Vulnerabilities > High
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2013-02-27 | CVE-2013-1135 | Improper Input Validation vulnerability in Cisco Prime Central for Hosted Collaboration Solution Assurance 8.6/9.0 Cisco Prime Central for Hosted Collaboration Solution (HCS) Assurance 8.6 and 9.0 allows remote attackers to cause a denial of service (CPU consumption and monitoring outage) via malformed TLS messages to TCP port (1) 9043 or (2) 9443, aka Bug ID CSCuc07155. | 7.1 |
2013-02-27 | CVE-2013-1134 | Improper Authentication vulnerability in Cisco Unified Communications Manager 9.0(1) The Location Bandwidth Manager (LBM) Intracluster-communication feature in Cisco Unified Communications Manager (CUCM) 9.x before 9.1(1) does not require authentication from the remote LBM Hub node, which allows remote attackers to conduct cache-poisoning attacks against transaction records, and cause a denial of service (bandwidth-pool consumption and call outage), via unspecified vectors, aka Bug ID CSCub28920. | 7.1 |
2013-02-27 | CVE-2013-1133 | Improper Input Validation vulnerability in Cisco Unified Communications Manager Cisco Unified Communications Manager (CUCM) 8.6 before 8.6(2a)su2, 8.6 BE3k before 8.6(4) BE3k, and 9.x before 9.0(1) allows remote attackers to cause a denial of service (CPU consumption and GUI and voice outages) via malformed packets to unused UDP ports, aka Bug ID CSCtx43337. | 7.8 |
2013-02-27 | CVE-2013-0490 | Local Privilege Escalation vulnerability in IBM Infosphere Guardium 8.00 Unspecified vulnerability in IBM InfoSphere Guardium S-TAP 8.1 for DB2 on z/OS allows local users to gain privileges via unknown vectors. | 7.2 |
2013-02-24 | CVE-2013-0120 | Improper Input Validation vulnerability in Dell Powerconnect 6248P The web interface on Dell PowerConnect 6248P switches allows remote attackers to cause a denial of service (device crash) via a malformed request. | 7.8 |
2013-02-24 | CVE-2012-6273 | SQL Injection vulnerability in Bigantsoft Bigant IM Message Server SQL injection vulnerability in BigAntSoft BigAnt IM Message Server allows remote attackers to execute arbitrary SQL commands via an SHU (aka search user) request. | 7.5 |
2013-02-24 | CVE-2012-4706 | Numeric Errors vulnerability in 3S-Software Codesys Gateway-Server Integer signedness error in 3S CODESYS Gateway-Server before 2.3.9.27 allows remote attackers to cause a denial of service via a crafted packet that triggers a heap-based buffer overflow. | 7.8 |
2013-02-23 | CVE-2013-2268 | Security vulnerability in WebKit MathML Library Unspecified vulnerability in the MathML implementation in WebKit in Google Chrome before 25.0.1364.97 on Windows and Linux, and before 25.0.1364.99 on Mac OS X, has unknown impact and remote attack vectors, related to a "high severity security issue." | 7.5 |
2013-02-22 | CVE-2013-1659 | Memory Corruption vulnerability in VMWare Esxi, Vcenter Server and Vcenter Server Appliance VMware vCenter Server 4.0 before Update 4b, 5.0 before Update 2, and 5.1 before 5.1.0b; VMware ESXi 3.5 through 5.1; and VMware ESX 3.5 through 4.1 do not properly implement the Network File Copy (NFC) protocol, which allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption) by modifying the client-server data stream. | 7.6 |
2013-02-22 | CVE-2012-6326 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in VMWare Vcenter Server and Vcenter Server Appliance VMware vCenter Server 4.1 before Update 3 and 5.0 before Update 2, and vCSA 5.0 before Update 2, allows remote attackers to cause a denial of service (disk consumption) via vectors that trigger large log entries. | 7.8 |