Skip to main content
CVE-2013-3827 MEDIUM POC PATCH THREAT This Month

Unspecified vulnerability in the Oracle GlassFish Server component in Oracle Fusion Middleware 2.1.1, 3.0.1, and 3.1.2; the Oracle JDeveloper component in Oracle Fusion Middleware 11.1.2.3.0,. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and EPSS exploitation probability 91.6%.

Java Oracle Information Disclosure Fusion Middleware
NVD Exploit-DB
CVSS 2.0
5.0
EPSS
91.6%
Threat
5.2
CVE-2013-2927 MEDIUM This Month

Use-after-free vulnerability in the HTMLFormElement::prepareForSubmission function in core/html/HTMLFormElement.cpp in Blink, as used in Google Chrome before 30.0.1599.101, allows remote attackers to. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable. No vendor patch available.

Denial Of Service Google Debian Linux Opensuse Chrome
NVD
CVSS 2.0
6.8
EPSS
2.7%
CVE-2013-5812 MEDIUM This Month

Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, and Java SE Embedded 7u40 and earlier allows remote attackers to affect confidentiality and availability via. Rated medium severity (CVSS 6.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Java Oracle Information Disclosure Jdk Jre
NVD
CVSS 2.0
6.4
EPSS
4.2%
CVE-2013-2925 MEDIUM This Month

Use-after-free vulnerability in core/xml/XMLHttpRequest.cpp in Blink, as used in Google Chrome before 30.0.1599.101, allows remote attackers to cause a denial of service or possibly have unspecified. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable. No vendor patch available.

Denial Of Service Google Chrome
NVD
CVSS 2.0
6.8
EPSS
1.6%
CVE-2013-2926 MEDIUM This Month

Use-after-free vulnerability in the IndentOutdentCommand::tryIndentingAsListItem function in core/editing/IndentOutdentCommand.cpp in Blink, as used in Google Chrome before 30.0.1599.101, allows. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable. No vendor patch available.

Denial Of Service Google Chrome
NVD
CVSS 2.0
6.8
EPSS
1.5%
CVE-2013-5835 MEDIUM This Month

Unspecified vulnerability in the Siebel UI Framework component in Oracle Siebel CRM 8.1.1 and 8.2.2 allows remote attackers to affect confidentiality, integrity, and availability via vectors related. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable. No vendor patch available.

Information Disclosure Oracle Siebel Crm
NVD
CVSS 2.0
6.8
EPSS
0.9%
CVE-2013-5822 MEDIUM This Month

Unspecified vulnerability in the Oracle iLearning component in Oracle iLearning 5.2.1 and 6.0 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable. No vendor patch available.

Information Disclosure Oracle Ilearning
NVD
CVSS 2.0
6.8
EPSS
0.6%
CVE-2013-5783 MEDIUM PATCH This Month

Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, Java SE 5.0u51 and earlier, and Java SE Embedded 7u40 and earlier allows remote attackers to affect. Rated medium severity (CVSS 6.4), this vulnerability is remotely exploitable, low attack complexity.

Java Oracle Information Disclosure Jre Jdk
NVD
CVSS 2.0
6.4
EPSS
2.6%
CVE-2013-5781 MEDIUM This Month

Unspecified vulnerability in Oracle PARC Enterprise T4 Servers running Sun System Firmware before 8.3.0.b allows local users to affect confidentiality, integrity, and availability via vectors related. Rated medium severity (CVSS 6.9). No vendor patch available.

Information Disclosure Oracle Sun System Firmware Sparc T4 1 Sparc T4 1B +1
NVD
CVSS 2.0
6.9
EPSS
0.1%
CVE-2013-5529 MEDIUM This Month

The deployment module in the server in Cisco WebEx Meeting Center does not properly validate the passphrase, which allows remote attackers to launch a deployment or cause a denial of service. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable. No vendor patch available.

Denial Of Service Cisco Webex Meetings Server
NVD
CVSS 2.0
6.8
EPSS
0.4%
CVE-2013-5540 MEDIUM This Month

The file-upload feature in Cisco Identity Services Engine (ISE) allows remote authenticated users to cause a denial of service (disk consumption and administration-interface outage) by uploading many. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Cisco Identity Services Engine Software Identity Services Engine
NVD
CVSS 2.0
6.8
EPSS
0.4%
CVE-2013-5804 MEDIUM This Month

Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, Java SE 5.0u51 and earlier, JRockit R28.2.8 and earlier, and JRockit R27.7.6 and earlier allows remote. Rated medium severity (CVSS 6.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Java Oracle Information Disclosure Jre Jrockit +1
NVD
CVSS 2.0
6.4
EPSS
2.1%
CVE-2013-3829 MEDIUM This Month

Unspecified vulnerability in the Java SE, Java SE Embedded component in Oracle Java SE Java SE 7u40 and earlier, Java SE 6u60 and earlier, Java SE 5.0u51 and earlier, and Java SE Embedded 7u40 and. Rated medium severity (CVSS 6.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Java Oracle Information Disclosure Jre Jdk
NVD
CVSS 2.0
6.4
EPSS
2.1%
CVE-2013-5771 MEDIUM PATCH This Month

Unspecified vulnerability in the XML Parser component in Oracle Database Server 11.1.0.7, 11.2.0.2, 11.2.0.3, and 12.1.0.1 allows remote attackers to affect confidentiality and availability via. Rated medium severity (CVSS 6.4), this vulnerability is remotely exploitable, low attack complexity.

Information Disclosure Oracle Database Server
NVD
CVSS 2.0
6.4
EPSS
0.8%
CVE-2013-5813 MEDIUM PATCH This Month

Unspecified vulnerability in the Oracle WebCenter Content component in Oracle Fusion Middleware 10.1.3.5.1, 11.1.1.6.0, 11.1.1.7.0, and 11.1.1.8.0 allows remote attackers to affect confidentiality. Rated medium severity (CVSS 6.4), this vulnerability is remotely exploitable, low attack complexity.

Information Disclosure Oracle Fusion Middleware
NVD
CVSS 2.0
6.4
EPSS
0.3%
CVE-2013-5535 MEDIUM This Month

The analytics page on Cisco Video Surveillance 4000 IP cameras has hardcoded credentials, which allows remote attackers to watch the video feed by leveraging knowledge of the password, aka Bug IDs. Rated medium severity (CVSS 6.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Cisco Authentication Bypass Video Surveillance 4000 Ip Camera Video Surveillance 4300E Ip Camera Video Surveillance 4500E Ip Camera
NVD
CVSS 2.0
6.4
EPSS
0.2%
CVE-2013-5539 MEDIUM This Month

The upload-dialog implementation in Cisco Identity Services Engine (ISE) allows remote authenticated users to upload files with an arbitrary file type, and consequently conduct attacks against. Rated medium severity (CVSS 6.0), this vulnerability is remotely exploitable. No vendor patch available.

Information Disclosure Cisco Identity Services Engine Software Identity Services Engine
NVD
CVSS 2.0
6.0
EPSS
0.4%
CVE-2013-5825 MEDIUM This Month

Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, Java SE 5.0u51 and earlier, JRockit R28.2.8 and earlier, JRockit R27.7.6 and earlier, and Java SE Embedded 7u40. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Java Oracle Information Disclosure Jdk Jre +1
NVD
CVSS 2.0
5.0
EPSS
4.9%
CVE-2013-5823 MEDIUM PATCH This Month

Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, JRockit R28.2.8 and earlier, JRockit R27.7.6 and earlier, and Java SE Embedded 7u40 and earlier allows remote. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity.

Java Oracle Information Disclosure Jrockit Jre +1
NVD
CVSS 2.0
5.0
EPSS
4.9%
CVE-2013-5761 MEDIUM This Month

Unspecified vulnerability in the Siebel Core - Server BizLogic Script component in Oracle Siebel CRM 8.1.1 and 8.2.2 allows remote attackers to affect confidentiality and integrity via unknown. Rated medium severity (CVSS 5.8), this vulnerability is remotely exploitable. No vendor patch available.

Information Disclosure Oracle Siebel Crm
NVD
CVSS 2.0
5.8
EPSS
0.3%
CVE-2013-4831 MEDIUM This Month

HP Service Manager 9.30 through 9.32 does not properly manage privileges, which allows remote authenticated users to obtain sensitive information or modify data via unspecified vectors. Rated medium severity (CVSS 5.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure HP Service Manager
NVD
CVSS 2.0
5.5
EPSS
0.2%
CVE-2013-3831 MEDIUM PATCH This Month

Unspecified vulnerability in the Oracle Portal component in Oracle Fusion Middleware 11.1.1.6.0 allows remote authenticated users to affect confidentiality and integrity via unknown vectors related. Rated medium severity (CVSS 5.5), this vulnerability is remotely exploitable, low attack complexity.

Information Disclosure Oracle Fusion Middleware
NVD
CVSS 2.0
5.5
EPSS
0.2%
CVE-2013-3814 MEDIUM This Month

Unspecified vulnerability in the Oracle Retail Invoice Matching component in Oracle Industry Applications 10.2, 11.0, 12.0, 12.0IN, 12.1, 13.0, 13.1, and 13.2 allows remote authenticated users to. Rated medium severity (CVSS 5.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Oracle Industry Applications
NVD
CVSS 2.0
5.5
EPSS
0.2%
CVE-2013-5848 MEDIUM This Month

Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, and JavaFX 2.2.40 and earlier allows remote attackers to affect integrity via unknown vectors related to. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Java Oracle Information Disclosure Jdk Jre +1
NVD
CVSS 2.0
5.0
EPSS
2.5%
CVE-2013-5851 MEDIUM This Month

Unspecified vulnerability in Oracle Java SE 7u40 and earlier and Java SE Embedded 7u40 and earlier allows remote attackers to affect confidentiality via vectors related to JAXP. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Java Oracle Information Disclosure Jre Jdk
NVD
CVSS 2.0
5.0
EPSS
2.4%
CVE-2013-5801 MEDIUM This Month

Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, Java SE 5.0u51 and earlier, and Java SE Embedded 7u40 and earlier allows remote attackers to affect. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Java Oracle Information Disclosure Jdk Jre
NVD
CVSS 2.0
5.0
EPSS
2.3%
CVE-2013-5840 MEDIUM This Month

Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, Java SE 5.0u51 and earlier, and Java SE Embedded 7u40 and earlier allows remote attackers to affect. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Java Oracle Information Disclosure Jdk Jre
NVD
CVSS 2.0
5.0
EPSS
2.3%
CVE-2013-5778 MEDIUM PATCH This Month

Unspecified vulnerability in Oracle Java SE 7u40 and earlier, 6u60 and earlier, 5.0u51 and earlier, and Embedded 7u40 and earlier allows remote attackers to affect confidentiality via unknown vectors. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity.

Java Oracle Information Disclosure Jre Jdk
NVD
CVSS 2.0
5.0
EPSS
2.3%
CVE-2013-5820 MEDIUM This Month

Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, and Java SE Embedded 7u40 and earlier allows remote attackers to affect integrity via vectors related to JAX-WS. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Java Oracle Information Disclosure Jdk Jre
NVD
CVSS 2.0
5.0
EPSS
2.1%
CVE-2013-5774 MEDIUM This Month

Unspecified vulnerability in Oracle Java SE 7u40 and earlier, 6u60 and earlier, 5.0u51 and earlier, and Embedded 7u40 and earlier allows remote attackers to affect integrity via unknown vectors. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Java Oracle Information Disclosure Jdk Jre
NVD
CVSS 2.0
5.0
EPSS
2.1%
CVE-2013-5831 MEDIUM This Month

Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, and Java SE Embedded 7u40 and earlier allows remote attackers to affect integrity via unknown vectors related. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Java Oracle Information Disclosure Jdk Jre
NVD
CVSS 2.0
5.0
EPSS
1.8%
CVE-2013-5819 MEDIUM This Month

Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, and Java SE Embedded 7u40 and earlier allows remote attackers to affect integrity via unknown vectors related. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Java Oracle Information Disclosure Jdk Jre
NVD
CVSS 2.0
5.0
EPSS
1.8%
CVE-2013-5818 MEDIUM This Month

Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, and Java SE Embedded 7u40 and earlier allows remote attackers to affect integrity via unknown vectors related. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Java Oracle Information Disclosure Jdk Jre
NVD
CVSS 2.0
5.0
EPSS
1.8%
CVE-2013-5776 MEDIUM This Month

Unspecified vulnerability in the Java SE and Java SE Embedded components in Oracle Java SE Java SE 7u40 and earlier, Java SE 6u60 and earlier, and Java SE Embedded 7u40 and earlier allows remote. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Java Oracle Information Disclosure Jdk Jre
NVD
CVSS 2.0
5.0
EPSS
1.8%
CVE-2013-5866 MEDIUM This Month

Unspecified vulnerability in Oracle Solaris 11.1 allows local users to affect confidentiality, integrity, and availability via unknown vectors related to Kernel. Rated medium severity (CVSS 5.2). No vendor patch available.

Information Disclosure Oracle Sunos
NVD
CVSS 2.0
5.2
EPSS
0.2%
CVE-2013-5867 MEDIUM This Month

Unspecified vulnerability in the Siebel Core - Server Infrastructure component in Oracle Siebel CRM 8.1.1 and 8.2.2 allows remote attackers to affect availability via vectors related to SISNAPI &. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Oracle Siebel Crm
NVD
CVSS 2.0
5.0
EPSS
1.1%
CVE-2013-5826 MEDIUM This Month

Unspecified vulnerability in the Oracle Transportation Management component in Oracle Supply Chain Products Suite 6.3 and 6.3.1 allows remote attackers to affect availability via unknown vectors. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Oracle Supply Chain Products Suite
NVD
CVSS 2.0
5.0
EPSS
0.7%
CVE-2013-5816 MEDIUM This Month

Unspecified vulnerability in the Oracle GlassFish Server component in Oracle Fusion Middleware 2.1.1, 3.0.1, and 3.1.2 allows remote attackers to affect availability via unknown vectors related to. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Oracle Fusion Middleware
NVD
CVSS 2.0
5.0
EPSS
0.7%
CVE-2013-5765 MEDIUM This Month

Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools component in Oracle PeopleSoft Products 8.51, 8.52, and 8.53 allows remote attackers to affect availability via vectors related to. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Oracle Peoplesoft Products
NVD
CVSS 2.0
5.0
EPSS
0.7%
CVE-2013-3834 MEDIUM This Month

Unspecified vulnerability in the Oracle Secure Global Desktop component in Oracle Virtualization 5 allows remote attackers to affect availability via unknown vectors related to ttaauxserv. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Oracle Virtualization
NVD
CVSS 2.0
5.0
EPSS
0.7%
CVE-2013-5859 MEDIUM This Month

Unspecified vulnerability in the Instantis EnterpriseTrack component in Oracle Primavera Products Suite 8.0.6 and 8.5 allows remote attackers to affect confidentiality via unknown vectors. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Oracle Primavera Products Suite
NVD
CVSS 2.0
5.0
EPSS
0.4%
CVE-2013-5836 MEDIUM This Month

Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools component in Oracle PeopleSoft Products 8.51, 8.52, and 8.53 allows remote attackers to affect confidentiality via unknown vectors. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Oracle Peoplesoft Products
NVD
CVSS 2.0
5.0
EPSS
0.4%
CVE-2013-3826 MEDIUM PATCH This Month

Unspecified vulnerability in the Core RDBMS component in Oracle Database Server 11.1.0.7, 11.2.0.2, 11.2.0.3, and 12.1.0.1 allows remote attackers to affect confidentiality via unknown vectors. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity.

Information Disclosure Oracle Database Server
NVD
CVSS 2.0
5.0
EPSS
0.4%
CVE-2013-5841 MEDIUM This Month

Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools component in Oracle PeopleSoft Products 8.51, 8.52, and 8.53 allows remote attackers to affect confidentiality via unknown vectors. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Oracle Peoplesoft Products
NVD
CVSS 2.0
5.0
EPSS
0.3%
CVE-2013-5794 MEDIUM This Month

Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools component in Oracle PeopleSoft Products 8.51, 8.52, and 8.53 allows remote attackers to affect confidentiality via unknown vectors. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Oracle Peoplesoft Products
NVD
CVSS 2.0
5.0
EPSS
0.3%
CVE-2013-5792 MEDIUM This Month

Unspecified vulnerability in the Techstack component in Oracle E-Business Suite 12.1 allows remote attackers to affect confidentiality via unknown vectors related to Apache. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Apache Oracle Information Disclosure E Business Suite
NVD
CVSS 2.0
5.0
EPSS
0.3%
CVE-2013-3835 MEDIUM This Month

Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools component in Oracle PeopleSoft Products 8.51, 8.52, and 8.53 allows remote attackers to affect confidentiality via unknown vectors. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Oracle Peoplesoft Products
NVD
CVSS 2.0
5.0
EPSS
0.3%
CVE-2013-3841 MEDIUM PATCH This Month

Unspecified vulnerability in the Siebel Core - EAI component in Oracle Siebel CRM 8.1.1 and 8.2.2 allows remote attackers to affect confidentiality via unknown vectors related to Web Services. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity.

Information Disclosure Oracle Siebel Crm
NVD
CVSS 2.0
5.0
EPSS
0.3%
CVE-2013-3828 MEDIUM PATCH This Month

Unspecified vulnerability in the Oracle Web Services component in Oracle Fusion Middleware 10.1.3.5.0 and 11.1.1.6.0 allows remote attackers to affect confidentiality via unknown vectors related to. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity.

Information Disclosure Oracle Fusion Middleware
NVD
CVSS 2.0
5.0
EPSS
0.3%
CVE-2013-3279 MEDIUM This Month

EMC Atmos before 2.1.4 has a blank password for the PostgreSQL account, which allows remote attackers to obtain sensitive administrative information via a database-server connection. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

PostgreSQL Authentication Bypass Atmos
NVD
CVSS 2.0
5.0
EPSS
0.2%
Page 1 of 2 Next

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy