Skip to main content
CVE-2013-0659 CRITICAL Act Now

The debugging feature on the Siemens CP 1604 and CP 1616 interface cards with firmware before 2.5.2 allows remote attackers to execute arbitrary code via a crafted packet to UDP port 17185. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Siemens RCE Cp 1604 Firmware Cp 1616 Firmware Cp 1604 +1
NVD
CVSS 2.0
10.0
EPSS
2.1%
CVE-2013-2685 HIGH This Week

Stack-based buffer overflow in res/res_format_attr_h264.c in Asterisk Open Source 11.x before 11.2.2 allows remote attackers to execute arbitrary code via a long sprop-parameter-sets H.264 media. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Buffer Overflow RCE Open Source
NVD
CVSS 2.0
7.5
EPSS
8.9%
CVE-2013-1163 HIGH This Week

Multiple SQL injection vulnerabilities in the device-management implementation in Cisco Connected Grid Network Management System (CG-NMS) allow remote attackers to execute arbitrary SQL commands via. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

SQLi Cisco Connected Grid Network Management System
NVD
CVSS 2.0
7.5
EPSS
0.4%
CVE-2013-2686 MEDIUM This Month

main/http.c in the HTTP server in Asterisk Open Source 1.8.x before 1.8.20.2, 10.x before 10.12.2, and 11.x before 11.2.2; Certified Asterisk 1.8.15 before 1.8.15-cert2; and Asterisk Digiumphones. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Buffer Overflow Denial Of Service Open Source Certified Asterisk Digiumphones
NVD
CVSS 2.0
5.0
EPSS
2.4%
CVE-2013-2264 MEDIUM This Month

The SIP channel driver in Asterisk Open Source 1.8.x before 1.8.20.2, 10.x before 10.12.2, and 11.x before 11.2.2; Certified Asterisk 1.8.15 before 1.8.15-cert2; Asterisk Business Edition (BE) C.3.x. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Open Source Certified Asterisk Business Edition Digiumphones
NVD
CVSS 2.0
5.0
EPSS
0.2%
CVE-2013-0502 MEDIUM This Month

Cross-site scripting (XSS) vulnerability in IBM InfoSphere Information Server 8.1, 8.5 through FP3, 8.7 through FP2, and 9.1 allows remote attackers to inject arbitrary web script or HTML via a. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

IBM XSS Infosphere Information Server
NVD
CVSS 2.0
4.3
EPSS
0.3%
CVE-2013-1171 MEDIUM This Month

Multiple cross-site scripting (XSS) vulnerabilities in the element-list implementation in Cisco Connected Grid Network Management System (CG-NMS) allow remote attackers to inject arbitrary web script. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

Cisco XSS Connected Grid Network Management System
NVD
CVSS 2.0
4.3
EPSS
0.3%
CVE-2012-4861 MEDIUM This Month

The web server in InfoSphere Data Replication Dashboard in IBM InfoSphere Replication Server 9.7 and 10.1 through 10.1.0.4 allows remote authenticated users to list directories via a direct request. Rated medium severity (CVSS 4.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Privilege Escalation IBM Infosphere Replication Server
NVD
CVSS 2.0
4.0
EPSS
0.1%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy