Skip to main content
CVE-2013-5093 MEDIUM POC PATCH THREAT This Month

The renderLocalView function in render/views.py in graphite-web in Graphite 0.9.5 through 0.9.10 uses the pickle Python module unsafely, which allows remote attackers to execute arbitrary code via a. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable. Public exploit code available and EPSS exploitation probability 83.6%.

Python Code Injection RCE Graphite
NVD Exploit-DB GitHub
CVSS 2.0
6.8
EPSS
83.6%
Threat
5.4
CVE-2013-5403 CRITICAL Act Now

Unspecified vulnerability on the IBM WebSphere DataPower XC10 appliance 2.0 through 2.5.0.1 allows remote attackers to obtain administrative access via unknown vectors. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure IBM Websphere Datapower Xc10 Appliance Firmware
NVD
CVSS 2.0
10.0
EPSS
1.9%
CVE-2013-5480 HIGH This Week

The DNS-over-TCP implementation in Cisco IOS 12.2 and 15.0 through 15.3, when NAT is used, allows remote attackers to cause a denial of service (device reload) via a crafted IPv4 DNS TCP stream, aka. Rated high severity (CVSS 7.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Apple Cisco iOS
NVD
CVSS 2.0
7.8
EPSS
0.4%
CVE-2013-5479 HIGH This Week

The DNS-over-TCP implementation in Cisco IOS 12.2 and 15.0 through 15.3, when NAT is used, allows remote attackers to cause a denial of service (device reload) via a crafted IPv4 DNS TCP stream, aka. Rated high severity (CVSS 7.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Apple Cisco iOS
NVD
CVSS 2.0
7.8
EPSS
0.4%
CVE-2013-5478 HIGH This Week

Cisco IOS 15.0 through 15.3 and IOS XE 3.2 through 3.8, when a VRF interface exists, allows remote attackers to cause a denial of service (interface queue wedge) via crafted UDP RSVP packets, aka Bug. Rated high severity (CVSS 7.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Apple Cisco iOS Ios Xe
NVD
CVSS 2.0
7.8
EPSS
0.4%
CVE-2013-5477 HIGH This Week

The T1/E1 driver-queue functionality in Cisco IOS 12.2 and 15.0 through 15.3, when an HDLC32 driver is used, allows remote attackers to cause a denial of service (interface queue wedge) via bursty. Rated high severity (CVSS 7.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Apple Cisco iOS
NVD
CVSS 2.0
7.8
EPSS
0.4%
CVE-2013-5476 HIGH This Week

The Zone-Based Firewall (ZFW) feature in Cisco IOS 15.1 through 15.2, when content filtering or HTTP ALG inspection is enabled, allows remote attackers to cause a denial of service (device reload or. Rated high severity (CVSS 7.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Apple Cisco iOS
NVD
CVSS 2.0
7.8
EPSS
0.4%
CVE-2013-5473 HIGH This Week

Memory leak in Cisco IOS 12.2, 15.1, and 15.2; IOS XE 3.4.2S through 3.4.5S; and IOS XE 3.6.xS before 3.6.1S allows remote attackers to cause a denial of service (memory consumption or device reload). Rated high severity (CVSS 7.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Apple Cisco iOS Ios Xe
NVD
CVSS 2.0
7.8
EPSS
0.4%
CVE-2013-5474 HIGH This Week

Race condition in the IPv6 virtual fragmentation reassembly (VFR) implementation in Cisco IOS 12.2 through 12.4 and 15.0 through 15.3 allows remote attackers to cause a denial of service (device. Rated high severity (CVSS 7.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Race Condition Apple Cisco iOS
NVD
CVSS 2.0
7.8
EPSS
0.3%
CVE-2013-5475 HIGH This Week

Cisco IOS 12.2 through 12.4 and 15.0 through 15.3, and IOS XE 2.1 through 3.9, allows remote attackers to cause a denial of service (device reload) via crafted DHCP packets that are processed locally. Rated high severity (CVSS 7.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Apple Cisco Ios Xe iOS
NVD
CVSS 2.0
7.8
EPSS
0.3%
CVE-2013-5481 HIGH This Week

The PPTP implementation in Cisco IOS 12.2 and 15.0 through 15.3, when NAT is used, allows remote attackers to cause a denial of service (device reload) via crafted TCP port-1723 packets, aka Bug ID. Rated high severity (CVSS 7.1), this vulnerability is remotely exploitable. No vendor patch available.

Denial Of Service Apple Cisco iOS
NVD
CVSS 2.0
7.1
EPSS
0.5%
CVE-2013-5472 HIGH This Week

The NTP implementation in Cisco IOS 12.0 through 12.4 and 15.0 through 15.1, and IOS XE 2.1 through 3.3, does not properly handle encapsulation of multicast NTP packets within MSDP SA messages, which. Rated high severity (CVSS 7.1), this vulnerability is remotely exploitable. No vendor patch available.

Denial Of Service Apple Cisco Ios Xe iOS
NVD
CVSS 2.0
7.1
EPSS
0.4%
CVE-2013-5942 MEDIUM PATCH This Month

Graphite 0.9.5 through 0.9.10 uses the pickle Python module unsafely, which allows remote attackers to execute arbitrary code via a crafted serialized object, related to (1) remote_storage.py, (2). Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable. This Code Injection vulnerability could allow attackers to inject and execute arbitrary code within the application.

Python Code Injection RCE Graphite
NVD GitHub
CVSS 2.0
6.8
EPSS
1.5%
CVE-2012-1313 MEDIUM This Month

The remote debug shell on the PALO adapter card in Cisco Unified Computing System (UCS) allows local users to gain privileges via malformed show-macstats parameters, aka Bug ID CSCub13772. Rated medium severity (CVSS 6.5), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Cisco Unified Computing System
NVD
CVSS 2.0
6.5
EPSS
0.1%
CVE-2013-5498 MEDIUM This Month

The PPTP-ALG component in CRS Carrier Grade Services Engine (CGSE) and ASR 9000 Integrated Service Module (ISM) in Cisco IOS XR allows remote attackers to cause a denial of service (module reset) via. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Apple Cisco Ios Xr
NVD
CVSS 2.0
5.0
EPSS
1.3%
CVE-2013-5943 MEDIUM PATCH This Month

Multiple cross-site scripting (XSS) vulnerabilities in Graphite before 0.9.11 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable.

XSS Graphite
NVD GitHub
CVSS 2.0
4.3
EPSS
0.3%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy