CVE-2013-7098

OpenConnect VPN client with GnuTLS before 5.02 contains a heap overflow if MTU is increased on reconnection.

Source: CVE-2013-7098

CVE-2013-7173

Belkin n750 routers have a buffer overflow.

Source: CVE-2013-7173

CVE-2014-1617

Microsys PROMOTIC 8.2.13 contains an ActiveX Control Start Buffer Overflow vulnerability which can lead to denial of service.

Source: CVE-2014-1617

CVE-2013-1634

A denial of service vulnerability exists in some motherboard implementations of Intel e1000e/82574L network controller devices through 2013-02-06 where the device can be brought into a non-processing state when parsing 32 hex, 33 hex, or 34 hex byte values at the 0x47f offset. NOTE: A followup statement from Intel suggests that the root cause of this issue was an incorrectly configured EEPROM image.

Source: CVE-2013-1634

CVE-2020-8989

In the Voatz application 2020-01-01 for Android, the amount of data transmitted during a single voter’s vote depends on the different lengths of the metadata across the available voting choices, which makes it easier for remote attackers to discover this voter’s choice by sniffing the network. For example, a small amount of sniffed data may indicate that a vote was cast for the candidate with the least metadata. An active man-in-the-middle attacker can leverage this behavior to disrupt voters’ abilities to vote for a candidate opposed by the attacker.

Source: CVE-2020-8989

CVE-2019-3998

Authentication bypass using an alternate path or channel in SimpliSafe SS3 firmware 1.4 allows a local, unauthenticated attacker to modify the Wi-Fi network the base station connects to.

Source: CVE-2019-3998

CVE-2020-8988

The Voatz application 2020-01-01 for Android allows only 100 million different PINs, which makes it easier for attackers (after using root access to make a copy of the local database) to discover login credentials and voting history via an offline brute-force approach.

Source: CVE-2020-8988

CVE-2013-1401

Multiple security bypass vulnerabilities in the editAnswer, deleteAnswer, addAnswer, and deletePoll functions in WordPress Poll Plugin 34.5 for WordPress allow a remote attacker to add, edit, and delete an answer and delete a poll.

Source: CVE-2013-1401

CVE-2013-1400

Multiple SQL injection vulnerabilities in CWPPoll.js in WordPress Poll Plugin 34.5 for WordPress allow attackers to execute arbitrary SQL commands via the pollid or poll_id parameter in a viewPollResults or userlogs action.

Source: CVE-2013-1400

CVE-2015-6589

Directory traversal vulnerability in Kaseya Virtual System Administrator (VSA) 7.0.0.0 before 7.0.0.33, 8..0.0.0 before 8.0.0.23, 9.0.0.0 before 9.0.0.19, and 9.1.0.0 before 9.1.0.9 allows remote authenticated users to write to and execute arbitrary files due to insufficient restrictions in file paths to json.ashx.

Source: CVE-2015-6589