Skip to main content
CVE-2013-0632 CRITICAL POC KEV THREAT Emergency

administrator.cfc in Adobe ColdFusion 9.0, 9.0.1, 9.0.2, and 10 allows remote attackers to bypass authentication and possibly execute arbitrary code by logging in to the RDS component using the. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Actively exploited in the wild (cisa kev) and public exploit code available.

Privilege Escalation RCE Adobe
NVD Exploit-DB VulDB
CVSS 3.1
9.8
EPSS
92.7%
Threat
7.7
CVE-2013-0397 MEDIUM POC THREAT This Month

Unspecified vulnerability in the Oracle Applications Framework component in Oracle E-Business Suite 11.5.10.2, 12.0.6, and 12.1.3 allows remote attackers to affect confidentiality and integrity via. Rated medium severity (CVSS 6.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and EPSS exploitation probability 29.9%.

Information Disclosure Oracle E Business Suite
NVD Exploit-DB
CVSS 2.0
6.4
EPSS
29.9%
CVE-2013-0418 MEDIUM This Month

Unspecified vulnerability in the Oracle Outside In Technology component in Oracle Fusion Middleware 8.3.7 and 8.4 allows context-dependent attackers to affect availability via unknown vectors related. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable. Epss exploitation probability 25.1% and no vendor patch available.

Buffer Overflow Oracle Exchange Server Fusion Middleware
NVD
CVSS 2.0
6.8
EPSS
25.1%
CVE-2012-4607 CRITICAL Act Now

Buffer overflow in nsrindexd in EMC NetWorker 7.5.x and 7.6.x before 7.6.5, and 8.x before 8.0.0.6, allows remote attackers to execute arbitrary code via crafted SunRPC data. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. No vendor patch available.

Buffer Overflow RCE Networker
NVD
CVSS 2.0
9.3
EPSS
8.4%
CVE-2012-6392 CRITICAL Act Now

Cisco Prime LAN Management Solution (LMS) 4.1 through 4.2.2 on Linux does not properly validate authentication and authorization requests in TCP sessions, which allows remote attackers to execute. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Cisco Prime Lan Management Solution
NVD
CVSS 2.0
10.0
EPSS
4.3%
CVE-2013-0366 CRITICAL Act Now

Unspecified vulnerability in the Mobile Server component in Oracle Database Mobile/Lite Server (formerly Oracle Database Lite) 10.3.0.3 and 11.1.0.0 allows remote attackers to affect confidentiality,. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Oracle Database Mobile Lite Server
NVD
CVSS 2.0
10.0
EPSS
3.0%
CVE-2013-0361 CRITICAL Act Now

Unspecified vulnerability in the Mobile Server component in Oracle Database Mobile/Lite Server (formerly Oracle Database Lite) 10.3.0.3 and 11.1.0.0 allows remote attackers to affect confidentiality,. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Oracle Database Lite Database Mobile Lite Server
NVD
CVSS 2.0
10.0
EPSS
3.0%
CVE-2012-3220 CRITICAL PATCH Act Now

Unspecified vulnerability in the Spatial component in Oracle Database Server 10.2.0.3, 10.2.0.4, 10.2.0.5, 11.1.0.7, 11.2.0.2, and 11.2.0.3 allows remote authenticated users with Create Session. Rated critical severity (CVSS 9.0), this vulnerability is remotely exploitable, low attack complexity.

Information Disclosure Oracle Database Server
NVD
CVSS 2.0
9.0
EPSS
0.6%
CVE-2012-5972 LOW POC Monitor

Directory traversal vulnerability in the web server in SpecView 2.5 build 853 and earlier allows remote attackers to read arbitrary files via a ... Rated low severity (CVSS 2.6), this vulnerability is remotely exploitable. Public exploit code available and no vendor patch available.

Path Traversal Specview
NVD Exploit-DB
CVSS 2.0
2.6
EPSS
7.6%
CVE-2012-5419 HIGH This Week

Cisco Adaptive Security Appliance (ASA) software 8.7.1 and 8.7.1.1 for the Cisco ASA 1000V Cloud Firewall allows remote attackers to cause a denial of service (device reload) via a malformed H.225. Rated high severity (CVSS 7.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Cisco Adaptive Security Appliance Software Asa 1000V Cloud Firewall
NVD
CVSS 2.0
7.8
EPSS
0.7%
CVE-2013-0364 HIGH This Week

Unspecified vulnerability in the Mobile Server component in Oracle Database Mobile/Lite Server (formerly Oracle Database Lite) 10.3.0.3 and 11.1.0.0 allows remote attackers to affect confidentiality. Rated high severity (CVSS 7.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Oracle Database Lite Database Mobile Lite Server
NVD
CVSS 2.0
7.8
EPSS
0.6%
CVE-2013-0363 HIGH This Week

Unspecified vulnerability in the Mobile Server component in Oracle Database Mobile/Lite Server (formerly Oracle Database Lite) 10.3.0.3 and 11.1.0.0 allows remote attackers to affect confidentiality. Rated high severity (CVSS 7.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Oracle Database Mobile Lite Server
NVD
CVSS 2.0
7.8
EPSS
0.6%
CVE-2013-0362 HIGH This Week

Unspecified vulnerability in the Mobile Server component in Oracle Database Mobile/Lite Server (formerly Oracle Database Lite) 10.3.0.3 and 11.1.0.0 allows remote attackers to affect confidentiality. Rated high severity (CVSS 7.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Oracle Database Mobile Lite Server
NVD
CVSS 2.0
7.8
EPSS
0.5%
CVE-2013-0359 HIGH This Week

Unspecified vulnerability in the APM - Application Performance Management component in Oracle Enterprise Manager Grid Control 6.5, 11.1, and 12.1.0.2 allows remote attackers to affect. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Oracle Enterprise Manager Grid Control
NVD
CVSS 2.0
7.5
EPSS
0.9%
CVE-2013-0389 MEDIUM This Month

Unspecified vulnerability in the Server component in Oracle MySQL 5.1.66 and earlier, and 5.5.28 and earlier, allows remote authenticated users to affect availability via unknown vectors related to. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Oracle MySQL MariaDB Ubuntu Linux
NVD
CVSS 2.0
6.8
EPSS
1.4%
CVE-2013-0386 MEDIUM This Month

Unspecified vulnerability in the Server component in Oracle MySQL 5.5.28 and earlier allows remote authenticated users to affect availability via unknown vectors related to Stored Procedure. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Oracle MySQL MariaDB Ubuntu Linux
NVD
CVSS 2.0
6.8
EPSS
1.4%
CVE-2013-0384 MEDIUM This Month

Unspecified vulnerability in the Server component in Oracle MySQL 5.1.66 and earlier, and 5.5.28 and earlier, allows remote authenticated users to affect availability via unknown vectors related to. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Oracle MySQL Ubuntu Linux Enterprise Linux Desktop +4
NVD
CVSS 2.0
6.8
EPSS
1.4%
CVE-2013-0393 MEDIUM This Month

Unspecified vulnerability in the Oracle Outside In Technology component in Oracle Fusion Middleware 8.3.7 and 8.4 allows context-dependent attackers to affect availability via unknown vectors related. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable. No vendor patch available.

Information Disclosure Oracle Fusion Middleware
NVD
CVSS 2.0
6.8
EPSS
0.8%
CVE-2012-5060 MEDIUM This Month

Unspecified vulnerability in the Server component in Oracle MySQL 5.1.65 and earlier and 5.5.27 and earlier allows remote authenticated users to affect availability, related to GIS Extension. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Oracle MySQL MariaDB Ubuntu Linux
NVD
CVSS 2.0
6.8
EPSS
0.7%
CVE-2013-1109 MEDIUM This Month

Cross-site request forgery (CSRF) vulnerability in testingLibraryAction.do in the Training Center testing library in Cisco WebEx Training Center allows remote attackers to hijack the authentication. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable. No vendor patch available.

CSRF Cisco Webex Training Center
NVD
CVSS 2.0
6.8
EPSS
0.1%
CVE-2013-0400 MEDIUM PATCH This Month

Unspecified vulnerability in Oracle Sun Solaris 9 and 10 allows local users to affect confidentiality, integrity, and availability via unknown vectors related to Filesystem/cachefs. Rated medium severity (CVSS 6.6).

Information Disclosure Oracle Sunos
NVD
CVSS 2.0
6.6
EPSS
0.1%
CVE-2013-0399 MEDIUM PATCH This Month

Unspecified vulnerability in Oracle Sun Solaris 9 and 10 allows local users to affect confidentiality, integrity, and availability via unknown vectors related to Utility/Umount. Rated medium severity (CVSS 6.6).

Information Disclosure Oracle Sunos
NVD
CVSS 2.0
6.6
EPSS
0.1%
CVE-2013-0385 MEDIUM This Month

Unspecified vulnerability in the Server component in Oracle MySQL 5.1.66 and earlier, and 5.5.28 and earlier, allows local users to affect confidentiality and integrity via unknown vectors related to. Rated medium severity (CVSS 6.6), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Oracle MySQL MariaDB Ubuntu Linux +4
NVD
CVSS 2.0
6.6
EPSS
0.1%
CVE-2013-0381 MEDIUM This Month

Unspecified vulnerability in the Oracle CRM Technical Foundation component in Oracle E-Business Suite 11.5.10.2, 12.0.6, and 12.1.3 allows remote attackers to affect confidentiality and integrity via. Rated medium severity (CVSS 6.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Oracle E Business Suite
NVD
CVSS 2.0
6.4
EPSS
0.4%
CVE-2012-3190 MEDIUM This Month

Unspecified vulnerability in the Oracle Universal Work Queue component in Oracle E-Business Suite 11.5.10.2, 12.0.6, 12.1.1, 12.1.2, and 12.1.3 allows remote attackers to affect confidentiality and. Rated medium severity (CVSS 6.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Oracle E Business Suite
NVD
CVSS 2.0
6.4
EPSS
0.4%
CVE-2013-0382 MEDIUM This Month

Unspecified vulnerability in the Oracle Marketing component in Oracle E-Business Suite 11.5.10.2, 12.0.6, 12.1.1, 12.1.2, and 12.1.3 allows remote attackers to affect confidentiality and integrity. Rated medium severity (CVSS 6.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Oracle E Business Suite
NVD
CVSS 2.0
6.4
EPSS
0.3%
CVE-2013-0420 LOW POC PATCH Monitor

Unspecified vulnerability in the VirtualBox component in Oracle Virtualization 4.0, 4.1, and 4.2 allows local users to affect integrity and availability via unknown vectors related to Core. Rated low severity (CVSS 2.4). Public exploit code available.

Information Disclosure Oracle Opensuse Virtualization Vm Virtualbox
NVD
CVSS 2.0
2.4
EPSS
0.1%
CVE-2013-0415 MEDIUM PATCH This Month

Unspecified vulnerability in Oracle Sun Solaris 10 allows local users to affect confidentiality, integrity, and availability via unknown vectors related to the Bind/Postinstall script for Bind. Rated medium severity (CVSS 6.0).

Information Disclosure Oracle Freeflow Print Server Sunos
NVD
CVSS 2.0
6.0
EPSS
0.0%
CVE-2013-0391 MEDIUM This Month

Unspecified vulnerability in the PeopleSoft PeopleTools component in Oracle PeopleSoft Products 8.52 allows remote authenticated users to affect confidentiality and integrity via unknown vectors. Rated medium severity (CVSS 5.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Oracle Peoplesoft Products
NVD
CVSS 2.0
5.5
EPSS
0.2%
CVE-2013-0369 MEDIUM This Month

Unspecified vulnerability in the PeopleSoft PeopleTools component in Oracle PeopleSoft Products 8.51 and 8.52 allows remote authenticated users to affect confidentiality and integrity via unknown. Rated medium severity (CVSS 5.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Oracle Peoplesoft Products
NVD
CVSS 2.0
5.5
EPSS
0.2%
CVE-2012-3218 MEDIUM This Month

Unspecified vulnerability in the Human Resources component in Oracle E-Business Suite 11.5.10.2, 12.0.6, and 12.1.3 allows remote authenticated users to affect confidentiality and integrity via. Rated medium severity (CVSS 5.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Oracle E Business Suite
NVD
CVSS 2.0
5.5
EPSS
0.2%
CVE-2013-0375 MEDIUM This Month

Unspecified vulnerability in the Server component in Oracle MySQL 5.1.66 and earlier, and 5.1.28 and earlier, allows remote authenticated users to affect confidentiality and integrity via unknown. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Oracle MySQL MariaDB Ubuntu Linux +4
NVD
CVSS 3.1
5.4
EPSS
0.4%
CVE-2012-3170 MEDIUM This Month

Unspecified vulnerability in the Siebel CRM component in Oracle Siebel CRM 8.1.1 and 8.2.2 allows remote attackers to affect availability via unknown vectors related to Siebel Core - Server. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Oracle Siebel Crm
NVD
CVSS 2.0
5.0
EPSS
1.1%
CVE-2012-3169 MEDIUM This Month

Unspecified vulnerability in the Siebel CRM component in Oracle Siebel CRM 8.1.1 and 8.2.2 allows remote attackers to affect availability via unknown vectors related to Siebel Core - Server. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Oracle Siebel Crm
NVD
CVSS 2.0
5.0
EPSS
1.1%
CVE-2012-1702 MEDIUM This Month

Unspecified vulnerability in the Server component in Oracle MySQL 5.1.66 and earlier and 5.5.28 and earlier allows remote attackers to affect availability via unknown vectors. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Oracle MySQL MariaDB Ubuntu Linux +4
NVD
CVSS 2.0
5.0
EPSS
0.8%
CVE-2013-0417 MEDIUM This Month

Unspecified vulnerability in the Sun Storage Common Array Manager (CAM) component in Oracle Sun Products Suite 6.9.0 allows remote attackers to affect confidentiality, related to Fault Management. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Oracle Sun Products Suite
NVD
CVSS 2.0
5.0
EPSS
0.3%
CVE-2013-0394 MEDIUM This Month

Unspecified vulnerability in the PeopleSoft HRMS component in Oracle PeopleSoft Products 9.0 and 9.1 allows remote attackers to affect confidentiality via unknown vectors related to Candidate Gateway. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Oracle Peoplesoft Products
NVD
CVSS 2.0
5.0
EPSS
0.3%
CVE-2013-0396 MEDIUM This Month

Unspecified vulnerability in the Application Performance Management (APM) component in Oracle Enterprise Manager Grid Control 6.5, 11.1, and 12.1.0.2 allows remote attackers to affect integrity via. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Oracle Enterprise Manager Grid Control
NVD
CVSS 2.0
5.0
EPSS
0.3%
CVE-2013-0360 MEDIUM This Month

Unspecified vulnerability in the Application Performance Management (APM) component in Oracle Enterprise Manager Grid Control 6.5, 11.1, and 12.1.0.2 allows remote attackers to affect integrity via. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Oracle Enterprise Manager Grid Control
NVD
CVSS 2.0
5.0
EPSS
0.3%
CVE-2012-1701 MEDIUM This Month

Unspecified vulnerability in the Siebel CRM component in Oracle Siebel CRM 8.1.1 and 8.2.2 allows remote attackers to affect confidentiality via unknown vectors related to Highly Interactive Web UI. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Oracle Siebel Crm
NVD
CVSS 2.0
5.0
EPSS
0.3%
CVE-2012-5444 MEDIUM This Month

Cisco TelePresence Video Communication Server (VCS) X7.0.3 does not properly process certain search rules, which allows remote attackers to create conferences via an unspecified Conductor request,. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Privilege Escalation Cisco Telepresence Video Communication Servers Software
NVD
CVSS 2.0
5.0
EPSS
0.2%
CVE-2012-5429 MEDIUM This Month

The VPN driver in Cisco VPN Client on Windows does not properly interact with the kernel, which allows local users to cause a denial of service (kernel fault and system crash) via a crafted. Rated medium severity (CVSS 4.6), this vulnerability is low attack complexity. No vendor patch available.

Denial Of Service Microsoft Cisco Vpn Client
NVD
CVSS 2.0
4.6
EPSS
0.1%
CVE-2013-0407 MEDIUM PATCH This Month

Unspecified vulnerability in Oracle Sun Solaris 10 and 11 allows local users to affect availability via unknown vectors related to Kernel/DTrace Framework. Rated medium severity (CVSS 4.6), this vulnerability is low attack complexity.

Information Disclosure Oracle Freeflow Print Server Sunos
NVD
CVSS 2.0
4.6
EPSS
0.0%
CVE-2013-0383 MEDIUM This Month

Unspecified vulnerability in the Server component in Oracle MySQL 5.1.66 and earlier, and 5.5.28 and earlier, allows remote attackers to affect availability via unknown vectors related to Server. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

Information Disclosure Oracle MySQL MariaDB Ubuntu Linux +4
NVD
CVSS 2.0
4.3
EPSS
0.6%
CVE-2012-4689 MEDIUM This Month

Integer overflow in CimWebServer.exe in GE Intelligent Platforms Proficy HMI/SCADA - CIMPLICITY 4.01 through 8.0, and Proficy Process Systems with CIMPLICITY, allows remote attackers to cause a. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

Denial Of Service Intelligent Platforms Proficy Hmi Scada Cimplicity Intelligent Platforms Proficy Process Systems With Cimplicity Intelligent Platforms Proficy Process Systems
NVD
CVSS 2.0
4.3
EPSS
0.5%
CVE-2013-0379 MEDIUM This Month

Unspecified vulnerability in the Siebel CRM component in Oracle Siebel CRM 8.1.1 and 8.2.2 allows remote attackers to affect integrity via unknown vectors related to Siebel Calendar, a different. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

Information Disclosure Oracle Siebel Crm
NVD
CVSS 2.0
4.3
EPSS
0.4%
CVE-2013-0378 MEDIUM This Month

Unspecified vulnerability in the Siebel CRM component in Oracle Siebel CRM 8.1.1 and 8.2.2 allows remote attackers to affect integrity via unknown vectors related to Siebel Calendar, a different. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

Information Disclosure Oracle Siebel Crm
NVD
CVSS 2.0
4.3
EPSS
0.4%
CVE-2013-0372 MEDIUM This Month

Unspecified vulnerability in the Enterprise Manager Base Platform component in Oracle Enterprise Manager Grid Control EM Base Platform 11.1.0.1 and 12.1.0.1; EM DB Control 11.1.0.7, 11.2.0.2, and. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

Information Disclosure Oracle Enterprise Manager Database Control Enterprise Manager Plugin For Database Control Enterprise Manager Grid Control
NVD
CVSS 2.0
4.3
EPSS
0.4%
CVE-2013-0352 MEDIUM This Month

Unspecified vulnerability in the Enterprise Manager Base Platform component in Oracle Enterprise Manager Grid Control EM Base Platform 10.2.0.5 and 11.1.0.1; EM DB Control 10.2.0.3, 10.2.0.4,. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

Information Disclosure Oracle Enterprise Manager Database Control Enterprise Manager Grid Control Enterprise Manager Plugin For Database Control
NVD
CVSS 2.0
4.3
EPSS
0.4%
CVE-2013-0354 MEDIUM This Month

Unspecified vulnerability in the Enterprise Manager Base Platform component in Oracle Enterprise Manager Grid Control EM Base Platform 10.2.0.5, and EM DB Control 11.1.0.7, 11.2.0.2, and 11.2.0.3,. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

Information Disclosure Oracle Enterprise Manager Database Control Enterprise Manager Grid Control
NVD
CVSS 2.0
4.3
EPSS
0.4%
Page 1 of 2 Next

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy