Skip to main content
CVE-2013-1282 MEDIUM This Month

The LDAP service in Microsoft Active Directory, Active Directory Application Mode (ADAM), Active Directory Lightweight Directory Service (AD LDS), and Active Directory Services allows remote. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. Epss exploitation probability 45.2% and no vendor patch available.

Denial Of Service Microsoft Active Directory Active Directory Application Mode Active Directory Lightweight Directory Service +1
NVD
CVSS 2.0
5.0
EPSS
45.2%
CVE-2013-1289 MEDIUM This Month

Cross-site scripting (XSS) vulnerability in Microsoft SharePoint Server 2010 SP1, Groove Server 2010 SP1, SharePoint Foundation 2010 SP1, and Office Web Apps 2010 SP1 allows remote attackers to. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. Epss exploitation probability 45.0% and no vendor patch available.

Microsoft XSS Groove Server Infopath Office Web Apps +2
NVD
CVSS 2.0
4.3
EPSS
45.0%
CVE-2013-1788 MEDIUM POC This Month

poppler before 0.22.1 allows context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code via vectors that trigger an "invalid memory access" in (1). Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable. Public exploit code available and no vendor patch available.

Buffer Overflow Denial Of Service RCE Poppler
NVD
CVSS 2.0
6.8
EPSS
4.1%
CVE-2013-1790 MEDIUM POC This Month

poppler/Stream.cc in poppler before 0.22.1 allows context-dependent attackers to have an unspecified impact via vectors that trigger a read of uninitialized memory by the CCITTFaxStream::lookChar. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable. Public exploit code available and no vendor patch available.

Buffer Overflow Poppler
NVD
CVSS 2.0
6.8
EPSS
2.8%
CVE-2013-1821 MEDIUM PATCH This Month

lib/rexml/text.rb in the REXML parser in Ruby before 1.9.3-p392 allows remote attackers to cause a denial of service (memory consumption and crash) via crafted text nodes in an XML document, aka an. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. Epss exploitation probability 20.7%.

Denial Of Service Ruby
NVD VulDB
CVSS 2.0
5.0
EPSS
20.7%
CVE-2013-1789 MEDIUM POC This Month

splash/Splash.cc in poppler before 0.22.1 allows context-dependent attackers to cause a denial of service (NULL pointer dereference and crash) via vectors related to the (1). Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. Public exploit code available and no vendor patch available.

Denial Of Service Poppler
NVD
CVSS 2.0
4.3
EPSS
2.8%
CVE-2013-1293 MEDIUM This Month

The NTFS kernel-mode driver in Microsoft Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows local users to gain privileges or cause a denial of service. Rated medium severity (CVSS 6.9). No vendor patch available.

Denial Of Service Microsoft Windows 7 Windows Server 2008 Windows Vista
NVD
CVSS 2.0
6.9
EPSS
0.8%
CVE-2013-1283 MEDIUM This Month

Race condition in win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, Windows 7 Gold and. Rated medium severity (CVSS 6.9). No vendor patch available.

Information Disclosure Race Condition Microsoft Windows 7 Windows 8 +6
NVD
CVSS 2.0
6.9
EPSS
0.6%
CVE-2012-6134 MEDIUM PATCH This Month

Cross-site request forgery (CSRF) vulnerability in the omniauth-oauth2 gem 1.1.1 and earlier for Ruby allows remote attackers to hijack the authentication of users for requests that modify session. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable.

CSRF Omniauth Oauth2
NVD GitHub
CVSS 2.0
6.8
EPSS
0.1%
CVE-2013-0253 MEDIUM PATCH This Month

The default configuration of Apache Maven 3.0.4, when using Maven Wagon 2.1, disables SSL certificate checks, which allows remote attackers to spoof servers via a man-in-the-middle (MITM) attack. Rated medium severity (CVSS 5.8), this vulnerability is remotely exploitable.

Apache Information Disclosure Maven
NVD
CVSS 2.0
5.8
EPSS
0.7%
CVE-2013-0284 MEDIUM PATCH This Month

Ruby agent 3.2.0 through 3.5.2 serializes sensitive data when communicating with servers operated by New Relic, which allows remote attackers to obtain sensitive information (database credentials and. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

Information Disclosure Ruby Agent New Relic
NVD
CVSS 2.0
5.0
EPSS
0.2%
CVE-2013-1284 MEDIUM This Month

Race condition in the kernel in Microsoft Windows 8, Windows Server 2012, and Windows RT allows local users to gain privileges via a crafted application that leverages improper handling of objects in. Rated medium severity (CVSS 4.9), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Race Condition Microsoft Windows 8 Windows Rt +1
NVD
CVSS 2.0
4.9
EPSS
0.3%
CVE-2013-0134 MEDIUM This Month

Cross-site scripting (XSS) vulnerability in the web interface in AirDroid allows remote attackers to inject arbitrary web script or HTML via a crafted text message that is transmitted by a managed. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

XSS Airdroid
NVD
CVSS 2.0
4.3
EPSS
0.6%
CVE-2012-6097 MEDIUM This Month

File descriptor leak in cronie 1.4.8, when running in certain environments, might allow local users to read restricted files, as demonstrated by reading /etc/crontab. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

Information Disclosure Cronie
NVD
CVSS 2.0
4.3
EPSS
0.3%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy