Export limit exceeded: 16520 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Search Results (16520 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2013-0384 4 Canonical, Mariadb, Oracle and 1 more 8 Ubuntu Linux, Mariadb, Mysql and 5 more 2025-04-11 N/A
Unspecified vulnerability in the Server component in Oracle MySQL 5.1.66 and earlier, and 5.5.28 and earlier, allows remote authenticated users to affect availability via unknown vectors related to Information Schema.
CVE-2013-0772 4 Canonical, Mozilla, Opensuse and 1 more 10 Ubuntu Linux, Firefox, Seamonkey and 7 more 2025-04-11 N/A
The RasterImage::DrawFrameTo function in Mozilla Firefox before 19.0, Thunderbird before 17.0.3, and SeaMonkey before 2.16 allows remote attackers to obtain sensitive information from process memory or cause a denial of service (out-of-bounds read and application crash) via a crafted GIF image.
CVE-2013-1486 3 Oracle, Redhat, Sun 7 Jdk, Jre, Enterprise Linux and 4 more 2025-04-11 N/A
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 13 and earlier, 6 Update 39 and earlier, and 5.0 Update 39 and earlier allows remote attackers to affect confidentiality, integrity, and availability via vectors related to JMX.
CVE-2013-1485 2 Oracle, Redhat 4 Jdk, Jre, Enterprise Linux and 1 more 2025-04-11 N/A
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 13 and earlier allows remote attackers to affect integrity via unknown vectors related to Libraries.
CVE-2013-1643 2 Php, Redhat 2 Php, Enterprise Linux 2025-04-11 N/A
The SOAP parser in PHP before 5.3.23 and 5.4.x before 5.4.13 allows remote attackers to read arbitrary files via a SOAP WSDL file containing an XML external entity declaration in conjunction with an entity reference, related to an XML External Entity (XXE) issue in the soap_xmlParseFile and soap_xmlParseMemory functions. NOTE: this vulnerability exists because of an incorrect fix for CVE-2013-1824.
CVE-2013-1682 2 Mozilla, Redhat 5 Firefox, Thunderbird, Thunderbird Esr and 2 more 2025-04-11 N/A
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 22.0, Firefox ESR 17.x before 17.0.7, Thunderbird before 17.0.7, and Thunderbird ESR 17.x before 17.0.7 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.
CVE-2013-1680 2 Mozilla, Redhat 5 Firefox, Thunderbird, Thunderbird Esr and 2 more 2025-04-11 N/A
Use-after-free vulnerability in the nsFrameList::FirstChild function in Mozilla Firefox before 21.0, Firefox ESR 17.x before 17.0.6, Thunderbird before 17.0.6, and Thunderbird ESR 17.x before 17.0.6 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via unspecified vectors.
CVE-2013-1686 2 Mozilla, Redhat 5 Firefox, Thunderbird, Thunderbird Esr and 2 more 2025-04-11 N/A
Use-after-free vulnerability in the mozilla::ResetDir function in Mozilla Firefox before 22.0, Firefox ESR 17.x before 17.0.7, Thunderbird before 17.0.7, and Thunderbird ESR 17.x before 17.0.7 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via unspecified vectors.
CVE-2013-1694 2 Mozilla, Redhat 5 Firefox, Thunderbird, Thunderbird Esr and 2 more 2025-04-11 N/A
The PreserveWrapper implementation in Mozilla Firefox before 22.0, Firefox ESR 17.x before 17.0.7, Thunderbird before 17.0.7, and Thunderbird ESR 17.x before 17.0.7 does not properly handle the lack of a wrapper, which allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code by leveraging unintended clearing of the wrapper cache's preserved-wrapper flag.
CVE-2013-1735 2 Mozilla, Redhat 6 Firefox, Seamonkey, Thunderbird and 3 more 2025-04-11 N/A
Use-after-free vulnerability in the mozilla::layout::ScrollbarActivity function in Mozilla Firefox before 24.0, Firefox ESR 17.x before 17.0.9, Thunderbird before 24.0, Thunderbird ESR 17.x before 17.0.9, and SeaMonkey before 2.21 allows remote attackers to execute arbitrary code via vectors related to image-document scrolling.
CVE-2013-1737 2 Mozilla, Redhat 6 Firefox, Seamonkey, Thunderbird and 3 more 2025-04-11 N/A
Mozilla Firefox before 24.0, Firefox ESR 17.x before 17.0.9, Thunderbird before 24.0, Thunderbird ESR 17.x before 17.0.9, and SeaMonkey before 2.21 do not properly identify the "this" object during use of user-defined getter methods on DOM proxies, which might allow remote attackers to bypass intended access restrictions via vectors involving an expando object.
CVE-2013-1792 2 Linux, Redhat 3 Linux Kernel, Enterprise Linux, Enterprise Mrg 2025-04-11 N/A
Race condition in the install_user_keyrings function in security/keys/process_keys.c in the Linux kernel before 3.8.3 allows local users to cause a denial of service (NULL pointer dereference and system crash) via crafted keyctl system calls that trigger keyring operations in simultaneous threads.
CVE-2013-1813 3 Busybox, Redhat, T-mobile 3 Busybox, Enterprise Linux, Tm-ac1900 2025-04-11 N/A
util-linux/mdev.c in BusyBox before 1.21.0 uses 0777 permissions for parent directories when creating nested directories under /dev/, which allows local users to have unknown impact and attack vectors.
CVE-2013-1847 2 Apache, Redhat 2 Subversion, Enterprise Linux 2025-04-11 N/A
The mod_dav_svn Apache HTTPD server module in Subversion 1.6.0 through 1.6.20 and 1.7.0 through 1.7.8 allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via an anonymous LOCK for a URL that does not exist.
CVE-2013-1848 2 Linux, Redhat 5 Linux Kernel, Enterprise Linux, Enterprise Mrg and 2 more 2025-04-11 N/A
fs/ext3/super.c in the Linux kernel before 3.8.4 uses incorrect arguments to functions in certain circumstances related to printk input, which allows local users to conduct format-string attacks and possibly gain privileges via a crafted application.
CVE-2013-1927 3 Canonical, Opensuse, Redhat 4 Ubuntu Linux, Opensuse, Enterprise Linux and 1 more 2025-04-11 N/A
The IcedTea-Web plugin before 1.2.3 and 1.3.x before 1.3.2 allows remote attackers to execute arbitrary code via a crafted file that validates as both a GIF and a Java JAR file, aka "GIFAR."
CVE-2013-1960 2 Redhat, Remotesensing 2 Enterprise Linux, Libtiff 2025-04-11 N/A
Heap-based buffer overflow in the t2p_process_jpeg_strip function in tiff2pdf in libtiff 4.0.3 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted TIFF image file.
CVE-2013-1962 1 Redhat 2 Enterprise Linux, Libvirt 2025-04-11 N/A
The remoteDispatchStoragePoolListAllVolumes function in the storage pool manager in libvirt 1.0.5 allows remote attackers to cause a denial of service (file descriptor consumption) via a large number of requests "to list all volumes for the particular pool."
CVE-2013-1968 5 Apache, Canonical, Collabnet and 2 more 5 Subversion, Ubuntu Linux, Subversion and 2 more 2025-04-11 N/A
Subversion before 1.6.23 and 1.7.x before 1.7.10 allows remote authenticated users to cause a denial of service (FSFS repository corruption) via a newline character in a file name.
CVE-2013-1978 3 Gimp, Gnome, Redhat 3 Gimp, Glib, Enterprise Linux 2025-04-11 N/A
Heap-based buffer overflow in the read_xwd_cols function in file-xwd.c in the X Window Dump (XWD) plug-in in GIMP 2.6.9 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via an X Window System (XWD) image dump with more colors than color map entries.