Skip to main content
CVE-2012-4711 CRITICAL POC THREAT Emergency

Buffer overflow in kingMess.exe 65.20.2003.10300 in WellinTech KingView 6.52, kingMess.exe 65.20.2003.10400 in KingView 6.53, and kingMess.exe 65.50.2011.18049 in KingView 6.55 allows remote. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and EPSS exploitation probability 58.3%.

Buffer Overflow Denial Of Service RCE Kingview
NVD Exploit-DB
CVSS 2.0
10.0
EPSS
58.3%
Threat
5.2
CVE-2013-0658 CRITICAL POC THREAT Emergency

Heap-based buffer overflow in RFManagerService.exe in Schneider Electric Accutech Manager 2.00.1 and earlier allows remote attackers to execute arbitrary code via a crafted HTTP request. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and EPSS exploitation probability 62.3%.

Buffer Overflow Schneider Electric RCE Accutech Manager
NVD Exploit-DB
CVSS 2.0
10.0
EPSS
62.3%
Threat
5.4
CVE-2013-1405 CRITICAL Act Now

VMware vCenter Server 4.0 before Update 4b and 4.1 before Update 3a, VMware VirtualCenter 2.5, VMware vSphere Client 4.0 before Update 4b and 4.1 before Update 3a, VMware VI-Client 2.5, VMware ESXi. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass VMware Denial Of Service Buffer Overflow RCE +6
NVD
CVSS 2.0
10.0
EPSS
0.9%
CVE-2012-4701 CRITICAL Act Now

Directory traversal vulnerability in Tridium Niagara AX 3.5, 3.6, and 3.7 allows remote attackers to read sensitive files, and consequently execute arbitrary code, by leveraging (1) valid credentials. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. No vendor patch available.

Path Traversal RCE Niagara Ax
NVD
CVSS 2.0
9.3
EPSS
0.8%
CVE-2012-4694 HIGH This Week

Moxa EDR-G903 series routers with firmware before 2.11 do not use a sufficient source of entropy for (1) SSH and (2) SSL keys, which makes it easier for man-in-the-middle attackers to spoof a device. Rated high severity (CVSS 7.6), this vulnerability is remotely exploitable. No vendor patch available.

Information Disclosure Edr G903 Firmware Edr G903
NVD
CVSS 2.0
7.6
EPSS
0.4%
CVE-2013-1128 MEDIUM This Month

Multiple cross-site request forgery (CSRF) vulnerabilities in the server in Cisco Unified MeetingPlace before 7.1(2.2000) allow remote attackers to hijack the authentication of unspecified victims. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable. No vendor patch available.

CSRF Cisco Unified Meetingplace
NVD
CVSS 2.0
6.8
EPSS
0.1%
CVE-2012-4712 MEDIUM This Month

Moxa EDR-G903 series routers with firmware before 2.11 have a hardcoded account, which allows remote attackers to obtain unspecified device access via unknown vectors. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Edr G903 Firmware
NVD
CVSS 2.0
5.0
EPSS
0.8%
CVE-2013-0705 MEDIUM This Month

Directory traversal vulnerability in LSI 3ware Disk Manager (3DM) before 2 allows remote attackers to read arbitrary files via unspecified vectors. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Path Traversal 3Ware Disk Manager
NVD
CVSS 2.0
5.0
EPSS
0.1%
CVE-2013-1123 MEDIUM This Month

Multiple cross-site scripting (XSS) vulnerabilities in the server in Cisco Unified MeetingPlace 7.0 allow remote attackers to inject arbitrary web script or HTML via unspecified parameters, aka Bug. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

Cisco XSS Unified Meetingplace
NVD
CVSS 2.0
4.3
EPSS
0.5%
CVE-2013-0703 MEDIUM This Month

Cross-site scripting (XSS) vulnerability in imgboard.com imgboard before 1.22R6.1 u and 20xx before 2010u allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

XSS Imgboard
NVD
CVSS 2.0
4.3
EPSS
0.3%
CVE-2013-0704 MEDIUM This Month

Directory traversal vulnerability in the GREE application before 1.3.3 for Android allows remote attackers to obtain sensitive information via a crafted URL, which is not properly handled during. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

Information Disclosure Google Path Traversal Gree
NVD
CVSS 2.0
4.3
EPSS
0.2%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy