Skip to main content
CVE-2013-0143 MEDIUM POC This Month

cgi-bin/pingping.cgi on QNAP VioStor NVR devices with firmware 4.0.3, and in the Surveillance Station Pro component in QNAP NAS, allows remote authenticated users to execute arbitrary commands by. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Code Injection Qnap RCE Viostor Network Video Recorder Surveillance Station Pro +1
NVD Exploit-DB
CVSS 2.0
6.5
EPSS
7.2%
CVE-2013-2852 MEDIUM POC This Month

Format string vulnerability in the b43_request_firmware function in drivers/net/wireless/b43/main.c in the Broadcom B43 wireless driver in the Linux kernel through 3.9.4 allows local users to gain. Rated medium severity (CVSS 6.9). Public exploit code available and no vendor patch available.

Broadcom Linux Information Disclosure Linux Kernel Debian Linux +1
NVD Exploit-DB
CVSS 2.0
6.9
EPSS
0.2%
CVE-2013-2850 HIGH Act Now

Heap-based buffer overflow in the iscsi_add_notunderstood_response function in drivers/target/iscsi/iscsi_target_parameters.c in the iSCSI target subsystem in the Linux kernel through 3.9.4 allows. Rated high severity (CVSS 7.9). Epss exploitation probability 13.3% and no vendor patch available.

Buffer Overflow Denial Of Service Linux RCE Linux Kernel
NVD GitHub
CVSS 2.0
7.9
EPSS
13.3%
CVE-2013-2146 MEDIUM POC PATCH This Month

arch/x86/kernel/cpu/perf_event_intel.c in the Linux kernel before 3.8.9, when the Performance Events Subsystem is enabled, specifies an incorrect bitmask, which allows local users to cause a denial. Rated medium severity (CVSS 4.7). Public exploit code available.

Denial Of Service Linux Linux Kernel
NVD GitHub
CVSS 2.0
4.7
EPSS
0.0%
CVE-2013-1929 MEDIUM POC PATCH This Month

Heap-based buffer overflow in the tg3_read_vpd function in drivers/net/ethernet/broadcom/tg3.c in the Linux kernel before 3.8.6 allows physically proximate attackers to cause a denial of service. Rated medium severity (CVSS 4.4). Public exploit code available.

Broadcom Denial Of Service Linux Buffer Overflow RCE +1
NVD GitHub
CVSS 2.0
4.4
EPSS
0.1%
CVE-2013-0144 MEDIUM This Month

Cross-site request forgery (CSRF) vulnerability in cgi-bin/create_user.cgi on QNAP VioStor NVR devices with firmware 4.0.3 allows remote attackers to hijack the authentication of administrators for. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable. No vendor patch available.

CSRF Qnap Viostor Network Video Recorder
NVD
CVSS 2.0
6.8
EPSS
0.1%
CVE-2013-2141 LOW POC PATCH Monitor

The do_tkill function in kernel/signal.c in the Linux kernel before 3.8.9 does not initialize a certain data structure, which allows local users to obtain sensitive information from kernel memory via. Rated low severity (CVSS 2.1), this vulnerability is low attack complexity. Public exploit code available.

Linux Information Disclosure Linux Kernel
NVD GitHub
CVSS 2.0
2.1
EPSS
0.0%
CVE-2013-2851 MEDIUM This Month

Format string vulnerability in the register_disk function in block/genhd.c in the Linux kernel through 3.9.4 allows local users to gain privileges by leveraging root access and writing format string. Rated medium severity (CVSS 6.0). No vendor patch available.

Linux Information Disclosure Linux Kernel
NVD
CVSS 2.0
6.0
EPSS
0.0%
CVE-2013-2128 MEDIUM PATCH This Month

The tcp_read_sock function in net/ipv4/tcp.c in the Linux kernel before 2.6.34 does not properly manage skb consumption, which allows local users to cause a denial of service (system crash) via a. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. This Uncontrolled Resource Consumption vulnerability could allow attackers to cause denial of service by exhausting system resources.

Denial Of Service Linux Linux Kernel
NVD GitHub
CVSS 3.1
5.5
EPSS
0.1%
CVE-2013-0142 MEDIUM This Month

QNAP VioStor NVR devices with firmware 4.0.3, and the Surveillance Station Pro component in QNAP NAS, have a hardcoded guest account, which allows remote attackers to obtain web-server login access. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Qnap Authentication Bypass Viostor Network Video Recorder Surveillance Station Pro Nas
NVD
CVSS 2.0
5.0
EPSS
0.4%
CVE-2013-2147 LOW Monitor

The HP Smart Array controller disk-array driver and Compaq SMART2 controller disk-array driver in the Linux kernel through 3.9.4 do not initialize certain data structures, which allows local users to. Rated low severity (CVSS 2.1), this vulnerability is low attack complexity. No vendor patch available.

Linux HP Information Disclosure Linux Kernel Linux Enterprise Server
NVD
CVSS 2.0
2.1
EPSS
0.1%
CVE-2013-2148 LOW Monitor

The fill_event_metadata function in fs/notify/fanotify/fanotify_user.c in the Linux kernel through 3.9.4 does not initialize a certain structure member, which allows local users to obtain sensitive. Rated low severity (CVSS 2.1), this vulnerability is low attack complexity. No vendor patch available.

Linux Information Disclosure Linux Kernel
NVD
CVSS 2.0
2.1
EPSS
0.1%
CVE-2013-0947 LOW Monitor

EMC RSA Authentication Manager 8.0 before P1 allows local users to discover cleartext operating-system passwords, HTTP plug-in proxy passwords, and SNMP communities by reading a (1) log file or (2). Rated low severity (CVSS 2.1), this vulnerability is low attack complexity. No vendor patch available.

Authentication Bypass Authentication Manager
NVD
CVSS 2.0
2.1
EPSS
0.1%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy