Skip to main content
CVE-2013-5957 HIGH POC PATCH This Week

Multiple SQL injection vulnerabilities in CRM/Core/Page/AJAX/Location.php in CiviCRM before 4.2.12, 4.3.x before 4.3.7, and 4.4.x before 4.4.beta4 allow remote attackers to execute arbitrary SQL. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

PHP SQLi Civicrm
NVD GitHub
CVSS 2.0
7.5
EPSS
0.4%
CVE-2013-6381 MEDIUM POC PATCH This Month

Buffer overflow in the qeth_snmp_command function in drivers/s390/net/qeth_core_main.c in the Linux kernel through 3.12.1 allows local users to cause a denial of service or possibly have unspecified. Rated medium severity (CVSS 6.9). Public exploit code available.

Buffer Overflow Denial Of Service Linux Linux Kernel
NVD GitHub
CVSS 2.0
6.9
EPSS
0.1%
CVE-2013-4617 MEDIUM POC This Month

Jahia xCM before 6.6.2 does not include the HTTPOnly flag in a Set-Cookie header for the JSESSIONID cookie, which makes it easier for remote attackers to obtain potentially sensitive information via. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Jahia Xcm
NVD
CVSS 2.0
5.0
EPSS
0.2%
CVE-2013-6380 MEDIUM POC PATCH This Month

The aac_send_raw_srb function in drivers/scsi/aacraid/commctrl.c in the Linux kernel through 3.12.1 does not properly validate a certain size value, which allows local users to cause a denial of. Rated medium severity (CVSS 4.7). Public exploit code available.

Denial Of Service Linux Linux Kernel
NVD GitHub
CVSS 2.0
4.7
EPSS
0.0%
CVE-2013-4624 MEDIUM POC This Month

Multiple cross-site scripting (XSS) vulnerabilities in Jahia xCM 6.6.1.0 before hotfix 7 allow remote attackers to inject arbitrary web script or HTML via (1) the site parameter to. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. Public exploit code available and no vendor patch available.

XSS Jahia Xcm
NVD Exploit-DB
CVSS 2.0
4.3
EPSS
0.9%
CVE-2013-6382 MEDIUM POC This Month

Multiple buffer underflows in the XFS implementation in the Linux kernel through 3.12.1 allow local users to cause a denial of service (memory corruption) or possibly have unspecified other impact by. Rated medium severity (CVSS 4.0). Public exploit code available and no vendor patch available.

Buffer Overflow Denial Of Service Linux Linux Kernel
NVD
CVSS 2.0
4.0
EPSS
0.0%
CVE-2013-3920 LOW POC Monitor

Cross-site scripting (XSS) vulnerability in Jahia xCM before 6.6.2 allows remote authenticated users to inject arbitrary web script or HTML via the "about me" field. Rated low severity (CVSS 3.5), this vulnerability is remotely exploitable. Public exploit code available and no vendor patch available.

XSS Jahia Xcm
NVD
CVSS 2.0
3.5
EPSS
0.2%
CVE-2013-6383 MEDIUM PATCH This Month

The aac_compat_ioctl function in drivers/scsi/aacraid/linit.c in the Linux kernel before 3.11.8 does not require the CAP_SYS_RAWIO capability, which allows local users to bypass intended access. Rated medium severity (CVSS 6.9).

Privilege Escalation Linux Linux Kernel
NVD GitHub
CVSS 2.0
6.9
EPSS
0.0%
CVE-2013-6378 MEDIUM This Month

The lbs_debugfs_write function in drivers/net/wireless/libertas/debugfs.c in the Linux kernel through 3.12.1 allows local users to cause a denial of service (OOPS) by leveraging root privileges for a. Rated medium severity (CVSS 4.4). No vendor patch available.

Denial Of Service Linux Linux Kernel
NVD GitHub
CVSS 2.0
4.4
EPSS
0.1%
CVE-2013-3394 MEDIUM This Month

Cross-site scripting (XSS) vulnerability in the web interface in Cisco Prime Network Registrar 8.1 and earlier allows remote attackers to inject arbitrary web script or HTML via a crafted field, aka. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

Cisco XSS Prime Network Registrar
NVD
CVSS 2.0
4.3
EPSS
0.2%
CVE-2013-4036 LOW Monitor

Cross-site scripting (XSS) vulnerability in IBM InfoSphere Master Data Management Server for Product Information Management 9.x before 9.1 FP13, and IBM InfoSphere Master Data Management -. Rated low severity (CVSS 3.5), this vulnerability is remotely exploitable. No vendor patch available.

IBM XSS Infosphere Master Data Management Server For Product Information Management Infosphere Master Data Management Collaboration Server
NVD
CVSS 2.0
3.5
EPSS
0.2%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy