Skip to main content
CVE-2013-3706 MEDIUM PATCH This Month

Directory traversal vulnerability in the PreBoot service in Novell ZENworks Configuration Management (ZCM) 11.2 allows remote attackers to read arbitrary files via a .. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. Epss exploitation probability 50.5%.

Path Traversal Zenworks Configuration Management
NVD VulDB
CVSS 2.0
5.0
EPSS
50.5%
CVE-2013-6719 MEDIUM POC THREAT This Month

delivery.php in the Passive Capture Application (PCA) web console in IBM Tealeaf CX 7.x, 8.x through 8.6, 8.7 before FP2, and 8.8 before FP2 allows remote authenticated users to execute arbitrary. Rated medium severity (CVSS 6.0), this vulnerability is remotely exploitable. Public exploit code available and EPSS exploitation probability 10.6%.

IBM Command Injection PHP Tealeaf Cx
NVD Exploit-DB VulDB
CVSS 2.0
6.0
EPSS
10.6%
CVE-2014-1907 MEDIUM POC This Month

Multiple directory traversal vulnerabilities in the VideoWhisper Live Streaming Integration plugin before 4.29.5 for WordPress allow remote attackers to (1) read arbitrary files via a .. Rated medium severity (CVSS 6.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Path Traversal WordPress PHP Live Streaming Integration Plugin Videowhisper Live Streaming Integration
NVD Exploit-DB
CVSS 2.0
6.4
EPSS
8.0%
CVE-2012-6619 MEDIUM POC This Month

The default configuration for MongoDB before 2.3.2 does not validate objects, which allows remote authenticated users to cause a denial of service (crash) or read system memory via a crafted BSON. Rated medium severity (CVSS 6.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service MongoDB
NVD VulDB
CVSS 2.0
6.4
EPSS
1.3%
CVE-2013-6720 MEDIUM POC This Month

Directory traversal vulnerability in download.php in the Passive Capture Application (PCA) web console in IBM Tealeaf CX 7.x, 8.x through 8.6, 8.7 before FP2, and 8.8 before FP2 allows remote. Rated medium severity (CVSS 5.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Path Traversal PHP IBM Tealeaf Cx
NVD Exploit-DB VulDB
CVSS 2.0
5.5
EPSS
4.1%
CVE-2014-1906 MEDIUM POC This Month

Multiple cross-site scripting (XSS) vulnerabilities in the VideoWhisper Live Streaming Integration plugin before 4.29.5 for WordPress allow remote attackers to inject arbitrary web script or HTML via. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. Public exploit code available and no vendor patch available.

XSS WordPress PHP Live Streaming Integration Plugin Videowhisper Live Streaming Integration
NVD Exploit-DB
CVSS 2.0
4.3
EPSS
1.2%
CVE-2014-0336 MEDIUM This Month

Cross-site request forgery (CSRF) vulnerability in the web client in Serena Dimensions CM 12.2 build 7.199.0 allows remote attackers to hijack the authentication of administrators for requests that. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable. No vendor patch available.

CSRF Dimensions Cm
NVD VulDB
CVSS 2.0
6.8
EPSS
0.1%
CVE-2014-0335 MEDIUM This Month

Multiple cross-site scripting (XSS) vulnerabilities in the web client in Serena Dimensions CM 12.2 build 7.199.0 allow remote attackers to inject arbitrary web script or HTML via the (1) DB_CONN, (2). Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

XSS Dimensions Cm
NVD VulDB
CVSS 2.0
4.3
EPSS
0.7%
CVE-2013-6315 MEDIUM This Month

IBM InfoSphere Enterprise Records 4.5.1 before 4.5.1.7-IER-IF001 and Enterprise Records 5.1.1 before 5.1.1.1-IER-IF003 do not properly restrict use of FRAME elements, which makes it easier for remote. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

IBM Information Disclosure Enterprise Records Infosphere Enterprise Records
NVD VulDB
CVSS 2.0
4.3
EPSS
0.2%
CVE-2013-6304 MEDIUM PATCH This Month

Multiple directory traversal vulnerabilities in Algo Risk Application (ARA) 2.4.0.1 through 4.9.1 in IBM Algo One allow remote authenticated users to bypass intended access restrictions via a crafted. Rated medium severity (CVSS 4.0), this vulnerability is remotely exploitable, low attack complexity. This Path Traversal vulnerability could allow attackers to access files and directories outside the intended path.

Path Traversal IBM Algo One Algo Risk Application
NVD VulDB
CVSS 2.0
4.0
EPSS
0.4%
CVE-2013-6437 MEDIUM PATCH This Month

The libvirt driver in OpenStack Compute (Nova) before 2013.2.2 and icehouse before icehouse-2 allows remote authenticated users to cause a denial of service (disk consumption) by creating and. Rated medium severity (CVSS 4.0), this vulnerability is remotely exploitable, low attack complexity.

Denial Of Service Nova
NVD VulDB
CVSS 2.0
4.0
EPSS
0.4%
CVE-2014-0630 MEDIUM This Month

EMC Documentum TaskSpace (TSP) 6.7SP1 before P25 and 6.7SP2 before P11 allows remote authenticated users to read arbitrary files via a modified imaging-service URL. Rated medium severity (CVSS 4.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Privilege Escalation Documentum Taskspace
NVD VulDB
CVSS 2.0
4.0
EPSS
0.2%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy