| # |
CVE ID
|
CWE ID
|
# of Exploits
|
Vulnerability Type(s)
|
Publish Date
|
Update Date
|
Score
|
Gained Access Level
|
Access
|
Complexity
|
Authentication
|
Conf.
|
Integ.
|
Avail.
|
|
1 |
CVE-2013-7128 |
310 |
|
+Info |
2013-12-17 |
2013-12-18 |
2.1 |
None |
Local |
Low |
Not required |
Partial |
None |
None |
|
Valve Bug Reporter in the valve-bugreporter package 2.10+bsos1 in Valve SteamOS Beta stores cleartext credentials in a .valve-bugreporter.cfg file upon a Remember Credentials action, which allows local users to obtain sensitive information by reading this file. |
|
2 |
CVE-2013-7127 |
310 |
|
+Info |
2013-12-17 |
2017-08-28 |
2.1 |
None |
Local |
Low |
Not required |
Partial |
None |
None |
|
Apple Safari 6.0.5 on Mac OS X 10.7.5 and 10.8.5 stores cleartext credentials in LastSession.plist, which allows local users to obtain sensitive information by reading this file. |
|
3 |
CVE-2013-7038 |
119 |
|
DoS Overflow +Info |
2013-12-13 |
2014-02-21 |
6.4 |
None |
Remote |
Low |
Not required |
Partial |
None |
Partial |
|
The MHD_http_unescape function in libmicrohttpd before 0.9.32 might allow remote attackers to obtain sensitive information or cause a denial of service (crash) via unspecified vectors that trigger an out-of-bounds read. |
|
4 |
CVE-2013-7030 |
310 |
1
|
+Info |
2013-12-12 |
2017-08-28 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
** DISPUTED ** The TFTP service in Cisco Unified Communications Manager (aka CUCM or Unified CM) allows remote attackers to obtain sensitive information from a phone via an RRQ operation, as demonstrated by discovering a cleartext UseUserCredential field in an SPDefault.cnf.xml file. NOTE: the vendor reportedly disputes the significance of this report, stating that this is an expected default behavior, and that the product's documentation describes use of the TFTP Encrypted Config option in addressing this issue. |
|
5 |
CVE-2013-7005 |
200 |
1
|
+Info |
2013-12-18 |
2013-12-19 |
4.9 |
None |
Local |
Low |
Not required |
Complete |
None |
None |
|
D-Link DSR-150 with firmware before 1.08B44; DSR-150N with firmware before 1.05B64; DSR-250 and DSR-250N with firmware before 1.08B44; and DSR-500, DSR-500N, DSR-1000, and DSR-1000N with firmware before 1.08B77 stores account passwords in cleartext, which allows local users to obtain sensitive information by reading the Users[#]["Password"] fields in /tmp/teamf1.cfg.ascii. |
|
6 |
CVE-2013-6986 |
310 |
|
Bypass +Info |
2013-12-12 |
2013-12-19 |
2.1 |
None |
Local |
Low |
Not required |
Partial |
None |
None |
|
The ZippyYum Subway CA Kiosk app 3.4 for iOS uses cleartext storage in SQLite cache databases, which allows attackers to obtain sensitive information by reading data elements, as demonstrated by password elements. |
|
7 |
CVE-2013-6978 |
200 |
|
+Info |
2013-12-21 |
2017-08-28 |
4.0 |
None |
Remote |
Low |
Single system |
Partial |
None |
None |
|
The disaster recovery system (DRS) component in Cisco Unified Communications Manager (UCM) 9.1(1) and earlier allows remote authenticated users to obtain sensitive device information by reading "extraneous information" in HTML source code, aka Bug ID CSCuj39249. |
|
8 |
CVE-2013-6973 |
200 |
|
+Info |
2013-12-14 |
2017-11-28 |
4.3 |
None |
Remote |
Medium |
Not required |
Partial |
None |
None |
|
Cisco WebEx Training Center allows remote attackers to discover registration IDs via a crafted URL, aka Bug ID CSCul57121. |
|
9 |
CVE-2013-6972 |
200 |
|
Bypass +Info |
2013-12-14 |
2017-11-28 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
Cisco WebEx Training Center allows remote attackers to discover session numbers, and bypass host approval for audio-conference attendance, by reading HTML source code, aka Bug ID CSCul57126. |
|
10 |
CVE-2013-6970 |
200 |
|
+Info |
2013-12-14 |
2017-11-28 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
Cisco WebEx Meeting Center allows remote attackers to obtain sensitive information by reading verbose error messages within server responses, aka Bug ID CSCul35928. |
|
11 |
CVE-2013-6968 |
200 |
|
+Info |
2013-12-14 |
2017-11-28 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
Cisco WebEx Training Center provides different error messages for registration attempts depending on whether the e-mail address exists, which allows remote attackers to enumerate attendees via a series of requests, aka Bug ID CSCul36003. |
|
12 |
CVE-2013-6868 |
200 |
|
+Info |
2013-11-23 |
2013-11-25 |
7.8 |
None |
Remote |
Low |
Not required |
Complete |
None |
None |
|
SAP Sybase Adaptive Server Enterprise (ASE) 15.0.3 before 15.0.3 ESD#4.3, 15.5 before 15.5 ESD#5.3, and 15.7 before 15.7 SP50 or 15.7 SP100 allows local users to obtain sensitive information via unspecified vectors. |
|
13 |
CVE-2013-6861 |
|
|
+Info |
2013-11-23 |
2013-11-27 |
4.9 |
None |
Local |
Low |
Not required |
Complete |
None |
None |
|
Unspecified vulnerability in SAP Sybase Adaptive Server Enterprise (ASE) 15.0.3 before 15.0.3 ESD#4.3, 15.5 before 15.5 ESD#5.3, and 15.7 before 15.7 SP50 or 15.7 SP100 allows local users to obtain sensitive information via unspecified vectors. |
|
14 |
CVE-2013-6860 |
|
|
+Info |
2013-11-23 |
2013-11-27 |
6.8 |
None |
Remote |
Low |
Single system |
Complete |
None |
None |
|
Unspecified vulnerability in SAP Sybase Adaptive Server Enterprise (ASE) before 15.0.3 ESD#4.3, 15.5 before 15.5 ESD#5.3, and 15.7 before 15.7 SP50 or 15.7 SP100 allows remote authenticated users to obtain sensitive information via unspecified vectors. |
|
15 |
CVE-2013-6834 |
20 |
|
+Info |
2013-11-20 |
2014-03-04 |
4.9 |
None |
Local |
Low |
Not required |
Complete |
None |
None |
|
The ql_eioctl function in sys/dev/qlxgbe/ql_ioctl.c in the kernel in FreeBSD 10 and earlier does not validate a certain size parameter, which allows local users to obtain sensitive information from kernel memory via a crafted ioctl call. |
|
16 |
CVE-2013-6833 |
20 |
|
+Info |
2013-11-20 |
2013-11-24 |
4.9 |
None |
Local |
Low |
Not required |
Complete |
None |
None |
|
The qls_eioctl function in sys/dev/qlxge/qls_ioctl.c in the kernel in FreeBSD 10 and earlier does not validate a certain size parameter, which allows local users to obtain sensitive information from kernel memory via a crafted ioctl call. |
|
17 |
CVE-2013-6832 |
200 |
|
+Info |
2013-11-20 |
2013-11-24 |
4.9 |
None |
Local |
Low |
Not required |
Complete |
None |
None |
|
The nand_ioctl function in sys/dev/nand/nand_geom.c in the nand driver in the kernel in FreeBSD 10 and earlier does not properly initialize a certain data structure, which allows local users to obtain sensitive information from kernel memory via a crafted ioctl call. |
|
18 |
CVE-2013-6814 |
20 |
|
+Info |
2013-11-20 |
2018-12-10 |
5.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
None |
|
The J2EE Engine in SAP NetWeaver 6.40, 7.02, and earlier allows remote attackers to redirect users to arbitrary web sites, conduct phishing attacks, and obtain sensitive information (cookies and SAPPASSPORT) via unspecified vectors. |
|
19 |
CVE-2013-6812 |
310 |
|
+Info |
2013-12-27 |
2014-02-27 |
5.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
None |
|
The ONEDC app before 1.7 for iOS does not properly verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. |
|
20 |
CVE-2013-6791 |
200 |
|
+Info |
2013-11-29 |
2013-12-13 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
|
Microsoft Enhanced Mitigation Experience Toolkit (EMET) before 4.0 uses predictable addresses for hooked functions, which makes it easier for context-dependent attackers to defeat the ASLR protection mechanism via a return-oriented programming (ROP) attack. |
|
21 |
CVE-2013-6789 |
200 |
|
+Info |
2013-11-12 |
2013-11-13 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
security/MemberLoginForm.php in SilverStripe 3.0.3 supports credentials in a GET request, which allows remote or local attackers to obtain sensitive information by reading web-server access logs, web-server Referer logs, or the browser history, a similar vulnerability to CVE-2013-2653. |
|
22 |
CVE-2013-6735 |
264 |
|
+Info |
2013-12-22 |
2018-10-09 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
IBM WebSphere Portal 6.0.0.x through 6.0.0.1, 6.0.1.x through 6.0.1.7, 6.1.0.x through 6.1.0.6 CF27, 6.1.5.x through 6.1.5.3 CF27, 7.0.0.x through 7.0.0.2 CF26, and 8.0.0.x through 8.0.0.1 CF08 allows remote attackers to obtain sensitive Java Content Repository (JCR) information via a modified Web Content Manager (WCM) URL. |
|
23 |
CVE-2013-6723 |
264 |
|
+Info |
2013-12-22 |
2017-08-28 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
IBM WebSphere Portal 8.0.0.1 before CF09 does not properly handle references in compute="always" Web Content Manager (WCM) navigator components, which allows remote attackers to obtain sensitive component information via unspecified vectors. |
|
24 |
CVE-2013-6709 |
200 |
|
Bypass +Info |
2013-12-14 |
2016-09-15 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
The registration component in Cisco WebEx Training Center provides the training-session URL before payment is completed, which allows remote attackers to bypass intended access restrictions and join an audio conference by entering credential fields from this URL, aka Bug ID CSCul57111. |
|
25 |
CVE-2013-6695 |
264 |
|
+Info |
2013-12-02 |
2014-03-04 |
4.0 |
None |
Remote |
Low |
Single system |
Partial |
None |
None |
|
The RBAC implementation in Cisco Secure Access Control System (ACS) does not properly verify privileges for support-bundle downloads, which allows remote authenticated users to obtain sensitive information via a download action, as demonstrated by obtaining read access to the user database, aka Bug ID CSCuj39274. |
|
26 |
CVE-2013-6672 |
200 |
|
+Info |
2013-12-11 |
2018-10-30 |
4.3 |
None |
Remote |
Medium |
Not required |
Partial |
None |
None |
|
Mozilla Firefox before 26.0 and SeaMonkey before 2.23 on Linux allow user-assisted remote attackers to read clipboard data by leveraging certain middle-click paste operations. |
|
27 |
CVE-2013-6630 |
189 |
|
+Info |
2013-11-18 |
2016-10-03 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
The get_dht function in jdmarker.c in libjpeg-turbo through 1.3.0, as used in Google Chrome before 31.0.1650.48 and other products, does not set all elements of a certain Huffman value array during the reading of segments that follow Define Huffman Table (DHT) JPEG markers, which allows remote attackers to obtain sensitive information from uninitialized memory locations via a crafted JPEG image. |
|
28 |
CVE-2013-6629 |
200 |
|
+Info |
2013-11-18 |
2018-01-04 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
The get_sos function in jdmarker.c in (1) libjpeg 6b and (2) libjpeg-turbo through 1.3.0, as used in Google Chrome before 31.0.1650.48, Ghostscript, and other products, does not check for certain duplications of component data during the reading of segments that follow Start Of Scan (SOS) JPEG markers, which allows remote attackers to obtain sensitive information from uninitialized memory locations via a crafted JPEG image. |
|
29 |
CVE-2013-6392 |
399 |
|
+Info |
2013-11-29 |
2014-03-05 |
4.9 |
None |
Local |
Low |
Not required |
Complete |
None |
None |
|
The genlock_dev_ioctl function in genlock.c in the Genlock driver for the Linux kernel 3.x, as used in Qualcomm Innovation Center (QuIC) Android contributions for MSM devices and other products, does not properly initialize a certain data structure, which allows local users to obtain sensitive information from kernel stack memory via a crafted GENLOCK_IOC_EXPORT ioctl call. |
|
30 |
CVE-2013-6384 |
200 |
|
+Info |
2013-11-23 |
2013-12-08 |
1.9 |
None |
Local |
Medium |
Not required |
Partial |
None |
None |
|
(1) impl_db2.py and (2) impl_mongodb.py in OpenStack Ceilometer 2013.2 and earlier, when the logging level is set to INFO, logs the connection string from ceilometer.conf, which allows local users to obtain sensitive information (the DB2 or MongoDB password) by reading the log file. |
|
31 |
CVE-2013-6316 |
264 |
|
+Info |
2013-12-22 |
2017-08-28 |
4.3 |
None |
Remote |
Medium |
Not required |
Partial |
None |
None |
|
IBM WebSphere Portal 7.0.0.x before 7.0.0.2 CF26 and 8.0.0.x before 8.0.0.1 CF09 does not properly handle content-selection changes during Taxonomy component rendering, which allows remote attackers to obtain sensitive property information in opportunistic circumstances by leveraging an error in a Web Content Manager (WCM) context processor. |
|
32 |
CVE-2013-6285 |
200 |
|
+Info |
2013-10-27 |
2013-11-21 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
The search component in the Treasurer application in Tyler Technologies TaxWeb 3.13.3.1 allows remote attackers to obtain sensitive query-structure information via an invalid search request, a different vulnerability than CVE-2013-6020. |
|
33 |
CVE-2013-6246 |
264 |
|
Bypass +Info |
2013-10-23 |
2013-10-24 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
The Dell Quest One Password Manager, possibly 5.0, allows remote attackers to bypass CAPTCHA protections and obtain sensitive information (user's full name) by sending a login request with a valid domain and username but without the CaptchaType, UseCaptchaEveryTime, and CaptchaResponse parameters. |
|
34 |
CVE-2013-6237 |
200 |
|
+Info |
2013-12-10 |
2017-08-28 |
3.5 |
None |
Remote |
Medium |
Single system |
Partial |
None |
None |
|
The ISL Desktop plugin for Windows before 1.4.7 for ISL Light 3.5.4 and earlier allows remote authenticated users to obtain sensitive information by pasting the clipboard contents that have been copied by another user in the session. |
|
35 |
CVE-2013-6181 |
310 |
|
+Info |
2013-12-27 |
2014-01-07 |
2.1 |
None |
Local |
Low |
Not required |
Partial |
None |
None |
|
EMC Watch4Net before 6.3 stores cleartext polled-device passwords in the installation repository, which allows local users to obtain sensitive information by leveraging repository privileges. |
|
36 |
CVE-2013-6169 |
310 |
|
+Info |
2013-10-17 |
2013-10-18 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
None |
Partial |
|
The TLS driver in ejabberd before 2.1.12 supports (1) SSLv2 and (2) weak SSL ciphers, which makes it easier for remote attackers to obtain sensitive information via a brute-force attack. |
|
37 |
CVE-2013-6052 |
200 |
|
+Info |
2013-12-12 |
2014-01-27 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
OpenJPEG 1.3 and earlier allows remote attackers to obtain sensitive information via unspecified vectors. |
|
38 |
CVE-2013-6020 |
200 |
|
+Info |
2013-10-27 |
2013-11-21 |
5.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
None |
|
passwordRequestPOST.jsp in Tyler Technologies TaxWeb 3.13.3.1 sends different HTTP status codes for invalid password-recovery requests depending on whether the user account exists, which allows remote attackers to enumerate account names via a series of requests to the (1) Assessor, (2) Recorder, or (3) Treasurer application. |
|
39 |
CVE-2013-6014 |
200 |
|
+Info |
2013-10-28 |
2015-05-27 |
6.1 |
None |
Local Network |
Low |
Not required |
None |
Complete |
None |
|
Juniper Junos 10.4 before 10.4S15, 11.4 before 11.4R9, 11.4X27 before 11.4X27.44, 12.1 before 12.1R7, 12.1X44 before 12.1X44-D20, 12.1X45 before 12.1X45-D15, 12.2 before 12.2R6, 12.3 before 12.3R3, 13.1 before 13.1R3, and 13.2 before 13.2R1, when Proxy ARP is enabled on an unnumbered interface, allows remote attackers to perform ARP poisoning attacks and possibly obtain sensitive information via a crafted ARP message. |
|
40 |
CVE-2013-5999 |
310 |
|
+Info |
2013-11-22 |
2014-03-05 |
5.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
None |
|
Kingsoft KDrive Personal before 1.21.0.1880 on Windows does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. |
|
41 |
CVE-2013-5995 |
200 |
|
+Info |
2013-11-20 |
2013-11-21 |
5.5 |
None |
Remote |
Low |
Single system |
Partial |
Partial |
None |
|
data/class/helper/SC_Helper_Address.php in the front-features implementation in LOCKON EC-CUBE 2.12.3 through 2.13.0 allows remote authenticated users to obtain sensitive information via unspecified vectors related to addresses. |
|
42 |
CVE-2013-5994 |
200 |
|
+Info |
2013-11-20 |
2013-11-21 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
data/class/pages/mypage/LC_Page_Mypage_DeliveryAddr.php in LOCKON EC-CUBE 2.11.2 through 2.13.0 allows remote attackers to obtain sensitive information via a direct request, which reveals the full path in an error message. |
|
43 |
CVE-2013-5991 |
200 |
|
+Info |
2013-11-20 |
2013-11-21 |
4.3 |
None |
Remote |
Medium |
Not required |
Partial |
None |
None |
|
The displaySystemError function in html/handle_error.php in LOCKON EC-CUBE 2.11.0 through 2.11.5 allows remote attackers to obtain sensitive information by leveraging incorrect handling of error-log output. |
|
44 |
CVE-2013-5965 |
264 |
|
+Info |
2013-09-30 |
2013-10-11 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
The Node View Permissions module 7.x-1.x before 7.x-1.2 for Drupal does not properly implement the hook_query_alter function, which might allow remote attackers to obtain sensitive information by reading a node listing. |
|
45 |
CVE-2013-5936 |
200 |
|
+Info |
2013-09-25 |
2013-09-25 |
4.3 |
None |
Remote |
Medium |
Not required |
Partial |
None |
None |
|
The Hazelcast cluster API in Open-Xchange AppSuite 7.0.x before 7.0.2-rev15 and 7.2.x before 7.2.2-rev16 allows remote attackers to obtain sensitive information about (1) runtime activity, (2) network configuration, (3) user sessions, (4) the memcache interface, and (5) the REST interface via API calls such as a hazelcast/rest/cluster/ call, a different vulnerability than CVE-2013-5200. |
|
46 |
CVE-2013-5935 |
200 |
|
+Info |
2013-09-25 |
2013-09-25 |
4.3 |
None |
Remote |
Medium |
Not required |
Partial |
None |
None |
|
The Hazelcast cluster API in Open-Xchange AppSuite 7.0.x before 7.0.2-rev15 and 7.2.x before 7.2.2-rev16 does not properly restrict the set of network interfaces that can receive API calls, which makes it easier for remote attackers to obtain access by sending network traffic from an unintended location, a different vulnerability than CVE-2013-5200. |
|
47 |
CVE-2013-5676 |
310 |
|
+Info |
2013-12-13 |
2013-12-16 |
4.0 |
None |
Remote |
Low |
Single system |
Partial |
None |
None |
|
The Jenkins Plugin for SonarQube 3.7 and earlier allows remote authenticated users to obtain sensitive information (cleartext passwords) by reading the value in the sonar.sonarPassword parameter from jenkins/configure. |
|
48 |
CVE-2013-5666 |
200 |
|
+Info |
2013-09-23 |
2013-09-25 |
4.7 |
None |
Local |
Medium |
Not required |
Complete |
None |
None |
|
The sendfile system-call implementation in sys/kern/uipc_syscalls.c in the kernel in FreeBSD 9.2-RC1 and 9.2-RC2 does not properly pad transmissions, which allows local users to obtain sensitive information (kernel memory) via a length greater than the length of the file. |
|
49 |
CVE-2013-5502 |
264 |
|
+Info |
2013-09-23 |
2016-09-20 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
The web interface in Cisco MediaSense does not properly protect the client-server communication channel, which allows remote attackers to obtain sensitive query string or cookie information via unspecified vectors, aka Bug ID CSCuj23344. |
|
50 |
CVE-2013-5492 |
310 |
|
+Info |
2013-09-13 |
2013-10-16 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
administration.jsp in Cisco SocialMiner allows remote attackers to obtain sensitive information by sniffing the network for HTTP client-server traffic, aka Bug ID CSCuh76780. |
