Skip to main content
CVE-2013-5672 MEDIUM POC This Month

Multiple cross-site request forgery (CSRF) vulnerabilities in the IndiaNIC Testimonial plugin 2.2 for WordPress allow remote attackers to hijack the authentication of administrators for requests that. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable. Public exploit code available and no vendor patch available.

CSRF PHP WordPress XSS Testimonial Plugin
NVD Exploit-DB
CVSS 2.0
6.8
EPSS
1.7%
CVE-2013-4243 MEDIUM PATCH This Month

Heap-based buffer overflow in the readgifimage function in the gif2tiff tool in libtiff 4.0.3 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable. Epss exploitation probability 18.7%.

Buffer Overflow Denial Of Service RCE Libtiff Debian Linux
NVD
CVSS 2.0
6.8
EPSS
18.7%
CVE-2013-4298 MEDIUM POC This Month

The ReadGIFImage function in coders/gif.c in ImageMagick before 6.7.8-8 allows remote attackers to cause a denial of service (memory corruption and application crash) via a crafted comment in a GIF. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. Public exploit code available and no vendor patch available.

Buffer Overflow Denial Of Service Imagemagick
NVD
CVSS 2.0
4.3
EPSS
0.9%
CVE-2013-4232 MEDIUM PATCH This Month

Use-after-free vulnerability in the t2p_readwrite_pdf_image function in tools/tiff2pdf.c in libtiff 4.0.3 allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable.

Denial Of Service RCE Libtiff Debian Linux
NVD
CVSS 2.0
6.8
EPSS
1.3%
CVE-2013-4169 MEDIUM PATCH This Month

GNOME Display Manager (gdm) before 2.21.1 allows local users to change permissions of arbitrary directories via a symlink attack on /tmp/.X11-unix/. Rated medium severity (CVSS 6.9).

Information Disclosure Gnome Display Manager
NVD
CVSS 2.0
6.9
EPSS
0.0%
CVE-2013-4283 MEDIUM PATCH This Month

ns-slapd in 389 Directory Server before 1.3.0.8 allows remote attackers to cause a denial of service (server crash) via a crafted Distinguished Name (DN) in a MOD operation request. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity.

Denial Of Service 389 Directory Server
NVD
CVSS 2.0
5.0
EPSS
0.8%
CVE-2013-5700 MEDIUM This Month

The Bloom Filter implementation in bitcoind and Bitcoin-Qt 0.8.x before 0.8.4rc1 allows remote attackers to cause a denial of service (divide-by-zero error and daemon crash) via a crafted sequence of. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Bitcoin Qt Bitcoin Core
NVD
CVSS 2.0
5.0
EPSS
0.5%
CVE-2013-4703 MEDIUM This Month

Cross-site scripting (XSS) vulnerability in the top-page customization feature in Cybozu Office before 9.3.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

Microsoft XSS Office
NVD
CVSS 2.0
4.3
EPSS
0.3%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy