Skip to main content
CVE-2013-3906 HIGH POC KEV PATCH THREAT Act Now

GDI+ in Microsoft Windows and Office fails to properly handle TIFF images, allowing remote code execution through crafted documents, actively exploited in targeted attacks against Pakistani and Middle Eastern organizations.

Code Injection Microsoft RCE
NVD Exploit-DB VulDB
CVSS 3.1
7.8
EPSS
92.6%
Threat
9.3
CVE-2013-3626 CRITICAL Act Now

Directory traversal vulnerability in the Session Server in Attachmate Verastream Host Integrator (VHI) 6.0 through 7.5 SP 1 HF 1 allows remote attackers to upload and execute arbitrary files via a. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. No vendor patch available.

Path Traversal Verastream Host Integrator
NVD
CVSS 2.0
9.3
EPSS
0.4%
CVE-2013-5563 MEDIUM POC This Month

Cross-site scripting (XSS) vulnerability in Query/NewQueryResult.jsp in Cisco Security Monitoring, Analysis and Response System (CS-MARS) allows remote attackers to inject arbitrary web script or. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. Public exploit code available and no vendor patch available.

Cisco XSS Security Monitoring Analysis And Response System
NVD
CVSS 2.0
4.3
EPSS
0.2%
CVE-2013-4715 HIGH This Week

SQL injection vulnerability in Tiki Wiki CMS Groupware 6 LTS before 6.13LTS, 9 LTS before 9.7LTS, 10.x before 10.4, and 11.x before 11.1 allows remote attackers to execute arbitrary SQL commands via. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

SQLi Tikiwiki Cms Groupware
NVD
CVSS 2.0
7.5
EPSS
0.4%
CVE-2013-5562 MEDIUM This Month

The ITM web server in Cisco Prime Central for Hosted Collaboration Solution (HCS) allows remote attackers to cause a denial of service (temporary HTTP service outage) via a flood of TCP packets, aka. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Buffer Overflow Denial Of Service Cisco Prime Central For Hosted Collaboration Solution
NVD
CVSS 2.0
5.0
EPSS
0.4%
CVE-2013-5387 MEDIUM This Month

Buffer overflow in IBM Platform Symphony 5.2, 6.1, and 6.1.1 allows remote attackers to cause a denial of service (process crash or hang) via a malformed SOAP request with a large amount of request. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

Buffer Overflow Denial Of Service IBM Platform Symphony
NVD
CVSS 2.0
4.3
EPSS
0.7%
CVE-2013-3281 MEDIUM This Month

Cross-site scripting (XSS) vulnerability in EMC Documentum Webtop before 6.7 SP2 P07, Documentum WDK before 6.7 SP2 P07, Documentum Taskspace before 6.7 SP2 P07, Documentum Records Manager before 6.7. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

XSS Documentum Taskspace Documentum Capital Projects Documentum Wdk Documentum Digital Asset Manager +3
NVD
CVSS 2.0
4.3
EPSS
0.6%
CVE-2013-3286 MEDIUM This Month

Multiple cross-site scripting (XSS) vulnerabilities in EMC Documentum eRoom before 7.4.4 P11 allow remote attackers to inject arbitrary web script or HTML via a crafted URL. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

XSS Documentum Eroom
NVD
CVSS 2.0
4.3
EPSS
0.3%
CVE-2013-4714 MEDIUM PATCH This Month

Cross-site scripting (XSS) vulnerability in Tiki Wiki CMS Groupware 6 LTS before 6.13LTS, 9 LTS before 9.7LTS, 10.x before 10.4, and 11.x before 11.1 allows remote attackers to inject arbitrary web. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable.

XSS Tikiwiki Cms Groupware
NVD
CVSS 2.0
4.3
EPSS
0.3%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy