Skip to main content
CVE-2013-1847 MEDIUM POC THREAT This Month

The mod_dav_svn Apache HTTPD server module in Subversion 1.6.0 through 1.6.20 and 1.7.0 through 1.7.8 allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via an. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and EPSS exploitation probability 44.3%.

Denial Of Service Apache Subversion
NVD Exploit-DB
CVSS 2.0
5.0
EPSS
44.3%
CVE-2013-1338 CRITICAL Emergency

Use-after-free vulnerability in Microsoft Internet Explorer 6 through 10 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to a deleted object, aka. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Epss exploitation probability 33.5% and no vendor patch available.

Denial Of Service Microsoft RCE Internet Explorer
NVD
CVSS 2.0
9.3
EPSS
33.5%
CVE-2013-1884 MEDIUM POC THREAT This Month

The mod_dav_svn Apache HTTPD server module in Subversion 1.7.0 through 1.7.8 allows remote attackers to cause a denial of service (segmentation fault and crash) via a log REPORT request with an. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and EPSS exploitation probability 31.6%.

Buffer Overflow Denial Of Service Apache Subversion
NVD Exploit-DB
CVSS 2.0
5.0
EPSS
31.6%
CVE-2013-1091 CRITICAL Act Now

Stack-based buffer overflow in Novell iPrint Client before 5.90 allows remote attackers to execute arbitrary code via unspecified vectors. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. Epss exploitation probability 12.7% and no vendor patch available.

Buffer Overflow RCE Iprint
NVD
CVSS 2.0
10.0
EPSS
12.7%
CVE-2012-0864 MEDIUM POC This Month

Integer overflow in the vfprintf function in stdio-common/vfprintf.c in glibc 2.14 and other versions allows context-dependent attackers to bypass the FORTIFY_SOURCE protection mechanism, conduct. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable. Public exploit code available and no vendor patch available.

Buffer Overflow Glibc
NVD
CVSS 2.0
6.8
EPSS
3.0%
CVE-2013-3266 HIGH PATCH This Week

The nfsrvd_readdir function in sys/fs/nfsserver/nfs_nfsdport.c in the new NFS server in FreeBSD 8.0 through 9.1-RELEASE-p3 does not verify that a READDIR request is for a directory node, which allows. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity.

Buffer Overflow Denial Of Service RCE Freebsd
NVD
CVSS 2.0
7.5
EPSS
2.3%
CVE-2013-1849 MEDIUM This Month

The mod_dav_svn Apache HTTPD server module in Subversion 1.6.x through 1.6.20 and 1.7.0 through 1.7.8 allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via a. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. Epss exploitation probability 15.3% and no vendor patch available.

Denial Of Service Apache Subversion
NVD
CVSS 2.0
4.3
EPSS
15.3%
CVE-2012-5222 MEDIUM This Month

HP Service Manager Web Tier 9.31 before 9.31.2004 p2 allows remote attackers to obtain sensitive information via unspecified vectors. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure HP Service Manager Web Tier
NVD
CVSS 2.0
5.0
EPSS
0.8%
CVE-2012-5657 MEDIUM PATCH This Month

The (1) Zend_Feed_Rss and (2) Zend_Feed_Atom classes in Zend_Feed in Zend Framework 1.11.x before 1.11.15 and 1.12.x before 1.12.1 allow remote attackers to read arbitrary files, send HTTP requests. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

Denial Of Service Information Disclosure XXE Zend Framework
NVD
CVSS 2.0
5.0
EPSS
0.7%
CVE-2013-0306 MEDIUM PATCH This Month

The form library in Django 1.3.x before 1.3.6, 1.4.x before 1.4.4, and 1.5 before release candidate 2 allows remote attackers to bypass intended resource limits for formsets and cause a denial of. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity.

Python Denial Of Service Django Ubuntu Linux
NVD
CVSS 2.0
5.0
EPSS
0.2%
CVE-2013-2944 MEDIUM PATCH This Month

strongSwan 4.3.5 through 5.0.3, when using the OpenSSL plugin for ECDSA signature verification, allows remote attackers to authenticate as other users via an invalid signature. Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable. This Improper Authentication vulnerability could allow attackers to bypass authentication mechanisms to gain unauthorized access.

OpenSSL Authentication Bypass Strongswan
NVD
CVSS 2.0
4.9
EPSS
0.3%
CVE-2013-2321 MEDIUM This Month

Cross-site scripting (XSS) vulnerability in HP Service Manager Web Tier 9.31 before 9.31.2004 p2 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

HP XSS Service Manager Web Tier
NVD
CVSS 2.0
4.3
EPSS
0.6%
CVE-2012-4481 MEDIUM This Month

The safe-level feature in Ruby 1.8.7 allows context-dependent attackers to modify strings via the NameError#to_s method when operating on Ruby objects. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

Privilege Escalation Ruby
NVD
CVSS 2.0
4.3
EPSS
0.5%
CVE-2013-1846 MEDIUM This Month

The mod_dav_svn Apache HTTPD server module in Subversion 1.6.x before 1.6.21 and 1.7.0 through 1.7.8 allows remote authenticated users to cause a denial of service (NULL pointer dereference and. Rated medium severity (CVSS 4.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Buffer Overflow Denial Of Service Apache Subversion Opensuse
NVD
CVSS 2.0
4.0
EPSS
1.9%
CVE-2013-0582 MEDIUM This Month

Cross-site scripting (XSS) vulnerability in IBM Tivoli Federated Identity Manager (TFIM) 6.2.0 before 6.2.0.12, 6.2.1 before 6.2.1.5, and 6.2.2 before 6.2.2.4 and Tivoli Federated Identity Manager. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

IBM XSS Tivoli Federated Identity Manager Tivoli Federated Identity Manager Business Gateway
NVD
CVSS 2.0
4.3
EPSS
0.3%
CVE-2013-0305 MEDIUM PATCH This Month

The administrative interface for Django 1.3.x before 1.3.6, 1.4.x before 1.4.4, and 1.5 before release candidate 2 does not check permissions for the history view, which allows remote authenticated. Rated medium severity (CVSS 4.0), this vulnerability is remotely exploitable, low attack complexity. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

Python Information Disclosure Django Ubuntu Linux
NVD
CVSS 2.0
4.0
EPSS
0.2%
CVE-2013-0535 LOW Monitor

Multiple cross-site scripting (XSS) vulnerabilities in the Classic Meeting Server in IBM Sametime 7.5.1.2 through 8.5.2.1 allow remote authenticated users to inject arbitrary web script or HTML via. Rated low severity (CVSS 3.5), this vulnerability is remotely exploitable. No vendor patch available.

IBM XSS Classic Meeting Server Lotus Sametime
NVD
CVSS 2.0
3.5
EPSS
0.2%
CVE-2013-1845 LOW Monitor

The mod_dav_svn Apache HTTPD server module in Subversion 1.6.x before 1.6.21 and 1.7.0 through 1.7.8 allows remote authenticated users to cause a denial of service (memory consumption) by (1) setting. Rated low severity (CVSS 2.1), this vulnerability is remotely exploitable. No vendor patch available.

Buffer Overflow Denial Of Service Apache Subversion Opensuse
NVD
CVSS 2.0
2.1
EPSS
1.8%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy