Search
Total
6314 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2013-3826 | 1 Oracle | 1 Database Server | 2017-09-19 | 5.0 MEDIUM | N/A |
| Unspecified vulnerability in the Core RDBMS component in Oracle Database Server 11.1.0.7, 11.2.0.2, 11.2.0.3, and 12.1.0.1 allows remote attackers to affect confidentiality via unknown vectors. | |||||
| CVE-2013-1708 | 1 Mozilla | 2 Firefox, Seamonkey | 2017-09-19 | 4.3 MEDIUM | N/A |
| Mozilla Firefox before 23.0 and SeaMonkey before 2.20 allow remote attackers to cause a denial of service (application crash) via a crafted WAV file that is not properly handled by the nsCString::CharAt function. | |||||
| CVE-2013-3842 | 1 Sun | 1 Sunos | 2017-09-19 | 2.1 LOW | N/A |
| Unspecified vulnerability Oracle Solaris 10 allows local users to affect confidentiality via vectors related to Oracle Configuration Manager (OCM). | |||||
| CVE-2013-3813 | 1 Sun | 1 Sunos | 2017-09-19 | 5.8 MEDIUM | N/A |
| Unspecified vulnerability in Oracle Solaris 10 allows remote attackers to affect confidentiality and integrity via vectors related to Libraries/PAM-Unix. | |||||
| CVE-2013-3799 | 1 Sun | 1 Sunos | 2017-09-19 | 4.9 MEDIUM | N/A |
| Unspecified vulnerability in Oracle Solaris 10 and 11, when running on AMD64, allows local users to affect availability via unknown vectors related to Kernel. | |||||
| CVE-2013-1669 | 1 Mozilla | 1 Firefox | 2017-09-19 | 10.0 HIGH | N/A |
| Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 21.0 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors. | |||||
| CVE-2013-1683 | 1 Mozilla | 1 Firefox | 2017-09-19 | 10.0 HIGH | N/A |
| Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 22.0 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors. | |||||
| CVE-2013-3787 | 1 Sun | 1 Sunos | 2017-09-19 | 4.3 MEDIUM | N/A |
| Unspecified vulnerability in Oracle Solaris 10 and 11 allows remote attackers to affect availability via unknown vectors related to Kernel. | |||||
| CVE-2013-3786 | 1 Sun | 1 Sunos | 2017-09-19 | 6.0 MEDIUM | N/A |
| Unspecified vulnerability in Oracle Solaris 9, 10, and 11 allows local users to affect confidentiality, integrity, and availability via unknown vectors related to Kernel. | |||||
| CVE-2013-2421 | 1 Oracle | 2 Jdk, Jre | 2017-09-19 | 9.3 HIGH | N/A |
| Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier, and OpenJDK 6 and 7, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to HotSpot. NOTE: the previous information is from the April 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to incorrect MethodHandle lookups, which allows remote attackers to bypass Java sandbox restrictions. | |||||
| CVE-2013-1702 | 1 Mozilla | 2 Firefox, Seamonkey | 2017-09-19 | 10.0 HIGH | N/A |
| Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 23.0 and SeaMonkey before 2.20 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors. | |||||
| CVE-2013-1701 | 1 Mozilla | 5 Firefox, Firefox Esr, Seamonkey and 2 more | 2017-09-19 | 10.0 HIGH | N/A |
| Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 23.0, Firefox ESR 17.x before 17.0.8, Thunderbird before 17.0.8, Thunderbird ESR 17.x before 17.0.8, and SeaMonkey before 2.20 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors. | |||||
| CVE-2013-2268 | 4 Apple, Google, Linux and 1 more | 4 Mac Os X, Chrome, Linux Kernel and 1 more | 2017-09-19 | 7.5 HIGH | N/A |
| Unspecified vulnerability in the MathML implementation in WebKit in Google Chrome before 25.0.1364.97 on Windows and Linux, and before 25.0.1364.99 on Mac OS X, has unknown impact and remote attack vectors, related to a "high severity security issue." | |||||
| CVE-2013-3757 | 1 Sun | 1 Sunos | 2017-09-19 | 6.4 MEDIUM | N/A |
| Unspecified vulnerability in Oracle Solaris 8, 9, 10, and 11 allows remote attackers to affect integrity and availability via vectors related to SMF/File Locking Services. | |||||
| CVE-2013-1561 | 1 Oracle | 3 Javafx, Jdk, Jre | 2017-09-19 | 5.0 MEDIUM | N/A |
| Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier and JavaFX 2.2.7 and earlier allows remote attackers to affect confidentiality via unknown vectors related to JavaFX. | |||||
| CVE-2013-3745 | 1 Sun | 1 Sunos | 2017-09-19 | 2.1 LOW | N/A |
| Unspecified vulnerability in Oracle Solaris 8, 9, 10, and 11 allows local users to affect availability via unknown vectors related to Libraries/Libc. | |||||
| CVE-2013-1564 | 1 Oracle | 3 Javafx, Jdk, Jre | 2017-09-19 | 5.0 MEDIUM | N/A |
| Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier and JavaFX 2.2.7 and earlier allows remote attackers to affect integrity via unknown vectors related to JavaFX. | |||||
| CVE-2013-1530 | 1 Sun | 1 Sunos | 2017-09-19 | 3.8 LOW | N/A |
| Unspecified vulnerability in Oracle Sun Solaris 10 allows local users to affect availability via unknown vectors related to Kernel. | |||||
| CVE-2013-2931 | 1 Google | 1 Chrome | 2017-09-19 | 10.0 HIGH | N/A |
| Multiple unspecified vulnerabilities in Google Chrome before 31.0.1650.48 allow attackers to execute arbitrary code or possibly have other impact via unknown vectors. | |||||
| CVE-2013-2928 | 1 Google | 1 Chrome | 2017-09-19 | 7.5 HIGH | N/A |
| Multiple unspecified vulnerabilities in Google Chrome before 30.0.1599.101 allow attackers to cause a denial of service or possibly have other impact via unknown vectors. | |||||
| CVE-2013-2923 | 1 Google | 1 Chrome | 2017-09-19 | 7.5 HIGH | N/A |
| Multiple unspecified vulnerabilities in Google Chrome before 30.0.1599.66 allow attackers to cause a denial of service or possibly have other impact via unknown vectors. | |||||
| CVE-2013-2886 | 2 Debian, Google | 2 Debian Linux, Chrome | 2017-09-19 | 7.5 HIGH | N/A |
| Multiple unspecified vulnerabilities in Google Chrome before 28.0.1500.95 allow attackers to cause a denial of service or possibly have other impact via unknown vectors. | |||||
| CVE-2013-2887 | 1 Google | 1 Chrome | 2017-09-19 | 7.5 HIGH | N/A |
| Multiple unspecified vulnerabilities in Google Chrome before 29.0.1547.57 allow attackers to cause a denial of service or possibly have other impact via unknown vectors. | |||||
| CVE-2013-2868 | 2 Debian, Google | 2 Debian Linux, Chrome | 2017-09-19 | 5.0 MEDIUM | N/A |
| common/extensions/sync_helper.cc in Google Chrome before 28.0.1500.71 proceeds with sync operations for NPAPI extensions without checking for a certain plugin permission setting, which might allow remote attackers to trigger unwanted extension changes via unspecified vectors. | |||||
| CVE-2013-2880 | 1 Google | 1 Chrome | 2017-09-19 | 7.5 HIGH | N/A |
| Multiple unspecified vulnerabilities in Google Chrome before 28.0.1500.71 allow attackers to cause a denial of service or possibly have other impact via unknown vectors. | |||||
| CVE-2013-2882 | 3 Debian, Google, Redhat | 3 Debian Linux, Chrome, Openstack | 2017-09-19 | 7.5 HIGH | N/A |
| Google V8, as used in Google Chrome before 28.0.1500.95, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors that leverage "type confusion." | |||||
| CVE-2013-2720 | 1 Adobe | 2 Acrobat, Acrobat Reader | 2017-09-19 | 10.0 HIGH | N/A |
| Adobe Reader and Acrobat 9.x before 9.5.5, 10.x before 10.1.7, and 11.x before 11.0.03 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2013-2718, CVE-2013-2719, CVE-2013-2721, CVE-2013-2722, CVE-2013-2723, CVE-2013-2725, CVE-2013-2726, CVE-2013-2731, CVE-2013-2732, CVE-2013-2734, CVE-2013-2735, CVE-2013-2736, CVE-2013-3337, CVE-2013-3338, CVE-2013-3339, CVE-2013-3340, and CVE-2013-3341. | |||||
| CVE-2013-2859 | 2 Debian, Google | 2 Debian Linux, Chrome | 2017-09-19 | 7.5 HIGH | N/A |
| Google Chrome before 27.0.1453.110 allows remote attackers to bypass the Same Origin Policy and trigger namespace pollution via unspecified vectors. | |||||
| CVE-2013-2865 | 2 Debian, Google | 2 Debian Linux, Chrome | 2017-09-19 | 7.5 HIGH | N/A |
| Multiple unspecified vulnerabilities in Google Chrome before 27.0.1453.110 allow attackers to cause a denial of service or possibly have other impact via unknown vectors. | |||||
| CVE-2013-2867 | 2 Debian, Google | 2 Debian Linux, Chrome | 2017-09-19 | 7.5 HIGH | N/A |
| Google Chrome before 28.0.1500.71 does not properly prevent pop-under windows, which allows remote attackers to have an unspecified impact via a crafted web site. | |||||
| CVE-2013-2916 | 1 Google | 1 Chrome | 2017-09-19 | 4.3 MEDIUM | N/A |
| Blink, as used in Google Chrome before 30.0.1599.66, allows remote attackers to spoof the address bar via vectors involving a response with a 204 (aka No Content) status code, in conjunction with a delay in notifying the user of an attempted spoof. | |||||
| CVE-2013-2854 | 2 Google, Microsoft | 2 Chrome, Windows | 2017-09-19 | 7.5 HIGH | N/A |
| Google Chrome before 27.0.1453.110 on Windows provides an incorrect handle to a renderer process in unspecified circumstances, which allows remote attackers to cause a denial of service or possibly have other impact via unknown vectors. | |||||
| CVE-2013-2836 | 1 Google | 1 Chrome | 2017-09-19 | 7.5 HIGH | N/A |
| Multiple unspecified vulnerabilities in Google Chrome before 27.0.1453.93 allow attackers to cause a denial of service or possibly have other impact via unknown vectors. | |||||
| CVE-2013-1682 | 1 Mozilla | 4 Firefox, Firefox Esr, Thunderbird and 1 more | 2017-09-19 | 10.0 HIGH | N/A |
| Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 22.0, Firefox ESR 17.x before 17.0.7, Thunderbird before 17.0.7, and Thunderbird ESR 17.x before 17.0.7 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors. | |||||
| CVE-2013-1485 | 1 Oracle | 2 Jdk, Jre | 2017-09-19 | 5.0 MEDIUM | N/A |
| Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 13 and earlier allows remote attackers to affect integrity via unknown vectors related to Libraries. | |||||
| CVE-2013-1496 | 1 Sun | 1 Sunos | 2017-09-19 | 4.9 MEDIUM | N/A |
| Unspecified vulnerability in Oracle Sun Solaris 10 and 11 allows local users to affect availability via unknown vectors related to Kernel/IO, a different vulnerability than CVE-2013-1498. | |||||
| CVE-2013-2460 | 1 Oracle | 2 Jdk, Jre | 2017-09-19 | 9.3 HIGH | N/A |
| Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier, and OpenJDK 7, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Serviceability. NOTE: the previous information is from the June 2013 CPU. Oracle has not commented on claims from another vendor that this issue allows remote attackers to bypass the Java sandbox via vectors related to "insufficient access checks" in the tracing component. | |||||
| CVE-2013-1507 | 1 Sun | 1 Sunos | 2017-09-19 | 4.9 MEDIUM | N/A |
| Unspecified vulnerability in Oracle Sun Solaris 10 and 11 allows local users to affect availability via unknown vectors related to Filesystem. | |||||
| CVE-2013-2458 | 1 Oracle | 2 Jdk, Jre | 2017-09-19 | 5.8 MEDIUM | N/A |
| Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier, and OpenJDK 7, allows remote attackers to affect confidentiality and integrity via unknown vectors related to Libraries. NOTE: the previous information is from the June 2013 CPU. Oracle has not commented on claims from another vendor that this issue allows remote attackers to bypass the Java sandbox via "an error related to method handles." | |||||
| CVE-2013-1498 | 1 Sun | 1 Sunos | 2017-09-19 | 4.9 MEDIUM | N/A |
| Unspecified vulnerability in Oracle Sun Solaris 10 and 11 allows local users to affect availability via unknown vectors related to Kernel/IO, a different vulnerability than CVE-2013-1496. | |||||
| CVE-2013-1494 | 2 Oracle, Sun | 4 Sparc T4-1, Sparc T4-1b, Sparc T4-4 and 1 more | 2017-09-19 | 4.7 MEDIUM | N/A |
| Unspecified vulnerability in Oracle Sun Solaris 10, when running on SPARC T4 servers, allows local users to affect availability via unknown vectors related to Kernel. | |||||
| CVE-2013-6628 | 1 Google | 1 Chrome | 2017-09-19 | 4.3 MEDIUM | N/A |
| net/socket/ssl_client_socket_nss.cc in the TLS implementation in Google Chrome before 31.0.1650.48 does not ensure that a server's X.509 certificate is the same during renegotiation as it was before renegotiation, which might allow remote web servers to interfere with trust relationships by renegotiating a session. | |||||
| CVE-2013-6337 | 1 Wireshark | 1 Wireshark | 2017-09-19 | 4.3 MEDIUM | N/A |
| Unspecified vulnerability in the NBAP dissector in Wireshark 1.8.x before 1.8.11 and 1.10.x before 1.10.3 allows remote attackers to cause a denial of service (application crash) via a crafted packet. | |||||
| CVE-2013-1586 | 1 Wireshark | 1 Wireshark | 2017-09-19 | 2.9 LOW | N/A |
| The fragment_set_tot_len function in epan/reassemble.c in Wireshark 1.6.x before 1.6.13 and 1.8.x before 1.8.5 does not properly determine the length of a reassembled packet for the DTLS dissector, which allows remote attackers to cause a denial of service (application crash) via a malformed packet. | |||||
| CVE-2013-2449 | 1 Oracle | 2 Jdk, Jre | 2017-09-19 | 4.3 MEDIUM | N/A |
| Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier, and OpenJDK 7, allows remote attackers to affect confidentiality via unknown vectors related to Libraries. NOTE: the previous information is from the June 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to GnomeFileTypeDetector and a missing check for read permissions for a path. | |||||
| CVE-2013-6626 | 1 Google | 1 Chrome | 2017-09-19 | 4.3 MEDIUM | N/A |
| The WebContentsImpl::AttachInterstitialPage function in content/browser/web_contents/web_contents_impl.cc in Google Chrome before 31.0.1650.48 does not cancel JavaScript dialogs upon generating an interstitial warning, which allows remote attackers to spoof the address bar via a crafted web site. | |||||
| CVE-2013-1489 | 5 Google, Microsoft, Mozilla and 2 more | 6 Chrome, Internet Explorer, Firefox and 3 more | 2017-09-19 | 10.0 HIGH | N/A |
| Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 10 and Update 11, when running on Windows using Internet Explorer, Firefox, Opera, and Google Chrome, allows remote attackers to bypass the "Very High" security level of the Java Control Panel and execute unsigned Java code without prompting the user via unknown vectors, aka "Issue 53" and the "Java Security Slider" vulnerability. | |||||
| CVE-2013-1587 | 1 Wireshark | 1 Wireshark | 2017-09-19 | 2.9 LOW | N/A |
| The dissect_rohc_ir_packet function in epan/dissectors/packet-rohc.c in the ROHC dissector in Wireshark 1.8.x before 1.8.5 does not properly handle unknown profiles, which allows remote attackers to cause a denial of service (application crash) via a malformed packet. | |||||
| CVE-2013-2438 | 1 Oracle | 2 Jdk, Jre | 2017-09-19 | 5.0 MEDIUM | N/A |
| Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier allows remote attackers to affect integrity via unknown vectors related to JavaFX. | |||||
| CVE-2013-2436 | 1 Oracle | 2 Jdk, Jre | 2017-09-19 | 9.3 HIGH | N/A |
| Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier, and OpenJDK 7, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Libraries, a different vulnerability than CVE-2013-1488 and CVE-2013-2426. NOTE: the previous information is from the April 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to incorrect "type checks" and "method handle binding" involving Wrapper.convert. | |||||