Skip to main content
CVE-2012-6432 MEDIUM PATCH This Month

Symfony 2.0.x before 2.0.20, 2.1.x before 2.1.5, and 2.2-dev, when the internal routes configuration is enabled, allows remote attackers to access arbitrary services via vectors involving a URI. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable.

Privilege Escalation Symfony
NVD
CVSS 2.0
6.8
EPSS
0.4%
CVE-2012-6431 MEDIUM PATCH This Month

Symfony 2.0.x before 2.0.20 does not process URL encoded data consistently within the Routing and Security components, which allows remote attackers to bypass intended URI restrictions via a doubly. Rated medium severity (CVSS 6.4), this vulnerability is remotely exploitable, low attack complexity.

Privilege Escalation Symfony
NVD
CVSS 2.0
6.4
EPSS
0.2%
CVE-2012-5532 MEDIUM PATCH This Month

The main function in tools/hv/hv_kvp_daemon.c in hypervkvpd, as distributed in the Linux kernel before 3.8-rc1, allows local users to cause a denial of service (daemon exit) via a crafted application. Rated medium severity (CVSS 4.9), this vulnerability is low attack complexity.

Denial Of Service Linux Linux Kernel
NVD GitHub
CVSS 2.0
4.9
EPSS
0.1%
CVE-2012-5868 LOW Monitor

WordPress 3.4.2 does not invalidate a wordpress_sec session cookie upon an administrator's logout action, which makes it easier for remote attackers to discover valid session identifiers via a. Rated low severity (CVSS 2.6), this vulnerability is remotely exploitable. No vendor patch available.

WordPress Information Disclosure
NVD
CVSS 2.0
2.6
EPSS
0.6%
CVE-2012-2669 LOW Monitor

The main function in tools/hv/hv_kvp_daemon.c in hypervkvpd, as distributed in the Linux kernel before 3.4.5, does not validate the origin of Netlink messages, which allows local users to spoof. Rated low severity (CVSS 2.1), this vulnerability is low attack complexity. No vendor patch available.

Linux Information Disclosure Linux Kernel
NVD GitHub
CVSS 2.0
2.1
EPSS
0.1%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy