Skip to main content
CVE-2013-3666 HIGH This Week

The LG Hidden Menu component for Android on the LG Optimus G E973 allows physically proximate attackers to execute arbitrary commands by entering USB Debugging mode, using Android Debug Bridge (adb). Rated high severity (CVSS 7.2), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Google Android Optimus G E973
NVD
CVSS 2.0
7.2
EPSS
0.1%
CVE-2013-2069 HIGH This Week

Red Hat livecd-tools before 13.4.4, 17.x before 17.17, 18.x before 18.16, and 19.x before 19.3, when a rootpw directive is not set in a Kickstart file, sets the root user password to empty, which. Rated high severity (CVSS 7.2), this vulnerability is low attack complexity. No vendor patch available.

Red Hat Privilege Escalation Livecd Tools
NVD
CVSS 2.0
7.2
EPSS
0.1%
CVE-2013-1212 MEDIUM This Month

The SSL functionality in Cisco NX-OS on the Nexus 1000V does not properly verify X.509 certificates, which allows man-in-the-middle attackers to spoof servers, and intercept or modify Virtual. Rated medium severity (CVSS 5.8), this vulnerability is remotely exploitable. No vendor patch available.

VMware Information Disclosure Cisco Nx Os Nexus 1000V
NVD
CVSS 2.0
5.8
EPSS
0.2%
CVE-2013-1208 MEDIUM This Month

The encryption functionality in Cisco NX-OS on the Nexus 1000V does not properly handle Virtual Supervisor Module (VSM) to Virtual Ethernet Module (VEM) communication, which allows remote attackers. Rated medium severity (CVSS 5.8), this vulnerability is remotely exploitable. No vendor patch available.

Information Disclosure Cisco Nx Os
NVD
CVSS 2.0
5.8
EPSS
0.2%
CVE-2013-1962 MEDIUM This Month

The remoteDispatchStoragePoolListAllVolumes function in the storage pool manager in libvirt 1.0.5 allows remote attackers to cause a denial of service (file descriptor consumption) via a large number. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Libvirt
NVD
CVSS 2.0
5.0
EPSS
3.8%
CVE-2013-1210 MEDIUM This Month

Array index error in the Virtual Ethernet Module (VEM) kernel driver for VMware ESXi in Cisco NX-OS on the Nexus 1000V, when STUN debugging is enabled, allows remote attackers to cause a denial of. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable. No vendor patch available.

Buffer Overflow VMware Denial Of Service Cisco Nx Os
NVD
CVSS 2.0
5.4
EPSS
0.7%
CVE-2013-1213 MEDIUM This Month

Cisco NX-OS on the Nexus 1000V does not assign the proper priority to heartbeat messages from a Virtual Ethernet Module (VEM) to a Virtual Supervisor Module (VSM), which allows remote attackers to. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Cisco Nx Os Nexus 1000V
NVD
CVSS 2.0
5.0
EPSS
0.7%
CVE-2013-1211 MEDIUM This Month

Cisco NX-OS on the Nexus 1000V does not properly handle authentication for Virtual Ethernet Module (VEM) to Virtual Supervisor Module (VSM) communication, which allows remote attackers to obtain VEM. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

VMware Cisco Authentication Bypass Nx Os
NVD
CVSS 2.0
5.0
EPSS
0.4%
CVE-2013-2315 MEDIUM This Month

data/class/pages/forgot/LC_Page_Forgot.php in LOCKON EC-CUBE 2.11.0 through 2.12.3enP2 does not properly validate the input to the password reminder function, which allows remote attackers to obtain. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

PHP Information Disclosure Ec Cube
NVD
CVSS 2.0
5.0
EPSS
0.3%
CVE-2013-1209 MEDIUM This Month

The encryption functionality in the Virtual Supervisor Module (VSM) to Virtual Ethernet Module (VEM) communication component in Cisco NX-OS on the Nexus 1000V does not properly authenticate VSM/VEM. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Cisco Authentication Bypass Nx Os
NVD
CVSS 2.0
5.0
EPSS
0.1%
CVE-2013-0482 MEDIUM This Month

IBM WebSphere Application Server (WAS) 7.0 before 7.0.0.29, 8.0 before 8.0.0.6, and 8.5 through 8.5.0.2 and WebSphere Message Broker 6.1, 7.0 through 7.0.0.5, and 8.0 through 8.0.0.2, when. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

Information Disclosure IBM Websphere Application Server Websphere Message Broker
NVD
CVSS 2.0
4.3
EPSS
0.6%
CVE-2013-2314 MEDIUM This Month

Cross-site scripting (XSS) vulnerability in the adminAuthorization function in data/class/helper/SC_Helper_Session.php in LOCKON EC-CUBE 2.11.0 through 2.12.3enP2 allows remote attackers to inject. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

PHP XSS Ec Cube
NVD
CVSS 2.0
4.3
EPSS
0.3%
CVE-2013-2312 MEDIUM This Month

Cross-site scripting (XSS) vulnerability in the shopping-cart screen in LOCKON EC-CUBE 2.11.0 through 2.12.3enP2 allows remote attackers to inject arbitrary web script or HTML via a crafted URL. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

XSS Ec Cube
NVD
CVSS 2.0
4.3
EPSS
0.3%
CVE-2013-2313 MEDIUM This Month

Session fixation vulnerability in LOCKON EC-CUBE 2.11.0 through 2.12.3enP2 allows remote attackers to hijack web sessions via unspecified vectors. Rated medium severity (CVSS 4.0), this vulnerability is remotely exploitable. No vendor patch available.

Authentication Bypass Ec Cube
NVD
CVSS 2.0
4.0
EPSS
0.3%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy