CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Security Vulnerabilities (CVSS score between 6 and 6.99)

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
8051 CVE-2013-6806 287 +Info 2014-05-19 2014-05-19
6.8
None Remote Medium Not required Partial Partial Partial
OpenText Exceed OnDemand (EoD) 8 allows man-in-the-middle attackers to disable bidirectional authentication and obtain sensitive information via a crafted string in a response, which triggers a downgrade to simple authentication that sends credentials in plaintext.
8052 CVE-2013-6797 352 CSRF 2013-11-18 2013-11-19
6.8
None Remote Medium Not required Partial Partial Partial
Cross-site request forgery (CSRF) vulnerability in bluewrench-video-widget.php in the Blue Wrench Video Widget plugin before 2.0.0 for WordPress allows remote attackers to hijack the authentication of administrators for requests that embed arbitrary URLs via the bw_url parameter in the bw-videos page to wp-admin/admin.php, as demonstrated by embedding a URL to a JavaScript file.
8053 CVE-2013-6787 89 1 Exec Code Sql 2013-12-05 2013-12-27
6.0
None Remote Medium Single system Partial Partial Partial
SQL injection vulnerability in the check_user_password function in main/auth/profile.php in Chamilo LMS 1.9.6 and earlier, when using the non-encrypted passwords mode set at installation, allows remote authenticated users to execute arbitrary SQL commands via the "password0" parameter.
8054 CVE-2013-6763 119 DoS Overflow +Priv Mem. Corr. 2013-11-12 2014-01-07
6.9
None Local Medium Not required Complete Complete Complete
The uio_mmap_physical function in drivers/uio/uio.c in the Linux kernel before 3.12 does not validate the size of a memory block, which allows local users to cause a denial of service (memory corruption) or possibly gain privileges via crafted mmap operations, a different vulnerability than CVE-2013-4511.
8055 CVE-2013-6719 78 1 Exec Code 2014-03-06 2017-08-28
6.0
None Remote Medium Single system Partial Partial Partial
delivery.php in the Passive Capture Application (PCA) web console in IBM Tealeaf CX 7.x, 8.x through 8.6, 8.7 before FP2, and 8.8 before FP2 allows remote authenticated users to execute arbitrary commands via shell metacharacters in the testconn_host parameter.
8056 CVE-2013-6718 310 2013-11-30 2017-08-28
6.4
None Remote Low Not required Partial Partial None
The Advanced Management Module (AMM) with firmware 3.64B, 3.64C, and 3.64G for IBM BladeCenter systems allows remote attackers to discover account names and passwords via use of an unspecified interface.
8057 CVE-2013-6710 352 CSRF 2013-12-14 2016-09-16
6.8
None Remote Medium Not required Partial Partial Partial
Cross-site request forgery (CSRF) vulnerability in Cisco WebEx Training Center allows remote attackers to hijack the authentication of unspecified victims via unknown vectors, aka Bug ID CSCul25567.
8058 CVE-2013-6705 20 DoS 2013-12-03 2016-09-15
6.1
None Local Network Low Not required None None Complete
The IP Device Tracking (IPDT) feature in Cisco IOS and IOS XE allows remote attackers to cause a denial of service (IPDT AVL corruption and device reload) via a crafted sequence of ARP packets, aka Bug ID CSCuh38133.
8059 CVE-2013-6692 399 DoS 2013-11-21 2013-11-22
6.3
None Remote Medium Single system None None Complete
Cisco IOS XE 3.8S(.2) and earlier does not properly use a DHCP pool during assignment of an IP address, which allows remote authenticated users to cause a denial of service (device reload) via an AAA packet that triggers an address requirement, aka Bug ID CSCuh04949.
8060 CVE-2013-6691 119 DoS Overflow 2014-07-14 2017-08-28
6.8
None Remote Low Single system None None Complete
The WebVPN CIFS implementation in Cisco Adaptive Security Appliance (ASA) Software 9.0(.4.1) and earlier allows remote CIFS servers to cause a denial of service (device reload) via a long share list, aka Bug ID CSCuj83344.
8061 CVE-2013-6689 20 Bypass 2013-11-17 2013-11-19
6.9
None Local Medium Not required Complete Complete Complete
Cisco Unified Communications Manager (Unified CM) 9.1(1) and earlier allows local users to bypass file permissions, and read, modify, or create arbitrary files, via an "overload" of the command-line utility, aka Bug ID CSCui58229.
8062 CVE-2013-6688 22 Dir. Trav. 2013-11-17 2013-11-19
6.3
None Remote Medium Single system None Complete None
Directory traversal vulnerability in the license-upload interface in the Enterprise License Manager (ELM) component in Cisco Unified Communications Manager 9.1(1) and earlier allows remote authenticated users to create arbitrary files via a crafted path, aka Bug ID CSCui58222.
8063 CVE-2013-6686 20 DoS 2013-11-17 2013-11-19
6.8
None Remote Low Single system None None Complete
The SSL VPN implementation in Cisco IOS 15.3(1)T2 and earlier allows remote authenticated users to cause a denial of service (interface queue wedge) via crafted DTLS packets in an SSL session, aka Bug IDs CSCuh97409 and CSCud90568.
8064 CVE-2013-6685 264 +Priv 2013-11-13 2013-11-14
6.6
None Local Medium Single system Complete Complete Complete
The firmware on Cisco Unified IP phones 8961, 9951, and 9971 uses weak permissions for memory block devices, which allows local users to gain privileges by mounting a device with a setuid file in its filesystem, aka Bug ID CSCui04382.
8065 CVE-2013-6684 20 DoS 2013-11-13 2013-11-14
6.8
None Remote Low Single system None None Complete
The web framework on Cisco Wireless LAN Controller (WLC) devices does not properly validate configuration parameters, which allows remote authenticated users to cause a denial of service via a crafted HTTP request, aka Bug ID CSCuh81011.
8066 CVE-2013-6683 20 DoS 2013-11-13 2013-11-14
6.1
None Local Network Low Not required None None Complete
The IPv6 implementation in Cisco NX-OS does not properly handle neighbor-table adjacencies, which allows remote attackers to cause a denial of service (NS processing outage) via a series of malformed packets, aka Bug ID CSCtd15904.
8067 CVE-2013-6682 20 DoS 2013-11-13 2013-11-14
6.4
None Remote Low Not required None Partial Partial
The phone-proxy implementation in Cisco Adaptive Security Appliance (ASA) Software 9.0.3.6 and earlier does not properly validate X.509 certificates, which allows remote attackers to cause a denial of service (connection-database corruption) via an invalid entry, aka Bug ID CSCui33299.
8068 CVE-2013-6659 310 2014-02-23 2014-04-01
6.4
None Remote Low Not required Partial Partial None
The SSLClientSocketNSS::Core::OwnAuthCertHandler function in net/socket/ssl_client_socket_nss.cc in Google Chrome before 33.0.1750.117 does not prevent changes to server X.509 certificates during renegotiations, which allows remote SSL servers to trigger use of a new certificate chain, inconsistent with the user's expectations, by initiating a TLS renegotiation.
8069 CVE-2013-6657 264 XSS Bypass +Info 2014-02-23 2014-04-01
6.4
None Remote Low Not required Partial Partial None
core/html/parser/XSSAuditor.cpp in the XSS auditor in Blink, as used in Google Chrome before 33.0.1750.117, inserts the about:blank URL during certain blocking of FORM elements within HTTP requests, which allows remote attackers to bypass the Same Origin Policy and obtain sensitive information via unspecified vectors.
8070 CVE-2013-6645 399 DoS 2014-01-16 2014-03-05
6.8
None Remote Medium Not required Partial Partial Partial
Use-after-free vulnerability in the OnWindowRemovingFromRootWindow function in content/browser/web_contents/web_contents_view_aura.cc in Google Chrome before 32.0.1700.76 on Windows and before 32.0.1700.77 on Mac OS X and Linux allows user-assisted remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving certain print-preview and tab-switch actions that interact with a speech input element.
8071 CVE-2013-6635 399 DoS 2013-12-06 2016-12-07
6.8
None Remote Medium Not required Partial Partial Partial
Use-after-free vulnerability in the editing implementation in Blink, as used in Google Chrome before 31.0.1650.63, allows remote attackers to cause a denial of service or possibly have unspecified other impact via JavaScript code that triggers removal of a node during processing of the DOM tree, related to CompositeEditCommand.cpp and ReplaceSelectionCommand.cpp.
8072 CVE-2013-6634 287 2013-12-06 2014-03-05
6.8
None Remote Medium Not required Partial Partial Partial
The OneClickSigninHelper::ShowInfoBarIfPossible function in browser/ui/sync/one_click_signin_helper.cc in Google Chrome before 31.0.1650.63 uses an incorrect URL during realm validation, which allows remote attackers to conduct session fixation attacks and hijack web sessions by triggering improper sync after a 302 (aka Found) HTTP status code.
8073 CVE-2013-6625 399 DoS 2013-11-13 2017-09-18
6.8
None Remote Medium Not required Partial Partial Partial
Use-after-free vulnerability in core/dom/ContainerNode.cpp in Blink, as used in Google Chrome before 31.0.1650.48, allows remote attackers to cause a denial of service or possibly have unspecified other impact by leveraging improper handling of DOM range objects in circumstances that require child node removal after a (1) mutation or (2) blur event.
8074 CVE-2013-6622 399 DoS 2013-11-13 2017-09-18
6.8
None Remote Medium Not required Partial Partial Partial
Use-after-free vulnerability in the HTMLMediaElement::didMoveToNewDocument function in core/html/HTMLMediaElement.cpp in Blink, as used in Google Chrome before 31.0.1650.48, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving the movement of a media element between documents.
8075 CVE-2013-6483 20 DoS 2014-02-06 2014-03-16
6.4
None Remote Low Not required None Partial Partial
The XMPP protocol plugin in libpurple in Pidgin before 2.10.8 does not properly determine whether the from address in an iq reply is consistent with the to address in an iq request, which allows remote attackers to spoof iq traffic or cause a denial of service (NULL pointer dereference and application crash) via a crafted reply.
8076 CVE-2013-6475 189 Exec Code Overflow 2014-03-14 2016-12-30
6.8
None Remote Medium Not required Partial Partial Partial
Multiple integer overflows in (1) OPVPOutputDev.cxx and (2) oprs/OPVPSplash.cxx in the pdftoopvp filter in CUPS and cups-filters before 1.0.47 allow remote attackers to execute arbitrary code via a crafted PDF file, which triggers a heap-based buffer overflow.
8077 CVE-2013-6474 119 Exec Code Overflow 2014-03-14 2016-12-30
6.8
None Remote Medium Not required Partial Partial Partial
Heap-based buffer overflow in the pdftoopvp filter in CUPS and cups-filters before 1.0.47 allows remote attackers to execute arbitrary code via a crafted PDF file.
8078 CVE-2013-6473 119 Exec Code Overflow 2014-03-14 2016-12-30
6.8
None Remote Medium Not required Partial Partial Partial
Multiple heap-based buffer overflows in the urftopdf filter in cups-filters 1.0.25 before 1.0.47 allow remote attackers to execute arbitrary code via a large (1) page or (2) line in a URF file.
8079 CVE-2013-6469 94 Exec Code 2014-04-22 2014-04-22
6.5
None Remote Low Single system Partial Partial Partial
JBoss Overlord Run Time Governance (RTGov) 1.0 for JBossAS allows remote authenticated users to execute arbitrary Java code via an MVFLEX Expression Language (MVEL) expression. NOTE: some of these details are obtained from third party information.
8080 CVE-2013-6468 94 Exec Code 2014-04-10 2014-04-11
6.5
None Remote Low Single system Partial Partial Partial
JBoss Drools, Red Hat JBoss BRMS before 6.0.1, and Red Hat JBoss BPM Suite before 6.0.1 allows remote authenticated users to execute arbitrary Java code via a (1) MVFLEX Expression Language (MVEL) or (2) Drools expression.
8081 CVE-2013-6458 362 DoS 2014-01-24 2015-01-02
6.8
None Local Network High Not required Complete Complete Complete
Multiple race conditions in the (1) virDomainBlockStats, (2) virDomainGetBlockInf, (3) qemuDomainBlockJobImpl, and (4) virDomainGetBlockIoTune functions in libvirt before 1.2.1 do not properly verify that the disk is attached, which allows remote read-only attackers to cause a denial of service (libvirtd crash) via the virDomainDetachDeviceFlags command.
8082 CVE-2013-6443 352 Bypass CSRF 2014-01-22 2014-01-23
6.8
None Remote Medium Not required Partial Partial Partial
CloudForms 3.0 Management Engine before 5.2.1.6 allows remote attackers to bypass the Ruby on Rails protect_from_forgery mechanism and conduct cross-site request forgery (CSRF) attacks via a destructive action in a request.
8083 CVE-2013-6429 264 DoS CSRF 2014-01-26 2018-10-09
6.8
None Remote Medium Not required Partial Partial Partial
The SourceHttpMessageConverter in Spring MVC in Spring Framework before 3.2.5 and 4.0.0.M1 through 4.0.0.RC1 does not disable external entity resolution, which allows remote attackers to read arbitrary files, cause a denial of service, and conduct CSRF attacks via crafted XML, aka an XML External Entity (XXE) issue, and a different vulnerability than CVE-2013-4152 and CVE-2013-7315.
8084 CVE-2013-6427 94 Exec Code 2013-12-09 2014-03-05
6.8
None Remote Medium Not required Partial Partial Partial
upgrade.py in the hp-upgrade service in HP Linux Imaging and Printing (HPLIP) 3.x through 3.13.11 launches a program from an http URL, which allows man-in-the-middle attackers to execute arbitrary code by gaining control over the client-server data stream.
8085 CVE-2013-6417 264 Bypass 2013-12-06 2017-12-08
6.4
None Remote Low Not required Partial Partial None
actionpack/lib/action_dispatch/http/request.rb in Ruby on Rails before 3.2.16 and 4.x before 4.0.2 does not properly consider differences in parameter handling between the Active Record component and the JSON implementation, which allows remote attackers to bypass intended database-query restrictions and perform NULL checks or trigger missing WHERE clauses via a crafted request that leverages (1) third-party Rack middleware or (2) custom Rack middleware. NOTE: this vulnerability exists because of an incomplete fix for CVE-2013-0155.
8086 CVE-2013-6409 264 +Priv 2013-12-07 2013-12-09
6.2
None Local High Not required Complete Complete Complete
Debian adequate before 0.8.1, when run by root with the --user option, allows local users to hijack the tty and possibly gain privileges via the TIOCSTI ioctl.
8087 CVE-2013-6408 2013-12-07 2014-07-17
6.4
None Remote Low Not required Partial None Partial
The DocumentAnalysisRequestHandler in Apache Solr before 4.3.1 does not properly use the EmptyEntityResolver, which allows remote attackers to have an unspecified impact via XML data containing an external entity declaration in conjunction with an entity reference, related to an XML External Entity (XXE) issue. NOTE: this vulnerability exists because of an incomplete fix for CVE-2013-6407.
8088 CVE-2013-6407 2013-12-07 2014-07-17
6.4
None Remote Low Not required Partial None Partial
The UpdateRequestHandler for XML in Apache Solr before 4.1 allows remote attackers to have an unspecified impact via XML data containing an external entity declaration in conjunction with an entity reference, related to an XML External Entity (XXE) issue.
8089 CVE-2013-6403 264 Bypass 2013-12-24 2017-08-28
6.8
None Remote Medium Not required Partial Partial Partial
The admin page in ownCloud before 5.0.13 allows remote attackers to bypass intended access restrictions via unspecified vectors, related to MariaDB.
8090 CVE-2013-6400 264 DoS +Priv 2013-12-13 2017-01-06
6.8
None Local Network High Not required Complete Complete Complete
Xen 4.2.x and 4.3.x, when using Intel VT-d and a PCI device has been assigned, does not clear the flag that suppresses IOMMU TLB flushes when unspecified errors occur, which causes the TLB entries to not be flushed and allows local guest administrators to cause a denial of service (host crash) or gain privileges via unspecified vectors.
8091 CVE-2013-6393 119 DoS Exec Code Overflow 2014-02-06 2018-10-30
6.8
None Remote Medium Not required Partial Partial Partial
The yaml_parser_scan_tag_uri function in scanner.c in LibYAML before 0.1.5 performs an incorrect cast, which allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via crafted tags in a YAML document, which triggers a heap-based buffer overflow.
8092 CVE-2013-6386 310 Bypass 2013-12-07 2014-01-13
6.8
None Remote Medium Not required Partial Partial Partial
Drupal 6.x before 6.29 and 7.x before 7.24 uses the PHP mt_rand function to generate random numbers, which uses predictable seeds and allows remote attackers to predict security strings and bypass intended restrictions via a brute force attack.
8093 CVE-2013-6383 264 Bypass 2013-11-26 2014-03-26
6.9
None Local Medium Not required Complete Complete Complete
The aac_compat_ioctl function in drivers/scsi/aacraid/linit.c in the Linux kernel before 3.11.8 does not require the CAP_SYS_RAWIO capability, which allows local users to bypass intended access restrictions via a crafted ioctl call.
8094 CVE-2013-6381 119 DoS Overflow 2013-11-26 2016-12-30
6.9
None Local Medium Not required Complete Complete Complete
Buffer overflow in the qeth_snmp_command function in drivers/s390/net/qeth_core_main.c in the Linux kernel through 3.12.1 allows local users to cause a denial of service or possibly have unspecified other impact via an SNMP ioctl call with a length value that is incompatible with the command-buffer size.
8095 CVE-2013-6369 119 DoS Exec Code Overflow 2014-04-11 2016-12-30
6.8
None Remote Medium Not required Partial Partial Partial
Stack-based buffer overflow in the jbg_dec_in function in libjbig/jbig.c in JBIG-KIT before 2.1 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a crafted image file.
8096 CVE-2013-6368 20 DoS +Priv 2013-12-14 2018-01-08
6.2
None Local High Not required Complete Complete Complete
The KVM subsystem in the Linux kernel through 3.12.5 allows local users to gain privileges or cause a denial of service (system crash) via a VAPIC synchronization operation involving a page-end address.
8097 CVE-2013-6366 94 1 Exec Code 2013-11-04 2013-11-07
6.5
None Remote Low Single system Partial Partial Partial
The Groovy script console in VMware Hyperic HQ 4.6.6 allows remote authenticated administrators to execute arbitrary code via a Runtime.getRuntime().exec call.
8098 CVE-2013-6357 352 CSRF 2013-11-13 2013-11-14
6.8
None Remote Medium Not required Partial Partial Partial
** DISPUTED ** Cross-site request forgery (CSRF) vulnerability in the Manager application in Apache Tomcat 5.5.25 and earlier allows remote attackers to hijack the authentication of administrators for requests that manipulate application deployment via the POST method, as demonstrated by a /manager/html/undeploy?path= URI. NOTE: the vendor disputes the significance of this report, stating that "the Apache Tomcat Security team has not accepted any reports of CSRF attacks against the Manager application ... as they require a reckless system administrator."
8099 CVE-2013-6347 287 2013-11-02 2013-11-04
6.8
None Remote Medium Not required Partial Partial Partial
Session fixation vulnerability in Novell ZENworks Configuration Management (ZCM) before 11.2.4 allows remote attackers to hijack web sessions via unspecified vectors.
8100 CVE-2013-6346 352 CSRF 2013-11-02 2013-11-04
6.8
None Remote Medium Not required Partial Partial Partial
Cross-site request forgery (CSRF) vulnerability in the ZCC page in Novell ZENworks Configuration Management (ZCM) before 11.2.4 allows remote attackers to hijack the authentication of unspecified victims via unknown vectors.
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.