Skip to main content
CVE-2013-0699 HIGH POC PATCH THREAT Act Now

The Galil RIO-47100 Pocket PLC allows remote attackers to cause a denial of service via a session that includes "repeated requests.". Rated high severity (CVSS 7.1), this vulnerability is remotely exploitable. Public exploit code available and EPSS exploitation probability 16.5%.

Denial Of Service Rio 47100 Plc
NVD Exploit-DB
CVSS 2.0
7.1
EPSS
16.5%
CVE-2013-0140 HIGH POC This Week

SQL injection vulnerability in the Agent-Handler component in McAfee ePolicy Orchestrator (ePO) before 4.5.7 and 4.6.x before 4.6.6 allows remote attackers to execute arbitrary SQL commands via a. Rated high severity (CVSS 7.9). Public exploit code available and no vendor patch available.

SQLi Epolicy Orchestrator
NVD Exploit-DB
CVSS 2.0
7.9
EPSS
3.8%
CVE-2013-0673 CRITICAL Act Now

Directory traversal vulnerability in the web interface in the Health Monitor service in MatrikonOPC A&E Historian 1.0.0.0 allows remote attackers to read and delete arbitrary files via a crafted URL. Rated critical severity (CVSS 9.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Path Traversal Matrikonopc A E Historian
NVD
CVSS 2.0
9.4
EPSS
0.3%
CVE-2013-3080 CRITICAL Act Now

VMware vCenter Server Appliance (vCSA) 5.1 before Update 1 allows remote authenticated users to create or overwrite arbitrary files, and consequently execute arbitrary code or cause a denial of. Rated critical severity (CVSS 9.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Privilege Escalation VMware Denial Of Service RCE Vcenter Server Appliance
NVD
CVSS 2.0
9.0
EPSS
1.3%
CVE-2013-3079 CRITICAL Act Now

VMware vCenter Server Appliance (vCSA) 5.1 before Update 1 allows remote authenticated users to execute arbitrary programs with root privileges by leveraging Virtual Appliance Management Interface. Rated critical severity (CVSS 9.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Code Injection VMware RCE Vcenter Server Appliance
NVD
CVSS 2.0
9.0
EPSS
0.5%
CVE-2013-3062 MEDIUM This Month

The CP_RC_TRANSACTION_CALL_BY_SET function in the Engineering Workbench component in SAP Production Planning and Control allows remote authenticated users to bypass intended transaction restrictions. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Privilege Escalation SAP Production Planning And Control
NVD
CVSS 2.0
6.5
EPSS
0.4%
CVE-2013-3061 MEDIUM This Month

The ISHMED-PATRED_TRANSACT_RFCCALL function in the IS-H Industry-Specific Component Hospital subsystem in SAP Healthcare Industry Solution, and the SAP ERP central component (aka ECC 6), allows. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Privilege Escalation SAP Erp Central Component Healthcare Industry Solution
NVD
CVSS 2.0
6.5
EPSS
0.2%
CVE-2013-3063 MEDIUM This Month

SAP BASIS Communication Services 4.6B through 7.30 allows remote authenticated users to execute arbitrary commands via unspecified vectors. Rated medium severity (CVSS 6.0), this vulnerability is remotely exploitable. No vendor patch available.

Information Disclosure SAP Basis Communication Services
NVD
CVSS 2.0
6.0
EPSS
0.5%
CVE-2013-0127 MEDIUM This Month

IBM Lotus Notes 8.x before 8.5.3 FP4 Interim Fix 1 and 9.0 before Interim Fix 1 does not block APPLET elements in HTML e-mail, which allows remote attackers to bypass intended restrictions on Java. Rated medium severity (CVSS 5.8), this vulnerability is remotely exploitable. No vendor patch available.

Privilege Escalation RCE Java IBM Lotus Notes
NVD
CVSS 2.0
5.8
EPSS
1.1%
CVE-2012-4952 MEDIUM This Month

Henry Schein Dentrix G5 before 15.1.294 has a single internal-database password that is shared across different customers' installations, which allows remote attackers to obtain sensitive information. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass G5
NVD
CVSS 2.0
5.0
EPSS
1.6%
CVE-2013-1230 MEDIUM This Month

Cisco Unified Communications Domain Manager allows remote attackers to cause a denial of service (CPU consumption) via a flood of malformed UDP packets, aka Bug ID CSCug47057. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Buffer Overflow Denial Of Service Cisco Unified Communications Domain Manager
NVD
CVSS 2.0
5.0
EPSS
0.5%
CVE-2013-1229 MEDIUM This Month

TMSSNMPService.exe in TelePresence Manager in Cisco TelePresence Management Suite (TMS) on 64-bit platforms allows remote attackers to cause a denial of service (process crash) via SNMP traps, aka. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Cisco Telepresence Management Suite
NVD
CVSS 2.0
5.0
EPSS
0.5%
CVE-2013-0666 MEDIUM This Month

The configuration utility in MatrikonOPC Security Gateway 1.0 allows remote attackers to cause a denial of service (unhandled exception and application crash) via a TCP RST packet. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Matrikonopc Security Gateway
NVD
CVSS 2.0
5.0
EPSS
0.5%
CVE-2013-1156 MEDIUM This Month

Directory traversal vulnerability in Cisco Prime Central for Hosted Collaboration Solution allows remote attackers to read arbitrary files via a crafted URL, aka Bug ID CSCud51034. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Path Traversal Cisco Prime Central For Hosted Collaboration Solution
NVD
CVSS 2.0
5.0
EPSS
0.2%
CVE-2013-0538 MEDIUM This Month

Cross-site scripting (XSS) vulnerability in IBM Lotus Notes 8.x before 8.5.3 FP4 Interim Fix 1 and 9.0 before Interim Fix 1 allows remote attackers to inject arbitrary web script or HTML via a SCRIPT. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

IBM XSS Lotus Notes
NVD
CVSS 2.0
4.3
EPSS
0.5%
CVE-2013-0141 MEDIUM This Month

Directory traversal vulnerability in McAfee ePolicy Orchestrator (ePO) before 4.5.7 and 4.6.x before 4.6.6 allows remote attackers to upload arbitrary files via a crafted request over the. Rated medium severity (CVSS 4.3). No vendor patch available.

Path Traversal Epolicy Orchestrator
NVD
CVSS 2.0
4.3
EPSS
0.4%
CVE-2013-1160 MEDIUM This Month

Cross-site scripting (XSS) vulnerability in the OpenView web menus in Cisco Prime Central for Hosted Collaboration Solution allows remote attackers to inject arbitrary web script or HTML via an. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

Cisco XSS Prime Central For Hosted Collaboration Solution
NVD
CVSS 2.0
4.3
EPSS
0.3%
CVE-2013-1159 MEDIUM This Month

Cross-site scripting (XSS) vulnerability in the Netcool Impact (NCI) web menus in Cisco Prime Central for Hosted Collaboration Solution allows remote attackers to inject arbitrary web script or HTML. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

Cisco XSS Prime Central For Hosted Collaboration Solution
NVD
CVSS 2.0
4.3
EPSS
0.3%
CVE-2013-1158 MEDIUM This Month

Cross-site scripting (XSS) vulnerability in the IBM Tivoli Monitoring (ITM) help menus in Cisco Prime Central for Hosted Collaboration Solution allows remote attackers to inject arbitrary web script. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

IBM Cisco XSS Prime Central For Hosted Collaboration Solution
NVD
CVSS 2.0
4.3
EPSS
0.3%
CVE-2013-1157 MEDIUM This Month

Cross-site scripting (XSS) vulnerability in the IBM Tivoli Monitoring (ITM) Java servlet container in Cisco Prime Central for Hosted Collaboration Solution allows remote attackers to inject arbitrary. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

IBM Java Cisco XSS Prime Central For Hosted Collaboration Solution
NVD
CVSS 2.0
4.3
EPSS
0.2%
CVE-2013-3107 MEDIUM This Month

VMware vCenter Server 5.1 before Update 1, when anonymous LDAP binding for Active Directory is enabled, allows remote attackers to bypass authentication by providing a valid username in conjunction. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

Privilege Escalation VMware Vcenter Server Appliance
NVD
CVSS 2.0
4.3
EPSS
0.1%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy