Skip to main content
CVE-2013-5223 MEDIUM POC KEV THREAT This Month

Multiple cross-site scripting (XSS) vulnerabilities in D-Link DSL-2760U Gateway (Rev. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Actively exploited in the wild (cisa kev) and public exploit code available.

D-Link XSS
NVD Exploit-DB VulDB
CVSS 3.1
5.4
EPSS
35.5%
Threat
5.1
CVE-2013-2271 HIGH POC THREAT Act Now

The D-Link DSL-2740B Gateway with firmware EU_1.0, when an active administrator session exists, allows remote attackers to bypass authentication and gain administrator access via a request to. Rated high severity (CVSS 7.6), this vulnerability is remotely exploitable. Public exploit code available and EPSS exploitation probability 35.3%.

Privilege Escalation D-Link Dsl 2740B Firmware Dsl 2740B
NVD Exploit-DB
CVSS 2.0
7.6
EPSS
35.3%
Threat
4.1
CVE-2013-6797 MEDIUM POC PATCH This Month

Cross-site request forgery (CSRF) vulnerability in bluewrench-video-widget.php in the Blue Wrench Video Widget plugin before 2.0.0 for WordPress allows remote attackers to hijack the authentication. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable. Public exploit code available.

CSRF PHP WordPress Blue Wrench Video Widget
NVD Exploit-DB
CVSS 2.0
6.8
EPSS
0.3%
CVE-2013-6042 MEDIUM POC This Month

Cross-site scripting (XSS) vulnerability in filemanager/login.php in the File Manager module in Softaculous Webuzo before 2.1.4 allows remote attackers to inject arbitrary web script or HTML via the. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. Public exploit code available and no vendor patch available.

PHP XSS Webuzo
NVD Exploit-DB
CVSS 2.0
4.3
EPSS
0.9%
CVE-2013-6631 HIGH PATCH This Week

Use-after-free vulnerability in the Channel::SendRTCPPacket function in voice_engine/channel.cc in libjingle in WebRTC, as used in Google Chrome before 31.0.1650.48 and other products, allows remote. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity.

Buffer Overflow Denial Of Service Google Chrome
NVD
CVSS 2.0
7.5
EPSS
1.7%
CVE-2013-6630 MEDIUM This Month

The get_dht function in jdmarker.c in libjpeg-turbo through 1.3.0, as used in Google Chrome before 31.0.1650.48 and other products, does not set all elements of a certain Huffman value array during. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Google Chrome
NVD
CVSS 2.0
5.0
EPSS
1.8%
CVE-2013-6629 MEDIUM PATCH This Month

The get_sos function in jdmarker.c in (1) libjpeg 6b and (2) libjpeg-turbo through 1.3.0, as used in Google Chrome before 31.0.1650.48, Ghostscript, and other products, does not check for certain. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

Information Disclosure Google Chrome Solaris Gpl Ghostscript +8
NVD
CVSS 2.0
5.0
EPSS
0.2%
CVE-2013-4519 MEDIUM This Month

Multiple cross-site scripting (XSS) vulnerabilities in Review Board 1.6.x before 1.6.21 and 1.7.x before 1.7.17 allow remote attackers to inject arbitrary web script or HTML via the (1) Branch field. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

XSS Review Board
NVD
CVSS 2.0
4.3
EPSS
0.4%
CVE-2013-0741 MEDIUM PATCH This Month

Cross-site scripting (XSS) vulnerability in imagegen.ashx in Percipient Studios ImageGen before 2.9.0 for Umbraco CMS allows remote attackers to inject arbitrary web script or HTML via the font. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable.

XSS Imagen
NVD
CVSS 2.0
4.3
EPSS
0.3%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy