Skip to main content
CVE-2013-3630 MEDIUM POC PATCH THREAT This Month

Moodle through 2.5.2 allows remote authenticated administrators to execute arbitrary programs by configuring the aspell pathname and then triggering a spell-check operation within the TinyMCE editor. Rated medium severity (CVSS 4.6), this vulnerability is remotely exploitable. Public exploit code available and EPSS exploitation probability 64.5%.

Code Injection RCE Moodle
NVD Exploit-DB
CVSS 2.0
4.6
EPSS
64.5%
Threat
4.4
CVE-2013-5977 MEDIUM POC This Month

Cross-site request forgery (CSRF) vulnerability in Cart66Product.php in the Cart66 Lite plugin before 1.5.1.15 for WordPress allows remote attackers to hijack the authentication of administrators for. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable. Public exploit code available and no vendor patch available.

CSRF PHP WordPress XSS Cart66 Lite Plugin
NVD Exploit-DB
CVSS 2.0
6.8
EPSS
0.6%
CVE-2013-4484 MEDIUM POC This Month

Varnish before 3.0.5 allows remote attackers to cause a denial of service (child-process crash and temporary caching outage) via a GET request with trailing whitespace characters and no URI. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Denial Of Service Varnish Varnish Cache
NVD
CVSS 2.0
5.0
EPSS
1.6%
CVE-2013-2701 MEDIUM This Month

Cross-site request forgery (CSRF) vulnerability in the Social Sharing Toolkit plugin 2.1.1 for WordPress allows remote attackers to hijack the authentication of administrators for requests that. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable. No vendor patch available.

CSRF WordPress Social Sharing Toolkit Plugin
NVD
CVSS 2.0
6.8
EPSS
0.1%
CVE-2013-5551 MEDIUM This Month

Cisco Adaptive Security Appliance (ASA) Software, when certain same-security-traffic and management-access options are enabled, allows remote authenticated users to cause a denial of service (stack. Rated medium severity (CVSS 6.3), this vulnerability is remotely exploitable. No vendor patch available.

Buffer Overflow Denial Of Service Cisco Adaptive Security Appliance Software
NVD
CVSS 2.0
6.3
EPSS
1.2%
CVE-2013-5431 MEDIUM This Month

Open redirect vulnerability in IBM Tivoli Federated Identity Manager (TFIM) 6.1.1 before IF 15, 6.2.0 before IF 14, 6.2.1, and 6.2.2 before IF 8 and Tivoli Federated Identity Manager Business Gateway. Rated medium severity (CVSS 5.8), this vulnerability is remotely exploitable. No vendor patch available.

Open Redirect IBM Tivoli Federated Identity Manager Tivoli Federated Identity Manager Business Gateway
NVD
CVSS 2.0
5.8
EPSS
1.3%
CVE-2013-4447 MEDIUM PATCH This Month

Cross-site scripting (XSS) vulnerability in the API in the Simplenews module 6.x-1.x before 6.x-1.5 and 7.x-1.x before 7.x-1.1 for Drupal allows remote attackers to inject arbitrary web script or. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable.

XSS Simplenews
NVD
CVSS 2.0
4.3
EPSS
0.8%
CVE-2013-5555 MEDIUM This Month

Cisco Unified Communications Manager (aka CUCM or Unified CM) allows remote attackers to cause a denial of service (service restart) via a crafted SIP message, aka Bug ID CSCub54349. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

Buffer Overflow Denial Of Service Cisco Unified Communications Manager
NVD
CVSS 2.0
4.3
EPSS
0.4%
CVE-2013-5548 MEDIUM This Month

The IKEv2 implementation in Cisco IOS, when AES-GCM or AES-GMAC is used, allows remote attackers to bypass certain IPsec anti-replay features via IPsec tunnel traffic, aka Bug ID CSCuj47795. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

Privilege Escalation Cisco iOS
NVD
CVSS 2.0
4.3
EPSS
0.4%
CVE-2013-4713 LOW PATCH Monitor

Cross-site scripting (XSS) vulnerability in I-O DATA DEVICE RockDisk with firmware before 1.05e1-2.0.5 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors. Rated low severity (CVSS 3.5), this vulnerability is remotely exploitable.

XSS Rockdisk Firmware Rockdisk
NVD
CVSS 2.0
3.5
EPSS
0.2%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy