Skip to main content
CVE-2013-6282 HIGH POC KEV PATCH THREAT Act Now

The (1) get_user and (2) put_user API functions in the Linux kernel before 3.5.5 on the v6k and v7 ARM platforms do not validate certain addresses, which allows attackers to read or modify the. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Actively exploited in the wild (cisa kev) and public exploit code available.

Information Disclosure Google Linux
NVD GitHub Exploit-DB VulDB
CVSS 3.1
8.8
EPSS
67.7%
Threat
6.8
CVE-2013-6829 HIGH POC THREAT Act Now

admin/confnetworking.html in PineApp Mail-SeCure allows remote attackers to execute arbitrary commands via shell metacharacters in the pinghost parameter during a ping operation. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and EPSS exploitation probability 71.9%.

Code Injection RCE Mail Secure
NVD Exploit-DB
CVSS 2.0
7.5
EPSS
71.9%
Threat
5.2
CVE-2013-6830 HIGH POC This Week

admin/confnetworking.html in PineApp Mail-SeCure 3.70 and earlier on 5099SK and earlier platforms allows remote attackers to execute arbitrary commands via shell metacharacters in the nsserver. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Code Injection RCE Mail Secure 5099Sk
NVD Exploit-DB
CVSS 2.0
7.5
EPSS
7.9%
CVE-2013-4563 HIGH POC PATCH This Week

The udp6_ufo_fragment function in net/ipv6/udp_offload.c in the Linux kernel through 3.12, when UDP Fragmentation Offload (UFO) is enabled, does not properly perform a certain size comparison before. Rated high severity (CVSS 7.1), this vulnerability is remotely exploitable. Public exploit code available.

Denial Of Service Linux Linux Kernel Ubuntu Linux
NVD GitHub
CVSS 2.0
7.1
EPSS
1.6%
CVE-2013-6831 HIGH POC This Week

PineApp Mail-SeCure 3.70 and earlier on 5099SK and earlier platforms has a sudoers file that does not properly restrict user specifications, which allows local users to gain privileges via a sudo. Rated high severity (CVSS 7.2), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Privilege Escalation Mail Secure 5099Sk
NVD Exploit-DB
CVSS 2.0
7.2
EPSS
0.6%
CVE-2013-4559 HIGH This Week

lighttpd before 1.4.33 does not check the return value of the (1) setuid, (2) setgid, or (3) setgroups functions, which might cause lighttpd to run as root if it is restarted and allows remote. Rated high severity (CVSS 7.6), this vulnerability is remotely exploitable. No vendor patch available.

Privilege Escalation Lighttpd Debian Linux Opensuse
NVD
CVSS 2.0
7.6
EPSS
9.5%
CVE-2013-5607 HIGH This Week

Integer overflow in the PL_ArenaAllocate function in Mozilla Netscape Portable Runtime (NSPR) before 4.10.2, as used in Firefox before 25.0.1, Firefox ESR 17.x before 17.0.11 and 24.x before 24.1.1,. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Mozilla Netscape Portable Runtime Seamonkey Firefox
NVD
CVSS 2.0
7.5
EPSS
1.6%
CVE-2013-4386 HIGH PATCH This Week

Multiple SQL injection vulnerabilities in app/models/concerns/host_common.rb in Foreman before 1.2.3 allow remote attackers to execute arbitrary SQL commands via the (1) fqdn or (2) hostgroup. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity.

SQLi Openstack Foreman
NVD
CVSS 2.0
7.5
EPSS
0.5%
CVE-2013-4588 HIGH PATCH This Week

Multiple stack-based buffer overflows in net/netfilter/ipvs/ip_vs_ctl.c in the Linux kernel before 2.6.33, when CONFIG_IP_VS is used, allow local users to gain privileges by leveraging the. Rated high severity (CVSS 7.0).

Buffer Overflow Linux Linux Kernel Ubuntu Linux
NVD GitHub
CVSS 3.1
7.0
EPSS
0.1%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy