Skip to main content
CVE-2013-3535 MEDIUM POC THREAT This Month

Multiple cross-site scripting (XSS) vulnerabilities in CMSLogik 1.2.0 and 1.2.1 allow remote attackers to inject arbitrary web script or HTML via the (1) admin_email, (2) header_title, (3) site_title. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. Public exploit code available and EPSS exploitation probability 12.3%.

CSRF XSS Cmslogik
NVD Exploit-DB
CVSS 2.0
4.3
EPSS
12.3%
CVE-2013-3538 MEDIUM POC This Month

Multiple cross-site scripting (XSS) vulnerabilities in todooforum.php in Todoo Forum 2.0 allow remote attackers to inject arbitrary web script or HTML via the (1) id_post or (2) pg parameter. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. Public exploit code available and no vendor patch available.

PHP XSS Todoo Forum
NVD Exploit-DB
CVSS 2.0
4.3
EPSS
3.5%
CVE-2013-2020 MEDIUM PATCH This Month

Integer underflow in the cli_scanpe function in pe.c in ClamAV before 0.97.8 allows remote attackers to cause a denial of service (crash) via a skewed offset larger than the size of the PE section in. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity.

Buffer Overflow Denial Of Service Ubuntu Linux Linux Enterprise Server Clamav
NVD GitHub
CVSS 2.0
5.0
EPSS
7.7%
CVE-2013-2021 MEDIUM This Month

pdf.c in ClamAV 0.97.1 through 0.97.7 allows remote attackers to cause a denial of service (out-of-bounds-read) via a crafted length value in an encrypted PDF file. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

Buffer Overflow Denial Of Service Ubuntu Linux Linux Enterprise Server Clamav
NVD GitHub
CVSS 2.0
4.3
EPSS
8.7%
CVE-2013-1918 MEDIUM This Month

Certain page table manipulation operations in Xen 4.1.x, 4.2.x, and earlier are not preemptible, which allows local PV kernels to cause a denial of service via vectors related to "deep page table. Rated medium severity (CVSS 4.7). No vendor patch available.

Buffer Overflow Denial Of Service Xen
NVD
CVSS 2.0
4.7
EPSS
0.1%
CVE-2013-1919 MEDIUM This Month

Xen 4.2.x and 4.1.x does not properly restrict access to IRQs, which allows local stub domain clients to gain access to IRQs and cause a denial of service via vectors related to "passed-through IRQs. Rated medium severity (CVSS 4.7). No vendor patch available.

Privilege Escalation Denial Of Service Xen
NVD
CVSS 2.0
4.7
EPSS
0.1%
CVE-2013-1136 MEDIUM This Month

The crypto engine process in Cisco IOS on Aggregation Services Router (ASR) Route Processor 2 does not properly manage memory, which allows local users to cause a denial of service (route processor. Rated medium severity (CVSS 4.6), this vulnerability is low attack complexity. No vendor patch available.

Denial Of Service Apple Cisco iOS
NVD
CVSS 2.0
4.6
EPSS
0.0%
CVE-2013-3534 MEDIUM This Month

Cross-site scripting (XSS) vulnerability in the aiContactSafe component before 2.0.21 for Joomla!. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

XSS Aicontactsafe
NVD
CVSS 2.0
4.3
EPSS
0.3%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy