Total
5476 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2013-0685 | 1 Invensys | 1 Wonderware Information Server | 2025-04-11 | N/A |
| Invensys Wonderware Information Server (WIS) 4.0 SP1SP1, 4.5- Portal, and 5.0- Portal does not restrict unspecified size and amount values, which allows remote attackers to execute arbitrary code or cause a denial of service (resource consumption) via unknown vectors. | ||||
| CVE-2013-0687 | 1 Schneider-electric | 1 Micom S1 Studio | 2025-04-11 | N/A |
| The installer routine in Schneider Electric MiCOM S1 Studio uses world-writable permissions for executable files, which allows local users to modify the service or the configuration files, and consequently gain privileges or trigger incorrect protective-relay operation, via a Trojan horse executable file. | ||||
| CVE-2013-0706 | 1 Nec | 1 Universal Raid Utility | 2025-04-11 | N/A |
| NEC Universal RAID Utility 1.40 Rev 680 and earlier, 2.31 Rev 1492 and earlier, and 2.5 Rev 2244 and earlier does not provide access control, which allows remote attackers to perform arbitrary RAID disk operations via unspecified vectors. | ||||
| CVE-2013-0718 | 1 Simeji | 1 Simeji | 2025-04-11 | N/A |
| The Simeji application 4.8.1 and earlier for Android uses weak permissions for unspecified files, which allows attackers to obtain sensitive information via an application that accesses the local filesystem. | ||||
| CVE-2013-0719 | 1 Codedesign | 1 Artime Japanese Input | 2025-04-11 | N/A |
| The ArtIME Japanese Input application 1.1.2 and earlier for Android uses weak permissions for unspecified files, which allows attackers to obtain sensitive information via an application that accesses the local filesystem. | ||||
| CVE-2013-0720 | 1 Cob\'s Products | 1 Cobime | 2025-04-11 | N/A |
| The COBIME application before 0.9.4 for Android uses weak permissions for unspecified files, which allows attackers to obtain sensitive information via an application that accesses the local filesystem. | ||||
| CVE-2013-0751 | 2 Google, Mozilla | 3 Android, Firefox, Seamonkey | 2025-04-11 | N/A |
| Mozilla Firefox before 18.0 on Android and SeaMonkey before 2.15 do not restrict a touch event to a single IFRAME element, which allows remote attackers to obtain sensitive information or possibly conduct cross-site scripting (XSS) attacks via a crafted HTML document. | ||||
| CVE-2013-0829 | 1 Google | 1 Chrome | 2025-04-11 | N/A |
| Google Chrome before 24.0.1312.52 does not properly maintain database metadata, which allows remote attackers to bypass intended file-access restrictions via unspecified vectors. | ||||
| CVE-2013-0838 | 2 Google, Linux | 2 Chrome, Linux Kernel | 2025-04-11 | N/A |
| Google Chrome before 24.0.1312.52 on Linux uses weak permissions for shared memory segments, which has unspecified impact and attack vectors. | ||||
| CVE-2013-0918 | 1 Google | 1 Chrome | 2025-04-11 | N/A |
| Google Chrome before 26.0.1410.43 does not prevent navigation to developer tools in response to a drag-and-drop operation, which allows user-assisted remote attackers to have an unspecified impact via a crafted web site. | ||||
| CVE-2013-0922 | 1 Google | 1 Chrome | 2025-04-11 | N/A |
| Google Chrome before 26.0.1410.43 does not properly restrict brute-force access attempts against web sites that require HTTP Basic Authentication, which has unspecified impact and attack vectors. | ||||
| CVE-2013-0924 | 1 Google | 1 Chrome | 2025-04-11 | N/A |
| The extension functionality in Google Chrome before 26.0.1410.43 does not verify that use of the permissions API is consistent with file permissions, which has unspecified impact and attack vectors. | ||||
| CVE-2013-0925 | 1 Google | 1 Chrome | 2025-04-11 | N/A |
| Google Chrome before 26.0.1410.43 does not ensure that an extension has the tabs (aka APIPermission::kTab) permission before providing a URL to this extension, which has unspecified impact and remote attack vectors. | ||||
| CVE-2013-0932 | 1 Emc | 2 Rsa Archer Egrc, Rsa Archer Smartsuite | 2025-04-11 | N/A |
| EMC RSA Archer 5.x before GRC 5.3SP1, and Archer Smart Suite Framework 4.x, allows remote authenticated users to bypass intended access restrictions and upload arbitrary files via unspecified vectors. | ||||
| CVE-2013-0934 | 1 Emc | 2 Rsa Archer Egrc, Rsa Archer Smartsuite | 2025-04-11 | N/A |
| EMC RSA Archer 5.x before GRC 5.3SP1, and Archer Smart Suite Framework 4.x, allows remote authenticated users to bypass intended access restrictions and modify global reports via unspecified vectors. | ||||
| CVE-2013-0940 | 1 Emc | 1 Networker | 2025-04-11 | N/A |
| The nsrpush process in the client in EMC NetWorker before 7.6.5.3 and 8.x before 8.0.1.4 sets weak permissions for unspecified files, which allows local users to gain privileges via unknown vectors. | ||||
| CVE-2013-0957 | 1 Apple | 1 Iphone Os | 2025-04-11 | N/A |
| Data Protection in Apple iOS before 7 allows attackers to bypass intended limits on incorrect passcode entry, and consequently avoid a configured Erase Data setting, by leveraging the presence of an app in the third-party sandbox. | ||||
| CVE-2013-0969 | 1 Apple | 1 Mac Os X | 2025-04-11 | N/A |
| Login Window in Apple Mac OS X before 10.8.3 does not prevent application launching with the VoiceOver feature, which allows physically proximate attackers to bypass authentication and make arbitrary System Preferences changes via unspecified use of the keyboard. | ||||
| CVE-2013-0979 | 1 Apple | 1 Iphone Os | 2025-04-11 | N/A |
| lockdownd in Lockdown in Apple iOS before 6.1.3 does not properly consider file types during the permission-setting step of a backup restoration, which allows local users to change the permissions of arbitrary files via a backup that contains a pathname with a symlink. | ||||
| CVE-2013-0980 | 1 Apple | 1 Iphone Os | 2025-04-11 | N/A |
| The Passcode Lock implementation in Apple iOS before 6.1.3 does not properly manage the lock state, which allows physically proximate attackers to bypass an intended passcode requirement by leveraging an error in the emergency-call feature. | ||||