NVD List
Id | Name | Description | Reject | CVSS Version | CVSS Score | Severity | Pub Date | Modified Date | Actions |
---|---|---|---|---|---|---|---|---|---|
40972 | CVE-2013-5726 | Tweetbot 1.3.3 for Mac, and 2.8.5 for iPad and iPhone, does not require confirmation of (1) follow or (2) favorite actions, which allows remote attackers to automatically force the user to perform undesired actions, as demonstrated via the tweetbot:///follow/ URL. | 2 | 6.8 | Medium | 2017-01-18 | 2013-11-13 | View | |
41228 | CVE-2013-6026 | The web interface on D-Link DIR-100, DIR-120, DI-624S, DI-524UP, DI-604S, DI-604UP, DI-604+, and TM-G5240 routers; Planex BRL-04R, BRL-04UR, and BRL-04CW routers; and Alpha Networks routers allows remote attackers to bypass authentication and modify settings via an xmlset_roodkcableoj28840ybtide User-Agent HTTP header, as exploited in the wild in October 2013. | 2 | 10 | High | 2017-01-18 | 2013-10-21 | View | |
41484 | CVE-2013-6427 | upgrade.py in the hp-upgrade service in HP Linux Imaging and Printing (HPLIP) 3.x through 3.13.11 launches a program from an http URL, which allows man-in-the-middle attackers to execute arbitrary code by gaining control over the client-server data stream. | 2 | 6.8 | Medium | 2017-01-18 | 2014-03-05 | View | |
41740 | CVE-2013-6881 | CRU Ditto Forensic FieldStation with firmware before 2013Oct15a allows remote attackers to execute arbitrary commands via shell metacharacters in the (1) sector size or (2) skip count fields for the forensic imaging task. | 2 | 10 | High | 2017-01-18 | 2014-02-25 | View | |
41996 | CVE-2013-7262 | SQL injection vulnerability in the msPostGISLayerSetTimeFilter function in mappostgis.c in MapServer before 6.4.1, when a WMS-Time service is used, allows remote attackers to execute arbitrary SQL commands via a crafted string in a PostGIS TIME filter. | 2 | 6.8 | Medium | 2017-01-18 | 2015-10-08 | View |
Page 865 of 17672, showing 5 records out of 88360 total, starting on record 4321, ending on 4325