Skip to main content
CVE-2013-5216 MEDIUM POC PATCH This Month

Directory traversal vulnerability in logreader/uploadreader.jsp in CapaSystems Performance Guard before 6.2.102 allows remote attackers to read arbitrary files via unspecified vectors. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

Path Traversal Performance Guard
NVD
CVSS 2.0
5.0
EPSS
0.5%
CVE-2013-5740 MEDIUM This Month

Unspecified vulnerability in the Intel Trusted Execution Technology (TXT) SINIT Authenticated Code Modules (ACM) before 1.2, as used by the Intel QM77, QS77, Q77 Express, C216, Q67 Express, C202,. Rated medium severity (CVSS 6.9). No vendor patch available.

Intel Authentication Bypass C202 Chipset C204 Chipset C206 Chipset +7
NVD
CVSS 2.0
6.9
EPSS
0.1%
CVE-2013-4329 MEDIUM PATCH This Month

The xenlight library (libxl) in Xen 4.0.x through 4.2.x, when IOMMU is disabled, provides access to a busmastering-capable PCI passthrough device before the IOMMU setup is complete, which allows. Rated medium severity (CVSS 6.5).

Privilege Escalation Denial Of Service Xen
NVD
CVSS 2.0
6.5
EPSS
0.2%
CVE-2013-3446 MEDIUM This Month

Open redirect vulnerability in the login page in Cisco Digital Media Manager (DMM) allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via unspecified. Rated medium severity (CVSS 5.8), this vulnerability is remotely exploitable. No vendor patch available.

Open Redirect Cisco Digital Media Manager
NVD
CVSS 2.0
5.8
EPSS
0.2%
CVE-2013-3038 MEDIUM This Month

Unspecified vulnerability in IBM Rational Requirements Composer before 4.0.4 makes it easier for remote attackers to discover credentials via unknown vectors. Rated medium severity (CVSS 5.4). No vendor patch available.

IBM Authentication Bypass Rational Requirements Composer
NVD
CVSS 2.0
5.4
EPSS
0.2%
CVE-2013-3039 MEDIUM This Month

IBM Rational Requirements Composer before 4.0.4 does not properly perform authentication, which has unspecified impact and remote attack vectors. Rated medium severity (CVSS 5.4). No vendor patch available.

IBM Authentication Bypass Rational Requirements Composer
NVD
CVSS 2.0
5.4
EPSS
0.1%
CVE-2013-5488 MEDIUM This Month

Cisco Common Services, as used in Cisco Prime LAN Management Solution (LMS), Cisco Security Manager, Cisco Unified Service Monitor, and Cisco Unified Operations Manager, does not properly interact. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Cisco Prime Lan Management Solution Security Manager Unified Operations Manager +1
NVD
CVSS 2.0
5.0
EPSS
0.6%
CVE-2013-3036 MEDIUM This Month

Open redirect vulnerability in IBM Rational Requirements Composer before 4.0.4 allows remote authenticated users to redirect users to arbitrary web sites and conduct phishing attacks via a crafted. Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable. No vendor patch available.

Open Redirect IBM Rational Requirements Composer
NVD
CVSS 2.0
4.9
EPSS
0.1%
CVE-2013-5738 MEDIUM PATCH This Month

The get_allowed_mime_types function in wp-includes/functions.php in WordPress before 3.6.1 does not require the unfiltered_html capability for uploads of .htm and .html files, which might make it. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable.

WordPress PHP XSS
NVD
CVSS 2.0
4.3
EPSS
0.7%
CVE-2013-3037 MEDIUM This Month

Unspecified vulnerability in IBM Rational Requirements Composer before 4.0.4 makes it easier for local users to gain privileges via unknown vectors. Rated medium severity (CVSS 4.4). No vendor patch available.

Privilege Escalation IBM Rational Requirements Composer
NVD
CVSS 2.0
4.4
EPSS
0.1%
CVE-2013-4308 MEDIUM PATCH This Month

Cross-site scripting (XSS) vulnerability in pages/TalkpageHistoryView.php in the LiquidThreads (LQT) extension 2.x and possibly 3.x for MediaWiki 1.19.x before 1.19.8, 1.20.x before 1.20.7, and. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable.

PHP XSS Liquidthreads
NVD
CVSS 2.0
4.3
EPSS
0.4%
CVE-2013-4307 MEDIUM PATCH This Month

Multiple cross-site scripting (XSS) vulnerabilities in repo/includes/EntityView.php in the Wikibase extension for MediaWiki 1.19.x before 1.19.8, 1.20.x before 1.20.7, and 1.21.x before 1.21.2 allow. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable.

PHP XSS Mediawiki
NVD
CVSS 2.0
4.3
EPSS
0.4%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy