Skip to main content
CVE-2013-7184 MEDIUM POC THREAT This Month

Gretech GOM Media Player 2.2.56.5158 and earlier allows remote attackers to cause a denial of service (memory corruption) via a crafted AVI file. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. Public exploit code available and EPSS exploitation probability 12.2%.

Buffer Overflow Denial Of Service Gom Player
NVD Exploit-DB
CVSS 2.0
4.3
EPSS
12.2%
CVE-2013-7316 MEDIUM POC This Month

Cross-site scripting (XSS) vulnerability in GitLab 6.0 and other versions before 6.5.0 allows remote attackers to inject arbitrary web script or HTML via a crafted HTML file, as demonstrated by. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. Public exploit code available and no vendor patch available.

Gitlab XSS
NVD Exploit-DB
CVSS 2.0
4.3
EPSS
1.3%
CVE-2014-0674 MEDIUM This Month

Cisco Video Surveillance Operations Manager (VSOM) does not require authentication for MySQL database connections, which allows remote attackers to obtain sensitive information, modify data, or cause. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable. No vendor patch available.

Denial Of Service Cisco Authentication Bypass Video Surveillance Operations Manager
NVD
CVSS 2.0
6.8
EPSS
1.7%
CVE-2013-6458 MEDIUM This Month

Multiple race conditions in the (1) virDomainBlockStats, (2) virDomainGetBlockInf, (3) qemuDomainBlockJobImpl, and (4) virDomainGetBlockIoTune functions in libvirt before 1.2.1 do not properly verify. Rated medium severity (CVSS 6.8). No vendor patch available.

Denial Of Service Race Condition Libvirt
NVD
CVSS 2.0
6.8
EPSS
0.9%
CVE-2013-7175 MEDIUM This Month

Multiple SQL injection vulnerabilities in Avanset Visual CertExam Manager 3.3 and earlier allow remote authenticated users to execute arbitrary SQL commands via the (1) Title, (2) File name, or (3). Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

SQLi Visual Certexam Manager
NVD
CVSS 2.0
6.5
EPSS
1.0%
CVE-2013-6457 MEDIUM This Month

The libxlDomainGetNumaParameters function in the libxl driver (libxl/libxl_driver.c) in libvirt before 1.2.1 does not properly initialize the nodemap, which allows local users to cause a denial of. Rated medium severity (CVSS 5.2), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Denial Of Service RCE Libvirt
NVD
CVSS 2.0
5.2
EPSS
0.1%
CVE-2013-6030 MEDIUM This Month

Directory traversal vulnerability on the Emerson Network Power Avocent MergePoint Unity 2016 (aka MPU2016) KVM switch with firmware 1.9.16473 allows remote attackers to read arbitrary files via. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Path Traversal Network Power Avocent Mergepoint Unity 2016 Firmware
NVD
CVSS 2.0
5.0
EPSS
0.2%
CVE-2013-7317 MEDIUM This Month

Multiple cross-site scripting (XSS) vulnerabilities in CS-Cart before 4.1.1 allow remote attackers to inject arbitrary web script or HTML via the (1) settings_file or (2) data_file parameter to (a). Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

XSS Cs Cart
NVD
CVSS 2.0
4.3
EPSS
0.6%
CVE-2013-6434 MEDIUM This Month

The remote-viewer in Red Hat Enterprise Virtualization Manager (RHEV-M) before 3.3, when using a native SPICE client invocation method, initially makes insecure connections to the SPICE server, which. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

Red Hat Privilege Escalation Enterprise Virtualization Manager
NVD
CVSS 2.0
4.3
EPSS
0.3%
CVE-2013-1885 MEDIUM This Month

Multiple cross-site scripting (XSS) vulnerabilities in the token processing system (pki-tps) in Red Hat Certificate System (RHCS) 8.1 and possibly Dogtag Certificate System 9 and 10 allow remote. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

Red Hat XSS Certificate System Dogtag Certificate System
NVD
CVSS 2.0
4.3
EPSS
0.2%
CVE-2014-0809 MEDIUM This Month

Directory traversal vulnerability in the Gapless Player SimZip (aka Simple Zip Viewer) application before 1.2.1 for Android allows remote attackers to overwrite or create arbitrary files via a. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

Google Path Traversal Simzip
NVD
CVSS 2.0
4.3
EPSS
0.2%
CVE-2014-0028 MEDIUM This Month

libvirt 1.1.1 through 1.2.0 allows context-dependent attackers to bypass the domain:getattr and connect:search_domains restrictions in ACLs and obtain sensitive domain object information via a. Rated medium severity (CVSS 4.3). No vendor patch available.

Privilege Escalation Libvirt
NVD
CVSS 2.0
4.3
EPSS
0.1%
CVE-2014-1476 MEDIUM This Month

The Taxonomy module in Drupal 7.x before 7.26, when upgraded from an earlier version of Drupal, does not properly restrict access to unpublished content, which allows remote authenticated users to. Rated medium severity (CVSS 4.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Privilege Escalation Drupal
NVD
CVSS 2.0
4.0
EPSS
0.4%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy