Skip to main content
CVE-2013-4124 MEDIUM POC PATCH THREAT This Month

Integer overflow in the read_nttrans_ea_list function in nttrans.c in smbd in Samba 3.x before 3.5.22, 3.6.x before 3.6.17, and 4.x before 4.0.8 allows remote attackers to cause a denial of service. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and EPSS exploitation probability 83.5%.

Denial Of Service Ubuntu Linux Enterprise Linux Fedora Samba +1
NVD Exploit-DB
CVSS 2.0
5.0
EPSS
83.5%
Threat
5.0
CVE-2013-1629 MEDIUM POC PATCH THREAT This Month

pip before 1.3 uses HTTP to retrieve packages from the PyPI repository, and does not perform integrity checks on package contents, which allows man-in-the-middle attackers to execute arbitrary code. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable. Public exploit code available and EPSS exploitation probability 39.9%.

RCE Pip
NVD GitHub
CVSS 2.0
6.8
EPSS
39.9%
Threat
4.1
CVE-2013-5022 CRITICAL PATCH Act Now

Absolute path traversal vulnerability in the 3D Graph ActiveX control in cw3dgrph.ocx in National Instruments LabWindows/CVI 2012 SP1 and earlier, LabVIEW 2012 SP1 and earlier, and other products. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity.

Path Traversal Labview Labwindows Measurementstudio Teststand
NVD
CVSS 2.0
10.0
EPSS
1.4%
CVE-2013-5026 CRITICAL PATCH Act Now

An ActiveX control in lookout650.ocx, lookout660.ocx, and lookout670.ocx in National Instruments Lookout 6.5 through 6.7 allows remote attackers to execute arbitrary code by triggering the download. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable.

RCE Lookout
NVD
CVSS 2.0
9.3
EPSS
4.4%
CVE-2013-5021 CRITICAL Act Now

Multiple absolute path traversal vulnerabilities in National Instruments cwui.ocx, as used in National Instruments LabWindows/CVI 2012 SP1 and earlier, National Instruments LabVIEW 2012 SP1 and. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. No vendor patch available.

Abb Path Traversal Labview Labwindows Measurementstudio +2
NVD
CVSS 2.0
9.3
EPSS
0.7%
CVE-2013-1633 MEDIUM PATCH This Month

easy_install in setuptools before 0.7 uses HTTP to retrieve packages from the PyPI repository, and does not perform integrity checks on package contents, which allows man-in-the-middle attackers to. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable.

RCE Setuptools
NVD
CVSS 2.0
6.8
EPSS
0.8%
CVE-2013-1630 MEDIUM PATCH This Month

pyshop before 0.7.1 uses HTTP to retrieve packages from the PyPI repository, and does not perform integrity checks on package contents, which allows man-in-the-middle attackers to execute arbitrary. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable.

RCE Pyshop
NVD GitHub
CVSS 2.0
6.8
EPSS
0.5%
CVE-2013-3992 MEDIUM This Month

Cross-site request forgery (CSRF) vulnerability in IBM InfoSphere BigInsights 2.0 through 2.1 allows remote authenticated users to hijack the authentication of unspecified victims via unknown vectors. Rated medium severity (CVSS 6.0), this vulnerability is remotely exploitable. No vendor patch available.

CSRF IBM Infosphere Biginsights
NVD
CVSS 2.0
6.0
EPSS
0.2%
CVE-2013-3996 MEDIUM This Month

IBM InfoSphere BigInsights 1.1 through 2.1 does not properly handle FRAME elements, which makes it easier for remote authenticated users to conduct phishing attacks via a crafted web site. Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable. No vendor patch available.

Information Disclosure IBM Infosphere Biginsights
NVD
CVSS 2.0
4.9
EPSS
0.2%
CVE-2013-5025 MEDIUM PATCH This Month

An ActiveX control in exlauncher.dll in the Help subsystem in National Instruments LabWindows/CVI before 2013 allows remote attackers to cause a denial of service by triggering the display of local. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable.

Denial Of Service Labwindows
NVD
CVSS 2.0
4.3
EPSS
0.5%
CVE-2013-5023 MEDIUM This Month

The ActiveX controls in the HelpAsst component in NI Help Links in National Instruments LabWindows/CVI 2012 SP1 and earlier, LabVIEW 2012 SP1 and earlier, and other products allow remote attackers to. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

Denial Of Service Diadem Labview Labwindows Measurementstudio +1
NVD
CVSS 2.0
4.3
EPSS
0.5%
CVE-2013-5024 MEDIUM This Month

An ActiveX control in NationalInstruments.Help2.dll in National Instruments NI .NET Class Library Help, as used in Measurement Studio 2013 and earlier and other products, allows remote attackers to. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

Information Disclosure Measurementstudio
NVD
CVSS 2.0
4.3
EPSS
0.3%
CVE-2013-3995 LOW Monitor

Cross-site scripting (XSS) vulnerability in IBM InfoSphere BigInsights 1.1 through 2.1 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors. Rated low severity (CVSS 3.5), this vulnerability is remotely exploitable. No vendor patch available.

IBM XSS Infosphere Biginsights
NVD
CVSS 2.0
3.5
EPSS
0.2%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy