Skip to main content
CVE-2013-3075 CRITICAL POC THREAT Emergency

Multiple buffer overflows in ActUWzd.dll 1.0.0.1 in Mitsubishi MX Component 3, as distributed in Citect CitectFacilities 7.10 and CitectScada 7.10r1, allow remote attackers to execute arbitrary code. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and EPSS exploitation probability 29.7%.

Buffer Overflow RCE Mitsubishi Mx Component Citectfacilities Citectscada
NVD Exploit-DB
CVSS 2.0
10.0
EPSS
29.7%
Threat
4.4
CVE-2013-3211 CRITICAL Act Now

Unspecified vulnerability in Opera before 12.15 has unknown impact and attack vectors, related to a "moderately severe issue.". Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Opera Browser
NVD
CVSS 2.0
10.0
EPSS
0.4%
CVE-2013-2697 MEDIUM This Month

Cross-site request forgery (CSRF) vulnerability in the WP-DownloadManager plugin before 1.61 for WordPress allows remote attackers to hijack the authentication of arbitrary users for requests that. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable. No vendor patch available.

CSRF WordPress XSS Wp Downloadmanager
NVD
CVSS 2.0
6.8
EPSS
0.1%
CVE-2013-3210 MEDIUM This Month

Opera before 12.15 does not properly block top-level domains in Set-Cookie headers, which allows remote attackers to obtain sensitive information by leveraging control of a different web site in the. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Opera Browser
NVD
CVSS 2.0
5.0
EPSS
0.2%
CVE-2013-1416 MEDIUM PATCH This Month

The prep_reprocess_req function in do_tgs_req.c in the Key Distribution Center (KDC) in MIT Kerberos 5 (aka krb5) before 1.10.5 does not properly perform service-principal realm referral, which. Rated medium severity (CVSS 4.0), this vulnerability is remotely exploitable, low attack complexity. This NULL Pointer Dereference vulnerability could allow attackers to crash the application by dereferencing a null pointer.

Denial Of Service Null Pointer Dereference Kerberos 5 Opensuse Fedora +5
NVD GitHub
CVSS 2.0
4.0
EPSS
2.3%
CVE-2013-1086 MEDIUM This Month

Cross-site scripting (XSS) vulnerability in WebAccess in Novell GroupWise before 8.0.3 HP3, and 2012 before SP2, allows remote attackers to inject arbitrary web script or HTML via vectors involving. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

XSS Groupwise
NVD
CVSS 2.0
4.3
EPSS
0.7%
CVE-2013-0129 LOW Monitor

Multiple cross-site scripting (XSS) vulnerabilities in pd-admin before 4.17 allow remote authenticated users to inject arbitrary web script or HTML via (1) the WebFTP Overview "Create new directory". Rated low severity (CVSS 3.5), this vulnerability is remotely exploitable. No vendor patch available.

XSS Pd Admin
NVD
CVSS 2.0
3.5
EPSS
0.2%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy