Skip to main content
CVE-2013-0643 HIGH KEV PATCH THREAT Act Now

The Firefox sandbox in Adobe Flash Player before 10.3.183.67 and 11.x before 11.6.602.171 on Windows and Mac OS X, and before 10.3.183.67 and 11.x before 11.2.202.273 on Linux, does not properly. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Actively exploited in the wild (cisa kev) and EPSS exploitation probability 57.9%.

Privilege Escalation RCE Adobe Mozilla Microsoft
NVD VulDB
CVSS 3.1
8.8
EPSS
57.9%
Threat
5.0
CVE-2013-0648 HIGH KEV PATCH THREAT Act Now

Unspecified vulnerability in the ExternalInterface ActionScript functionality in Adobe Flash Player before 10.3.183.67 and 11.x before 11.6.602.171 on Windows and Mac OS X, and before 10.3.183.67 and. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Actively exploited in the wild (cisa kev) and EPSS exploitation probability 54.7%.

Adobe Microsoft RCE
NVD VulDB
CVSS 3.1
8.8
EPSS
54.7%
Threat
4.9
CVE-2013-0504 CRITICAL PATCH Act Now

Buffer overflow in the broker service in Adobe Flash Player before 10.3.183.67 and 11.x before 11.6.602.171 on Windows and Mac OS X, and before 10.3.183.67 and 11.x before 11.2.202.273 on Linux,. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity.

Buffer Overflow Adobe Microsoft RCE Flash Player
NVD
CVSS 2.0
10.0
EPSS
5.1%
CVE-2013-1133 HIGH This Week

Cisco Unified Communications Manager (CUCM) 8.6 before 8.6(2a)su2, 8.6 BE3k before 8.6(4) BE3k, and 9.x before 9.0(1) allows remote attackers to cause a denial of service (CPU consumption and GUI and. Rated high severity (CVSS 7.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Cisco Unified Communications Manager
NVD
CVSS 2.0
7.8
EPSS
0.4%
CVE-2013-1137 HIGH This Week

Cisco Unified Presence Server (CUPS) 8.6, 9.0, and 9.1 before 9.1.1 allows remote attackers to cause a denial of service (CPU consumption) via crafted packets to the SIP TCP port, aka Bug ID. Rated high severity (CVSS 7.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Buffer Overflow Denial Of Service Cisco Unified Presence Server
NVD
CVSS 2.0
7.8
EPSS
0.2%
CVE-2013-2277 HIGH This Week

The ff_h264_decode_seq_parameter_set function in h264_ps.c in libavcodec in FFmpeg before 1.1.3 does not validate the relationship between luma depth and chroma depth, which allows remote attackers. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Ffmpeg
NVD
CVSS 2.0
7.5
EPSS
0.6%
CVE-2013-2276 HIGH This Week

The avcodec_decode_audio4 function in utils.c in libavcodec in FFmpeg before 1.1.3 does not verify the decoding state before proceeding with certain skip operations, which allows remote attackers to. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Ffmpeg
NVD
CVSS 2.0
7.5
EPSS
0.5%
CVE-2013-0490 HIGH This Week

Unspecified vulnerability in IBM InfoSphere Guardium S-TAP 8.1 for DB2 on z/OS allows local users to gain privileges via unknown vectors. Rated high severity (CVSS 7.2), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure IBM Infosphere Guardium
NVD
CVSS 2.0
7.2
EPSS
0.0%
CVE-2013-1134 HIGH This Week

The Location Bandwidth Manager (LBM) Intracluster-communication feature in Cisco Unified Communications Manager (CUCM) 9.x before 9.1(1) does not require authentication from the remote LBM Hub node,. Rated high severity (CVSS 7.1), this vulnerability is remotely exploitable. No vendor patch available.

Denial Of Service Cisco Authentication Bypass Unified Communications Manager
NVD
CVSS 2.0
7.1
EPSS
0.5%
CVE-2013-1135 HIGH This Week

Cisco Prime Central for Hosted Collaboration Solution (HCS) Assurance 8.6 and 9.0 allows remote attackers to cause a denial of service (CPU consumption and monitoring outage) via malformed TLS. Rated high severity (CVSS 7.1), this vulnerability is remotely exploitable. No vendor patch available.

Denial Of Service Cisco Prime Central For Hosted Collaboration Solution Assurance
NVD
CVSS 2.0
7.1
EPSS
0.4%
CVE-2012-5767 MEDIUM This Month

Unspecified vulnerability in the web interface on the IBM TS3500 Tape Library with firmware before C260 allows remote authenticated users to gain privileges via unspecified vectors. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure IBM Ts3500 Tape Library Firmware Ts3500 Tape Library
NVD
CVSS 2.0
6.5
EPSS
0.3%
CVE-2012-4842 MEDIUM This Month

Open redirect vulnerability in the web server in IBM Lotus Domino 8.5.x through 8.5.3 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via unspecified. Rated medium severity (CVSS 5.8), this vulnerability is remotely exploitable. No vendor patch available.

Open Redirect IBM Lotus Domino
NVD
CVSS 2.0
5.8
EPSS
0.2%
CVE-2012-4844 MEDIUM This Month

Cross-site scripting (XSS) vulnerability in the web server in IBM Lotus Domino 8.5.x through 8.5.3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

IBM XSS Lotus Domino
NVD
CVSS 2.0
4.3
EPSS
0.2%
CVE-2013-1139 MEDIUM This Month

The nsAPI interface in Cisco Cloud Portal 9.1 SP1 and SP2, and 9.3 through 9.3.2, does not properly check privileges, which allows remote authenticated users to obtain sensitive information via a. Rated medium severity (CVSS 4.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Privilege Escalation Cisco Cloud Portal
NVD
CVSS 2.0
4.0
EPSS
0.2%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy