Skip to main content
CVE-2013-4450 MEDIUM POC PATCH THREAT This Month

The HTTP server in Node.js 0.10.x before 0.10.21 and 0.8.x before 0.8.26 allows remote attackers to cause a denial of service (memory and CPU consumption) by sending a large number of pipelined. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and EPSS exploitation probability 68.7%.

Denial Of Service Node.js
NVD GitHub
CVSS 2.0
5.0
EPSS
68.7%
Threat
4.6
CVE-2013-5971 MEDIUM This Month

Session fixation vulnerability in the vSphere Web Client Server in VMware vCenter Server 5.0 before Update 3 allows remote attackers to hijack web sessions and gain privileges via unspecified vectors. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable. No vendor patch available.

Privilege Escalation VMware Vcenter Server
NVD
CVSS 2.0
6.8
EPSS
0.5%
CVE-2012-4115 MEDIUM This Month

The fabric-interconnect component in Cisco Unified Computing System (UCS) does not encrypt KVM virtual-media data, which allows man-in-the-middle attackers to obtain sensitive information by sniffing. Rated medium severity (CVSS 5.8), this vulnerability is remotely exploitable. No vendor patch available.

Information Disclosure Cisco Unified Computing System
NVD
CVSS 2.0
5.8
EPSS
0.3%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy