Skip to main content
CVE-2013-1635 HIGH This Week

ext/soap/soap.c in PHP before 5.3.22 and 5.4.x before 5.4.13 does not validate the relationship between the soap.wsdl_cache_dir directive and the open_basedir directive, which allows remote attackers. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

PHP Privilege Escalation
NVD
CVSS 2.0
7.5
EPSS
3.7%
CVE-2012-5770 MEDIUM PATCH This Month

The SSL configuration in IBM Tivoli Application Dependency Discovery Manager (TADDM) 7.2.x before 7.2.1.4 supports the MD5 hash algorithm, which makes it easier for man-in-the-middle attackers to. Rated medium severity (CVSS 5.8), this vulnerability is remotely exploitable.

Information Disclosure IBM Tivoli Application Dependency Discovery Manager
NVD
CVSS 2.0
5.8
EPSS
0.3%
CVE-2013-1643 MEDIUM This Month

The SOAP parser in PHP before 5.3.23 and 5.4.x before 5.4.13 allows remote attackers to read arbitrary files via a SOAP WSDL file containing an XML external entity declaration in conjunction with an. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

PHP Information Disclosure XXE
NVD
CVSS 2.0
5.0
EPSS
1.2%
CVE-2013-1819 MEDIUM This Month

The _xfs_buf_find function in fs/xfs/xfs_buf.c in the Linux kernel before 3.7.6 does not validate block numbers, which allows local users to cause a denial of service (NULL pointer dereference and. Rated medium severity (CVSS 4.6), this vulnerability is low attack complexity. No vendor patch available.

Denial Of Service Linux Linux Kernel
NVD GitHub
CVSS 2.0
4.6
EPSS
0.1%
CVE-2013-1048 MEDIUM PATCH This Month

The Debian apache2ctl script in the apache2 package squeeze before 2.2.16-6+squeeze11, wheezy before 2.2.22-13, and sid before 2.2.22-13 for the Apache HTTP Server on Debian GNU/Linux does not. Rated medium severity (CVSS 4.6), this vulnerability is low attack complexity.

Privilege Escalation Apache Debian Apache2
NVD
CVSS 2.0
4.6
EPSS
0.1%
CVE-2013-1140 MEDIUM This Month

The XML parser in Cisco Security Monitoring, Analysis, and Response System (MARS) allows remote attackers to read arbitrary files via an external entity declaration in conjunction with an entity. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

Information Disclosure XXE Cisco Security Monitoring Analysis And Response System
NVD
CVSS 2.0
4.3
EPSS
0.4%
CVE-2012-5942 LOW Monitor

Cross-site scripting (XSS) vulnerability in the Data Management Portal Web User Interface in IBM Tivoli Application Dependency Discovery Manager (TADDM) 7.2.x before 7.2.1.4 allows remote. Rated low severity (CVSS 3.5), this vulnerability is remotely exploitable. No vendor patch available.

IBM XSS Tivoli Application Dependency Discovery Manager
NVD
CVSS 2.0
3.5
EPSS
0.2%
CVE-2012-5939 LOW PATCH Monitor

Cross-site scripting (XSS) vulnerability in Welcome.do in the Data Management Portal Web User Interface in IBM Tivoli Application Dependency Discovery Manager (TADDM) 7.2.x before 7.2.1.4 allows. Rated low severity (CVSS 3.5), this vulnerability is remotely exploitable.

IBM XSS Tivoli Application Dependency Discovery Manager
NVD
CVSS 2.0
3.5
EPSS
0.2%
CVE-2013-0200 LOW PATCH Monitor

HP Linux Imaging and Printing (HPLIP) through 3.12.4 allows local users to overwrite arbitrary files via a symlink attack on the (1) /tmp/hpcupsfilterc_#.bmp, (2) /tmp/hpcupsfilterk_#.bmp, (3). Rated low severity (CVSS 1.9).

Information Disclosure HP Linux Imaging And Printing Project Enterprise Linux
NVD
CVSS 2.0
1.9
EPSS
0.1%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy