Skip to main content
CVE-2013-5647 HIGH POC PATCH This Week

lib/sounder/sound.rb in the sounder gem 1.0.1 for Ruby allows remote attackers to execute arbitrary commands via shell metacharacters in a filename. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

Code Injection RCE Sounder
NVD
CVSS 2.0
7.5
EPSS
2.7%
CVE-2013-3468 HIGH This Week

The Cisco Unified IP Phone 8945 with software 9.3(2) allows remote attackers to cause a denial of service (device hang) via a malformed PNG file, aka Bug ID CSCud04270. Rated high severity (CVSS 7.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Cisco Unified Ip Phone 8945 Unified Ip Phone Firmware
NVD
CVSS 2.0
7.8
EPSS
0.9%
CVE-2013-5209 HIGH PATCH This Week

The sctp_send_initiate_ack function in sys/netinet/sctp_output.c in the SCTP implementation in the kernel in FreeBSD 8.3 through 9.2-PRERELEASE does not properly initialize the state-cookie data. Rated high severity (CVSS 7.8), this vulnerability is remotely exploitable, low attack complexity. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

Information Disclosure Freebsd
NVD
CVSS 2.0
7.8
EPSS
0.6%
CVE-2013-5589 HIGH PATCH This Week

SQL injection vulnerability in cacti/host.php in Cacti 0.8.8b and earlier allows remote attackers to execute arbitrary SQL commands via the id parameter. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity.

PHP SQLi Debian Linux Cacti Opensuse
NVD
CVSS 2.0
7.5
EPSS
0.4%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy