Total
5231 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2013-0719 | 1 Codedesign | 1 Artime Japanese Input | 2024-11-21 | 5.0 MEDIUM | N/A |
| The ArtIME Japanese Input application 1.1.2 and earlier for Android uses weak permissions for unspecified files, which allows attackers to obtain sensitive information via an application that accesses the local filesystem. | |||||
| CVE-2013-0718 | 1 Simeji | 1 Simeji | 2024-11-21 | 5.0 MEDIUM | N/A |
| The Simeji application 4.8.1 and earlier for Android uses weak permissions for unspecified files, which allows attackers to obtain sensitive information via an application that accesses the local filesystem. | |||||
| CVE-2013-0706 | 1 Nec | 1 Universal Raid Utility | 2024-11-21 | 9.0 HIGH | N/A |
| NEC Universal RAID Utility 1.40 Rev 680 and earlier, 2.31 Rev 1492 and earlier, and 2.5 Rev 2244 and earlier does not provide access control, which allows remote attackers to perform arbitrary RAID disk operations via unspecified vectors. | |||||
| CVE-2013-0692 | 2 Emerson, Enea | 4 Dl 8000 Remote Terminal Unit, Roc 800 Remote Terminal Unit, Roc 800l Remote Terminal Unit and 1 more | 2024-11-21 | 10.0 HIGH | N/A |
| The kernel in ENEA OSE on the Emerson Process Management ROC800 RTU with software 3.50 and earlier, DL8000 RTU with software 2.30 and earlier, and ROC800L RTU with software 1.20 and earlier allows remote attackers to execute arbitrary code by connecting to the debug service. | |||||
| CVE-2013-0687 | 1 Schneider-electric | 1 Micom S1 Studio | 2024-11-21 | 6.6 MEDIUM | N/A |
| The installer routine in Schneider Electric MiCOM S1 Studio uses world-writable permissions for executable files, which allows local users to modify the service or the configuration files, and consequently gain privileges or trigger incorrect protective-relay operation, via a Trojan horse executable file. | |||||
| CVE-2013-0685 | 1 Invensys | 1 Wonderware Information Server | 2024-11-21 | 9.3 HIGH | N/A |
| Invensys Wonderware Information Server (WIS) 4.0 SP1SP1, 4.5- Portal, and 5.0- Portal does not restrict unspecified size and amount values, which allows remote attackers to execute arbitrary code or cause a denial of service (resource consumption) via unknown vectors. | |||||
| CVE-2013-0676 | 1 Siemens | 2 Simatic Pcs7, Wincc | 2024-11-21 | 4.0 MEDIUM | N/A |
| Siemens WinCC before 7.2, as used in SIMATIC PCS7 before 8.0 SP1 and other products, does not properly assign privileges for the database containing WebNavigator credentials, which allows remote authenticated users to obtain sensitive information via a SQL query. | |||||
| CVE-2013-0665 | 1 Selinc | 1 Acselerator Quickset | 2024-11-21 | 6.2 MEDIUM | N/A |
| Schweitzer Engineering Laboratories (SEL) AcSELerator QuickSet before 5.12.0.1 uses weak permissions for its Program Files directory, which allows local users to replace executable files, and consequently gain privileges, via standard filesystem operations. | |||||
| CVE-2013-0652 | 1 Ge | 1 Intelligent Platforms Proficy Real-time Information Portal | 2024-11-21 | 5.0 MEDIUM | N/A |
| GE Intelligent Platforms Proficy Real-Time Information Portal does not restrict access to methods of an unspecified Java class, which allows remote attackers to obtain a username listing via an RMI call. | |||||
| CVE-2013-0651 | 1 Ge | 1 Intelligent Platforms Proficy Real-time Information Portal | 2024-11-21 | 5.0 MEDIUM | N/A |
| The Portal installation process in GE Intelligent Platforms Proficy Real-Time Information Portal stores sensitive information under the web root with insufficient access control, which allows remote attackers to read configuration files, and discover data-source credentials, via a direct request. | |||||
| CVE-2013-0624 | 1 Adobe | 2 Acrobat, Acrobat Reader | 2024-11-21 | 10.0 HIGH | N/A |
| Adobe Reader and Acrobat 9.x before 9.5.3, 10.x before 10.1.5, and 11.x before 11.0.1 allow attackers to bypass intended access restrictions via unspecified vectors, a different vulnerability than CVE-2013-0622. | |||||
| CVE-2013-0622 | 1 Adobe | 2 Acrobat, Acrobat Reader | 2024-11-21 | 10.0 HIGH | N/A |
| Adobe Reader and Acrobat 9.x before 9.5.3, 10.x before 10.1.5, and 11.x before 11.0.1 allow attackers to bypass intended access restrictions via unspecified vectors, a different vulnerability than CVE-2013-0624. | |||||
| CVE-2013-0579 | 1 Ibm | 1 Infosphere Optim Data Growth For Oracle E-business Suite | 2024-11-21 | 4.3 MEDIUM | N/A |
| The Optim E-Business Console in IBM Data Growth Solution for Oracle E-business Suite 6.0 through 9.1 allows remote attackers to impersonate arbitrary users by leveraging access to a legitimate user's web browser either (1) before or (2) after authentication. | |||||
| CVE-2013-0577 | 1 Ibm | 1 Infosphere Optim Data Growth For Oracle E-business Suite | 2024-11-21 | 5.2 MEDIUM | N/A |
| The Optim E-Business Console in IBM Data Growth Solution for Oracle E-business Suite 6.0 through 9.1 allows remote authenticated users to bypass intended access restrictions and create, modify, or delete documents or scripts via unspecified vectors. | |||||
| CVE-2013-0537 | 1 Ibm | 1 Lotus Sametime | 2024-11-21 | 3.5 LOW | N/A |
| The Enterprise Meeting Server in IBM Lotus Sametime 8.5.2 and 8.5.2.1 allows remote authenticated users to spoof the origin of shared links by leveraging meeting-attendance privileges. | |||||
| CVE-2013-0536 | 1 Ibm | 3 Lotus Inotes, Lotus Notes, Lotus Notes Traveler | 2024-11-21 | 7.2 HIGH | N/A |
| ntmulti.exe in the Multi User Profile Cleanup service in IBM Notes 8.0, 8.0.1, 8.0.2, 8.5, 8.5.1, 8.5.2, 8.5.3 before FP5, and 9.0 before IF2 allows local users to gain privileges via vectors that arrange for code to be executed during the next login session of a different user, aka SPR PJOK959J24. | |||||
| CVE-2013-0529 | 1 Ibm | 1 Sterling Connect Direct User Interface | 2024-11-21 | 5.0 MEDIUM | N/A |
| The Browser in IBM Sterling Connect:Direct 1.4 before 1.4.0.11 and 1.5 through 1.5.0.1 does not set the secure flag for the session cookie in an https session, which makes it easier for remote attackers to capture this cookie by intercepting its transmission within an http session. | |||||
| CVE-2013-0510 | 1 Ibm | 1 Security Appscan | 2024-11-21 | 4.3 MEDIUM | N/A |
| IBM Security AppScan Enterprise 5.6 and 8.x before 8.7 includes a security test that sends session cookies to a specific external server, which allows man-in-the-middle attackers to hijack the test account by capturing these cookies. | |||||
| CVE-2013-0501 | 1 Ibm | 1 Cognos Disclosure Management | 2024-11-21 | 9.3 HIGH | N/A |
| The EdrawSoft EDOFFICE.EDOfficeCtrl.1 ActiveX control, as used in Edraw Office Viewer Component, the client in IBM Cognos Disclosure Management (CDM) 10.2.0, and other products, allows remote attackers to read arbitrary files, or download an arbitrary program onto a client machine and execute this program, via a crafted web site. | |||||
| CVE-2013-0479 | 1 Ibm | 2 Sterling B2b Integrator, Sterling File Gateway | 2024-11-21 | 4.0 MEDIUM | N/A |
| IBM Sterling B2B Integrator 5.1 and 5.2 and Sterling File Gateway 2.1 and 2.2 do not properly restrict file types and extensions, which allows remote authenticated users to bypass intended access restrictions via a crafted filename. | |||||