CVE.report search for "CVE-2013-0654"
Listed below are 50 relevant search results for "CVE-2013-0654" based on Vendor, Software, and CVE description
These results are gathered from attempted matches with listed vendor and software data, as well as a keyword search in the description of all known CVEs.
If you notice a "Not Listed" in either the vendor or software columns, the underlying source record does not currently include normalized affected-product data.
Search Results
| CVE ID | Vendor | Software | Description |
|---|---|---|---|
| CVE-2025-53329 | Cross-Site Request Forgery (CSRF) vulnerability in szajenw Społecznościowa 6 PL 2013 spolecznosciowa-6-pl-2013 allows Store... | ||
| CVE-2023-45867 | Ilias | Ilias | ILIAS (2013-09-12 release) contains a medium-criticality Directory Traversal local file inclusion vulnerability in the ScormA... |
| CVE-2023-38689 | Rs485 | Logisticspipes | Logistics Pipes is a modification (a.k.a. mod) for the computer game Minecraft Java Edition. The mod used Java's `ObjectInput... |
| CVE-2023-37364 | Ws-inc | J Wbem | In WS-Inc J WBEM Server 4.7.4 before 4.7.5, the CIM-XML protocol adapter does not disable entity resolution. This allows cont... |
| CVE-2023-0426 | Abb | Ac700f | ABB is aware of vulnerabilities in the product versions listed below. An update is available that resolves the reported vuln... |
| CVE-2023-0425 | Abb | Ac700f | ABB is aware of vulnerabilities in the product versions listed below. An update is available that resolves the reported vuln... |
| CVE-2022-47648 | Bosch | B420 | An Improper Access Control vulnerability allows an attacker to access the control panel of the B420 without requiring any sor... |
| CVE-2022-31559 | Flask-yeoman Project | Flask-yeoman | The tsileo/flask-yeoman repository through 2013-09-13 on GitHub allows absolute path traversal because the Flask send_file fu... |
| CVE-2021-44429 | Vercot | Serva | Serva 4.4.0 allows remote attackers to cause a denial of service (daemon crash) via a TFTP read (RRQ) request, aka opcode 1, ... |
| CVE-2021-42777 | Stimulsoft | Reports | Stimulsoft (aka Stimulsoft Reports) 2013.1.1600.0, when Compilation Mode is used, allows an attacker to execute arbitrary C# ... |
| CVE-2021-40439 | Apache | Openoffice | Apache OpenOffice has a dependency on expat software. Versions prior to 2.1.0 were subject to CVE-2013-0340 a "Billion Laughs... |
| CVE-2021-38114 | Debian | Debian Linux | libavcodec/dnxhddec.c in FFmpeg 4.4 does not check the return value of the init_vlc function, a similar issue to CVE-2013-086... |
| CVE-2021-34544 | Bkw | Solar-log 500 | An issue was discovered in Solar-Log 500 before 2.8.2 Build 52 23.04.2013. In /export.html, email.html, and sms.html, clearte... |
| CVE-2021-27395 | Siemens | Simatic Process Historian 2013 | A vulnerability has been identified in SIMATIC Process Historian 2013 and earlier (All versions), SIMATIC Process Historian 2... |
| CVE-2021-27038 | Autodesk | Design Review | A Type Confusion vulnerability in Autodesk Design Review 2018, 2017, 2013, 2012, 2011 can occur when processing a maliciously... |
| CVE-2021-27037 | Autodesk | Design Review | A maliciously crafted PNG, PDF or DWF file in Autodesk Design Review 2018, 2017, 2013, 2012, 2011 can be used to attempt to f... |
| CVE-2021-27035 | Autodesk | Design Review | A maliciously crafted TIFF, TIF, PICT, TGA, or DWF files in Autodesk Design Review 2018, 2017, 2013, 2012, 2011 can be forced... |
| CVE-2021-27034 | Autodesk | Design Review | A heap-based buffer overflow could occur while parsing PICT, PCX, RCL or TIFF files in Autodesk Design Review 2018, 2017, 201... |
| CVE-2021-27033 | Autodesk | Design Review | A Double Free vulnerability allows remote attackers to execute arbitrary code on PDF files within affected installations of A... |
| CVE-2020-15865 | Stimulsoft | Reports | A Remote Code Execution vulnerability in Stimulsoft (aka Stimulsoft Reports) 2013.1.1600.0 allows an attacker to encode C# sc... |
| CVE-2020-10663 | Apache | Zookeeper | The JSON gem through 2.2.0 for Ruby, as used in Ruby 2.4 through 2.4.9, 2.5 through 2.5.7, and 2.6 through 2.6.5, has an Unsa... |
| CVE-2020-8017 | Opensuse | Leap | A Race Condition Enabling Link Following vulnerability in the cron job shipped with texlive-filesystem of SUSE Linux Enterpri... |
| CVE-2020-8016 | Opensuse | Leap | A Race Condition Enabling Link Following vulnerability in the packaging of texlive-filesystem of SUSE Linux Enterprise Module... |
| CVE-2020-8013 | Opensuse | Leap | A UNIX Symbolic Link (Symlink) Following vulnerability in chkstat of SUSE Linux Enterprise Server 12, SUSE Linux Enterprise S... |
| CVE-2020-7485 | Microsoft | Windows 7 | **VERSION NOT SUPPORTED WHEN ASSIGNED** A legacy support account in the TriStation software version v4.9.0 and earlier could ... |
| CVE-2020-7484 | Microsoft | Windows 7 | **VERSION NOT SUPPORTED WHEN ASSIGNED** A vulnerability with the former 'password' feature could allow a denial of service at... |
| CVE-2020-7483 | Microsoft | Windows 7 | **VERSION NOT SUPPORTED WHEN ASSIGNED** A vulnerability could cause certain data to be visible on the network when the 'passw... |
| CVE-2019-1000048 | ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2013-7469. Reason: This candidate is a reservation duplicat... | ||
| CVE-2019-1000047 | ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2013-7469. Reason: This candidate is a reservation duplicat... | ||
| CVE-2019-15067 | Gigastone | Smart Battery A2-25de | An authentication bypass vulnerability discovered in Smart Battery A2-25DE, a multifunctional portable charger, firmware vers... |
| CVE-2019-10173 | Oracle | Banking Platform | It was found that xstream API version 1.4.10 before 1.4.11 introduced a regression for a previous deserialization flaw. If th... |
| CVE-2019-9748 | Tinysvcmdns Project | Tinysvcmdns | In tinysvcmdns through 2018-01-16, an mDNS server processing a crafted packet can perform arbitrary data read operations up t... |
| CVE-2019-9747 | Tinysvcmdns Project | Tinysvcmdns | In tinysvcmdns through 2018-01-16, a maliciously crafted mDNS (Multicast DNS) packet triggers an infinite loop while parsing ... |
| CVE-2019-8437 | Njiandan-cms Project | Njiandan-cms | njiandan-cms through 2013-05-23 has index.php/admin/user_new CSRF to add an administrator. |
| CVE-2019-7363 | Autodesk | Design Review | Use-after-free vulnerability in Autodesk Design Review versions 2011, 2012, 2013, and 2018. An attacker may trick a user into... |
| CVE-2019-7362 | Autodesk | Design Review | DLL preloading vulnerability in Autodesk Design Review versions 2011, 2012, 2013, and 2018. An attacker may trick a user into... |
| CVE-2019-6716 | Logonbox | Nervepoint Access Manager | An unauthenticated Insecure Direct Object Reference (IDOR) in Wicket Core in LogonBox Nervepoint Access Manager 2013 through ... |
| CVE-2019-3742 | Dell | Digital Delivery | Dell/Alienware Digital Delivery versions prior to 3.5.2013 contain a privilege escalation vulnerability. A local non-privileg... |
| CVE-2019-1209 | Microsoft | Lync | An information disclosure vulnerability exists in Lync 2013, aka 'Lync 2013 Information Disclosure Vulnerability'. |
| CVE-2018-25029 | Silabs | Zgm130s037hgn | The Z-Wave specification requires that S2 security can be downgraded to S0 or other less secure protocols, allowing an attack... |
| CVE-2018-19854 | Canonical | Ubuntu Linux | An issue was discovered in the Linux kernel before 4.19.3. crypto_report_one() and related functions in crypto/crypto_user.c ... |
| CVE-2018-17060 | Progress | Telerik Extensions For Asp.net Mvc | Telerik Extensions for ASP.NET MVC (all versions) does not whitelist requests, which can allow a remote attacker to access fi... |
| CVE-2018-16450 | Craftedweb Project | Craftedweb | CraftedWeb through 2013-09-24 has reflected XSS via the p parameter. |
| CVE-2018-12919 | Craftedweb Project | Craftedweb | In CraftedWeb through 2013-09-24, aasp_includes/pages/notice.php allows XSS via the e parameter. |
| CVE-2018-11315 | Radiothermostat | Ct50 | The Local HTTP API in Radio Thermostat CT50 and CT80 1.04.84 and below products allows unauthorized access via a DNS rebindin... |
| CVE-2018-8247 | Microsoft | Office Online Server | An elevation of privilege vulnerability exists when Office Web Apps Server 2013 and Office Online Server fail to properly han... |
| CVE-2018-7191 | Linux | Linux Kernel | In the tun subsystem in the Linux kernel before 4.13.14, dev_get_valid_name is not called before register_netdevice. This all... |
| CVE-2018-3968 | Denx | U-boot | An exploitable vulnerability exists in the verified boot protection of the Das U-Boot from version 2013.07-rc1 to 2014.07-rc2... |
| CVE-2018-0947 | Microsoft | Sharepoint Enterprise Server | Microsoft SharePoint Foundation 2013 SP1 and Microsoft SharePoint Enterprise Server 2016 allow an elevation of privilege vuln... |
| CVE-2018-0944 | Microsoft | Project Server | Microsoft Project Server 2013 SP1 and Microsoft SharePoint Enterprise Server 2016 allows an elevation of privilege vulnerabil... |