Vulnerabilities (CVE)

CWE filter

CWE-20

Filter

7461 total CVE
CVE Vendors Products Updated CVSS
CVE-2013-5480 1 Cisco 1 Ios 2013-10-07 7.8
The DNS-over-TCP implementation in Cisco IOS 12.2 and 15.0 through 15.3, when NAT is used, allows remote attackers to cause a denial of service (device reload) via a crafted IPv4 DNS TCP stream, aka Bug ID CSCuf28733.
CVE-2013-5479 1 Cisco 1 Ios 2013-10-07 7.8
The DNS-over-TCP implementation in Cisco IOS 12.2 and 15.0 through 15.3, when NAT is used, allows remote attackers to cause a denial of service (device reload) via a crafted IPv4 DNS TCP stream, aka Bug ID CSCtn53730.
CVE-2013-5478 1 Cisco 2 Ios, Ios Xe 2013-10-07 7.8
Cisco IOS 15.0 through 15.3 and IOS XE 3.2 through 3.8, when a VRF interface exists, allows remote attackers to cause a denial of service (interface queue wedge) via crafted UDP RSVP packets, aka Bug ID CSCuf17023.
CVE-2013-5477 1 Cisco 1 Ios 2013-10-07 7.8
The T1/E1 driver-queue functionality in Cisco IOS 12.2 and 15.0 through 15.3, when an HDLC32 driver is used, allows remote attackers to cause a denial of service (interface queue wedge) via bursty network traffic, aka Bug ID CSCub67465.
CVE-2013-5475 1 Cisco 2 Ios, Ios Xe 2013-10-07 7.8
Cisco IOS 12.2 through 12.4 and 15.0 through 15.3, and IOS XE 2.1 through 3.9, allows remote attackers to cause a denial of service (device reload) via crafted DHCP packets that are processed locally by a (1) server or (2) relay agent, aka Bug ID...
CVE-2013-1630 1 Guillaume Gauvrit 1 Pyshop 2013-10-07 6.8
pyshop before 0.7.1 uses HTTP to retrieve packages from the PyPI repository, and does not perform integrity checks on package contents, which allows man-in-the-middle attackers to execute arbitrary code via a crafted response to a download operation.
CVE-2012-6597 1 Paloaltonetworks 1 Pan-os 2013-10-07 6.3
Palo Alto Networks PAN-OS before 3.1.11 and 4.0.x before 4.0.9 allows remote authenticated users to cause a denial of service (management-server crash) by using the command-line interface for a crafted command, aka Ref ID 35254.
CVE-2013-6011 1 Citrix 2 Netscaler Application Delivery Controller Firmware, Netscaler Application Delivery Controller 2013-10-07 7.8
Citrix NetScaler Application Delivery Controller (ADC) 10.0 before 10.0-76.7 allows remote attackers to cause a denial of service (nsconfigd crash and appliance reboot) via a crafted request.
CVE-2013-2230 1 Redhat 1 Libvirt 2013-10-04 4.0
The qemu driver (qemu/qemu_driver.c) in libvirt before 1.1.1 allows remote authenticated users to cause a denial of service (daemon crash) via unspecified vectors involving "multiple events registration."
CVE-2013-3675 1 Ffmpeg 1 Ffmpeg 2013-10-04 4.3
The process_frame_obj function in sanm.c in libavcodec in FFmpeg before 1.2.1 does not validate width and height values, which allows remote attackers to cause a denial of service (integer overflow, out-of-bounds array access, and application...
CVE-2012-4110 1 Cisco 1 Unified Computing System 2013-10-03 6.8
run-script in the fabric-interconnect component in Cisco Unified Computing System (UCS) allows local users to gain privileges by embedding commands in an unspecified parameter, aka Bug ID CSCtq86560.
CVE-2012-4111 1 Cisco 1 Unified Computing System 2013-10-03 6.8
The create certreq command in the fabric-interconnect component in Cisco Unified Computing System (UCS) allows local users to gain privileges by embedding commands in an unspecified parameter, aka Bug ID CSCtq86563.
CVE-2012-4109 1 Cisco 1 Unified Computing System 2013-10-03 6.8
The clear sshkey command in the fabric-interconnect component in Cisco Unified Computing System (UCS) allows local users to gain privileges by embedding commands in an unspecified parameter, aka Bug ID CSCtq86559.
CVE-2012-4102 1 Cisco 1 Unified Computing System 2013-10-03 6.8
The activate firmware command in the fabric-interconnect component in Cisco Unified Computing System (UCS) allows local users to gain privileges by embedding commands in an unspecified parameter, aka Bug ID CSCtq02600.
CVE-2013-1731 1 Mozilla 1 Firefox 2013-10-03 6.8
Untrusted search path vulnerability in the GL tracing functionality in Mozilla Firefox before 24.0 on Android allows attackers to execute arbitrary code via a Trojan horse .so file in a world-writable directory.
CVE-2013-5580 1 Barton 1 Ngircd 2013-10-02 4.3
The (1) Conn_StartLogin and (2) cb_Read_Resolver_Result functions in conn.c in ngIRCd 18 through 20.2, when the configuration option NoticeAuth is enabled, does not properly handle the return code for the Handle_Write function, which allows...
CVE-2013-4254 1 Linux 1 Linux Kernel 2013-10-02 6.9
The validate_event function in arch/arm/kernel/perf_event.c in the Linux kernel before 3.10.8 on the ARM platform allows local users to gain privileges or cause a denial of service (NULL pointer dereference and system crash) by adding a hardware...
CVE-2012-4096 1 Cisco 1 Unified Computing System 2013-10-01 6.2
The local file editor in the Baseboard Management Controller (BMC) in Cisco Unified Computing System (UCS) allows local users to gain privileges and modify arbitrary fabric-interconnect files, in the context of a vi process, via unspecified...
CVE-2013-1661 1 Vmware 2 Esxi, Esx 2013-09-30 4.3
VMware ESXi 4.0 through 5.1, and ESX 4.0 and 4.1, does not properly implement the Network File Copy (NFC) protocol, which allows man-in-the-middle attackers to cause a denial of service (unhandled exception and application crash) by modifying the...
CVE-2013-5472 1 Cisco 2 Ios, Ios Xe 2013-09-30 7.1
The NTP implementation in Cisco IOS 12.0 through 12.4 and 15.0 through 15.1, and IOS XE 2.1 through 3.3, does not properly handle encapsulation of multicast NTP packets within MSDP SA messages, which allows remote attackers to cause a denial of...