Skip to main content
CVE-2013-4068 HIGH PATCH This Week

Buffer overflow in iNotes in IBM Domino 8.5.3 before FP5 IF1 and 9.0 before IF4 allows remote authenticated users to execute arbitrary code via unspecified vectors, aka SPR PTHN9ADPA8. Rated high severity (CVSS 7.1), this vulnerability is remotely exploitable.

Buffer Overflow RCE IBM Lotus Domino Lotus Inotes
NVD
CVSS 2.0
7.1
EPSS
9.0%
CVE-2013-3473 HIGH This Week

The web framework in Cisco Prime Central for Hosted Collaboration Solution (HCS) Assurance before 9.1.1 does not properly determine the existence of an authenticated session, which allows remote. Rated high severity (CVSS 7.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Cisco Authentication Bypass Prime Central For Hosted Collaboration Solution Assurance
NVD
CVSS 2.0
7.8
EPSS
0.3%
CVE-2013-4709 MEDIUM This Month

Buffer overflow in the PPP Access Concentrator (PPPAC) on the SEIL/x86 with firmware before 2.82, SEIL/X1 with firmware before 4.32, SEIL/X2 with firmware before 4.32, SEIL/B1 with firmware before. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable. No vendor patch available.

Buffer Overflow RCE Seil X2 Firmware Seil X2 Seil 2Fturbo Firmware +9
NVD
CVSS 2.0
6.8
EPSS
2.8%
CVE-2013-4053 MEDIUM This Month

The WS-Security implementation in IBM WebSphere Application Server (WAS) 6.1 before 6.1.0.47, 7.0 before 7.0.0.31, 8.0 before 8.0.0.8, and 8.5 before 8.5.5.1, and WAS Feature Pack for Web Services. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable. No vendor patch available.

Information Disclosure IBM Websphere Application Server Websphere Application Server Feature Pack For Web Services
NVD
CVSS 2.0
6.8
EPSS
0.4%
CVE-2013-1130 MEDIUM This Month

Cisco AnyConnect Secure Mobility Client on Mac OS X uses weak permissions for a library directory, which allows local users to gain privileges via a crafted library file, aka Bug ID CSCue33619. Rated medium severity (CVSS 6.8), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Cisco Anyconnect Secure Mobility Client
NVD
CVSS 2.0
6.8
EPSS
0.2%
CVE-2012-4082 MEDIUM This Month

MCTools in the Cisco Management Controller in Cisco Unified Computing System (UCS) allows local users to gain privileges by entering crafted command-line parameters on a Fabric Interconnect device,. Rated medium severity (CVSS 6.8), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Cisco Unified Computing System
NVD
CVSS 2.0
6.8
EPSS
0.1%
CVE-2013-4707 MEDIUM This Month

The SSH implementation on D-Link Japan DES-3810 devices with firmware before R2.20.011 allows remote authenticated users to cause a denial of service (device hang) by leveraging login access. Rated medium severity (CVSS 6.3), this vulnerability is remotely exploitable. No vendor patch available.

Privilege Escalation Denial Of Service D-Link Des 3810 Firmware Des 3810
NVD
CVSS 2.0
6.3
EPSS
0.1%
CVE-2013-4706 MEDIUM This Month

The SSH implementation on the D-Link Japan DWL-2100AP with firmware before R252JP-RC572 allows remote authenticated users to cause a denial of service (reboot) by leveraging login access. Rated medium severity (CVSS 6.3), this vulnerability is remotely exploitable. No vendor patch available.

Privilege Escalation Denial Of Service D-Link Dwl 2100Ap Dwl 2100Ap Firmware
NVD
CVSS 2.0
6.3
EPSS
0.1%
CVE-2012-4074 MEDIUM This Month

The Board Management Controller (BMC) in the Serial over LAN (SoL) subsystem in Cisco Unified Computing System (UCS) relies on a hardcoded private key, which allows man-in-the-middle attackers to. Rated medium severity (CVSS 5.8), this vulnerability is remotely exploitable. No vendor patch available.

Cisco Authentication Bypass Unified Computing System
NVD
CVSS 2.0
5.8
EPSS
0.3%
CVE-2012-4073 MEDIUM This Month

The KVM subsystem in the client in Cisco Unified Computing System (UCS) does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers, and read or. Rated medium severity (CVSS 5.8), this vulnerability is remotely exploitable. No vendor patch available.

Information Disclosure Cisco Unified Computing System
NVD
CVSS 2.0
5.8
EPSS
0.2%
CVE-2012-4081 MEDIUM This Month

MCServer in the Cisco Management Controller in Cisco Unified Computing System (UCS) allows local users to cause a denial of service (application crash) via invalid MCTools parameters, aka Bug ID. Rated medium severity (CVSS 4.6), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Denial Of Service Cisco Unified Computing System
NVD
CVSS 2.0
4.6
EPSS
0.1%
CVE-2012-4093 MEDIUM This Month

The Manager component in Cisco Unified Computing System (UCS) allows local users to cause a denial of service via an invalid Smart Call Home contact address, aka Bug ID CSCtl00186. Rated medium severity (CVSS 4.6), this vulnerability is low attack complexity. No vendor patch available.

Denial Of Service Cisco Unified Computing System
NVD
CVSS 2.0
4.6
EPSS
0.1%
CVE-2013-5501 MEDIUM This Month

Cross-site scripting (XSS) vulnerability in the oraservice page in Cisco MediaSense allows remote attackers to inject arbitrary web script or HTML via an unspecified parameter, aka Bug ID CSCuj23328. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

Cisco XSS Mediasense
NVD
CVSS 2.0
4.3
EPSS
0.3%
CVE-2013-5500 MEDIUM This Month

Multiple cross-site scripting (XSS) vulnerabilities in the oraadmin service page in Cisco MediaSense allow remote attackers to inject arbitrary web script or HTML via an unspecified parameter, aka. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

Cisco XSS Mediasense
NVD
CVSS 2.0
4.3
EPSS
0.3%
CVE-2013-4052 MEDIUM This Month

Cross-site scripting (XSS) vulnerability in the UDDI Administrative console in IBM WebSphere Application Server (WAS) 6.1 before 6.1.0.47, 7.0 before 7.0.0.31, 8.0 before 8.0.0.8, and 8.5 before. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

IBM XSS Websphere Application Server
NVD
CVSS 2.0
4.3
EPSS
0.3%
CVE-2013-0596 MEDIUM This Month

Cross-site scripting (XSS) vulnerability in the Administrative console in IBM WebSphere Application Server (WAS) 6.1 before 6.1.0.47 allows remote attackers to inject arbitrary web script or HTML via. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

IBM XSS Websphere Application Server
NVD
CVSS 2.0
4.3
EPSS
0.3%
CVE-2013-4815 MEDIUM This Month

Cross-site scripting (XSS) vulnerability in the web interface in HP ArcSight Enterprise Security Manager (ESM) before 5.5 allows remote attackers to inject arbitrary web script or HTML via. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

HP XSS Arcsight Enterprise Security Manager
NVD
CVSS 2.0
4.3
EPSS
0.3%
CVE-2012-4072 MEDIUM This Month

The KVM subsystem in Cisco Unified Computing System (UCS) relies on a hardcoded X.509 certificate, which allows man-in-the-middle attackers to spoof SSL servers, and read keyboard and mouse events,. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

Information Disclosure Cisco Unified Computing System
NVD
CVSS 2.0
4.3
EPSS
0.2%
CVE-2012-4083 MEDIUM This Month

Multiple buffer overflows in the administrative web interface in Cisco Unified Computing System (UCS) allow remote authenticated users to cause a denial of service (memory corruption and session. Rated medium severity (CVSS 4.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Buffer Overflow Denial Of Service Cisco Unified Computing System
NVD
CVSS 2.0
4.0
EPSS
0.7%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy