Skip to main content
CVE-2013-0332 MEDIUM POC THREAT This Month

Multiple directory traversal vulnerabilities in ZoneMinder 1.24.x before 1.24.4 allow remote attackers to read arbitrary files via a .. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and EPSS exploitation probability 31.1%.

Path Traversal Zoneminder
NVD Exploit-DB
CVSS 2.0
5.0
EPSS
31.1%
CVE-2013-0712 MEDIUM This Month

IPSSH (aka the SSH server) in Wind River VxWorks 6.5 through 6.9 allows remote authenticated users to cause a denial of service (daemon outage) via a crafted packet. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Vxworks
NVD
CVSS 2.0
6.8
EPSS
0.8%
CVE-2013-0713 MEDIUM This Month

IPSSH (aka the SSH server) in Wind River VxWorks 6.5 through 6.9 allows remote authenticated users to cause a denial of service (daemon outage) via a crafted pty request. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Vxworks
NVD
CVSS 2.0
6.8
EPSS
0.7%
CVE-2013-2274 MEDIUM This Month

Puppet 2.6.x before 2.6.18 and Puppet Enterprise 1.2.x before 1.2.7 allows remote authenticated users to execute arbitrary code on the puppet master, or an agent with puppet kick enabled, via a. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

RCE Puppet Puppet Enterprise
NVD
CVSS 2.0
6.5
EPSS
1.9%
CVE-2013-1843 MEDIUM PATCH This Month

Open redirect vulnerability in the Access tracking mechanism in TYPO3 4.5.x before 4.5.24, 4.6.x before 4.6.17, 4.7.x before 4.7.9, and 6.0.x before 6.0.3 allows remote attackers to redirect users to. Rated medium severity (CVSS 6.4), this vulnerability is remotely exploitable, low attack complexity.

Open Redirect Typo3
NVD
CVSS 2.0
6.4
EPSS
0.6%
CVE-2013-0716 MEDIUM This Month

The web server in Wind River VxWorks 5.5 through 6.9 allows remote attackers to cause a denial of service (daemon crash) via a crafted URI. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Vxworks
NVD
CVSS 2.0
5.0
EPSS
0.7%
CVE-2013-1654 MEDIUM This Month

Puppet 2.7.x before 2.7.21 and 3.1.x before 3.1.1, and Puppet Enterprise 2.7.x before 2.7.2, does not properly negotiate the SSL protocol between client and master, which allows remote attackers to. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Puppet Puppet Enterprise Ubuntu Linux
NVD
CVSS 2.0
5.0
EPSS
0.5%
CVE-2013-1652 MEDIUM This Month

Puppet before 2.6.18, 2.7.x before 2.7.21, and 3.1.x before 3.1.1, and Puppet Enterprise before 1.2.7 and 2.7.x before 2.7.2 allows remote authenticated users with a valid certificate and private key. Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable. No vendor patch available.

Privilege Escalation Puppet Puppet Enterprise Ubuntu Linux
NVD
CVSS 2.0
4.9
EPSS
0.4%
CVE-2013-0977 MEDIUM This Month

dyld in Apple iOS before 6.1.3 and Apple TV before 5.2.1 does not properly manage the state of file loading for Mach-O executable files, which allows local users to bypass intended code-signing. Rated medium severity (CVSS 4.6), this vulnerability is low attack complexity. No vendor patch available.

Apple Authentication Bypass Iphone Os Tvos
NVD
CVSS 2.0
4.6
EPSS
0.1%
CVE-2013-0715 MEDIUM This Month

The WebCLI component in Wind River VxWorks 5.5 through 6.9 allows remote authenticated users to cause a denial of service (CLI session crash) via a crafted command string. Rated medium severity (CVSS 4.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Vxworks
NVD
CVSS 2.0
4.0
EPSS
0.6%
CVE-2013-2275 MEDIUM This Month

The default configuration for puppet masters 0.25.0 and later in Puppet before 2.6.18, 2.7.x before 2.7.21, and 3.1.x before 3.1.1, and Puppet Enterprise before 1.2.7 and 2.7.x before 2.7.2, allows. Rated medium severity (CVSS 4.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Puppet Puppet Enterprise Ubuntu Linux
NVD
CVSS 2.0
4.0
EPSS
0.4%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy