Skip to main content
CVE-2013-2206 MEDIUM POC PATCH This Month

The sctp_sf_do_5_2_4_dupcook function in net/sctp/sm_statefuns.c in the SCTP implementation in the Linux kernel before 3.8.5 does not properly handle associations during the processing of a duplicate. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable. Public exploit code available.

Denial Of Service Linux Linux Kernel
NVD GitHub
CVSS 2.0
5.4
EPSS
3.2%
CVE-2013-4729 MEDIUM POC PATCH This Month

import.php in phpMyAdmin 4.x before 4.0.4.1 does not properly restrict the ability of input data to specify a file format, which allows remote authenticated users to modify the GLOBALS superglobal. Rated medium severity (CVSS 5.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

PHP Privilege Escalation Phpmyadmin
NVD GitHub
CVSS 2.0
5.5
EPSS
0.4%
CVE-2013-2232 MEDIUM POC PATCH This Month

The ip6_sk_dst_check function in net/ipv6/ip6_output.c in the Linux kernel before 3.10 allows local users to cause a denial of service (system crash) by using an AF_INET6 socket for a connection to. Rated medium severity (CVSS 4.9), this vulnerability is low attack complexity. Public exploit code available.

Denial Of Service Linux Linux Kernel
NVD GitHub
CVSS 2.0
4.9
EPSS
0.1%
CVE-2013-2224 MEDIUM This Month

A certain Red Hat patch for the Linux kernel 2.6.32 on Red Hat Enterprise Linux (RHEL) 6 allows local users to cause a denial of service (invalid free operation and system crash) or possibly gain. Rated medium severity (CVSS 6.9). No vendor patch available.

Red Hat Denial Of Service Linux Enterprise Linux
NVD
CVSS 2.0
6.9
EPSS
0.2%
CVE-2013-4650 MEDIUM This Month

MongoDB 2.4.x before 2.4.5 and 2.5.x before 2.5.1 allows remote authenticated users to obtain internal system privileges by leveraging a username of __system in an arbitrary database. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Privilege Escalation MongoDB
NVD
CVSS 2.0
6.5
EPSS
0.5%
CVE-2013-3413 MEDIUM This Month

Cross-site scripting (XSS) vulnerability in the search form in the administration/monitoring panel on the Cisco Identity Services Engine (ISE) allows remote attackers to inject arbitrary web script. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

Cisco XSS Identity Services Engine Software
NVD
CVSS 2.0
4.3
EPSS
0.2%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy