Skip to main content
CVE-2013-6025 MEDIUM POC This Month

The XMLParse procedure in SAP Sybase Adaptive Server Enterprise (ASE) 15.7 ESD 2 allows remote authenticated users to read arbitrary files via a SQL statement containing an XML document with an. Rated medium severity (CVSS 4.0), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Code Injection XXE SAP RCE Adaptive Server Enterprise
NVD Exploit-DB
CVSS 2.0
4.0
EPSS
8.5%
CVE-2013-4712 MEDIUM This Month

I-O DATA DEVICE HDL-A and HDL2-A devices with firmware 1.07 and earlier do not properly manage sessions, which allows remote attackers to obtain sensitive information or modify data via unspecified. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable. No vendor patch available.

Information Disclosure Hdl2 A E Hdl2 Ah Hdl2 A Firmware Hdl A E +3
NVD
CVSS 2.0
6.8
EPSS
0.7%
CVE-2012-4112 MEDIUM This Month

The Baseboard Management Controller (BMC) in Cisco Unified Computing System (UCS) allows local users to gain privileges and execute arbitrary commands via crafted command parameters within the. Rated medium severity (CVSS 6.8), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Cisco Unified Computing System
NVD
CVSS 2.0
6.8
EPSS
0.1%
CVE-2012-4114 MEDIUM This Month

The fabric-interconnect KVM module in Cisco Unified Computing System (UCS) does not encrypt video data, which allows man-in-the-middle attackers to watch KVM display content by sniffing the network. Rated medium severity (CVSS 5.8), this vulnerability is remotely exploitable. No vendor patch available.

Information Disclosure Cisco Unified Computing System
NVD
CVSS 2.0
5.8
EPSS
0.3%
CVE-2012-4117 MEDIUM This Month

The fabric-interconnect component in Cisco Unified Computing System (UCS) does not properly verify X.509 certificates, which allows man-in-the-middle attackers to watch SSL KVM video-channel traffic. Rated medium severity (CVSS 5.8), this vulnerability is remotely exploitable. No vendor patch available.

Information Disclosure Cisco Unified Computing System
NVD
CVSS 2.0
5.8
EPSS
0.1%
CVE-2013-5372 MEDIUM This Month

The XML4J parser in IBM WebSphere Message Broker 6.1 before 6.1.0.12, 7.0 before 7.0.0.7, and 8.0 before 8.0.0.4 and IBM Integration Bus 9.0 before 9.0.0.1 allows remote attackers to cause a denial. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

Denial Of Service IBM Websphere Message Broker
NVD
CVSS 2.0
4.3
EPSS
1.7%
CVE-2012-4113 MEDIUM This Month

The fabric-interconnect component in Cisco Unified Computing System (UCS) allows local users to gain privileges and read arbitrary files via crafted command parameters within the command-line. Rated medium severity (CVSS 4.6), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Cisco Unified Computing System
NVD
CVSS 2.0
4.6
EPSS
0.1%
CVE-2012-4116 MEDIUM This Month

The fabric-interconnect component in Cisco Unified Computing System (UCS) does not encrypt KVM media traffic, which allows remote attackers to obtain sensitive information, and consequently complete. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

Information Disclosure Cisco Unified Computing System
NVD
CVSS 2.0
4.3
EPSS
0.3%
CVE-2013-5702 MEDIUM This Month

Multiple cross-site scripting (XSS) vulnerabilities in WebCenter in WatchGuard WSM and Fireware before 11.8 allow remote attackers to inject arbitrary web script or HTML via unspecified parameters. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

XSS Fireware Watchguard System Manager
NVD
CVSS 2.0
4.3
EPSS
0.3%
CVE-2013-5534 MEDIUM This Month

Directory traversal vulnerability in the attachment service in the Voice Message Web Service (aka VMWS or Cisco Unity Web Service) in Cisco Unity Connection allows remote authenticated users to. Rated medium severity (CVSS 4.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Path Traversal Cisco Unity Connection
NVD
CVSS 2.0
4.0
EPSS
0.2%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy