Skip to main content
CVE-2013-1675 MEDIUM POC KEV THREAT This Month

Mozilla Firefox before 21.0, Firefox ESR 17.x before 17.0.6, Thunderbird before 17.0.6, and Thunderbird ESR 17.x before 17.0.6 do not properly initialize data structures for the. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Actively exploited in the wild (cisa kev) and public exploit code available.

Mozilla Information Disclosure
NVD VulDB
CVSS 3.1
6.5
EPSS
4.7%
Threat
4.4
CVE-2013-1670 MEDIUM POC THREAT This Month

The Chrome Object Wrapper (COW) implementation in Mozilla Firefox before 21.0, Firefox ESR 17.x before 17.0.6, Thunderbird before 17.0.6, and Thunderbird ESR 17.x before 17.0.6 does not prevent. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. Public exploit code available and EPSS exploitation probability 24.6%.

Mozilla Google XSS Firefox Thunderbird +2
NVD Exploit-DB
CVSS 2.0
4.3
EPSS
24.6%
CVE-2013-1673 MEDIUM This Month

The Mozilla Updater in Mozilla Firefox before 21.0 on Windows does not properly maintain Mozilla Maintenance Service registry entries in certain situations involving upgrades from older Firefox. Rated medium severity (CVSS 6.9). No vendor patch available.

Privilege Escalation Mozilla Microsoft Firefox
NVD
CVSS 2.0
6.9
EPSS
0.0%
CVE-2013-1672 MEDIUM This Month

The Mozilla Maintenance Service in Mozilla Firefox before 21.0, Firefox ESR 17.x before 17.0.6, Thunderbird before 17.0.6, and Thunderbird ESR 17.x before 17.0.6 on Windows allows local users to. Rated medium severity (CVSS 6.9). No vendor patch available.

Privilege Escalation Mozilla Microsoft Firefox Thunderbird +1
NVD
CVSS 2.0
6.9
EPSS
0.0%
CVE-2013-1200 MEDIUM This Month

Session fixation vulnerability in Cisco Secure Access Control System (ACS) allows remote attackers to hijack web sessions via unspecified vectors, aka Bug ID CSCud95787. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable. No vendor patch available.

Cisco Authentication Bypass Secure Access Control System
NVD
CVSS 2.0
6.8
EPSS
0.4%
CVE-2013-2737 MEDIUM PATCH This Month

A JavaScript API in Adobe Reader and Acrobat 9.x before 9.5.5, 10.x before 10.1.7, and 11.x before 11.0.03 allows attackers to obtain sensitive information via unspecified vectors. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

Adobe Information Disclosure Acrobat Reader Acrobat
NVD
CVSS 2.0
5.0
EPSS
1.9%
CVE-2013-1188 MEDIUM This Month

Cisco Unified Communications Manager (CUCM) does not properly limit the rate of authentication attempts, which allows remote attackers to cause a denial of service (application slowdown) via a series. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Cisco Authentication Bypass Unified Communications Manager
NVD
CVSS 2.0
5.0
EPSS
0.7%
CVE-2013-1671 MEDIUM This Month

Mozilla Firefox before 21.0 does not properly implement the INPUT element, which allows remote attackers to obtain the full pathname via a crafted web site. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

Mozilla Information Disclosure Firefox
NVD
CVSS 2.0
4.3
EPSS
0.6%
CVE-2013-1245 MEDIUM This Month

The user-management page in Cisco WebEx Social relies on client-side validation of values in the Screen Name, First Name, Middle Name, Last Name, Email Address, and Job Title fields, which allows. Rated medium severity (CVSS 4.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Cisco Webex Social
NVD
CVSS 2.0
4.0
EPSS
0.2%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy