CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register
  Take a third party risk management course for FREE
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Security Vulnerabilities Published In January 2014 (CVSS score >= 9)

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
51 CVE-2013-3482 119 1 DoS Exec Code Overflow 2014-01-19 2014-01-21
9.3
None Remote Medium Not required Complete Complete Complete
Stack-based buffer overflow in the rf_report_error function in ermapper_u.dll in Intergraph ERDAS ER Viewer before 13.0.1.1301 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a long string in an ERS file.
52 CVE-2013-2820 287 2014-01-15 2014-01-16
10.0
None Remote Low Not required Complete Complete Complete
The Sierra Wireless AirLink Raven X EV-DO gateway 4221_4.0.11.003 and 4228_4.0.11.003 allows remote attackers to reprogram the firmware via a replay attack using UDP ports 17336 and 17388.
53 CVE-2013-2819 255 2014-01-15 2014-01-16
9.3
None Remote Medium Not required Complete Complete Complete
The Sierra Wireless AirLink Raven X EV-DO gateway 4221_4.0.11.003 and 4228_4.0.11.003 allows remote attackers to install Trojan horse firmware by leveraging cleartext credentials in a crafted (1) update or (2) reprogramming action.
54 CVE-2013-2350 DoS Exec Code 2014-01-04 2019-10-09
10.0
None Remote Low Not required Complete Complete Complete
Unspecified vulnerability in HP Storage Data Protector 6.2X allows remote attackers to execute arbitrary code or cause a denial of service via unknown vectors, aka ZDI-CAN-1897.
55 CVE-2013-2349 DoS Exec Code 2014-01-04 2019-10-09
10.0
None Remote Low Not required Complete Complete Complete
Unspecified vulnerability in HP Storage Data Protector 6.2X allows remote attackers to execute arbitrary code or cause a denial of service via unknown vectors, aka ZDI-CAN-1896.
56 CVE-2013-2348 DoS Exec Code 2014-01-04 2019-10-09
10.0
None Remote Low Not required Complete Complete Complete
Unspecified vulnerability in HP Storage Data Protector 6.2X allows remote attackers to execute arbitrary code or cause a denial of service via unknown vectors, aka ZDI-CAN-1892.
57 CVE-2013-2347 1 DoS Exec Code 2014-01-04 2019-10-09
10.0
None Remote Low Not required Complete Complete Complete
The Backup Client Service (OmniInet.exe) in HP Storage Data Protector 6.2X allows remote attackers to execute arbitrary commands or cause a denial of service via a crafted EXEC_BAR packet to TCP port 5555, aka ZDI-CAN-1885.
58 CVE-2013-2346 DoS Exec Code 2014-01-04 2019-10-09
10.0
None Remote Low Not required Complete Complete Complete
Unspecified vulnerability in HP Storage Data Protector 6.2X allows remote attackers to execute arbitrary code or cause a denial of service via unknown vectors, aka ZDI-CAN-1870.
59 CVE-2013-2345 DoS Exec Code 2014-01-04 2019-10-09
10.0
None Remote Low Not required Complete Complete Complete
Unspecified vulnerability in HP Storage Data Protector 6.2X allows remote attackers to execute arbitrary code or cause a denial of service via unknown vectors, aka ZDI-CAN-1869.
60 CVE-2013-2344 DoS Exec Code 2014-01-04 2019-10-09
10.0
None Remote Low Not required Complete Complete Complete
Unspecified vulnerability in HP Storage Data Protector 6.2X allows remote attackers to execute arbitrary code or cause a denial of service via unknown vectors, aka ZDI-CAN-1866.
61 CVE-2013-1376 119 Exec Code Overflow 2014-01-30 2014-02-21
10.0
None Remote Low Not required Complete Complete Complete
Buffer overflow in Adobe Reader and Acrobat 9.x before 9.5.3, 10.x before 10.1.5, and 11.x before 11.0.1 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2013-0606, CVE-2013-0612, CVE-2013-0615, CVE-2013-0617, and CVE-2013-0621.
62 CVE-2013-1361 Exec Code 2014-01-21 2017-08-29
9.3
None Remote Medium Not required Complete Complete Complete
Untrusted search path vulnerability in Lenovo Thinkpad Bluetooth with Enhanced Data Rate Software 6.4.0.2900 and earlier allows local users, and possibly remote attackers, to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse DLL that is located in the same folder as a file that is processed by Lenovo Bluetooth.
63 CVE-2013-0485 2014-01-21 2016-05-25
10.0
None Remote Low Not required Complete Complete Complete
Unspecified vulnerability in IBM Java SDK 7 before SR4-FP1, 6 before SR13-FP1, 5.0 before SR16-FP1, and 1.4.2 before SR13-FP16 has unknown impact and attack vectors related to Class Libraries.
Total number of vulnerabilities : 63   Page : 1 2 (This Page)
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.