Skip to main content
CVE-2013-2751 CRITICAL POC PATCH THREAT Act Now

Eval injection vulnerability in frontview/lib/np_handler.pl in the FrontView web interface in NETGEAR ReadyNAS RAIDiator before 4.1.12 and 4.2.x before 4.2.24 allows remote attackers to execute. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and EPSS exploitation probability 83.5%.

Netgear Code Injection RCE Raidiator
NVD Exploit-DB
CVSS 2.0
10.0
EPSS
83.5%
Threat
6.0
CVE-2013-6810 CRITICAL POC THREAT Emergency

The server in Brocade Network Advisor before 12.1.0, as used in EMC Connectrix Manager Converged Network Edition (CMCNE), HP B-series SAN Network Advisor, and possibly other products, allows remote. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and EPSS exploitation probability 64.8%.

Code Injection HP RCE Connectrix Manager
NVD Exploit-DB
CVSS 2.0
10.0
EPSS
64.8%
Threat
5.4
CVE-2013-7030 HIGH POC THREAT Act Now

The TFTP service in Cisco Unified Communications Manager (aka CUCM or Unified CM) allows remote attackers to obtain sensitive information from a phone via an RRQ operation, as demonstrated by. Rated high severity (CVSS 7.3), this vulnerability is no authentication required, low attack complexity. Public exploit code available and EPSS exploitation probability 10.3%.

Information Disclosure Cisco Unified Communications Manager
NVD Exploit-DB
CVSS 3.1
7.3
EPSS
10.3%
CVE-2013-6421 HIGH POC This Week

The unpack_zip function in archive_unpacker.rb in the sprout gem 0.7.246 for Ruby allows context-dependent attackers to execute arbitrary commands via shell metacharacters in a (1) filename or (2). Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Code Injection RCE Sprout
NVD
CVSS 2.0
7.5
EPSS
1.2%
CVE-2013-4458 MEDIUM POC PATCH This Month

Stack-based buffer overflow in the getaddrinfo function in sysdeps/posix/getaddrinfo.c in GNU C Library (aka glibc or libc6) 2.18 and earlier allows remote attackers to cause a denial of service. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

Buffer Overflow Denial Of Service Glibc Linux Enterprise Debuginfo Linux Enterprise Server
NVD
CVSS 2.0
5.0
EPSS
1.2%
CVE-2013-6045 HIGH This Week

Multiple heap-based buffer overflows in OpenJPEG 1.3 and earlier might allow remote attackers to execute arbitrary code via unspecified vectors. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Buffer Overflow RCE Openjpeg
NVD
CVSS 2.0
7.5
EPSS
7.8%
CVE-2013-1812 MEDIUM POC PATCH This Month

The ruby-openid gem before 2.2.2 for Ruby allows remote OpenID providers to cause a denial of service (CPU consumption) via (1) a large XRDS document or (2) an XML Entity Expansion (XEE) attack. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. Public exploit code available.

Denial Of Service Fedora Ruby Openid
NVD GitHub
CVSS 2.0
4.3
EPSS
0.5%
CVE-2013-6054 HIGH This Week

Heap-based buffer overflow in OpenJPEG 1.3 has unspecified impact and remote vectors, a different vulnerability than CVE-2013-6045. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Buffer Overflow Openjpeg
NVD
CVSS 2.0
7.5
EPSS
0.8%
CVE-2013-1978 MEDIUM This Month

Heap-based buffer overflow in the read_xwd_cols function in file-xwd.c in the X Window Dump (XWD) plug-in in GIMP 2.6.9 and earlier allows remote attackers to cause a denial of service (crash) and. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable. No vendor patch available.

Buffer Overflow Denial Of Service Memory Corruption RCE Gimp +1
NVD
CVSS 2.0
6.8
EPSS
3.4%
CVE-2013-1913 MEDIUM This Month

Integer overflow in the load_image function in file-xwd.c in the X Window Dump (XWD) plug-in in GIMP 2.6.9 and earlier, when used with glib before 2.24, allows remote attackers to cause a denial of. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable. No vendor patch available.

RCE Denial Of Service Integer Overflow Gimp Enterprise Linux
NVD
CVSS 2.0
6.8
EPSS
2.0%
CVE-2013-2752 MEDIUM PATCH This Month

Cross-site request forgery (CSRF) vulnerability in frontview/lib/np_handler.pl in NETGEAR ReadyNAS RAIDiator before 4.1.12 and 4.2.x before 4.2.24 allows remote attackers to hijack the authentication. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable.

CSRF Netgear Raidiator
NVD
CVSS 2.0
6.8
EPSS
0.2%
CVE-2013-1447 MEDIUM This Month

OpenJPEG 1.3 and earlier allows remote attackers to cause a denial of service (memory consumption or crash) via unspecified vectors related to NULL pointer dereferences, division-by-zero, and other. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Openjpeg
NVD
CVSS 2.0
5.0
EPSS
0.7%
CVE-2013-6052 MEDIUM This Month

OpenJPEG 1.3 and earlier allows remote attackers to obtain sensitive information via unspecified vectors that trigger a heap-based out-of-bounds read. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Buffer Overflow Information Disclosure Openjpeg
NVD
CVSS 2.0
5.0
EPSS
0.4%
CVE-2013-4566 MEDIUM This Month

mod_nss 1.0.8 and earlier, when NSSVerifyClient is set to none for the server/vhost context, does not enforce the NSSVerifyClient setting in the directory context, which allows remote attackers to. Rated medium severity (CVSS 4.0), this vulnerability is remotely exploitable. No vendor patch available.

Privilege Escalation Mod Nss Enterprise Linux
NVD
CVSS 2.0
4.0
EPSS
0.1%
CVE-2013-6986 LOW Monitor

The ZippyYum Subway CA Kiosk app 3.4 for iOS uses cleartext storage in SQLite cache databases, which allows attackers to obtain sensitive information by reading data elements, as demonstrated by. Rated low severity (CVSS 2.1), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Apple Subway Ordering For California
NVD
CVSS 2.0
2.1
EPSS
0.1%
CVE-2013-5763 LOW Monitor

Unspecified vulnerability in the Oracle Outside In Technology component in Oracle Fusion Middleware 8.4.0 allows context-dependent attackers to affect availability via unknown vectors related to. Rated low severity (CVSS 1.5). No vendor patch available.

Information Disclosure Oracle Fusion Middleware
NVD
CVSS 2.0
1.5
EPSS
0.2%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy