Skip to main content
CVE-2013-1080 CRITICAL POC THREAT Emergency

The web server in Novell ZENworks Configuration Management (ZCM) 10.3 and 11.2 before 11.2.4 does not properly perform authentication for zenworks/jsp/index.jsp, which allows remote attackers to. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and EPSS exploitation probability 72.9%.

Path Traversal Authentication Bypass Zenworks Configuration Management
NVD Exploit-DB
CVSS 2.0
10.0
EPSS
72.9%
Threat
5.7
CVE-2013-1085 CRITICAL Act Now

Stack-based buffer overflow in the nim: protocol handler in Novell GroupWise Messenger 2.04 and earlier, and Novell Messenger 2.1.x and 2.2.x before 2.2.2, allows remote attackers to execute. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Epss exploitation probability 20.6% and no vendor patch available.

Buffer Overflow RCE Groupwise Messenger Messenger
NVD
CVSS 2.0
9.3
EPSS
20.6%
CVE-2012-6534 MEDIUM POC THREAT This Month

Novell Sentinel Log Manager before 1.2.0.3 allows remote attackers to create data retention policies via a crafted text/x-gwt-rpc request to novelllogmanager/datastorageservice.rpc, and allows remote. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. Public exploit code available and EPSS exploitation probability 10.1%.

Privilege Escalation Sentinel Log Manager
NVD Exploit-DB
CVSS 2.0
4.3
EPSS
10.1%
CVE-2013-1083 CRITICAL Act Now

Unspecified vulnerability in the login functionality in the Reporting Module in Novell Identity Manager (aka IDM) Roles Based Provisioning Module 4.0.2 before Field Patch C has unknown impact and. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Identity Manager Roles Based Provisioning Module
NVD
CVSS 2.0
10.0
EPSS
0.3%
CVE-2013-1299 MEDIUM This Month

Microsoft Windows Modern Mail allows remote attackers to spoof link targets via a crafted HTML e-mail message. Rated medium severity (CVSS 5.8), this vulnerability is remotely exploitable. Epss exploitation probability 17.8% and no vendor patch available.

Information Disclosure Microsoft Modern Mail
NVD
CVSS 2.0
5.8
EPSS
17.8%
CVE-2013-1082 HIGH This Week

Directory traversal vulnerability in DUSAP.php in Novell ZENworks Mobile Management before 2.7.1 allows remote attackers to include and execute arbitrary local files via the language parameter. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

PHP Path Traversal Zenworks Mobile Management
NVD
CVSS 2.0
7.5
EPSS
4.8%
CVE-2013-1079 MEDIUM This Month

Directory traversal vulnerability in the ISCreateObject method in an ActiveX control in InstallShield\ISProxy.dll in AdminStudio in Novell ZENworks Configuration Management (ZCM) 10.3 through 11.2. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable. No vendor patch available.

Path Traversal Zenworks Configuration Management
NVD
CVSS 2.0
6.8
EPSS
7.0%
CVE-2013-0513 HIGH This Week

IBM Security AppScan Enterprise 5.6 and 8.x before 8.7 and IBM Rational Policy Tester 5.6 and 8.x before 8.5.0.4 create a service that lacks " (double quote) characters in the service path, which. Rated high severity (CVSS 7.2), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure IBM Security Appscan Rational Policy Tester
NVD
CVSS 2.0
7.2
EPSS
0.1%
CVE-2013-0532 MEDIUM This Month

Cross-site request forgery (CSRF) vulnerability in IBM Security AppScan Enterprise 5.6 and 8.x before 8.7 and IBM Rational Policy Tester 5.6 and 8.x before 8.5.0.4 allows remote attackers to hijack. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable. No vendor patch available.

CSRF Denial Of Service IBM Security Appscan Rational Policy Tester
NVD
CVSS 2.0
6.8
EPSS
0.1%
CVE-2013-0452 MEDIUM This Month

Cross-site request forgery (CSRF) vulnerability in the Software Use Analysis (SUA) application before 1.3.3 in IBM Tivoli Endpoint Manager 8.2 allows remote attackers to hijack the authentication of. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable. No vendor patch available.

CSRF IBM Software Use Analysis Tivoli Endpoint Manager
NVD
CVSS 2.0
6.8
EPSS
0.1%
CVE-2013-0511 MEDIUM This Month

Multiple SQL injection vulnerabilities in IBM Security AppScan Enterprise 5.6 and 8.x before 8.7 allow remote authenticated users to execute arbitrary SQL commands via unspecified parameters. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

SQLi IBM Security Appscan
NVD
CVSS 2.0
6.5
EPSS
0.2%
CVE-2013-0130 MEDIUM This Month

Multiple buffer overflows in Core FTP before 2.2 build 1769 allow remote FTP servers to execute arbitrary code or cause a denial of service (application crash) via a long directory name in a (1). Rated medium severity (CVSS 5.1), this vulnerability is remotely exploitable. No vendor patch available.

Buffer Overflow Denial Of Service RCE Coreftp
NVD
CVSS 2.0
5.1
EPSS
0.8%
CVE-2013-0512 MEDIUM This Month

Stack-based buffer overflow in the Manual Explore browser plug-in for Firefox in IBM Security AppScan Enterprise 5.6 and 8.x before 8.7 and IBM Rational Policy Tester 5.6 and 8.x before 8.5.0.4. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

Buffer Overflow Denial Of Service Mozilla IBM Security Appscan +1
NVD
CVSS 2.0
4.3
EPSS
0.6%
CVE-2013-0473 MEDIUM This Month

Multiple cross-site scripting (XSS) vulnerabilities in IBM Security AppScan Enterprise 5.6 and 8.x before 8.7 and IBM Rational Policy Tester 5.6 and 8.x before 8.5.0.4 allow remote attackers to. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

IBM XSS Security Appscan Rational Policy Tester
NVD
CVSS 2.0
4.3
EPSS
0.3%
CVE-2013-2301 MEDIUM This Month

The OMRON OpenWnn application before 1.3.6 for Android uses weak permissions for unspecified files, which allows attackers to obtain sensitive information via an application that accesses the local. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

Privilege Escalation Google Openwnn
NVD
CVSS 2.0
4.3
EPSS
0.2%
CVE-2013-0510 MEDIUM This Month

IBM Security AppScan Enterprise 5.6 and 8.x before 8.7 includes a security test that sends session cookies to a specific external server, which allows man-in-the-middle attackers to hijack the test. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

Privilege Escalation IBM Security Appscan
NVD
CVSS 2.0
4.3
EPSS
0.2%
CVE-2013-0474 MEDIUM This Month

The Manual Explore browser plug-in in IBM Security AppScan Enterprise 5.6 and 8.x before 8.7 and IBM Rational Policy Tester 5.6 and 8.x before 8.5.0.4 allows remote attackers to discover test. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

Information Disclosure IBM Security Appscan Rational Policy Tester
NVD
CVSS 2.0
4.3
EPSS
0.2%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy