Skip to main content
CVE-2013-4557 HIGH POC THREAT Act Now

The Security Screen (_core_/securite/ecran_securite.php) before 1.1.8 for SPIP, as used in SPIP 3.0.x before 3.0.12, allows remote attackers to execute arbitrary PHP via the connect parameter. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and EPSS exploitation probability 69.5%.

PHP Code Injection RCE Spip
NVD
CVSS 2.0
7.5
EPSS
69.5%
Threat
5.1
CVE-2013-6801 HIGH POC THREAT Act Now

Microsoft Word 2003 SP2 and SP3 on Windows XP SP3 allows remote attackers to cause a denial of service (CPU consumption) via a malformed .doc file containing an embedded image, as demonstrated by. Rated high severity (CVSS 7.1), this vulnerability is remotely exploitable. Public exploit code available and EPSS exploitation probability 21.1%.

Denial Of Service Microsoft Word
NVD
CVSS 2.0
7.1
EPSS
21.1%
CVE-2013-4510 HIGH POC PATCH This Week

Directory traversal vulnerability in the client in Tryton 3.0.0, as distributed before 20131104 and earlier, allows remote servers to write arbitrary files via path separators in the extension of a. Rated high severity (CVSS 7.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

Path Traversal Tryton
NVD
CVSS 2.0
7.8
EPSS
0.8%
CVE-2013-5605 HIGH PATCH This Week

Mozilla Network Security Services (NSS) 3.14 before 3.14.5 and 3.15 before 3.15.3 allows remote attackers to cause a denial of service or possibly have unspecified other impact via invalid handshake. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity.

Denial Of Service Mozilla Network Security Services
NVD
CVSS 2.0
7.5
EPSS
2.8%
CVE-2013-1741 HIGH This Week

Integer overflow in Mozilla Network Security Services (NSS) 3.15 before 3.15.3 allows remote attackers to cause a denial of service or possibly have unspecified other impact via a large size value. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Mozilla Network Security Services
NVD
CVSS 2.0
7.5
EPSS
2.6%
CVE-2013-4480 HIGH PATCH This Week

Red Hat Satellite 5.6 and earlier does not disable the web interface that is used to create the first user for a satellite, which allows remote attackers to create administrator accounts. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. This Exposure of Resource to Wrong Sphere vulnerability could allow attackers to access resources from an unintended security context.

Red Hat Information Disclosure Network Satellite Satellite Satellite With Embedded Oracle +2
NVD
CVSS 2.0
7.5
EPSS
0.7%
CVE-2013-3876 HIGH This Week

DirectAccess in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012. Rated high severity (CVSS 7.1), this vulnerability is remotely exploitable. No vendor patch available.

Information Disclosure Microsoft Windows 7 Windows 8 Windows 8 1 +7
NVD
CVSS 2.0
7.1
EPSS
2.0%
CVE-2013-5972 HIGH PATCH This Week

VMware Workstation 9.x before 9.0.3 and VMware Player 5.x before 5.0.3 on Linux do not properly handle shared libraries, which allows host OS users to gain host OS privileges via unspecified vectors. Rated high severity (CVSS 7.2), this vulnerability is low attack complexity.

Privilege Escalation VMware Workstation Player
NVD
CVSS 2.0
7.2
EPSS
0.0%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy