| # |
CVE ID
|
CWE ID
|
# of Exploits
|
Vulnerability Type(s)
|
Publish Date
|
Update Date
|
Score
|
Gained Access Level
|
Access
|
Complexity
|
Authentication
|
Conf.
|
Integ.
|
Avail.
|
|
1 |
CVE-2013-3302 |
362 |
|
DoS |
2013-04-29 |
2023-02-13 |
4.4 |
None |
Local |
Medium |
Not required |
Partial |
Partial |
Partial |
|
Race condition in the smb_send_rqst function in fs/cifs/transport.c in the Linux kernel before 3.7.2 allows local users to cause a denial of service (NULL pointer dereference and OOPS) or possibly have unspecified other impact via vectors involving a reconnection event. |
|
2 |
CVE-2013-3301 |
|
|
DoS |
2013-04-29 |
2023-02-13 |
7.2 |
None |
Local |
Low |
Not required |
Complete |
Complete |
Complete |
|
The ftrace implementation in the Linux kernel before 3.8.8 allows local users to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact by leveraging the CAP_SYS_ADMIN capability for write access to the (1) set_ftrace_pid or (2) set_graph_function file, and then making an lseek system call. |
|
3 |
CVE-2013-3269 |
352 |
|
CSRF |
2013-04-25 |
2017-08-29 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
|
Cross-site request forgery (CSRF) vulnerability in Cybozu Office before 8.1.6 and 9.x before 9.3.0 allows remote attackers to hijack the authentication of arbitrary users for requests that change mobile passwords, a different vulnerability than CVE-2013-2305. |
|
4 |
CVE-2013-3268 |
287 |
|
|
2013-04-24 |
2017-08-29 |
10.0 |
None |
Remote |
Low |
Not required |
Complete |
Complete |
Complete |
|
Novell iManager 2.7 before SP6 Patch 1 does not refresh a token after a logout action, which has unspecified impact and remote attack vectors. |
|
5 |
CVE-2013-3241 |
|
|
|
2013-04-26 |
2013-11-19 |
4.0 |
None |
Remote |
Low |
??? |
None |
Partial |
None |
|
export.php (aka the export script) in phpMyAdmin 4.x before 4.0.0-rc3 overwrites global variables on the basis of the contents of the POST superglobal array, which allows remote authenticated users to inject values via a crafted request. |
|
6 |
CVE-2013-3240 |
22 |
|
Dir. Trav. |
2013-04-26 |
2013-11-19 |
6.5 |
None |
Remote |
Low |
??? |
Partial |
Partial |
Partial |
|
Directory traversal vulnerability in the Export feature in phpMyAdmin 4.x before 4.0.0-rc3 allows remote authenticated users to read arbitrary files or possibly have unspecified other impact via a parameter that specifies a crafted export type. |
|
7 |
CVE-2013-3239 |
94 |
|
Exec Code |
2013-04-26 |
2013-11-19 |
4.6 |
None |
Remote |
High |
??? |
Partial |
Partial |
Partial |
|
phpMyAdmin 3.5.x before 3.5.8 and 4.x before 4.0.0-rc3, when a SaveDir directory is configured, allows remote authenticated users to execute arbitrary code by using a double extension in the filename of an export file, leading to interpretation of this file as an executable file by the Apache HTTP Server, as demonstrated by a .php.sql filename. |
|
8 |
CVE-2013-3238 |
|
1
|
Exec Code |
2013-04-26 |
2013-11-19 |
6.0 |
None |
Remote |
Medium |
??? |
Partial |
Partial |
Partial |
|
phpMyAdmin 3.5.x before 3.5.8 and 4.x before 4.0.0-rc3 allows remote authenticated users to execute arbitrary code via a /e\x00 sequence, which is not properly handled before making a preg_replace function call within the "Replace table prefix" feature. |
|
9 |
CVE-2013-3237 |
200 |
|
+Info |
2013-04-22 |
2013-04-22 |
4.9 |
None |
Local |
Low |
Not required |
Complete |
None |
None |
|
The vsock_stream_sendmsg function in net/vmw_vsock/af_vsock.c in the Linux kernel before 3.9-rc7 does not initialize a certain length variable, which allows local users to obtain sensitive information from kernel stack memory via a crafted recvmsg or recvfrom system call. |
|
10 |
CVE-2013-3236 |
200 |
|
+Info |
2013-04-22 |
2021-08-09 |
4.9 |
None |
Local |
Low |
Not required |
Complete |
None |
None |
|
The vmci_transport_dgram_dequeue function in net/vmw_vsock/vmci_transport.c in the Linux kernel before 3.9-rc7 does not properly initialize a certain length variable, which allows local users to obtain sensitive information from kernel stack memory via a crafted recvmsg or recvfrom system call. |
|
11 |
CVE-2013-3235 |
200 |
|
+Info |
2013-04-22 |
2017-11-29 |
4.9 |
None |
Local |
Low |
Not required |
Complete |
None |
None |
|
net/tipc/socket.c in the Linux kernel before 3.9-rc7 does not initialize a certain data structure and a certain length variable, which allows local users to obtain sensitive information from kernel stack memory via a crafted recvmsg or recvfrom system call. |
|
12 |
CVE-2013-3234 |
200 |
|
+Info |
2013-04-22 |
2017-11-29 |
4.9 |
None |
Local |
Low |
Not required |
Complete |
None |
None |
|
The rose_recvmsg function in net/rose/af_rose.c in the Linux kernel before 3.9-rc7 does not initialize a certain data structure, which allows local users to obtain sensitive information from kernel stack memory via a crafted recvmsg or recvfrom system call. |
|
13 |
CVE-2013-3233 |
200 |
|
+Info |
2013-04-22 |
2014-01-04 |
4.9 |
None |
Local |
Low |
Not required |
Complete |
None |
None |
|
The llcp_sock_recvmsg function in net/nfc/llcp/sock.c in the Linux kernel before 3.9-rc7 does not initialize a certain length variable and a certain data structure, which allows local users to obtain sensitive information from kernel stack memory via a crafted recvmsg or recvfrom system call. |
|
14 |
CVE-2013-3232 |
200 |
|
+Info |
2013-04-22 |
2017-11-29 |
4.9 |
None |
Local |
Low |
Not required |
Complete |
None |
None |
|
The nr_recvmsg function in net/netrom/af_netrom.c in the Linux kernel before 3.9-rc7 does not initialize a certain data structure, which allows local users to obtain sensitive information from kernel stack memory via a crafted recvmsg or recvfrom system call. |
|
15 |
CVE-2013-3231 |
200 |
|
+Info |
2013-04-22 |
2017-11-29 |
4.7 |
None |
Local |
Medium |
Not required |
Complete |
None |
None |
|
The llc_ui_recvmsg function in net/llc/af_llc.c in the Linux kernel before 3.9-rc7 does not initialize a certain length variable, which allows local users to obtain sensitive information from kernel stack memory via a crafted recvmsg or recvfrom system call. |
|
16 |
CVE-2013-3230 |
200 |
|
+Info |
2013-04-22 |
2014-01-04 |
4.9 |
None |
Local |
Low |
Not required |
Complete |
None |
None |
|
The l2tp_ip6_recvmsg function in net/l2tp/l2tp_ip6.c in the Linux kernel before 3.9-rc7 does not initialize a certain structure member, which allows local users to obtain sensitive information from kernel stack memory via a crafted recvmsg or recvfrom system call. |
|
17 |
CVE-2013-3229 |
200 |
|
+Info |
2013-04-22 |
2017-11-29 |
4.9 |
None |
Local |
Low |
Not required |
Complete |
None |
None |
|
The iucv_sock_recvmsg function in net/iucv/af_iucv.c in the Linux kernel before 3.9-rc7 does not initialize a certain length variable, which allows local users to obtain sensitive information from kernel stack memory via a crafted recvmsg or recvfrom system call. |
|
18 |
CVE-2013-3228 |
200 |
|
+Info |
2013-04-22 |
2017-11-29 |
4.9 |
None |
Local |
Low |
Not required |
Complete |
None |
None |
|
The irda_recvmsg_dgram function in net/irda/af_irda.c in the Linux kernel before 3.9-rc7 does not initialize a certain length variable, which allows local users to obtain sensitive information from kernel stack memory via a crafted recvmsg or recvfrom system call. |
|
19 |
CVE-2013-3227 |
200 |
|
+Info |
2013-04-22 |
2017-11-29 |
4.9 |
None |
Local |
Low |
Not required |
Complete |
None |
None |
|
The caif_seqpkt_recvmsg function in net/caif/caif_socket.c in the Linux kernel before 3.9-rc7 does not initialize a certain length variable, which allows local users to obtain sensitive information from kernel stack memory via a crafted recvmsg or recvfrom system call. |
|
20 |
CVE-2013-3226 |
200 |
|
+Info |
2013-04-22 |
2014-01-04 |
4.9 |
None |
Local |
Low |
Not required |
Complete |
None |
None |
|
The sco_sock_recvmsg function in net/bluetooth/sco.c in the Linux kernel before 3.9-rc7 does not initialize a certain length variable, which allows local users to obtain sensitive information from kernel stack memory via a crafted recvmsg or recvfrom system call. |
|
21 |
CVE-2013-3225 |
200 |
|
+Info |
2013-04-22 |
2017-11-29 |
4.9 |
None |
Local |
Low |
Not required |
Complete |
None |
None |
|
The rfcomm_sock_recvmsg function in net/bluetooth/rfcomm/sock.c in the Linux kernel before 3.9-rc7 does not initialize a certain length variable, which allows local users to obtain sensitive information from kernel stack memory via a crafted recvmsg or recvfrom system call. |
|
22 |
CVE-2013-3224 |
200 |
|
+Info |
2013-04-22 |
2017-11-29 |
4.9 |
None |
Local |
Low |
Not required |
Complete |
None |
None |
|
The bt_sock_recvmsg function in net/bluetooth/af_bluetooth.c in the Linux kernel before 3.9-rc7 does not properly initialize a certain length variable, which allows local users to obtain sensitive information from kernel stack memory via a crafted recvmsg or recvfrom system call. |
|
23 |
CVE-2013-3223 |
200 |
|
+Info |
2013-04-22 |
2017-11-29 |
4.9 |
None |
Local |
Low |
Not required |
Complete |
None |
None |
|
The ax25_recvmsg function in net/ax25/af_ax25.c in the Linux kernel before 3.9-rc7 does not initialize a certain data structure, which allows local users to obtain sensitive information from kernel stack memory via a crafted recvmsg or recvfrom system call. |
|
24 |
CVE-2013-3222 |
200 |
|
+Info |
2013-04-22 |
2017-11-29 |
4.9 |
None |
Local |
Low |
Not required |
Complete |
None |
None |
|
The vcc_recvmsg function in net/atm/common.c in the Linux kernel before 3.9-rc7 does not initialize a certain length variable, which allows local users to obtain sensitive information from kernel stack memory via a crafted recvmsg or recvfrom system call. |
|
25 |
CVE-2013-3221 |
20 |
|
Sql |
2013-04-22 |
2019-08-08 |
6.4 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
None |
|
The Active Record component in Ruby on Rails 2.3.x, 3.0.x, 3.1.x, and 3.2.x does not ensure that the declared data type of a database column is used during comparisons of input values to stored values in that column, which makes it easier for remote attackers to conduct data-type injection attacks against Ruby on Rails applications via a crafted value, as demonstrated by unintended interaction between the "typed XML" feature and a MySQL database. |
|
26 |
CVE-2013-3211 |
|
|
|
2013-04-19 |
2013-04-22 |
10.0 |
None |
Remote |
Low |
Not required |
Complete |
Complete |
Complete |
|
Unspecified vulnerability in Opera before 12.15 has unknown impact and attack vectors, related to a "moderately severe issue." |
|
27 |
CVE-2013-3210 |
200 |
|
+Info |
2013-04-19 |
2013-04-22 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
Opera before 12.15 does not properly block top-level domains in Set-Cookie headers, which allows remote attackers to obtain sensitive information by leveraging control of a different web site in the same top-level domain. |
|
28 |
CVE-2013-3076 |
200 |
|
+Info |
2013-04-22 |
2017-11-29 |
4.9 |
None |
Local |
Low |
Not required |
Complete |
None |
None |
|
The crypto API in the Linux kernel through 3.9-rc8 does not initialize certain length variables, which allows local users to obtain sensitive information from kernel stack memory via a crafted recvmsg or recvfrom system call, related to the hash_recvmsg function in crypto/algif_hash.c and the skcipher_recvmsg function in crypto/algif_skcipher.c. |
|
29 |
CVE-2013-3075 |
119 |
1
|
Exec Code Overflow |
2013-04-19 |
2013-05-15 |
10.0 |
None |
Remote |
Low |
Not required |
Complete |
Complete |
Complete |
|
Multiple buffer overflows in ActUWzd.dll 1.0.0.1 in Mitsubishi MX Component 3, as distributed in Citect CitectFacilities 7.10 and CitectScada 7.10r1, allow remote attackers to execute arbitrary code via a long string, as demonstrated by a long WzTitle property value to a certain ActiveX control. |
|
30 |
CVE-2013-3060 |
287 |
|
DoS +Info |
2013-04-21 |
2016-11-28 |
6.4 |
None |
Remote |
Low |
Not required |
Partial |
None |
Partial |
|
The web console in Apache ActiveMQ before 5.8.0 does not require authentication, which allows remote attackers to obtain sensitive information or cause a denial of service via HTTP requests. |
|
31 |
CVE-2013-3055 |
264 |
|
Exec Code +Info |
2013-04-25 |
2013-04-25 |
9.3 |
None |
Remote |
Medium |
Not required |
Complete |
Complete |
Complete |
|
Lexmark Markvision Enterprise before 1.8 provides a diagnostic interface on TCP port 9789, which allows remote attackers to execute arbitrary code, change the configuration, or obtain sensitive fleet-management information via unspecified vectors. |
|
32 |
CVE-2013-3051 |
16 |
|
|
2013-04-13 |
2013-04-15 |
6.2 |
None |
Local |
High |
Not required |
Complete |
Complete |
Complete |
|
The TrustZone kernel, when used in conjunction with a certain Motorola build of Android 4.1.2, on Motorola Razr HD, Razr M, and Atrix HD devices with the Qualcomm MSM8960 chipset does not verify the association between a certain physical-address argument and a memory region, which allows local users to unlock the bootloader by using kernel mode to perform crafted 0x9 and 0x2 SMC operations, a different vulnerability than CVE-2013-2596. |
|
33 |
CVE-2013-3050 |
89 |
1
|
Exec Code Sql |
2013-04-12 |
2017-08-29 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
SQL injection vulnerability in ZAPms 1.41 and earlier allows remote attackers to execute arbitrary SQL commands via the pid parameter to product. |
|
34 |
CVE-2013-2835 |
264 |
|
Bypass |
2013-04-16 |
2013-04-17 |
5.0 |
None |
Remote |
Low |
Not required |
None |
Partial |
None |
|
Google Chrome OS before 26.0.1410.57 does not properly enforce origin restrictions for the O3D and Google Talk plug-ins, which allows remote attackers to bypass the domain-whitelist protection mechanism via a crafted web site, a different vulnerability than CVE-2013-2834. |
|
35 |
CVE-2013-2834 |
264 |
|
Bypass |
2013-04-16 |
2013-04-17 |
5.0 |
None |
Remote |
Low |
Not required |
None |
Partial |
None |
|
Google Chrome OS before 26.0.1410.57 does not properly enforce origin restrictions for the O3D and Google Talk plug-ins, which allows remote attackers to bypass the domain-whitelist protection mechanism via a crafted web site, a different vulnerability than CVE-2013-2835. |
|
36 |
CVE-2013-2833 |
399 |
|
DoS |
2013-04-16 |
2013-04-17 |
10.0 |
None |
Remote |
Low |
Not required |
Complete |
Complete |
Complete |
|
Use-after-free vulnerability in the O3D plug-in in Google Chrome OS before 26.0.1410.57 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to improper management of ownership relationships involving Elements and DrawElements. |
|
37 |
CVE-2013-2832 |
119 |
|
Overflow +Info |
2013-04-16 |
2013-04-18 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
The Buffer::Set function in core/cross/buffer.cc in the O3D plug-in in Google Chrome OS before 26.0.1410.57 does not prevent uninitialized data from remaining in a buffer, which might allow remote attackers to obtain sensitive information via unspecified vectors. |
|
38 |
CVE-2013-2780 |
|
|
DoS |
2013-04-22 |
2022-02-01 |
7.8 |
None |
Remote |
Low |
Not required |
None |
None |
Complete |
|
Siemens SIMATIC S7-1200 PLCs 2.x and 3.x allow remote attackers to cause a denial of service (defect-mode transition and control outage) via crafted packets to UDP port 161 (aka the SNMP port). |
|
39 |
CVE-2013-2779 |
20 |
|
DoS |
2013-04-11 |
2021-10-05 |
7.8 |
None |
Remote |
Low |
Not required |
None |
None |
Complete |
|
Cisco IOS XE 3.4 before 3.4.5S, and 3.5 through 3.7 before 3.7.1S, on 1000 series Aggregation Services Routers (ASR) does not properly implement the Cisco Multicast Leaf Recycle Elimination (MLRE) feature, which allows remote attackers to cause a denial of service (card reload) via fragmented IPv6 MVPN (aka MVPNv6) packets, aka Bug ID CSCub34945, a different vulnerability than CVE-2013-1164. |
|
40 |
CVE-2013-2778 |
352 |
|
CSRF |
2013-04-09 |
2013-04-09 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
Cross-site request forgery (CSRF) vulnerability in addressbook/register/delete_user.php in PHP Address Book 8.2.5 allows remote attackers to hijack the authentication of administrators for requests that delete accounts, a different vulnerability than CVE-2013-0135.1. |
|
41 |
CVE-2013-2777 |
264 |
|
|
2013-04-08 |
2017-08-29 |
4.4 |
None |
Local |
Medium |
Not required |
Partial |
Partial |
Partial |
|
sudo before 1.7.10p5 and 1.8.x before 1.8.6p6, when the tty_tickets option is enabled, does not properly validate the controlling terminal device, which allows local users with sudo permissions to hijack the authorization of another terminal via vectors related to a session without a controlling terminal device and connecting to the standard input, output, and error file descriptors of another terminal. NOTE: this is one of three closely-related vulnerabilities that were originally assigned CVE-2013-1776, but they have been SPLIT because of different affected versions. |
|
42 |
CVE-2013-2776 |
264 |
|
|
2013-04-08 |
2017-08-29 |
4.4 |
None |
Local |
Medium |
Not required |
Partial |
Partial |
Partial |
|
sudo 1.3.5 through 1.7.10p5 and 1.8.0 through 1.8.6p6, when running on systems without /proc or the sysctl function with the tty_tickets option enabled, does not properly validate the controlling terminal device, which allows local users with sudo permissions to hijack the authorization of another terminal via vectors related to connecting to the standard input, output, and error file descriptors of another terminal. NOTE: this is one of three closely-related vulnerabilities that were originally assigned CVE-2013-1776, but they have been SPLIT because of different affected versions. |
|
43 |
CVE-2013-2770 |
20 |
|
|
2013-04-07 |
2020-05-11 |
5.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
None |
|
The installation functionality in the Novell Kanaka component before 2.8 for Novell Open Enterprise Server (OES) on Mac OS X does not verify the server's X.509 certificate during an SSL session, which allows man-in-the-middle attackers to spoof servers via an arbitrary certificate. |
|
44 |
CVE-2013-2767 |
|
|
Bypass |
2013-04-25 |
2013-05-02 |
5.4 |
None |
Remote |
High |
Not required |
Complete |
None |
None |
|
Unspecified vulnerability in Citrix NetScaler Access Gateway Enterprise Edition (AGEE) before 9.3.62.4 and 10.x through 10.0.74.4, and NetScaler AGEE Common Criteria build before 9.3.53.6, allows remote attackers to bypass intended intranet access restrictions via unknown vectors. |
|
45 |
CVE-2013-2766 |
79 |
|
XSS |
2013-04-10 |
2013-05-15 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
|
Cross-site scripting (XSS) vulnerability in Splunk Web in Splunk 4.3.0 through 4.3.5 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. |
|
46 |
CVE-2013-2763 |
400 |
|
DoS |
2013-04-04 |
2022-01-31 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
** DISPUTED ** The Schneider Electric M340 PLC modules allow remote attackers to cause a denial of service (resource consumption) via unspecified vectors. NOTE: the vendor reportedly disputes this issue because it "could not be duplicated" and "an attacker could not remotely exploit this observed behavior to deny PLC control functions." |
|
47 |
CVE-2013-2762 |
255 |
|
Bypass |
2013-04-04 |
2013-04-04 |
10.0 |
None |
Remote |
Low |
Not required |
Complete |
Complete |
Complete |
|
The Schneider Electric Magelis XBT HMI controller has a default password for authentication of configuration uploads, which makes it easier for remote attackers to bypass intended access restrictions via crafted configuration data. |
|
48 |
CVE-2013-2761 |
119 |
|
DoS Overflow |
2013-04-04 |
2013-04-04 |
4.0 |
None |
Remote |
Low |
??? |
None |
None |
Partial |
|
The Schneider Electric M340 BMXNOE01xx and BMXP3420xx PLC modules allow remote authenticated users to cause a denial of service (module crash) via crafted FTP traffic, as demonstrated by the FileZilla FTP client. |
|
49 |
CVE-2013-2760 |
119 |
1
|
Exec Code Overflow |
2013-04-16 |
2013-04-18 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
|
Buffer overflow in Groovy Media Player 3.2.0 allows remote attackers to execute arbitrary code via a long string in a .m3u file. |
|
50 |
CVE-2013-2744 |
200 |
|
+Info |
2013-04-02 |
2013-04-02 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
importbuddy.php in the BackupBuddy plugin 2.2.25 for WordPress allows remote attackers to obtain configuration information via a step 0 phpinfo action, which calls the phpinfo function. |
