Skip to main content
CVE-2013-2760 MEDIUM POC This Month

Buffer overflow in Groovy Media Player 3.2.0 allows remote attackers to execute arbitrary code via a long string in a .m3u file. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable. Public exploit code available and no vendor patch available.

Buffer Overflow RCE Groovy Media Player
NVD Exploit-DB
CVSS 2.0
6.8
EPSS
6.8%
CVE-2013-1937 MEDIUM POC This Month

Multiple cross-site scripting (XSS) vulnerabilities in tbl_gis_visualization.php in phpMyAdmin 3.5.x before 3.5.8 might allow remote attackers to inject arbitrary web script or HTML via the (1). Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP XSS Phpmyadmin
NVD GitHub Exploit-DB
CVSS 3.0
6.1
EPSS
8.8%
CVE-2013-2833 CRITICAL Act Now

Use-after-free vulnerability in the O3D plug-in in Google Chrome OS before 26.0.1410.57 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Google Chrome Os Chrome
NVD
CVSS 2.0
10.0
EPSS
1.4%
CVE-2012-3022 HIGH This Week

The SaveToFile method in a certain ActiveX control in TrendDisplay.dll in Canary Labs TrendLink 9.0.2.27051 and earlier does not properly restrict the creation of files, which allows remote attackers. Rated high severity (CVSS 8.5), this vulnerability is remotely exploitable. No vendor patch available.

Privilege Escalation Trendlink
NVD
CVSS 2.0
8.5
EPSS
0.4%
CVE-2013-1197 MEDIUM This Month

The XML parser in the server in Cisco Unified Presence (CUP) allows remote authenticated users to cause a denial of service (jabberd daemon crash) via crafted XML content in an XMPP message, aka Bug. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Cisco Unified Presence
NVD
CVSS 2.0
6.8
EPSS
0.4%
CVE-2013-2304 MEDIUM This Month

The Sleipnir Mobile application 2.8.0 and earlier and Sleipnir Mobile Black Edition application 2.8.0 and earlier for Android allow remote attackers to load arbitrary Extension APIs, and trigger. Rated medium severity (CVSS 5.8), this vulnerability is remotely exploitable. No vendor patch available.

Privilege Escalation Google Sleipnir Mobile
NVD
CVSS 2.0
5.8
EPSS
0.2%
CVE-2012-5415 MEDIUM This Month

Race condition on Cisco Adaptive Security Appliances (ASA) devices allows remote attackers to cause a denial of service (CPU consumption or device reload) by establishing multiple connections,. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable. No vendor patch available.

Denial Of Service Race Condition Cisco 5500 Adaptive Security Appliance 5500 Series Adaptive Security Appliance +1
NVD
CVSS 2.0
5.4
EPSS
0.3%
CVE-2013-1193 MEDIUM This Month

The Secure Shell (SSH) implementation on Cisco Adaptive Security Appliances (ASA) devices, and in Cisco Firewall Services Module (FWSM), does not properly terminate sessions, which allows remote. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Cisco Firewall Services Module Adaptive Security Appliance Software
NVD
CVSS 2.0
5.0
EPSS
0.7%
CVE-2013-1187 MEDIUM This Month

The Connection Manager in Cisco Jabber Extensible Communications Platform (aka Jabber XCP) does not properly validate login data, which allows remote attackers to cause a denial of service (service. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Cisco Jabber Extensible Communications Platform
NVD
CVSS 2.0
5.0
EPSS
0.5%
CVE-2013-2832 MEDIUM This Month

The Buffer::Set function in core/cross/buffer.cc in the O3D plug-in in Google Chrome OS before 26.0.1410.57 does not prevent uninitialized data from remaining in a buffer, which might allow remote. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Buffer Overflow Google Chrome Os Chrome
NVD
CVSS 2.0
5.0
EPSS
0.2%
CVE-2013-2303 MEDIUM This Month

Sleipnir 4.0.0.4000 and earlier on Windows allows remote attackers to spoof the SSL lock icon and address-bar colors via unspecified vectors. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Microsoft Sleipnir
NVD
CVSS 2.0
5.0
EPSS
0.2%
CVE-2013-2834 MEDIUM This Month

Google Chrome OS before 26.0.1410.57 does not properly enforce origin restrictions for the O3D and Google Talk plug-ins, which allows remote attackers to bypass the domain-whitelist protection. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Privilege Escalation Google Chrome Os Chrome
NVD
CVSS 2.0
5.0
EPSS
0.1%
CVE-2013-2835 MEDIUM This Month

Google Chrome OS before 26.0.1410.57 does not properly enforce origin restrictions for the O3D and Google Talk plug-ins, which allows remote attackers to bypass the domain-whitelist protection. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Privilege Escalation Google Chrome Os Chrome
NVD
CVSS 2.0
5.0
EPSS
0.1%
CVE-2012-4829 MEDIUM This Month

IBM XIV Storage System Gen3 before 11.2 relies on a default X.509 v3 certificate for authentication, which allows man-in-the-middle attackers to spoof servers by leveraging an inappropriate. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

Information Disclosure IBM Xiv Storage System Gen3
NVD
CVSS 2.0
4.3
EPSS
0.1%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy