2013 CVE Vulnerabilities
6,830 CVEs published in 2013.
| CVE ID | Severity | CVSS | EPSS | Published | Description |
|---|---|---|---|---|---|
| CVE-2013-7287 | CRITICAL | 9.8 | 1.4% | Feb 13, 2020 | MobileIron VSP < 5.9.1 and Sentry < 5.0 has an insecure encryption scheme. |
| CVE-2013-7173 | CRITICAL | 9.8 | 2.0% | Feb 13, 2020 | Belkin n750 routers have a buffer overflow. |
| CVE-2013-7098 | CRITICAL | 9.8 | 1.5% | Feb 13, 2020 | OpenConnect VPN client with GnuTLS before 5.02 contains a heap overflow if MTU is increased on reconnection. |
| CVE-2013-6362 | CRITICAL | 9.8 | 1.2% | Feb 13, 2020 | Xerox ColorCube and WorkCenter devices in 2013 had hardcoded FTP and shell user accounts. |
| CVE-2013-1401 | CRITICAL | 9.8 | 5.0% | Feb 13, 2020 | Multiple security bypass vulnerabilities in the editAnswer, deleteAnswer, addAnswer, and deletePoll functions in WordPre... |
| CVE-2013-1400 | CRITICAL | 9.8 | 3.2% | Feb 13, 2020 | Multiple SQL injection vulnerabilities in CWPPoll.js in WordPress Poll Plugin 34.5 for WordPress allow attackers to exec... |
| CVE-2013-3725 | CRITICAL | 9.8 | 1.8% | Feb 12, 2020 | Invision Power Board (IPB) through 3.x allows admin account takeover leading to code execution. |
| CVE-2013-6236 | CRITICAL | 9.8 | 10.2% | Feb 12, 2020 | IZON IP 2.0.2: hard-coded password vulnerability |
| CVE-2013-7381 | CRITICAL | 9.8 | 2.7% | Feb 12, 2020 | libnotify before 1.0.4 for Node.js allows remote attackers to execute arbitrary commands via unspecified characters in a... |
| CVE-2013-2010 | CRITICAL | 9.8 | 73.9% | Feb 12, 2020 | WordPress W3 Total Cache Plugin 0.9.2.8 has a Remote PHP Code Execution Vulnerability |
| CVE-2013-7378 | CRITICAL | 9.8 | 2.7% | Feb 12, 2020 | scripts/email.coffee in the Hubot Scripts module before 2.4.4 for Node.js allows remote attackers to execute arbitrary c... |
| CVE-2013-3684 | CRITICAL | 9.8 | 19.2% | Feb 11, 2020 | NextGEN Gallery plugin before 1.9.13 for WordPress: ngggallery.php file upload |
| CVE-2013-2057 | CRITICAL | 9.8 | 2.1% | Feb 11, 2020 | YaBB through 2.5.2: 'guestlanguage' Cookie Parameter Local File Include Vulnerability |
| CVE-2013-1607 | CRITICAL | 9.8 | 2.7% | Feb 11, 2020 | Ruby PDFKit gem prior to 0.5.3 has a Code Execution Vulnerability |
| CVE-2013-1359 | CRITICAL | 9.8 | 89.1% | Feb 11, 2020 | An Authentication Bypass Vulnerability exists in DELL SonicWALL Analyzer 7.0, Global Management System (GMS) 4.1, 5.0, 5... |
| CVE-2013-0803 | CRITICAL | 9.8 | 74.5% | Feb 11, 2020 | A PHP File Upload Vulnerability exists in PolarBear CMS 2.5 via upload.php, which could let a malicious user execute arb... |
| CVE-2013-1360 | CRITICAL | 9.8 | 22.7% | Feb 11, 2020 | An Authentication Bypass vulnerability exists in DELL SonicWALL Global Management System (GMS) 4.1, 5.0, 5.1, 6.0, and 7... |
| CVE-2013-5945 | CRITICAL | 9.8 | 9.5% | Feb 11, 2020 | Multiple SQL injection vulnerabilities in D-Link DSR-150 with firmware before 1.08B44; DSR-150N with firmware before 1.0... |
| CVE-2013-4267 | CRITICAL | 9.8 | 4.1% | Feb 11, 2020 | Ajaxeplorer before 5.0.1 allows remote attackers to execute arbitrary commands via shell metacharacters in the (1) archi... |
| CVE-2013-3091 | CRITICAL | 9.8 | 3.7% | Feb 7, 2020 | An Authentication Bypass vulnerability in Belkin N300 (F7D7301v1) router allows remote attackers to bypass authenticatio... |
| CVE-2013-4335 | CRITICAL | 9.8 | 2.5% | Feb 7, 2020 | opOpenSocialPlugin 0.8.2.1, > 0.9.9.2, 0.9.13, 1.2.6: Multiple XML External Entity Injection Vulnerabilities |
| CVE-2013-4334 | CRITICAL | 9.8 | 1.4% | Feb 7, 2020 | opWebAPIPlugin 0.5.1, 0.4.0, and 0.1.0: XXE Vulnerabilities |
| CVE-2013-4521 | CRITICAL | 9.8 | 4.1% | Feb 6, 2020 | RichFaces implementation in Nuxeo Platform 5.6.0 before HF27 and 5.8.0 before HF-01 does not restrict the classes for wh... |
| CVE-2013-2681 | CRITICAL | 9.8 | 10.1% | Feb 5, 2020 | Cisco Linksys E4200 1.0.05 Build 7 devices contain a Security Bypass Vulnerability which could allow remote attackers to... |
| CVE-2013-7055 | CRITICAL | 9.8 | 7.0% | Feb 4, 2020 | D-Link DIR-100 4.03B07 has PPTP and poe information disclosure |
Check if your code is affected by 2013 CVEs
Strix scans your code and infrastructure for known vulnerabilities automatically.
Scan your code now