-2013-2681 | CRITICAL | 9.8 | 2020-02-05 | Cisco Linksys E4200 1.0.05 Build 7 devices contain a Security Bypass Vulnerability which could allow remote attackers to gain unauthorized access. | |
| CVE-2013-2729 | CRITICAL | Patched | 9.8 | 2013-05-16 | Integer overflow in Adobe Reader and Acrobat 9.x before 9.5.5, 10.x before 10.1.7, and 11.x before 11.0.03 allows attackers to execute arbitrary code via unspecified vector… |
| CVE-2013-2738 | CRITICAL | Patched | 9.8 | 2019-11-01 | minidlna has SQL Injection that may allow retrieval of arbitrary files |
| CVE-2013-2739 | CRITICAL | Patched | 9.8 | 2019-11-01 | MiniDLNA has heap-based buffer overflow |
| CVE-2013-2745 | CRITICAL | Patched | 9.8 | 2019-12-04 | An SQL Injection vulnerability exists in MiniDLNA prior to 1.1.0 |
| CVE-2013-2748 | CRITICAL | Patched | 9.8 | 2020-01-28 | Belkin Wemo Switch before WeMo_US_2.00.2176.PVT could allow remote attackers to upload arbitrary files onto the system. |
| CVE-2013-3000 | CRITICAL | 9.8 | 2018-07-09 | SQL injection vulnerability in IBM InfoSphere Data Replication Dashboard 9.7 and 10.1 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. IBM… | |
| CVE-2013-3071 | CRITICAL | Patched | 9.8 | 2020-01-28 | NETGEAR Centria WNDR4700 devices with firmware 1.0.0.34 allow authentication bypass. |
| CVE-2013-3072 | CRITICAL | Patched | 9.8 | 2019-11-14 | An Authentication Bypass vulnerability exists in NETGEAR Centria WNDR4700 Firmware 1.0.0.34 in http://<router_ip>/apply.cgi?/hdd_usr_setup.htm that when visited by any user… |
| CVE-2013-3073 | CRITICAL | Patched | 9.8 | 2019-11-14 | A Symlink Traversal vulnerability exists in NETGEAR Centria WNDR4700 Firmware 1.0.0.34. |
| CVE-2013-3085 | CRITICAL | 9.8 | 2019-12-26 | An authentication bypass exists in the web management interface in Belkin F5D8236-4 v2. |