Skip to main content
CVE-2013-4808 CRITICAL Act Now

Unspecified vulnerability in HP Service Manager 7.11, 9.21, 9.30, and 9.31 and Service Center 6.2.8 allows remote attackers to obtain privileged access via unknown vectors. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure HP Service Center Service Manager
NVD
CVSS 2.0
10.0
EPSS
4.2%
CVE-2013-4073 MEDIUM This Month

The OpenSSL::SSL.verify_certificate_identity function in lib/openssl/ssl.rb in Ruby 1.8 before 1.8.7-p374, 1.9 before 1.9.3-p448, and 2.0 before 2.0.0-p247 does not properly handle a '\0' character. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable. No vendor patch available.

OpenSSL Information Disclosure Ruby
NVD
CVSS 2.0
6.8
EPSS
2.7%
CVE-2013-4248 MEDIUM This Month

The openssl_x509_parse function in openssl.c in the OpenSSL module in PHP before 5.4.18 and 5.5.x before 5.5.2 does not properly handle a '\0' character in a domain name in the Subject Alternative. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

PHP OpenSSL Information Disclosure Ubuntu Linux Enterprise Linux
NVD
CVSS 2.0
4.3
EPSS
9.9%
CVE-2013-4238 MEDIUM PATCH This Month

The ssl.match_hostname function in the SSL module in Python 2.6 through 3.4 does not properly handle a '\0' character in a domain name in the Subject Alternative Name field of an X.509 certificate,. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable.

Python Information Disclosure Ubuntu Linux Opensuse
NVD
CVSS 2.0
4.3
EPSS
1.4%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy