CVEs from 2013
Total
5,685
critical
critical 917
high
high 949
medium
medium 3,166
low
low 557
% Critical
16.1%
% with KEV
0.7%
% with exploit
11.6%
Top vendors
Top products
- chrome 11,665
- ffmpeg 3,379
- seamonkey 2,231
- acrobat_reader 1,911
- acrobat 1,909
- itunes 1,678
- firefox 1,634
- moodle 1,560
| CVE | Severity | CVSS | Risk | Flags | OS | Vendor | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2013-5664 | medium | — | 4.3 | 13y ago | Cross-site scripting (XSS) vulnerability in the web-based device-management API browser in Palo Alto Networks PAN-OS before 4.1.13 and 5.0.x before 5.0.6 allows remote attackers to inject arbitrary w… | |||
| CVE-2013-5663 | medium | — | 4.3 | 13y ago | The App-ID cache feature in Palo Alto Networks PAN-OS before 4.0.14, 4.1.x before 4.1.11, and 5.0.x before 5.0.2 allows remote attackers to bypass intended security policies via crafted requests that… | |||
| CVE-2013-3463 | medium | — | 4.3 | 13y ago | The protocol-inspection feature on Cisco Adaptive Security Appliances (ASA) devices does not properly implement the idle timeout, which allows remote attackers to cause a denial of service (connectio… | |||
| CVE-2013-5645 | medium | — | 4.3 | 13y ago | Multiple cross-site scripting (XSS) vulnerabilities in Roundcube webmail before 0.9.3 allow user-assisted remote attackers to inject arbitrary web script or HTML via the body of a message visited in … | |||
| CVE-2013-5588 | medium | — | 4.3 | 13y ago | Multiple cross-site scripting (XSS) vulnerabilities in Cacti 0.8.8b and earlier allow remote attackers to inject arbitrary web script or HTML via (1) the step parameter to install/index.php or (2) th… | |||
| CVE-2013-3471 | medium | — | 4.3 | 13y ago | The captive portal application in Cisco Identity Services Engine (ISE) allows remote attackers to discover cleartext usernames and passwords by leveraging unspecified use of hidden form fields in an … | |||
| CVE-2013-5018 | medium | — | 4.3 | 13y ago | The is_asn1 function in strongSwan 4.1.11 through 5.0.4 does not properly validate the return value of the asn1_length function, which allows remote attackers to cause a denial of service (segmentati… | |||
| CVE-2013-4272 | medium | — | 4.3 | 13y ago | The BOTCHA Spam Prevention module 7.x-1.x before 7.x-1.6, 7.x-2.x before 7.x-2.1, and 7.x-3.x before 7.x-3.3 for Drupal, when the debugging level is set to 5 or 6, logs the content of submitted forms… | |||
| CVE-2013-2197 | medium | — | 4.3 | 13y ago | The Login Security module 6.x-1.x before 6.x-1.3 and 7.x-1.x before 7.x-1.3 for Drupal, when using the login delay option, allows remote attackers to cause a denial of service (CPU consumption) via a… | |||
| CVE-2013-2076 | medium | — | 4.3 | 13y ago | Xen 4.0.x, 4.1.x, and 4.2.x, when running on AMD64 processors, only save/restore the FOP, FIP, and FDP x87 registers in FXSAVE/FXRSTOR when an exception is pending, which allows one domain to determi… | |||
| CVE-2013-3584 | medium | — | 4.3 | 13y ago | Cross-site scripting (XSS) vulnerability in Corporater EPM Suite allows remote attackers to inject arbitrary web script or HTML via the customerId parameter to an unspecified component. | |||
| CVE-2013-0595 | medium | — | 4.3 | 13y ago | Multiple cross-site scripting (XSS) vulnerabilities in iNotes 8.5.x in IBM Lotus Domino 8.5 before 8.5.3 FP5 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors, aka… | |||
| CVE-2013-0566 | medium | — | 4.3 | 13y ago | Multiple cross-site scripting (XSS) vulnerabilities in the (1) Accelerator JSPs, (2) Organization Administration Console JSPs, and (3) Administration Console JSPs in WebSphere Commerce Tools in IBM W… | |||
| CVE-2013-3374 | medium | — | 4.3 | 13y ago | Unspecified vulnerability in Request Tracker (RT) 3.8.x before 3.8.17 and 4.0.x before 4.0.13, when using the Apache::Session::File session store, allows remote attackers to obtain sensitive informat… | |||
| CVE-2013-3372 | medium | — | 4.3 | 13y ago | Request Tracker (RT) 3.8.x before 3.8.17 and 4.0.x before 4.0.13 allows remote attackers to inject multiple Content-Disposition HTTP headers and possibly conduct cross-site scripting (XSS) attacks vi… | |||
| CVE-2013-3371 | medium | — | 4.3 | 13y ago | Cross-site scripting (XSS) vulnerability in Request Tracker (RT) 3.8.3 through 3.8.16 and 4.0.x before 4.0.13 allows remote attackers to inject arbitrary web script or HTML via the filename of an att… | |||
| CVE-2013-5570 | medium | — | 4.3 | 13y ago | Cross-site scripting (XSS) vulnerability in the Javascript and CSS Optimizer extension before 1.1.14 for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | |||
| CVE-2013-2967 | medium | — | 4.3 | 13y ago | Cross-site scripting (XSS) vulnerability in the Administrative console in IBM WebSphere Application Server (WAS) 6.1 before 6.1.0.47, 7.0 before 7.0.0.29, 8.0 before 8.0.0.7, and 8.5 before 8.5.5.0 a… | |||
| CVE-2013-2172 | medium | — | 4.3 | 13y ago | Inefficient Algorithmic Complexity in Apache Santuario XML Security | |||
| CVE-2013-2157 | medium | — | 4.3 | 13y ago | OpenStack Keystone Folsom, Grizzly before 2013.1.3, and Havana, when using LDAP with Anonymous binding, allows remote attackers to bypass authentication via an empty password. | |||
| CVE-2013-2153 | medium | — | 4.3 | 13y ago | The XML digital signature functionality (xsec/dsig/DSIGReference.cpp) in Apache Santuario XML Security for C++ (aka xml-security-c) before 1.7.1 allows context-dependent attackers to reuse signatures… | |||
| CVE-2013-5323 | medium | — | 4.3 | 13y ago | Static Info Tables (static_info_tables) extension TYPO3 vulnerable to Cross-site Scripting | |||
| CVE-2013-5320 | medium | — | 4.3 | 13y ago | Cross-site scripting (XSS) vulnerability in Forums/EditPost.aspx in mojoPortal before 2.3.9.8 allows remote attackers to inject arbitrary web script or HTML via the txtSubject parameter. | |||
| CVE-2013-5319 | medium | — | 4.3 | 13y ago | Cross-site scripting (XSS) vulnerability in secure/admin/user/views/deleteuserconfirm.jsp in the Admin Panel in Atlassian JIRA before 6.0.5 allows remote attackers to inject arbitrary web script or H… | |||
| CVE-2013-4653 | medium | — | 4.3 | 13y ago | Multiple cross-site scripting (XSS) vulnerabilities in the signin functionality of ics in MyTeamwork services in Alcatel-Lucent Omnitouch 8660 My Teamwork before 6.7, Omnitouch 8670 Automated Message… | |||
| CVE-2013-5029 | medium | — | 4.3 | 13y ago | phpMyAdmin 3.5.x and 4.0.x before 4.0.5 allows remote attackers to bypass the clickjacking protection mechanism via certain vectors related to Header.class.php. | |||
| CVE-2013-4207 | medium | — | 4.3 | 13y ago | Buffer overflow in sshbn.c in PuTTY before 0.63 allows remote SSH servers to cause a denial of service (crash) via an invalid DSA signature that is not properly handled during computation of a modula… | |||
| CVE-2013-4174 | medium | — | 4.3 | 13y ago | Multiple cross-site scripting (XSS) vulnerabilities in the Scald module 7.x-1.x before 7.x-1.1 for Drupal allow remote attackers to inject arbitrary web script or HTML via the (1) flash_uri, (2) flas… | |||
| CVE-2013-2136 | medium | — | 4.3 | 13y ago | Multiple cross-site scripting (XSS) vulnerabilities in Apache CloudStack before 4.1.1 allow remote attackers to inject arbitrary web script or HTML via the (1) Physical network name to the Zone wizar… | |||
| CVE-2013-4248 | medium | — | 4.3 | 13y ago | The openssl_x509_parse function in openssl.c in the OpenSSL module in PHP before 5.4.18 and 5.5.x before 5.5.2 does not properly handle a '\0' character in a domain name in the Subject Alternative Na… | |||
| CVE-2013-4238 | medium | — | 4.3 | 13y ago | The ssl.match_hostname function in the SSL module in Python 2.6 through 3.4 does not properly handle a '\0' character in a domain name in the Subject Alternative Name field of an X.509 certificate, w… | |||
| CVE-2013-2022 | medium | — | 4.3 | 13y ago | jplayer Cross Site Scripting vulnerability | |||
| CVE-2013-5308 | medium | — | 4.3 | 13y ago | Cross-site scripting (XSS) vulnerability in the RealURL Management (realurlmanagement) extension 0.3.4 and earlier for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspeci… | |||
| CVE-2013-5307 | medium | — | 4.3 | 13y ago | Cross-site scripting (XSS) vulnerability in the Faceted Search (ke_search) extension before 1.4.1 for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | |||
| CVE-2013-5305 | medium | — | 4.3 | 13y ago | Cross-site scripting (XSS) vulnerability in the Store Locator (locator) extension before 3.1.5 for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | |||
| CVE-2013-5095 | medium | — | 4.3 | 13y ago | Cross-site scripting (XSS) vulnerability in the web-based interface in Juniper Junos Space before 13.1R1.6, as used on the JA1500 appliance and in other contexts, allows remote attackers to inject ar… | |||
| CVE-2013-0587 | medium | — | 4.3 | 13y ago | Multiple cross-site scripting (XSS) vulnerabilities in IBM WebSphere Portal before 8.0.0.1 CF07 allow remote attackers to inject arbitrary web script or HTML via vectors involving the (1) Portal, (2)… | |||
| CVE-2013-5300 | medium | — | 4.3 | 13y ago | Multiple cross-site scripting (XSS) vulnerabilities in AlienVault Open Source Security Information Management (OSSIM) before 4.3.0 allow remote attackers to inject arbitrary web script or HTML via th… | |||
| CVE-2013-2132 | medium | — | 4.3 | 13y ago | bson/_cbsonmodule.c in the mongo-python-driver (aka. pymongo) before 2.5.2, as used in MongoDB, allows context-dependent attackers to cause a denial of service (NULL pointer dereference and crash) vi… | |||
| CVE-2013-2023 | medium | — | 4.3 | 13y ago | Cross-site scripting (XSS) vulnerability in actionscript/Jplayer.as in the Flash SWF component (jplayer.swf) in jPlayer before 2.3.1 allows remote attackers to inject arbitrary web script or HTML via… | |||
| CVE-2013-2137 | medium | — | 4.3 | 13y ago | Cross-site scripting (XSS) vulnerability in the "View Log" screen in the Webtools application in Apache Open For Business Project (aka OFBiz) 10.04.01 through 10.04.05, 11.04.01 through 11.04.02, and… | |||
| CVE-2013-3192 | medium | — | 4.3 | 13y ago | Cross-site scripting (XSS) vulnerability in Microsoft Internet Explorer 6 through 10 allows remote attackers to inject arbitrary web script or HTML via crafted character sequences with EUC-JP encodin… | |||
| CVE-2013-4037 | medium | — | 4.3 | 13y ago | The RAKP protocol support in the Intelligent Platform Management Interface (IPMI) implementation in Integrated Management Module (IMM) and Integrated Management Module II (IMM2) on IBM BladeCenter, F… | |||
| CVE-2013-5100 | medium | — | 4.3 | 13y ago | Static Methods since 2007 (div2007) extension for TYPO3 vulnerable to Cross-site Scripting | |||
| CVE-2013-5098 | medium | — | 4.3 | 13y ago | Cross-site scripting (XSS) vulnerability in admin/admin.php in the Download Monitor plugin before 3.3.6.2 for WordPress allows remote attackers to inject arbitrary web script or HTML via the sort par… | |||
| CVE-2013-4600 | medium | — | 4.3 | 13y ago | Alkacon OpenCMS XSS via title and requestedResource parameters | |||
| CVE-2013-3262 | medium | — | 4.3 | 13y ago | Cross-site scripting (XSS) vulnerability in admin/admin.php in the Download Monitor plugin before 3.3.6.2 for WordPress allows remote attackers to inject arbitrary web script or HTML via the p parame… | |||
| CVE-2013-2117 | medium | — | 4.3 | 13y ago | Directory traversal vulnerability in the cgit_parse_readme function in ui-summary.c in cgit before 0.9.2, when a readme file is set to a filesystem path, allows remote attackers to read arbitrary fil… | |||
| CVE-2013-3990 | medium | — | 4.3 | 13y ago | Cross-site scripting (XSS) vulnerability in the MIME e-mail functionality in iNotes in IBM Domino 9.0 before IF3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors… | |||
| CVE-2013-3032 | medium | — | 4.3 | 13y ago | Cross-site scripting (XSS) vulnerability in the MIME e-mail functionality in iNotes in IBM Domino 9.0 before IF3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors… | |||
| CVE-2013-1714 | medium | — | 4.3 | 13y ago | The Web Workers implementation in Mozilla Firefox before 23.0, Firefox ESR 17.x before 17.0.8, Thunderbird before 17.0.8, Thunderbird ESR 17.x before 17.0.8, and SeaMonkey before 2.20 does not proper… | |||
| CVE-2013-1713 | medium | — | 4.3 | 13y ago | Mozilla Firefox before 23.0, Firefox ESR 17.x before 17.0.8, Thunderbird before 17.0.8, Thunderbird ESR 17.x before 17.0.8, and SeaMonkey before 2.20 use an incorrect URI within unspecified compariso… | |||
| CVE-2013-1711 | medium | — | 4.3 | 13y ago | The XrayWrapper implementation in Mozilla Firefox before 23.0 and SeaMonkey before 2.20 does not properly address the possibility of an XBL scope bypass resulting from non-native arguments in XBL fun… | |||
| CVE-2013-1709 | medium | — | 4.3 | 13y ago | Mozilla Firefox before 23.0, Firefox ESR 17.x before 17.0.8, Thunderbird before 17.0.8, Thunderbird ESR 17.x before 17.0.8, and SeaMonkey before 2.20 do not properly handle the interaction between FR… | |||
| CVE-2013-1708 | medium | — | 4.3 | 13y ago | Mozilla Firefox before 23.0 and SeaMonkey before 2.20 allow remote attackers to cause a denial of service (application crash) via a crafted WAV file that is not properly handled by the nsCString::Cha… | |||
| CVE-2013-5025 | medium | — | 4.3 | 13y ago | An ActiveX control in exlauncher.dll in the Help subsystem in National Instruments LabWindows/CVI before 2013 allows remote attackers to cause a denial of service by triggering the display of local e… | |||
| CVE-2013-5024 | medium | — | 4.3 | 13y ago | An ActiveX control in NationalInstruments.Help2.dll in National Instruments NI .NET Class Library Help, as used in Measurement Studio 2013 and earlier and other products, allows remote attackers to o… | |||
| CVE-2013-5023 | medium | — | 4.3 | 13y ago | The ActiveX controls in the HelpAsst component in NI Help Links in National Instruments LabWindows/CVI 2012 SP1 and earlier, LabVIEW 2012 SP1 and earlier, and other products allow remote attackers to… | |||
| CVE-2013-4677 | medium | — | 4.3 | 13y ago | Symantec Backup Exec 2010 R3 before 2010 R3 SP3 and 2012 before SP2 uses weak permissions (Everyone: Read and Everyone: Change) for backup data files, which allows local users to obtain sensitive inf… | |||
| CVE-2013-4676 | medium | — | 4.3 | 13y ago | Multiple cross-site scripting (XSS) vulnerabilities in Symantec Backup Exec 2010 R3 before 2010 R3 SP3 and 2012 before SP2 allow remote attackers to inject arbitrary web script or HTML via vectors in… | |||
| CVE-2013-4165 | medium | — | 4.3 | 13y ago | The HTTPAuthorized function in bitcoinrpc.cpp in bitcoind 0.8.1 provides information about authentication failure upon detecting the first incorrect byte of a password, which makes it easier for remo… | |||
| CVE-2013-4670 | medium | — | 4.3 | 13y ago | Multiple cross-site scripting (XSS) vulnerabilities in the management console on the Symantec Web Gateway (SWG) appliance before 5.1.1 allow remote attackers to inject arbitrary web script or HTML vi… | |||
| CVE-2013-4674 | medium | — | 4.3 | 13y ago | Cross-site scripting (XSS) vulnerability in the Web Email Protection component in Symantec Encryption Management Server (formerly Symantec PGP Universal Server) before 3.3.0 MP2 allows remote authent… | |||
| CVE-2013-2630 | medium | — | 4.3 | 13y ago | Cross-site scripting (XSS) vulnerability in CA Service Desk Manager 12.5 through 12.7 allows remote attackers to inject arbitrary web script or HTML via unspecified parameters. | |||
| CVE-2013-4997 | medium | — | 4.3 | 13y ago | Multiple cross-site scripting (XSS) vulnerabilities in phpMyAdmin 3.5.x before 3.5.8.2 allow remote attackers to inject arbitrary web script or HTML via vectors involving a JavaScript event in (1) an… | |||
| CVE-2013-4996 | medium | — | 4.3 | 13y ago | Multiple cross-site scripting (XSS) vulnerabilities in phpMyAdmin 3.5.x before 3.5.8.2 and 4.0.x before 4.0.4.2 allow remote attackers to inject arbitrary web script or HTML via vectors involving (1)… | |||
| CVE-2013-4935 | medium | — | 4.3 | 13y ago | The dissect_per_length_determinant function in epan/dissectors/packet-per.c in the ASN.1 PER dissector in Wireshark 1.8.x before 1.8.9 and 1.10.x before 1.10.1 does not initialize a length field in c… | |||
| CVE-2013-4934 | medium | — | 4.3 | 13y ago | The netmon_open function in wiretap/netmon.c in the Netmon file parser in Wireshark 1.8.x before 1.8.9 and 1.10.x before 1.10.1 does not initialize certain structure members, which allows remote atta… | |||
| CVE-2013-2181 | medium | — | 4.3 | 13y ago | Cross-site scripting (XSS) vulnerability in the Directory Listing plugin in Monkey HTTP Daemon (monkeyd) 1.2.2 allows attackers to inject arbitrary web script or HTML via a file name. | |||
| CVE-2013-3580 | medium | — | 4.3 | 13y ago | The TrustGo Antivirus & Mobile Security application before 1.3.6 for Android allows attackers to cause a denial of service (application crash) via a crafted application that sends an intent to com.tr… | |||
| CVE-2013-4942 | medium | — | 4.3 | 13y ago | YUI Cross-site Scripting (XSS) vulnerability | |||
| CVE-2013-4941 | medium | — | 4.3 | 13y ago | YUI Cross-site Scripting (XSS) vulnerability | |||
| CVE-2013-4940 | medium | — | 4.3 | 13y ago | YUI Cross-site Scripting (XSS) vulnerability | |||
| CVE-2013-4939 | medium | — | 4.3 | 13y ago | Cross-Site Scripting in yui | |||
| CVE-2013-4938 | medium | — | 4.3 | 13y ago | The LTI (aka IMS-LTI) mod_form implementation in Moodle through 2.1.10, 2.2.x before 2.2.11, 2.3.x before 2.3.8, 2.4.x before 2.4.5, and 2.5.x before 2.5.1 does not properly support the sendname, sen… | |||
| CVE-2013-2244 | medium | — | 4.3 | 13y ago | Multiple cross-site scripting (XSS) vulnerabilities in lib/conditionlib.php in Moodle 2.4.x before 2.4.5 and 2.5.x before 2.5.1 allow remote attackers to inject arbitrary web script or HTML via the c… | |||
| CVE-2013-4802 | medium | — | 4.3 | 13y ago | Cross-site scripting (XSS) vulnerability in HP Application Lifecycle Management (ALM) Quality Center before 11.51 allows remote attackers to inject arbitrary web script or HTML via unspecified vector… | |||
| CVE-2013-3414 | medium | — | 4.3 | 13y ago | Cross-site scripting (XSS) vulnerability in the WebVPN portal login page on Cisco Adaptive Security Appliances (ASA) devices allows remote attackers to inject arbitrary web script or HTML via a craft… | |||
| CVE-2013-3999 | medium | — | 4.3 | 13y ago | Cross-site scripting (XSS) vulnerability in IBM Social Media Analytics 1.2 before FP1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | |||
| CVE-2013-3440 | medium | — | 4.3 | 13y ago | Multiple cross-site scripting (XSS) vulnerabilities in the administrative web interface in Cisco Unified Operations Manager allow remote attackers to inject arbitrary web script or HTML, and obtain i… | |||
| CVE-2013-3439 | medium | — | 4.3 | 13y ago | Cross-site scripting (XSS) vulnerability in Cisco Unified Operations Manager allows remote attackers to inject arbitrary web script or HTML via a crafted URL in an unspecified HTTP header field, aka … | |||
| CVE-2013-2361 | medium | — | 4.3 | 13y ago | Cross-site scripting (XSS) vulnerability in HP System Management Homepage (SMH) before 7.2.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | |||
| CVE-2013-1955 | medium | — | 4.3 | 13y ago | Multiple cross-site scripting (XSS) vulnerabilities in (1) index.php and (2) datePicker.php in Easy PHP Calendar 6.x and 7.x before 7.0.13 allow remote attackers to inject arbitrary web script or HTM… | |||
| CVE-2013-1879 | medium | — | 4.3 | 13y ago | Improper Neutralization of Input During Web Page Generation in Apache ActiveMQ | |||
| CVE-2013-3275 | medium | — | 4.3 | 13y ago | EMC Avamar Server and Avamar Virtual Edition before 7.0 on Data Store Gen3, Gen4, and Gen4s platforms do not properly restrict use of FRAME elements, which makes it easier for remote attackers to obt… | |||
| CVE-2013-4779 | medium | — | 4.3 | 13y ago | Cross-site scripting (XSS) vulnerability in core/handleTw.php on the Siemens Enterprise OpenScape Branch appliance and OpenScape Session Border Controller (SBC) before 2 R0.32.0, and 7 before 7 R1.7.… | |||
| CVE-2013-3822 | medium | — | 4.3 | 13y ago | Unspecified vulnerability in the Oracle Agile PLM Framework component in Oracle Supply Chain Products Suite 9.3.1 allows remote attackers to affect integrity via unknown vectors related to Web Client… | |||
| CVE-2013-3818 | medium | — | 4.3 | 13y ago | Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools component in Oracle PeopleSoft Products 8.51, 8.52, and 8.53 allows remote attackers to affect integrity via unknown vectors related… | |||
| CVE-2013-3791 | medium | — | 4.3 | 13y ago | Unspecified vulnerability in Enterprise Manager (EM) Base Platform 10.2.0.5 and EM DB Control 11.1.0.7 in Oracle Enterprise Manager Grid Control allows remote attackers to affect integrity via unknow… | |||
| CVE-2013-3788 | medium | — | 4.3 | 13y ago | Unspecified vulnerability in the Oracle iSupplier Portal component in Oracle E-Business Suite 11.5.10.2, 12.0.6, 12.1.1, 12.1.2, and 12.1.3 allows remote attackers to affect integrity via unknown vec… | |||
| CVE-2013-3787 | medium | — | 4.3 | 13y ago | Unspecified vulnerability in Oracle Solaris 10 and 11 allows remote attackers to affect availability via unknown vectors related to Kernel. | |||
| CVE-2013-3782 | medium | — | 4.3 | 13y ago | Unspecified vulnerability in the Secure Global Desktop component in Oracle Virtualization 4.6 prior to 4.63 and 4.7 prior to 4.71 allows remote attackers to affect integrity via unknown vectors relat… | |||
| CVE-2013-3778 | medium | — | 4.3 | 13y ago | Unspecified vulnerability in the Oracle Applications Technology Stack component in Oracle E-Business Suite 12.0.6 and 12.1.3 allows remote attackers to affect integrity via unknown vectors related to… | |||
| CVE-2013-3777 | medium | — | 4.3 | 13y ago | Unspecified vulnerability in the Oracle Application Object Library component in Oracle E-Business Suite 11.5.10.2, 12.0.6, and 12.1.3 allows remote attackers to affect integrity via unknown vectors r… | |||
| CVE-2013-3775 | medium | — | 4.3 | 13y ago | Unspecified vulnerability in the Oracle iLearning component in Oracle iLearning 5.2.1 and 6.0 allows remote attackers to affect integrity via unknown vectors related to Learner Pages. | |||
| CVE-2013-3772 | medium | — | 4.3 | 13y ago | Unspecified vulnerability in the Oracle WebCenter Content component in Oracle Fusion Middleware 10.1.3.5.1, 11.1.1.6.0, and 11.1.1.7.0 allows remote attackers to affect integrity via unknown vectors … | |||
| CVE-2013-3769 | medium | — | 4.3 | 13y ago | Unspecified vulnerability in the Oracle WebCenter Content component in Oracle Fusion Middleware 10.1.3.5.1, 11.1.1.6.0, and 11.1.1.7.0 allows remote attackers to affect integrity via unknown vectors … | |||
| CVE-2013-3768 | medium | — | 4.3 | 13y ago | Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools component in Oracle PeopleSoft Products 8.51, 8.52, and 8.53 allows remote attackers to affect integrity via unknown vectors related… | |||
| CVE-2013-3767 | medium | — | 4.3 | 13y ago | Unspecified vulnerability in the Oracle Application Object Library component in Oracle E-Business Suite Access Gate 1.2.1 allows remote attackers to affect integrity via unknown vectors. | |||
| CVE-2013-3761 | medium | — | 4.3 | 13y ago | Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools component in Oracle PeopleSoft Products Portal 9.1 and PeopleTools 8.52 allows remote attackers to affect integrity via vectors rela… |