Skip to main content
CVE-2013-5538 MEDIUM This Month

The Sponsor Portal in Cisco Identity Services Engine (ISE) uses weak permissions for uploaded files, which allows remote attackers to read arbitrary files via a direct request, aka Bug ID CSCui67506. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Privilege Escalation Cisco Identity Services Engine Software Identity Services Engine
NVD
CVSS 2.0
5.0
EPSS
0.2%
CVE-2013-5862 MEDIUM PATCH This Month

Unspecified vulnerability in Oracle Solaris 10 and 11.1 allows local users to affect availability via vectors related to CPU performance counters (CPC) drivers, a different vulnerability than. Rated medium severity (CVSS 4.9), this vulnerability is low attack complexity.

Information Disclosure Oracle Sunos
NVD
CVSS 2.0
4.9
EPSS
0.2%
CVE-2013-5807 MEDIUM This Month

Unspecified vulnerability in Oracle MySQL Server 5.5.x through 5.5.32 and 5.6.x through 5.6.12 allows remote authenticated users to affect confidentiality and integrity via unknown vectors related to. Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable. No vendor patch available.

Information Disclosure Oracle MySQL MariaDB Debian Linux +4
NVD
CVSS 2.0
4.9
EPSS
0.2%
CVE-2013-5864 MEDIUM PATCH This Month

Unspecified vulnerability in Oracle Solaris 10 and 11.1 allows local users to affect availability via vectors related to USB hub driver. Rated medium severity (CVSS 4.9), this vulnerability is low attack complexity.

Information Disclosure Oracle Sunos
NVD
CVSS 2.0
4.9
EPSS
0.2%
CVE-2013-5394 MEDIUM This Month

The monitoring console in IBM WebSphere eXtreme Scale 7.1.0, 7.1.1, 8.5.0, and 8.6.0 allows remote authenticated users to conduct phishing attacks via unspecified vectors. Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable. No vendor patch available.

Information Disclosure IBM Websphere Extreme Scale
NVD
CVSS 2.0
4.9
EPSS
0.2%
CVE-2013-5849 MEDIUM This Month

Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, Java SE 5.0u51 and earlier, and Java SE Embedded 7u40 and earlier allows remote attackers to affect. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

Java Oracle Information Disclosure Jre Jdk
NVD
CVSS 2.0
4.3
EPSS
2.3%
CVE-2013-5790 MEDIUM PATCH This Month

Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, Java SE 5.0u51 and earlier, and Java SE Embedded 7u40 and earlier allows remote attackers to affect. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable.

Java Oracle Information Disclosure Jre Jdk
NVD
CVSS 2.0
4.3
EPSS
2.3%
CVE-2013-5780 MEDIUM This Month

Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, Java SE 5.0u51 and earlier, JRockit R28.2.8 and earlier, JRockit R27.7.6 and earlier, and Java SE Embedded 7u40. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

Java Oracle Information Disclosure Jdk Jre +1
NVD
CVSS 2.0
4.3
EPSS
2.3%
CVE-2013-5800 MEDIUM This Month

Unspecified vulnerability in Oracle Java SE 7u40 and earlier and Java SE Embedded 7u40 and earlier allows remote attackers to affect confidentiality via vectors related to JGSS. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

Java Oracle Information Disclosure Jdk Jre
NVD
CVSS 2.0
4.3
EPSS
2.2%
CVE-2013-5784 MEDIUM This Month

Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, and Java SE Embedded 7u40 and earlier allows remote attackers to affect integrity via vectors related to. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

Java Oracle Information Disclosure Jre Jdk
NVD
CVSS 2.0
4.3
EPSS
2.1%
CVE-2013-5796 MEDIUM This Month

Unspecified vulnerability in the Siebel Core - EAI component in Oracle Siebel CRM 8.1.1 and 8.2.2 allows remote attackers to affect availability via unknown vectors related to Web Services. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

Information Disclosure Oracle Siebel Crm
NVD
CVSS 2.0
4.3
EPSS
0.9%
CVE-2013-5861 MEDIUM This Month

Unspecified vulnerability in Oracle Solaris 11.1 allows remote attackers to affect availability via vectors related to Kernel/KSSL. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

Information Disclosure Oracle Sunos
NVD
CVSS 2.0
4.3
EPSS
0.7%
CVE-2013-3837 MEDIUM PATCH This Month

Unspecified vulnerability in Oracle Solaris 10 and 11.1 allows remote attackers to affect availability via unknown vectors related to Cacao. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable.

Information Disclosure Oracle Sunos
NVD
CVSS 2.0
4.3
EPSS
0.7%
CVE-2013-4833 MEDIUM This Month

Cross-site scripting (XSS) vulnerability in HP Service Manager 9.30 through 9.32 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

HP XSS Service Manager
NVD
CVSS 2.0
4.3
EPSS
0.6%
CVE-2013-5863 MEDIUM This Month

Unspecified vulnerability in Oracle Solaris 11.1 allows remote attackers to affect integrity via vectors related to IPS repository daemon. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

Information Disclosure Oracle Sunos
NVD
CVSS 2.0
4.3
EPSS
0.5%
CVE-2013-5845 MEDIUM This Month

Unspecified vulnerability in the Oracle iLearning component in Oracle iLearning 5.2.1 and 6.0 allows remote attackers to affect integrity via unknown vectors related to Learner Administration. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

Information Disclosure Oracle Ilearning
NVD
CVSS 2.0
4.3
EPSS
0.3%
CVE-2013-5828 MEDIUM This Month

Unspecified vulnerability in the Enterprise Manager Base Platform component in Oracle Enterprise Manager Grid Control EM Base Platform 10.2.0.5 and 11.1.0.1; EM DB Control 11.1.0.7, 11.2.0.2, and. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

Information Disclosure Oracle Enterprise Manager Database Control Enterprise Manager Grid Control Enterprise Manager Plugin For Database Control
NVD
CVSS 2.0
4.3
EPSS
0.3%
CVE-2013-5827 MEDIUM This Month

Unspecified vulnerability in the Enterprise Manager Base Platform component in Oracle Enterprise Manager Grid Control EM Base Platform 10.2.0.5 and 11.1.0.1; EM DB Control 11.1.0.7, 11.2.0.2, and. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

Information Disclosure Oracle Enterprise Manager Plugin For Database Control Enterprise Manager Grid Control Enterprise Manager Database Control
NVD
CVSS 2.0
4.3
EPSS
0.3%
CVE-2013-5799 MEDIUM This Month

Unspecified vulnerability in the Oracle Agile PLM Framework component in Oracle Supply Chain Products Suite 9.3.2 allows remote attackers to affect integrity via unknown vectors related to Security. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

Information Disclosure Oracle Supply Chain Products Suite
NVD
CVSS 2.0
4.3
EPSS
0.3%
CVE-2013-5798 MEDIUM This Month

Unspecified vulnerability in the Oracle Identity Manager component in Oracle Fusion Middleware 11.1.2.0.0 and 11.1.2.1.0 allows remote attackers to affect integrity via unknown vectors related to End. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

Information Disclosure Oracle Fusion Middleware
NVD
CVSS 2.0
4.3
EPSS
0.3%
CVE-2013-5773 MEDIUM This Month

Unspecified vulnerability in the Oracle Containers for J2EE component in Oracle Fusion Middleware 10.1.3.5.0 allows remote attackers to affect integrity via unknown vectors related to Servlet Runtime. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

Information Disclosure Oracle Fusion Middleware
NVD
CVSS 2.0
4.3
EPSS
0.3%
CVE-2013-5766 MEDIUM This Month

Unspecified vulnerability in the Enterprise Manager Base Platform component in Oracle Enterprise Manager Grid Control EM Base Platform 10.2.0.5 and 11.1.0.1; EM DB Control 11.1.0.7, 11.2.0.2, and. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

Information Disclosure Oracle Enterprise Manager Database Control Enterprise Manager Grid Control Enterprise Manager Plugin For Database Control
NVD
CVSS 2.0
4.3
EPSS
0.3%
CVE-2013-3762 MEDIUM This Month

Unspecified vulnerability in the Enterprise Manager Base Platform component in Oracle Enterprise Manager Grid Control EM Base Platform 10.2.0.5 and 11.1.0.1; EM DB Control 11.1.0.7, 11.2.0.2, and. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

Information Disclosure Oracle Enterprise Manager Grid Control Enterprise Manager Plugin For Database Control Enterprise Manager Database Control
NVD
CVSS 2.0
4.3
EPSS
0.3%
CVE-2013-3833 MEDIUM PATCH This Month

Unspecified vulnerability in the Oracle Access Manager component in Oracle Fusion Middleware 11.1.1.5.0 and 11.1.2.0.0 allows remote attackers to affect integrity via unknown vectors related to. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable.

Information Disclosure Oracle Fusion Middleware
NVD
CVSS 2.0
4.3
EPSS
0.3%
CVE-2013-5839 MEDIUM PATCH This Month

Unspecified vulnerability in Oracle Solaris 10 allows remote attackers to affect integrity via unknown vectors related to Oracle Java Web Console. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable.

Java Oracle Information Disclosure Sunos
NVD
CVSS 2.0
4.3
EPSS
0.3%
CVE-2013-5769 MEDIUM PATCH This Month

Unspecified vulnerability in the Siebel Core - EAI component in Oracle Siebel CRM 8.1.1 allows remote authenticated users to affect availability via unknown vectors related to Web Services. Rated medium severity (CVSS 4.0), this vulnerability is remotely exploitable, low attack complexity.

Information Disclosure Oracle Siebel Crm
NVD
CVSS 2.0
4.0
EPSS
0.7%
CVE-2013-5786 MEDIUM PATCH This Month

Unspecified vulnerability in Oracle MySQL Server 5.6.12 and earlier allows remote authenticated users to affect availability via unknown vectors related to InnoDB, a different vulnerability than. Rated medium severity (CVSS 4.0), this vulnerability is remotely exploitable, low attack complexity.

Information Disclosure Oracle MySQL
NVD
CVSS 2.0
4.0
EPSS
0.6%
CVE-2013-5208 MEDIUM This Month

HR Systems Strategies info:HR HRIS 7.9 does not properly protect the database password, which allows local users to bypass intended database restrictions by accessing the USERPW registry key and. Rated medium severity (CVSS 4.1). No vendor patch available.

Authentication Bypass Hr Human Resource Information System
NVD
CVSS 2.0
4.1
EPSS
0.0%
CVE-2013-3839 MEDIUM This Month

Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.70 and earlier, 5.5.32 and earlier, and 5.6.12 and earlier allows remote authenticated users to affect availability via. Rated medium severity (CVSS 4.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Oracle MySQL MariaDB Ubuntu Linux +4
NVD
CVSS 2.0
4.0
EPSS
0.5%
CVE-2013-5767 MEDIUM This Month

Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.6.12 and earlier allows remote authenticated users to affect availability via unknown vectors related to Optimizer. Rated medium severity (CVSS 4.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Oracle MySQL
NVD
CVSS 2.0
4.0
EPSS
0.4%
CVE-2013-5768 MEDIUM This Month

Unspecified vulnerability in the Siebel UI Framework component in Oracle Siebel CRM 8.1.1 and 8.2.2 allows remote authenticated users to affect integrity via unknown vectors related to ActiveX. Rated medium severity (CVSS 4.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Oracle Siebel Crm
NVD
CVSS 2.0
4.0
EPSS
0.2%
CVE-2013-4832 MEDIUM This Month

HP Service Manager 9.30 through 9.32 allows remote authenticated users to obtain sensitive information via unspecified vectors. Rated medium severity (CVSS 4.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure HP Service Manager
NVD
CVSS 2.0
4.0
EPSS
0.2%
CVE-2013-3840 MEDIUM PATCH This Month

Unspecified vulnerability in the Siebel Core - EAI component in Oracle Siebel CRM 8.1.1 and 8.2.2 allows remote authenticated users to affect confidentiality via unknown vectors related to Web. Rated medium severity (CVSS 4.0), this vulnerability is remotely exploitable, low attack complexity.

Information Disclosure Oracle Siebel Crm
NVD
CVSS 2.0
4.0
EPSS
0.2%
CVE-2013-5847 MEDIUM This Month

Unspecified vulnerability in the PeopleSoft Enterprise HRMS eCompensation component in Oracle PeopleSoft Products 9.1 and 9.2 allows remote authenticated users to affect confidentiality via unknown. Rated medium severity (CVSS 4.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Oracle Peoplesoft Products
NVD
CVSS 2.0
4.0
EPSS
0.2%
CVE-2013-3766 MEDIUM PATCH This Month

Unspecified vulnerability in the Primavera P6 Enterprise Project Portfolio Management component in Oracle Primavera Products Suite 8.1, 8.2, and 8.3 allows remote authenticated users to affect. Rated medium severity (CVSS 4.0), this vulnerability is remotely exploitable, low attack complexity.

Information Disclosure Oracle Primavera Products Suite
NVD
CVSS 2.0
4.0
EPSS
0.2%
CVE-2013-5779 MEDIUM PATCH This Month

Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools component in Oracle PeopleSoft Products 8.51, 8.52, and 8.53 allows remote authenticated users to affect confidentiality via vectors. Rated medium severity (CVSS 4.0), this vulnerability is remotely exploitable, low attack complexity.

Information Disclosure Oracle Peoplesoft Products
NVD
CVSS 2.0
4.0
EPSS
0.2%
CVE-2013-3785 MEDIUM This Month

Unspecified vulnerability in the PeopleSoft Enterprise HRMS component in Oracle PeopleSoft Products 9.1 allows remote authenticated users to affect confidentiality via unknown vectors related to. Rated medium severity (CVSS 4.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Oracle Peoplesoft Products
NVD
CVSS 2.0
4.0
EPSS
0.2%
CVE-2013-3832 MEDIUM PATCH This Month

Unspecified vulnerability in the Siebel Server Remote component in Oracle Siebel CRM 8.1.1 and 8.2.2 allows remote authenticated users to affect integrity via unknown vectors related to File System. Rated medium severity (CVSS 4.0), this vulnerability is remotely exploitable, low attack complexity.

Information Disclosure Oracle Siebel Crm
NVD
CVSS 2.0
4.0
EPSS
0.1%
CVE-2013-3838 MEDIUM This Month

Unspecified vulnerability in Oracle SPARC Enterprise T & M Series Servers running Sun System Firmware before 6.7.13 for SPARC T1, 7.4.6.c for SPARC T2, 8.3.0.b for SPARC T3 & T4, 9.0.0.d for SPARC T5. Rated medium severity (CVSS 4.0). No vendor patch available.

Information Disclosure Oracle Sun System Firmware Sparc Enterprise M8000 Server Sparc Enterprise M9000 Server +9
NVD
CVSS 2.0
4.0
EPSS
0.1%
Prev Page 2 of 2

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy