Skip to main content
CVE-2013-3050 HIGH POC This Week

SQL injection vulnerability in ZAPms 1.41 and earlier allows remote attackers to execute arbitrary SQL commands via the pid parameter to product. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

SQLi Zapms
NVD Exploit-DB
CVSS 2.0
7.5
EPSS
4.2%
CVE-2012-6139 MEDIUM POC PATCH THREAT This Month

libxslt before 1.1.28 allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via an (1) empty match attribute in a XSL key to the xsltAddKey function in keys.c or. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and EPSS exploitation probability 10.8%.

Denial Of Service Libxslt Opensuse
NVD
CVSS 2.0
5.0
EPSS
10.8%
CVE-2012-5937 CRITICAL Act Now

Unspecified vulnerability in the CLA2 server in IBM Gentran Integration Suite 4.3, Sterling Integrator 5.0 and 5.1, and Sterling B2B Integrator 5.2, as used in IBM Sterling File Gateway 1.1 through. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. No vendor patch available.

Information Disclosure IBM Gentran Integration Suite Sterling B2b Integrator Sterling File Gateway +1
NVD
CVSS 2.0
9.3
EPSS
1.5%
CVE-2013-0501 CRITICAL Act Now

The EdrawSoft EDOFFICE.EDOfficeCtrl.1 ActiveX control, as used in Edraw Office Viewer Component, the client in IBM Cognos Disclosure Management (CDM) 10.2.0, and other products, allows remote. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. No vendor patch available.

Privilege Escalation Microsoft IBM Cognos Disclosure Management
NVD
CVSS 2.0
9.3
EPSS
0.8%
CVE-2013-0314 HIGH This Week

The GateIn Portal export/import gadget in JBoss Enterprise Portal Platform 5.2.2 does not properly check authentication when importing Zip files, which allows remote attackers to modify site. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Jboss Enterprise Portal Platform
NVD
CVSS 2.0
7.5
EPSS
0.6%
CVE-2013-0270 MEDIUM PATCH This Month

A flaw was found in OpenStack Keystone. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity.

Denial Of Service
NVD GitHub VulDB
CVSS 3.1
6.5
EPSS
1.8%
CVE-2012-3532 MEDIUM This Month

Cross-site request forgery (CSRF) vulnerability in the GateIn Portal component in JBoss Enterprise Portal Platform 5.2.2 and earlier allows remote attackers to hijack the authentication of. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable. No vendor patch available.

CSRF Jboss Enterprise Portal Platform
NVD
CVSS 2.0
6.8
EPSS
0.1%
CVE-2013-0282 MEDIUM PATCH This Month

OpenStack Keystone Grizzly before 2013.1, Folsom 2012.1.3 and earlier, and Essex does not properly check if the (1) user, (2) tenant, or (3) domain is enabled when using EC2-style authentication,. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. This Improper Authentication vulnerability could allow attackers to bypass authentication mechanisms to gain unauthorized access.

Authentication Bypass Keystone
NVD
CVSS 2.0
5.0
EPSS
0.5%
CVE-2013-0315 MEDIUM This Month

The GateIn Portal export/import gadget in JBoss Enterprise Portal Platform 5.2.2 allows remote attackers to read arbitrary files via a crafted external XML entity in an XML document, aka an XML. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Privilege Escalation Jboss Enterprise Portal Platform
NVD
CVSS 2.0
5.0
EPSS
0.3%
CVE-2013-1920 MEDIUM PATCH This Month

Xen 4.2.x, 4.1.x, and earlier, when the hypervisor is running "under memory pressure" and the Xen Security Module (XSM) is enabled, uses the wrong ordering of operations when extending the per-domain. Rated medium severity (CVSS 4.4).

Privilege Escalation Xen
NVD
CVSS 2.0
4.4
EPSS
0.1%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy