Skip to main content
CVE-2013-2249 HIGH POC THREAT Act Now

mod_session_dbd.c in the mod_session_dbd module in the Apache HTTP Server before 2.4.5 proceeds with save operations for a session without considering the dirty flag and the requirement for a new. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and EPSS exploitation probability 43.7%.

Apache Information Disclosure Http Server Apache HTTP Server
NVD
CVSS 2.0
7.5
EPSS
43.7%
Threat
4.3
CVE-2013-4890 HIGH POC THREAT Act Now

The DMCRUIS/0.1 web server on the Samsung PS50C7700 TV allows remote attackers to cause a denial of service (daemon crash) via a long URI to TCP port 5600. Rated high severity (CVSS 7.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and EPSS exploitation probability 13.5%.

Samsung Denial Of Service Ps50C7700 Television Firmware Ps50C7700 Television
NVD Exploit-DB
CVSS 2.0
7.8
EPSS
13.5%
CVE-2013-2165 HIGH PATCH Act Now

ResourceBuilderImpl.java in the RichFaces 3.x through 5.x implementation in Red Hat JBoss Web Framework Kit before 2.3.0, Red Hat JBoss Web Platform through 5.2.0, Red Hat JBoss Enterprise. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. Epss exploitation probability 24.1%.

Red Hat Privilege Escalation Java Deserialization RCE +8
NVD
CVSS 2.0
7.5
EPSS
24.1%
CVE-2013-3012 CRITICAL Act Now

Unspecified vulnerability in the Java Runtime Environment (JRE) in IBM Java 1.4.2 before 1.4.2 SR13-FP18, 5.0 before 5.0 SR16-FP3, 6 before 6 SR14, 6.0.1 before 6.0.1 SR6, and 7 before 7 SR5 allows. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. No vendor patch available.

Java Information Disclosure IBM
NVD
CVSS 2.0
9.3
EPSS
7.4%
CVE-2013-3011 CRITICAL Act Now

Unspecified vulnerability in the Java Runtime Environment (JRE) in IBM Java 1.4.2 before 1.4.2 SR13-FP18, 5.0 before 5.0 SR16-FP3, 6 before 6 SR14, 6.0.1 before 6.0.1 SR6, and 7 before 7 SR5 allows. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. No vendor patch available.

Java Information Disclosure IBM
NVD
CVSS 2.0
9.3
EPSS
7.4%
CVE-2013-3009 CRITICAL Act Now

The com.ibm.CORBA.iiop.ClientDelegate class in IBM Java 1.4.2 before 1.4.2 SR13-FP18, 5.0 before 5.0 SR16-FP3, 6 before 6 SR14, 6.0.1 before 6.0.1 SR6, and 7 before 7 SR5 improperly exposes the. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. No vendor patch available.

Java Authentication Bypass IBM
NVD
CVSS 2.0
9.3
EPSS
4.3%
CVE-2013-3010 CRITICAL Act Now

Unspecified vulnerability in the Java Runtime Environment (JRE) in IBM Java 6.0.1 before 6.0.1 SR6 and 7 before 7 SR5 allows remote attackers to affect confidentiality, availability, and integrity. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. No vendor patch available.

Java Information Disclosure IBM
NVD
CVSS 2.0
9.3
EPSS
3.5%
CVE-2013-3008 CRITICAL Act Now

Unspecified vulnerability in the Java Runtime Environment (JRE) in IBM Java 7 before 7 SR5 allows remote attackers to affect confidentiality, availability, and integrity via unknown vectors, a. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. No vendor patch available.

Java Information Disclosure IBM
NVD
CVSS 2.0
9.3
EPSS
3.5%
CVE-2013-3006 CRITICAL Act Now

Unspecified vulnerability in the Java Runtime Environment (JRE) in IBM Java 7 before 7 SR5 allows remote attackers to affect confidentiality, availability, and integrity via unknown vectors, a. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. No vendor patch available.

Java Information Disclosure IBM
NVD
CVSS 2.0
9.3
EPSS
3.5%
CVE-2013-3007 CRITICAL Act Now

Unspecified vulnerability in the Java Runtime Environment (JRE) in IBM Java 6.0.1 before 6.0.1 SR6 and 7 before 7 SR5 allows remote attackers to affect confidentiality, availability, and integrity. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. No vendor patch available.

Java Information Disclosure IBM
NVD
CVSS 2.0
9.3
EPSS
2.6%
CVE-2013-4002 HIGH PATCH This Week

XMLscanner.java in Apache Xerces2 Java Parser before 2.12.0, as used in the Java Runtime Environment (JRE) in IBM Java 5.0 before 5.0 SR16-FP3, 6 before 6 SR14, 6.0.1 before 6.0.1 SR6, and 7 before 7. Rated high severity (CVSS 7.1), this vulnerability is remotely exploitable.

Java Denial Of Service Apache Oracle IBM +14
NVD
CVSS 2.0
7.1
EPSS
5.6%
CVE-2013-3437 MEDIUM This Month

SQL injection vulnerability in the management application in Cisco Unified Operations Manager allows remote authenticated users to execute arbitrary SQL commands via an entry field, aka Bug ID. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

SQLi Cisco Unified Operations Manager
NVD
CVSS 2.0
6.5
EPSS
0.6%
CVE-2013-3441 MEDIUM This Month

Cisco Aironet 3600 access points allow remote attackers to cause a denial of service (memory corruption and device crash) by disrupting Cisco Wireless LAN Controller communication and consequently. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable. No vendor patch available.

Buffer Overflow Denial Of Service Cisco Aironet 3600 Aironet 3600E +2
NVD
CVSS 2.0
5.4
EPSS
0.7%
CVE-2013-3435 MEDIUM This Month

The Cisco Unified IP Conference Station 7937G allows remote attackers to cause a denial of service (networking outage) via a flood of TCP packets, aka Bug ID CSCuh42052. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Cisco Unified Ip Conference Station 7937G Firmware Unified Ip Conference Station 7937G
NVD
CVSS 2.0
5.0
EPSS
0.5%
CVE-2013-3440 MEDIUM This Month

Multiple cross-site scripting (XSS) vulnerabilities in the administrative web interface in Cisco Unified Operations Manager allow remote attackers to inject arbitrary web script or HTML, and obtain. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

Cisco XSS Unified Operations Manager
NVD
CVSS 2.0
4.3
EPSS
0.4%
CVE-2013-3439 MEDIUM This Month

Cross-site scripting (XSS) vulnerability in Cisco Unified Operations Manager allows remote attackers to inject arbitrary web script or HTML via a crafted URL in an unspecified HTTP header field, aka. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

Cisco XSS Unified Operations Manager
NVD
CVSS 2.0
4.3
EPSS
0.3%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy