Skip to main content
CVE-2013-3665 MEDIUM PATCH This Month

Unspecified vulnerability in Autodesk AutoCAD through 2014, AutoCAD LT through 2014, and DWG TrueView through 2014 allows remote attackers to execute arbitrary code via a crafted DWG file. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable.

RCE Autocad Autocad Architecture Autocad Civil 3D Autocad Ecscad +10
NVD
CVSS 2.0
6.8
EPSS
1.1%
CVE-2013-4872 MEDIUM This Month

Google Glass before XE6 does not properly restrict the processing of QR codes, which allows physically proximate attackers to modify the configuration or redirect users to arbitrary web sites via a. Rated medium severity (CVSS 6.9). No vendor patch available.

Privilege Escalation Google Glass
NVD
CVSS 2.0
6.9
EPSS
0.0%
CVE-2013-3434 MEDIUM This Month

Untrusted search path vulnerability in Cisco Unified Communications Manager (CUCM) 7.1(x) through 9.1(1a) allows local users to gain privileges by leveraging unspecified file-permission and. Rated medium severity (CVSS 6.8), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Cisco Unified Communications Manager
NVD
CVSS 2.0
6.8
EPSS
0.4%
CVE-2013-3403 MEDIUM This Month

Multiple untrusted search path vulnerabilities in Cisco Unified Communications Manager (CUCM) 7.1(x) through 9.1(1a) allow local users to gain privileges by leveraging unspecified file-permission and. Rated medium severity (CVSS 6.8), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Cisco Unified Communications Manager
NVD
CVSS 2.0
6.8
EPSS
0.1%
CVE-2013-3420 MEDIUM This Month

Cross-site request forgery (CSRF) vulnerability in the web framework on the Cisco Identity Services Engine (ISE) allows remote attackers to hijack the authentication of arbitrary users, aka Bug ID. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable. No vendor patch available.

CSRF Cisco Identity Services Engine Software Identity Services Engine
NVD
CVSS 2.0
6.8
EPSS
0.1%
CVE-2013-3433 MEDIUM This Month

Untrusted search path vulnerability in Cisco Unified Communications Manager (CUCM) 7.1(x) through 9.1(1a) allows local users to gain privileges by leveraging unspecified file-permission and. Rated medium severity (CVSS 6.8), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Cisco Unified Communications Manager
NVD
CVSS 2.0
6.8
EPSS
0.1%
CVE-2013-3402 MEDIUM This Month

An unspecified function in Cisco Unified Communications Manager (CUCM) 7.1(x) through 9.1(2) allows remote authenticated users to execute arbitrary commands via unknown vectors, aka Bug ID CSCuh73440. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Code Injection Cisco RCE Unified Communications Manager
NVD
CVSS 2.0
6.5
EPSS
0.6%
CVE-2013-3412 MEDIUM This Month

SQL injection vulnerability in Cisco Unified Communications Manager (CUCM) 7.1(x) through 9.1(2) allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors, aka Bug. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

SQLi Cisco Unified Communications Manager
NVD
CVSS 2.0
6.5
EPSS
0.3%
CVE-2013-4874 MEDIUM This Month

The Uboot bootloader on the Verizon Wireless Network Extender SCS-26UC4 allows physically proximate attackers to obtain root access by connecting a crafted HDMI cable and using a sys session to. Rated medium severity (CVSS 6.2). No vendor patch available.

Authentication Bypass Wireless Network Extender
NVD
CVSS 2.0
6.2
EPSS
0.6%
CVE-2013-4876 MEDIUM This Month

The Verizon Wireless Network Extender SCS-2U01 has a hardcoded password for the root account, which makes it easier for physically proximate attackers to obtain administrative access by leveraging a. Rated medium severity (CVSS 6.2). No vendor patch available.

Authentication Bypass Wireless Network Extender
NVD
CVSS 2.0
6.2
EPSS
0.3%
CVE-2013-4875 MEDIUM This Month

The Uboot bootloader on the Verizon Wireless Network Extender SCS-2U01 allows physically proximate attackers to bypass the intended boot process and obtain a login prompt by connecting a crafted HDMI. Rated medium severity (CVSS 6.2). No vendor patch available.

Authentication Bypass Wireless Network Extender
NVD
CVSS 2.0
6.2
EPSS
0.2%
CVE-2013-4668 MEDIUM PATCH This Month

Directory traversal vulnerability in File Roller 3.6.x before 3.6.4, 3.8.x before 3.8.3, and 3.9.x before 3.9.3, when libarchive is used, allows remote attackers to create arbitrary files via a. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. This Path Traversal vulnerability could allow attackers to access files and directories outside the intended path.

Path Traversal File Roller Ubuntu Linux
NVD
CVSS 2.0
5.0
EPSS
1.3%
CVE-2013-4873 MEDIUM PATCH This Month

The Yahoo!. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity.

Apple Authentication Bypass Tumblr
NVD
CVSS 2.0
5.0
EPSS
0.4%
CVE-2013-3426 MEDIUM This Month

The Serviceability servlet on Cisco 9900 IP phones does not properly restrict paths, which allows remote attackers to read arbitrary files by specifying a pathname in a file request, aka Bug ID. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Privilege Escalation Cisco Unified Ip Phones 9900 Series Firmware Unified Ip Phone 9951 Unified Ip Phone 9971
NVD
CVSS 2.0
5.0
EPSS
0.4%
CVE-2013-4779 MEDIUM This Month

Cross-site scripting (XSS) vulnerability in core/handleTw.php on the Siemens Enterprise OpenScape Branch appliance and OpenScape Session Border Controller (SBC) before 2 R0.32.0, and 7 before 7. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

PHP Siemens XSS Openscape Session Border Controller Enterprise Openscape Branch
NVD
CVSS 2.0
4.3
EPSS
0.2%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy