Skip to main content
CVE-2013-3062 MEDIUM This Month

The CP_RC_TRANSACTION_CALL_BY_SET function in the Engineering Workbench component in SAP Production Planning and Control allows remote authenticated users to bypass intended transaction restrictions. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Privilege Escalation SAP Production Planning And Control
NVD
CVSS 2.0
6.5
EPSS
0.4%
CVE-2013-3061 MEDIUM This Month

The ISHMED-PATRED_TRANSACT_RFCCALL function in the IS-H Industry-Specific Component Hospital subsystem in SAP Healthcare Industry Solution, and the SAP ERP central component (aka ECC 6), allows. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Privilege Escalation SAP Erp Central Component Healthcare Industry Solution
NVD
CVSS 2.0
6.5
EPSS
0.2%
CVE-2013-3063 MEDIUM This Month

SAP BASIS Communication Services 4.6B through 7.30 allows remote authenticated users to execute arbitrary commands via unspecified vectors. Rated medium severity (CVSS 6.0), this vulnerability is remotely exploitable. No vendor patch available.

Information Disclosure SAP Basis Communication Services
NVD
CVSS 2.0
6.0
EPSS
0.5%
CVE-2013-0127 MEDIUM This Month

IBM Lotus Notes 8.x before 8.5.3 FP4 Interim Fix 1 and 9.0 before Interim Fix 1 does not block APPLET elements in HTML e-mail, which allows remote attackers to bypass intended restrictions on Java. Rated medium severity (CVSS 5.8), this vulnerability is remotely exploitable. No vendor patch available.

Privilege Escalation RCE Java IBM Lotus Notes
NVD
CVSS 2.0
5.8
EPSS
1.1%
CVE-2012-4952 MEDIUM This Month

Henry Schein Dentrix G5 before 15.1.294 has a single internal-database password that is shared across different customers' installations, which allows remote attackers to obtain sensitive information. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass G5
NVD
CVSS 2.0
5.0
EPSS
1.6%
CVE-2013-1230 MEDIUM This Month

Cisco Unified Communications Domain Manager allows remote attackers to cause a denial of service (CPU consumption) via a flood of malformed UDP packets, aka Bug ID CSCug47057. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Buffer Overflow Denial Of Service Cisco Unified Communications Domain Manager
NVD
CVSS 2.0
5.0
EPSS
0.5%
CVE-2013-1229 MEDIUM This Month

TMSSNMPService.exe in TelePresence Manager in Cisco TelePresence Management Suite (TMS) on 64-bit platforms allows remote attackers to cause a denial of service (process crash) via SNMP traps, aka. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Cisco Telepresence Management Suite
NVD
CVSS 2.0
5.0
EPSS
0.5%
CVE-2013-0666 MEDIUM This Month

The configuration utility in MatrikonOPC Security Gateway 1.0 allows remote attackers to cause a denial of service (unhandled exception and application crash) via a TCP RST packet. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Matrikonopc Security Gateway
NVD
CVSS 2.0
5.0
EPSS
0.5%
CVE-2013-1156 MEDIUM This Month

Directory traversal vulnerability in Cisco Prime Central for Hosted Collaboration Solution allows remote attackers to read arbitrary files via a crafted URL, aka Bug ID CSCud51034. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Path Traversal Cisco Prime Central For Hosted Collaboration Solution
NVD
CVSS 2.0
5.0
EPSS
0.2%
CVE-2013-0538 MEDIUM This Month

Cross-site scripting (XSS) vulnerability in IBM Lotus Notes 8.x before 8.5.3 FP4 Interim Fix 1 and 9.0 before Interim Fix 1 allows remote attackers to inject arbitrary web script or HTML via a SCRIPT. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

IBM XSS Lotus Notes
NVD
CVSS 2.0
4.3
EPSS
0.5%
CVE-2013-0141 MEDIUM This Month

Directory traversal vulnerability in McAfee ePolicy Orchestrator (ePO) before 4.5.7 and 4.6.x before 4.6.6 allows remote attackers to upload arbitrary files via a crafted request over the. Rated medium severity (CVSS 4.3). No vendor patch available.

Path Traversal Epolicy Orchestrator
NVD
CVSS 2.0
4.3
EPSS
0.4%
CVE-2013-1160 MEDIUM This Month

Cross-site scripting (XSS) vulnerability in the OpenView web menus in Cisco Prime Central for Hosted Collaboration Solution allows remote attackers to inject arbitrary web script or HTML via an. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

Cisco XSS Prime Central For Hosted Collaboration Solution
NVD
CVSS 2.0
4.3
EPSS
0.3%
CVE-2013-1159 MEDIUM This Month

Cross-site scripting (XSS) vulnerability in the Netcool Impact (NCI) web menus in Cisco Prime Central for Hosted Collaboration Solution allows remote attackers to inject arbitrary web script or HTML. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

Cisco XSS Prime Central For Hosted Collaboration Solution
NVD
CVSS 2.0
4.3
EPSS
0.3%
CVE-2013-1158 MEDIUM This Month

Cross-site scripting (XSS) vulnerability in the IBM Tivoli Monitoring (ITM) help menus in Cisco Prime Central for Hosted Collaboration Solution allows remote attackers to inject arbitrary web script. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

IBM Cisco XSS Prime Central For Hosted Collaboration Solution
NVD
CVSS 2.0
4.3
EPSS
0.3%
CVE-2013-1157 MEDIUM This Month

Cross-site scripting (XSS) vulnerability in the IBM Tivoli Monitoring (ITM) Java servlet container in Cisco Prime Central for Hosted Collaboration Solution allows remote attackers to inject arbitrary. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

IBM Java Cisco XSS Prime Central For Hosted Collaboration Solution
NVD
CVSS 2.0
4.3
EPSS
0.2%
CVE-2013-3107 MEDIUM This Month

VMware vCenter Server 5.1 before Update 1, when anonymous LDAP binding for Active Directory is enabled, allows remote attackers to bypass authentication by providing a valid username in conjunction. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

Privilege Escalation VMware Vcenter Server Appliance
NVD
CVSS 2.0
4.3
EPSS
0.1%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy