Search

Use the Query Builder to create your own search query, or check out the documentation to learn the search syntax.

Search Examples

CVEs in KEV CVEs with EPSS >= 80% Crit. Microsoft High Apache SQL Injection (CWE-89) Linux Kernel High (CVSS 3.1) Apache Struts RCE (Remote Code Execution) XSS (CWE-79) Critical (CVSS 4.0) CVEs to check

Search Results (2768 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2013-7330 2 Jenkins, Redhat 2 Jenkins, Openshift 2024-08-06 N/A
Jenkins before 1.502 allows remote authenticated users to configure an otherwise restricted project via vectors related to post-build actions.
CVE-2013-6926 1 Siemens 1 Ruggedcom Rugged Operating System 2024-08-06 N/A
The integrated HTTPS server in Siemens RuggedCom ROS before 3.12.2 allows remote authenticated users to bypass intended restrictions on administrative actions by leveraging access to a (1) guest or (2) operator account.
CVE-2013-4985 1 Vivotek 6 Ip7160, Ip7160 Firmware, Ip7361 and 3 more 2024-08-06 7.5 High
Multiple Vivotek IP Cameras remote authentication bypass that could allow access to the video stream
CVE-2013-4862 1 Micasaverde 2 Veralite, Veralite Firmware 2024-08-06 8.1 High
MiCasaVerde VeraLite with firmware 1.5.408 does not properly restrict access, which allows remote authenticated users to (1) update the firmware via the squashfs parameter to upgrade_step2.sh or (2) obtain hashed passwords via the cgi-bin/cmh/backup.sh page.
CVE-2013-4410 2 Fedoraproject, Reviewboard 2 Fedora, Reviewboard 2024-08-06 7.5 High
ReviewBoard: has an access-control problem in REST API
CVE-2013-4411 2 Fedoraproject, Reviewboard 2 Fedora, Reviewboard 2024-08-06 4.3 Medium
Review Board: URL processing gives unauthorized users access to review lists
CVE-2013-4342 2 Redhat, Xinetd 2 Enterprise Linux, Xinetd 2024-08-06 N/A
xinetd does not enforce the user and group configuration directives for TCPMUX services, which causes these services to be run as root and makes it easier for remote attackers to gain privileges by leveraging another vulnerability in a service.
CVE-2013-4228 1 Organic Groups Project 1 Organic Groups 2024-08-06 4.3 Medium
The OG access fields (visibility fields) implementation in Organic Groups (OG) module 7.x-2.x before 7.x-2.3 for Drupal does not properly restrict access to private groups, which allows remote authenticated users to guess node IDs, subscribe to, and read the content of arbitrary private groups via unspecified vectors.