CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Security Vulnerabilities (CVSS score between 6 and 6.99)

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
9001 CVE-2013-4876 255 2013-07-18 2013-07-19
6.2
None Local High Not required Complete Complete Complete
The Verizon Wireless Network Extender SCS-2U01 has a hardcoded password for the root account, which makes it easier for physically proximate attackers to obtain administrative access by leveraging a login prompt.
9002 CVE-2013-4875 287 Bypass 2013-07-18 2013-08-22
6.2
Admin Local High Not required Complete Complete Complete
The Uboot bootloader on the Verizon Wireless Network Extender SCS-2U01 allows physically proximate attackers to bypass the intended boot process and obtain a login prompt by connecting a crafted HDMI cable and sending a SysReq interrupt.
9003 CVE-2013-4874 287 2013-07-18 2013-08-22
6.2
Admin Local High Not required Complete Complete Complete
The Uboot bootloader on the Verizon Wireless Network Extender SCS-26UC4 allows physically proximate attackers to obtain root access by connecting a crafted HDMI cable and using a sys session to modify the ramboot environment variable.
9004 CVE-2013-4872 264 2013-07-18 2017-08-28
6.9
None Local Medium Not required Complete Complete Complete
Google Glass before XE6 does not properly restrict the processing of QR codes, which allows physically proximate attackers to modify the configuration or redirect users to arbitrary web sites via a crafted symbol, as demonstrated by selecting a Wi-Fi access point in order to conduct a man-in-the-middle attack.
9005 CVE-2013-4871 352 CSRF 2013-07-19 2017-08-28
6.8
None Remote Medium Not required Partial Partial Partial
Cross-site request forgery (CSRF) vulnerability in the TEQneers SEO Enhancements (tq_seo) extension before 5.0.1 for TYPO3 allows remote attackers to hijack the authentication of unspecified victims via unknown vectors.
9006 CVE-2013-4852 189 DoS Exec Code Overflow 2013-08-19 2018-10-30
6.8
None Remote Medium Not required Partial Partial Partial
Integer overflow in PuTTY 0.62 and earlier, WinSCP before 5.1.6, and other products that use PuTTY allows remote SSH servers to cause a denial of service (crash) and possibly execute arbitrary code in certain applications that use PuTTY via a negative size value in an RSA key signature during the SSH handshake, which triggers a heap-based buffer overflow.
9007 CVE-2013-4851 264 Bypass 2013-07-29 2013-08-22
6.4
None Remote Low Not required Partial Partial None
The vfs_hang_addrlist function in sys/kern/vfs_export.c in the NFS server implementation in the kernel in FreeBSD 8.3 and 9.x through 9.1-RELEASE-p5 controls authorization for host/subnet export entries on the basis of group information sent by the client, which allows remote attackers to bypass file permissions on NFS filesystems via crafted requests.
9008 CVE-2013-4843 +Info 2013-11-17 2013-11-19
6.8
None Remote Low Single system Complete None None
Unspecified vulnerability in HP Integrated Lights-Out 4 (iLO4) with firmware before 1.32 allows remote authenticated users to obtain sensitive information via unknown vectors.
9009 CVE-2013-4777 264 +Priv 2013-09-25 2016-12-07
6.9
None Local Medium Not required Complete Complete Complete
A certain configuration of Android 2.3.7 on the Motorola Defy XT phone for Republic Wireless uses init to create a /dev/socket/init_runit socket that listens for shell commands, which allows local users to gain privileges by interacting with a LocalSocket object.
9010 CVE-2013-4758 399 DoS Exec Code 2013-10-04 2013-10-07
6.8
None Remote Medium Not required Partial Partial Partial
Double free vulnerability in the writeDataError function in the ElasticSearch plugin (omelasticsearch) in rsyslog before 7.4.2 and before 7.5.2 devel, when errorfile is set to local logging, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted JSON response.
9011 CVE-2013-4740 362 DoS +Priv Mem. Corr. 2013-11-12 2013-11-14
6.9
None Local Medium Not required Complete Complete Complete
goodix_tool.c in the Goodix gt915 touchscreen driver for the Linux kernel 3.x, as used in Qualcomm Innovation Center (QuIC) Android contributions for MSM devices and other products, relies on user-space length values for kernel-memory copies of procfs file content, which allows attackers to gain privileges or cause a denial of service (memory corruption) via an application that provides crafted values.
9012 CVE-2013-4726 352 CSRF 2014-04-25 2014-04-25
6.8
None Remote Medium Not required Partial Partial Partial
Cross-site request forgery (CSRF) vulnerability in DDSN Interactive cm3 Acora CMS 6.0.6/1a, 6.0.2/1a, 5.5.7/12b, 5.5.0/1b-p1, and possibly other versions, allows remote attackers to hijack the authentication of unspecified victims via unknown vectors.
9013 CVE-2013-4712 399 +Info 2013-10-19 2013-10-21
6.8
None Remote Medium Not required Partial Partial Partial
I-O DATA DEVICE HDL-A and HDL2-A devices with firmware 1.07 and earlier do not properly manage sessions, which allows remote attackers to obtain sensitive information or modify data via unspecified vectors.
9014 CVE-2013-4709 119 Exec Code Overflow 2013-09-20 2015-03-05
6.8
None Remote Medium Not required Partial Partial Partial
Buffer overflow in the PPP Access Concentrator (PPPAC) on the SEIL/x86 with firmware before 2.82, SEIL/X1 with firmware before 4.32, SEIL/X2 with firmware before 4.32, SEIL/B1 with firmware before 4.32, SEIL/Turbo with firmware before 2.16, and SEIL/neu 2FE Plus with firmware before 2.16 allows remote attackers to execute arbitrary code via a crafted L2TP message.
9015 CVE-2013-4707 264 DoS 2013-09-20 2013-09-23
6.3
None Remote Medium Single system None None Complete
The SSH implementation on D-Link Japan DES-3810 devices with firmware before R2.20.011 allows remote authenticated users to cause a denial of service (device hang) by leveraging login access.
9016 CVE-2013-4706 264 DoS 2013-09-20 2013-09-23
6.3
None Remote Medium Single system None None Complete
The SSH implementation on the D-Link Japan DWL-2100AP with firmware before R252JP-RC572 allows remote authenticated users to cause a denial of service (reboot) by leveraging login access.
9017 CVE-2013-4680 2013-06-25 2017-08-28
6.4
None Remote Low Not required Partial Partial None
Open redirect vulnerability in Maag Form Captcha extension 2.0.0 and earlier for TYPO3 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vectors.
9018 CVE-2013-4679 119 Overflow +Priv 2013-08-05 2013-10-07
6.6
None Local Medium Single system Complete Complete Complete
Symantec Workspace Virtualization before 6.x before 6.4.1953.0, when a virtual application layer is configured, allows local users to gain privileges via an application that performs crafted interaction with the operating system.
9019 CVE-2013-4671 352 CSRF 2013-08-01 2014-01-17
6.0
None Remote Medium Single system Partial Partial Partial
Cross-site request forgery (CSRF) vulnerability in the management console on the Symantec Web Gateway (SWG) appliance before 5.1.1 allows remote authenticated users to hijack the authentication of unspecified victims via unknown vectors.
9020 CVE-2013-4662 89 Sql Bypass 2014-01-29 2014-02-21
6.5
None Remote Low Single system Partial Partial Partial
The Quick Search API in CiviCRM 4.2.0 through 4.2.9 and 4.3.0 through 4.3.3 allows remote authenticated users to bypass the validation layer and conduct SQL injection attacks via a direct request to the "second layer" of the API, related to contact.getquick.
9021 CVE-2013-4660 20 Exec Code 2013-06-28 2013-07-01
6.8
None Remote Medium Not required Partial Partial Partial
The JS-YAML module before 2.0.5 for Node.js parses input without properly considering the unsafe !!js/function tag, which allows remote attackers to execute arbitrary code via a crafted string that triggers an eval operation.
9022 CVE-2013-4651 255 2013-08-01 2013-08-01
6.6
None Remote High Not required Partial Partial Complete
Siemens Scalance W7xx devices with firmware before 4.5.4 use the same hardcoded X.509 certificate across different customers' installations, which makes it easier for remote attackers to conduct man-in-the-middle attacks against SSL sessions by leveraging the certificate's trust relationship.
9023 CVE-2013-4650 264 2013-07-04 2013-07-05
6.5
User Remote Low Single system Partial Partial Partial
MongoDB 2.4.x before 2.4.5 and 2.5.x before 2.5.1 allows remote authenticated users to obtain internal system privileges by leveraging a username of __system in an arbitrary database.
9024 CVE-2013-4619 89 Exec Code Sql 2013-08-09 2013-08-13
6.5
None Remote Low Single system Partial Partial Partial
Multiple SQL injection vulnerabilities in OpenEMR 4.1.1 allow remote authenticated users to execute arbitrary SQL commands via the (1) start or (2) end parameter to interface/reports/custom_report_range.php, or the (3) form_newid parameter to custom/chart_tracker.php.
9025 CVE-2013-4609 264 Bypass 2013-06-17 2013-06-17
6.5
None Remote Low Single system Partial Partial Partial
REDCap before 5.0.4 and 5.1.x before 5.1.3 does not reject certain undocumented syntax within branching logic and calculations, which allows remote authenticated users to bypass intended access restrictions via (1) the Online Designer or (2) the Data Dictionary upload, as demonstrated by an eval call.
9026 CVE-2013-4604 264 2013-06-25 2013-06-26
6.5
None Remote Low Single system Partial Partial Partial
Fortinet FortiOS before 5.0.3 on FortiGate devices does not properly restrict Guest capabilities, which allows remote authenticated users to read, modify, or delete the records of arbitrary users by leveraging the Guest role.
9027 CVE-2013-4591 119 DoS Overflow Mem. Corr. 2013-11-20 2016-12-30
6.2
None Local High Not required Complete Complete Complete
Buffer overflow in the __nfs4_get_acl_uncached function in fs/nfs/nfs4proc.c in the Linux kernel before 3.7.2 allows local users to cause a denial of service (memory corruption and system crash) or possibly have unspecified other impact via a getxattr system call for the system.nfs4_acl extended attribute of a pathname on an NFSv4 filesystem.
9028 CVE-2013-4588 119 Overflow +Priv 2013-11-20 2016-12-30
6.6
None Local Medium Single system Complete Complete Complete
Multiple stack-based buffer overflows in net/netfilter/ipvs/ip_vs_ctl.c in the Linux kernel before 2.6.33, when CONFIG_IP_VS is used, allow local users to gain privileges by leveraging the CAP_NET_ADMIN capability for (1) a getsockopt system call, related to the do_ip_vs_get_ctl function, or (2) a setsockopt system call, related to the do_ip_vs_set_ctl function.
9029 CVE-2013-4581 94 Exec Code 2014-05-12 2014-05-12
6.8
None Remote Medium Not required Partial Partial Partial
GitLab 5.0 before 5.4.2, Community Edition before 6.2.4, Enterprise Edition before 6.2.1 and gitlab-shell before 1.7.8 allows remote attackers to execute arbitrary code via a crafted change using SSH.
9030 CVE-2013-4580 287 Bypass 2014-05-12 2016-05-18
6.8
None Remote Medium Not required Partial Partial Partial
GitLab before 5.4.2, Community Edition before 6.2.4, and Enterprise Edition before 6.2.1, when using a MySQL backend, allows remote attackers to impersonate arbitrary users and bypass authentication via unspecified API calls.
9031 CVE-2013-4565 119 DoS Exec Code Overflow 2014-04-25 2017-08-28
6.8
None Remote Medium Not required Partial Partial Partial
Heap-based buffer overflow in the __OLEdecode function in ppthtml 0.5.1 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted .ppt file.
9032 CVE-2013-4562 352 CSRF 2014-05-13 2014-05-14
6.8
None Remote Medium Not required Partial Partial Partial
The omniauth-facebook gem 1.4.1 before 1.5.0 does not properly store the session parameter, which allows remote attackers to conduct cross-site request forgery (CSRF) attacks via the state parameter.
9033 CVE-2013-4555 352 CSRF 2013-11-17 2016-12-07
6.8
None Remote Medium Not required Partial Partial Partial
Cross-site request forgery (CSRF) vulnerability in ecrire/action/logout.php in SPIP before 2.1.24 allows remote attackers to hijack the authentication of arbitrary users for requests that logout the user via unspecified vectors.
9034 CVE-2013-4548 264 Bypass 2013-11-08 2015-11-20
6.0
None Remote Medium Single system Partial Partial Partial
The mm_newkeys_from_blob function in monitor_wrap.c in sshd in OpenSSH 6.2 and 6.3, when an AES-GCM cipher is used, does not properly initialize memory for a MAC context data structure, which allows remote authenticated users to bypass intended ForceCommand and login-shell restrictions via packet data that provides a crafted callback address.
9035 CVE-2013-4546 Exec Code 2014-05-13 2014-05-14
6.5
None Remote Low Single system Partial Partial Partial
The repository import feature in gitlab-shell before 1.7.4, as used in GitLab, allows remote authenticated users to execute arbitrary commands via the import URL.
9036 CVE-2013-4524 22 Dir. Trav. 2013-11-26 2013-11-27
6.8
None Remote Low Single system Complete None None
Directory traversal vulnerability in repository/filesystem/lib.php in Moodle through 2.2.11, 2.3.x before 2.3.10, 2.4.x before 2.4.7, and 2.5.x before 2.5.3 allows remote authenticated users to read arbitrary files via a .. (dot dot) in a path.
9037 CVE-2013-4511 189 Overflow +Priv 2013-11-12 2014-03-05
6.9
None Local Medium Not required Complete Complete Complete
Multiple integer overflows in Alchemy LCD frame-buffer drivers in the Linux kernel before 3.12 allow local users to create a read-write memory mapping for the entirety of kernel memory, and consequently gain privileges, via crafted mmap operations, related to the (1) au1100fb_fb_mmap function in drivers/video/au1100fb.c and the (2) au1200fb_fb_mmap function in drivers/video/au1200fb.c.
9038 CVE-2013-4497 264 Bypass 2013-11-05 2013-11-06
6.4
None Remote Low Not required Partial Partial None
The XenAPI backend in OpenStack Compute (Nova) Folsom, Grizzly, and Havana before 2013.2 does not properly apply security groups (1) when resizing an image or (2) during live migration, which allows remote attackers to bypass intended restrictions.
9039 CVE-2013-4490 Exec Code 2014-05-13 2014-05-14
6.5
None Remote Low Single system Partial Partial Partial
The SSH key upload feature (lib/gitlab_keys.rb) in gitlab-shell before 1.7.3, as used in GitLab 5.0 before 5.4.1 and 6.x before 6.2.3, allows remote authenticated users to execute arbitrary commands via shell metacharacters in the public key.
9040 CVE-2013-4489 Exec Code 2014-05-17 2014-05-19
6.5
None Remote Low Single system Partial Partial Partial
The Grit gem for Ruby, as used in GitLab 5.2 before 5.4.1 and 6.x before 6.2.3, allows remote authenticated users to execute arbitrary commands, as demonstrated by the search box for the GitLab code search feature.
9041 CVE-2013-4482 +Priv 2013-11-23 2019-04-22
6.2
None Local High Not required Complete Complete Complete
Untrusted search path vulnerability in python-paste-script (aka paster) in Luci 0.26.0, when started using the initscript, allows local users to gain privileges via a Trojan horse .egg-info file in the (1) current working directory or (2) its parent directories.
9042 CVE-2013-4479 94 Exec Code 2013-12-07 2016-12-21
6.8
None Remote Medium Not required Partial Partial Partial
lib/sup/message_chunks.rb in Sup before 0.13.2.1 and 0.14.x before 0.14.1.1 allows remote attackers to execute arbitrary commands via shell metacharacters in the content_type of an email attachment.
9043 CVE-2013-4478 94 Exec Code 2013-12-07 2013-12-09
6.8
None Remote Medium Not required Partial Partial Partial
Sup before 0.13.2.1 and 0.14.x before 0.14.1.1 allows remote attackers to execute arbitrary commands via shell metacharacters in the filename of an email attachment.
9044 CVE-2013-4470 264 DoS +Priv Mem. Corr. 2013-11-04 2018-01-08
6.9
None Local Medium Not required Complete Complete Complete
The Linux kernel before 3.12, when UDP Fragmentation Offload (UFO) is enabled, does not properly initialize certain data structures, which allows local users to cause a denial of service (memory corruption and system crash) or possibly gain privileges via a crafted application that uses the UDP_CORK option in a setsockopt system call and sends both short and long packets, related to the ip_ufo_append_data function in net/ipv4/ip_output.c and the ip6_ufo_append_data function in net/ipv6/ip6_output.c.
9045 CVE-2013-4468 1 Exec Code 2014-05-14 2014-05-15
6.5
None Remote Low Single system Partial Partial Partial
VICIDIAL dialer (aka Asterisk GUI client) 2.8-403a, 2.7, 2.7RC1, and earlier allows remote authenticated users to execute arbitrary commands via shell metacharacters in the extension parameter in an OriginateVDRelogin action to manager_send.php.
9046 CVE-2013-4467 89 1 Exec Code Sql 2014-03-11 2014-05-20
6.5
None Remote Low Single system Partial Partial Partial
Multiple SQL injection vulnerabilities in the agent interface (agc/) in VICIDIAL dialer (aka Asterisk GUI client) 2.8-403a, 2.7, 2.7RC1, and earlier allow (1) remote attackers to execute arbitrary SQL commands via the campaign variable in SCRIPT_multirecording_AJAX.php, (2) remote authenticated users to execute arbitrary SQL commands via the server_ip parameter to manager_send.php, or (3) other unspecified vectors. NOTE: some of these details are obtained from third party information.
9047 CVE-2013-4457 78 Exec Code 2013-11-02 2013-11-05
6.8
None Remote Medium Not required Partial Partial Partial
The Cocaine gem 0.4.0 through 0.5.2 for Ruby allows context-dependent attackers to execute arbitrary commands via a crafted has object, related to recursive variable interpolation.
9048 CVE-2013-4446 94 Exec Code 2013-12-07 2013-12-09
6.8
None Remote Medium Not required Partial Partial Partial
The _json_decode function in plugins/context_reaction_block.inc in the Context module 6.x-2.x before 6.x-3.2 and 7.x-3.x before 7.x-3.0 for Drupal, when using a version of PHP that does not support the json_decode function, allows remote attackers to execute arbitrary PHP code via unspecified vectors related to Ajax operations, possibly involving eval injection.
9049 CVE-2013-4444 94 Exec Code 2014-09-11 2017-01-06
6.8
None Remote Medium Not required Partial Partial Partial
Unrestricted file upload vulnerability in Apache Tomcat 7.x before 7.0.40, in certain situations involving outdated java.io.File code and a custom JMX configuration, allows remote attackers to execute arbitrary code by uploading and accessing a JSP file.
9050 CVE-2013-4435 287 2013-11-05 2013-11-07
6.0
None Remote Medium Single system Partial Partial Partial
Salt (aka SaltStack) 0.15.0 through 0.17.0 allows remote authenticated users who are using external authentication or client ACL to execute restricted routines by embedding the routine in another routine.
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.