Search
59,256 CVEs
CVEs (59,256, showing first 500)
Only the first 500 CVEs (by current sort) are shown when searching without a keyword. Add a search term above to narrow the results.
Showing 151–175 of 59,256 (capped at 500)
| CVE ID ↑ | Severity | Patch | CVSS | Published | Description |
|---|---|---|---|---|---|
| CVE-2013-10044 | HIGH | Patched | 8.8 | 2025-08-01 | An authenticated SQL injection vulnerability exists in OpenEMR ≤ 4.1.1 Patch 14 that allows a low-privileged attacker to extract administrator credentials and subsequently … |
| CVE-2013-10045 | NONE | — | 2026-04-22 | Rejected reason: This CVE has the been REJECTED and will not be published by the CNA. | |
| CVE-2013-10046 | NONE | — | 2025-08-01 | A local privilege escalation vulnerability exists in Agnitum Outpost Internet Security 8.1 that allows an unprivileged user to execute arbitrary code with SYSTEM privileges… | |
| CVE-2013-10047 | NONE | — | 2025-08-01 | An unrestricted file upload vulnerability exists in MiniWeb HTTP Server <= Build 300 that allows unauthenticated remote attackers to upload arbitrary files to the server’s … | |
| CVE-2013-10048 | CRITICAL | Patched | 9.8 | 2025-08-01 | An OS command injection vulnerability exists in various legacy D-Link routers—including DIR-300 rev B and DIR-600 (firmware ≤ 2.13 and ≤ 2.14b01, respectively)—due to impro… |
| CVE-2013-10049 | NONE | — | 2025-08-01 | An OS command injection vulnerability exists in multiple Raidsonic NAS devices—specifically tested on IB-NAS5220 and IB-NAS4220—via the unauthenticated timeHandler.cgi endp… | |
| CVE-2013-10050 | HIGH | Patched | 8.8 | 2025-08-01 | An OS command injection vulnerability exists in multiple D-Link routers (confirmed on DIR-300 rev A v1.05 and DIR-615 rev D v4.13) via the authenticated tools_vct.xgi CGI e… |
| CVE-2013-10051 | CRITICAL | Patched | 9.8 | 2025-08-01 | A remote PHP code execution vulnerability exists in InstantCMS version 1.6 and earlier due to unsafe use of eval() within the search view handler. Specifically, user-suppli… |
| CVE-2013-10052 | NONE | — | 2025-08-04 | ZPanel includes a helper binary named zsudo, intended to allow restricted privilege escalation for administrative tasks. However, when misconfigured in /etc/sudoers, zsudo … | |
| CVE-2013-10053 | NONE | — | 2025-08-01 | A remote command execution vulnerability exists in ZPanel version 10.0.0.2 in its htpasswd module. When creating .htaccess files, the inHTUsername field is passed unsanitiz… | |
| CVE-2013-10054 | NONE | — | 2025-08-04 | An unauthenticated arbitrary file upload vulnerability exists in LibrettoCMS version 1.1.7 (and possibly earlier) contains an unauthenticated arbitrary file upload vulnerab… | |
| CVE-2013-10055 | NONE | — | 2025-08-01 | An unauthenticated arbitrary file upload vulnerability exists in Havalite CMS version 1.1.7 (and possibly earlier) in the upload.php script. The application fails to enforc… | |
| CVE-2013-10056 | NONE | — | 2026-04-22 | Rejected reason: This CVE has the been REJECTED and will not be published by the CNA. | |
| CVE-2013-10057 | NONE | — | 2025-08-01 | A stack-based buffer overflow vulnerability exists in Synactis PDF In-The-Box ActiveX control (PDF_IN_1.ocx), specifically the ConnectToSynactis method. When a long string … | |
| CVE-2013-10058 | NONE | — | 2025-08-01 | An authenticated OS command injection vulnerability exists in various Linksys router models (tested on WRT160Nv2) running firmware version v2.0.03 via the apply.cgi endpoin… | |
| CVE-2013-10059 | HIGH | Patched | 7.2 | 2025-08-01 | An authenticated OS command injection vulnerability exists in various D-Link routers (tested on DIR-615H1 running firmware version 8.04) via the tools_vct.htm endpoint. The… |
| CVE-2013-10060 | HIGH | Patched | 7.2 | 2025-08-01 | An authenticated OS command injection vulnerability exists in Netgear routers (tested on the DGN2200B model) firmware versions 1.0.0.36 and prior via the pppoe.cgi endpoint… |
| CVE-2013-10061 | HIGH | 7.2 | 2025-08-01 | An authenticated OS command injection vulnerability exists in Netgear routers (tested on the DGN1000B model firmware versions 1.1.00.24 and 1.1.00.45) via the TimeToLive pa… | |
| CVE-2013-10062 | NONE | — | 2025-08-01 | A directory traversal vulnerability exists in Linksys router's web interface (tested on the E1500 model firmware versions 1.0.00, 1.0.04, and 1.0.05), specifically in the /… | |
| CVE-2013-10063 | NONE | — | 2025-08-01 | A path traversal vulnerability exists in the Netgear SPH200D Skype phone firmware versions <= 1.0.4.80 in its embedded web server. Authenticated attackers can exploit craft… | |
| CVE-2013-10064 | NONE | — | 2025-08-05 | A stack-based buffer overflow vulnerability exists in ActFax Server version 5.01. The server's RAW protocol interface fails to safely process user-supplied data in @F506 fa… | |
| CVE-2013-10065 | HIGH | 7.5 | 2025-08-05 | A denial-of-service vulnerability exists in Sysax Multi-Server version 6.10 via its SSH daemon. A specially crafted SSH key exchange packet can trigger a crash in the servi… | |
| CVE-2013-10066 | NONE | — | 2025-08-05 | An unauthenticated arbitrary file upload vulnerability exists in Kordil EDMS v2.2.60rc3. The application exposes an upload endpoint (users_add.php) that allows attackers to… | |
| CVE-2013-10067 | NONE | — | 2025-08-05 | Glossword versions 1.8.8 through 1.8.12 contain an authenticated arbitrary file upload vulnerability. When deployed as a standalone application, the administrative interfac… | |
| CVE-2013-10068 | NONE | — | 2025-08-05 | Foxit Reader Plugin version 2.2.1.530, bundled with Foxit Reader 5.4.4.11281, contains a stack-based buffer overflow vulnerability in the npFoxitReaderPlugin.dll module. Wh… |