Skip to main content
CVE-2013-1183 CRITICAL Act Now

Buffer overflow in the Intelligent Platform Management Interface (IPMI) functionality in the Manager component in Cisco Unified Computing System (UCS) 1.0 and 1.1 before 1.1(1j) and 1.2 before. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. Epss exploitation probability 10.6% and no vendor patch available.

Buffer Overflow RCE Cisco Unified Computing System Infrastructure And Unified Computing System Software Unified Computing System 6120Xp Fabric Interconnect +3
NVD
CVSS 2.0
10.0
EPSS
10.6%
CVE-2013-0728 CRITICAL Act Now

Multiple stack-based buffer overflows in NCSAddOn.dll in the ERDAS APOLLO ECWP plugin before 13.00.0001 for Internet Explorer, Firefox, and Chrome allow remote attackers to execute arbitrary code via. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Buffer Overflow Mozilla Google RCE Erdas Apollo Ecwp +1
NVD
CVSS 2.0
10.0
EPSS
7.1%
CVE-2013-1948 CRITICAL Act Now

converter.rb in the md2pdf gem 0.0.1 for Ruby allows context-dependent attackers to execute arbitrary commands via shell metacharacters in a filename. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Md2Pdf
NVD
CVSS 2.0
10.0
EPSS
1.7%
CVE-2013-1180 CRITICAL Act Now

Buffer overflow in the SNMP implementation in Cisco NX-OS on Nexus 7000 devices 4.x and 5.x before 5.2(5) and 6.x before 6.1(1) and MDS 9000 devices 4.x and 5.x before 5.2(5) allows remote. Rated critical severity (CVSS 9.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Buffer Overflow RCE Cisco Nx Os Nexus 7000 +4
NVD
CVSS 2.0
9.0
EPSS
4.4%
CVE-2013-1179 CRITICAL Act Now

Multiple buffer overflows in the (1) SNMP and (2) License Manager implementations in Cisco NX-OS on Nexus 7000 devices 4.x and 5.x before 5.2(5) and 6.x before 6.1(1) and MDS 9000 devices 4.x and 5.x. Rated critical severity (CVSS 9.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Buffer Overflow RCE Cisco Nx Os Nexus 7000 +4
NVD
CVSS 2.0
9.0
EPSS
4.4%
CVE-2013-1933 CRITICAL Act Now

The extract_from_ocr function in lib/docsplit/text_extractor.rb in the Karteek Docsplit (karteek-docsplit) gem 0.5.4 for Ruby allows context-dependent attackers to execute arbitrary commands via. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. No vendor patch available.

Command Injection Karteek Docsplit
NVD
CVSS 2.0
9.3
EPSS
2.8%
CVE-2013-3055 CRITICAL Act Now

Lexmark Markvision Enterprise before 1.8 provides a diagnostic interface on TCP port 9789, which allows remote attackers to execute arbitrary code, change the configuration, or obtain sensitive. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. No vendor patch available.

Privilege Escalation RCE Markvision
NVD
CVSS 2.0
9.3
EPSS
2.7%
CVE-2013-1947 CRITICAL Act Now

kelredd-pruview gem 0.3.8 for Ruby allows context-dependent attackers to execute arbitrary commands via shell metacharacters in a filename argument to (1) document.rb, (2) video.rb, or (3). Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. No vendor patch available.

Command Injection Kelredd Pruview
NVD
CVSS 2.0
9.3
EPSS
2.0%
CVE-2013-1192 CRITICAL Act Now

The JAR files on Cisco Device Manager for Cisco MDS 9000 devices before 5.2.8, and Cisco Device Manager for Cisco Nexus 5000 devices, allow remote attackers to execute arbitrary commands on Windows. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. No vendor patch available.

Information Disclosure Microsoft Cisco Adaptive Security Appliance Device Manager Nexus 5000 +8
NVD
CVSS 2.0
9.3
EPSS
0.8%
CVE-2013-1185 CRITICAL Act Now

The web interface in the Manager component in Cisco Unified Computing System (UCS) 1.x and 2.x before 2.0(2m) allows remote attackers to obtain sensitive information by reading a (1). Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. No vendor patch available.

Information Disclosure Cisco Unified Computing System Infrastructure And Unified Computing System Software Unified Computing System 6120Xp Fabric Interconnect Unified Computing System 6140Xp Fabric Interconnect +3
NVD
CVSS 2.0
9.3
EPSS
0.6%
CVE-2013-1182 CRITICAL Act Now

The login page in the Web Console in the Manager component in Cisco Unified Computing System (UCS) before 1.0(2h), 1.1 before 1.1(1j), and 1.3(x) allows remote attackers to bypass LDAP authentication. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. No vendor patch available.

Privilege Escalation Cisco Unified Computing System Infrastructure And Unified Computing System Software Unified Computing System 6120Xp Fabric Interconnect Unified Computing System 6140Xp Fabric Interconnect +3
NVD
CVSS 2.0
9.3
EPSS
0.4%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy