Skip to main content
CVE-2013-0707 CRITICAL PATCH Act Now

Unspecified vulnerability in JustSystems Ichitaro 2006 and 2007, Ichitaro Government 2006 and 2007, Ichitaro Portable with oreplug, Hanako 2006 through 2013, Hanako Police, Hanako Police 3, and. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable.

RCE Hanako Hanako Police Hanako Police3 Ichitaro +1
NVD
CVSS 2.0
9.3
EPSS
3.5%
CVE-2013-0228 MEDIUM This Month

The xen_iret function in arch/x86/xen/xen-asm_32.S in the Linux kernel before 3.7.9 on 32-bit Xen paravirt_ops platforms does not properly handle an invalid value in the DS segment register, which. Rated medium severity (CVSS 6.2). No vendor patch available.

Linux Information Disclosure Linux Kernel
NVD GitHub
CVSS 2.0
6.2
EPSS
0.1%
CVE-2013-0183 MEDIUM PATCH This Month

multipart/parser.rb in Rack 1.3.x before 1.3.8 and 1.4.x before 1.4.3 allows remote attackers to cause a denial of service (memory consumption and out-of-memory error) via a long string in a. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. This Buffer Overflow vulnerability could allow attackers to corrupt memory to execute arbitrary code or crash the application.

Buffer Overflow Denial Of Service Rack
NVD GitHub
CVSS 2.0
5.0
EPSS
1.8%
CVE-2013-0256 MEDIUM PATCH This Month

darkfish.js in RDoc 2.3.0 through 3.12 and 4.x before 4.0.0.preview2.1, as used in Ruby, does not properly generate documents, which allows remote attackers to conduct cross-site scripting (XSS). Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable.

XSS Rdoc Ruby Ubuntu Linux
NVD GitHub
CVSS 2.0
4.3
EPSS
3.6%
CVE-2012-6109 MEDIUM PATCH This Month

lib/rack/multipart.rb in Rack before 1.1.4, 1.2.x before 1.2.6, 1.3.x before 1.3.7, and 1.4.x before 1.4.2 uses an incorrect regular expression, which allows remote attackers to cause a denial of. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable.

Denial Of Service Rack
NVD GitHub
CVSS 2.0
4.3
EPSS
0.8%
CVE-2013-0184 MEDIUM PATCH This Month

Unspecified vulnerability in Rack::Auth::AbstractRequest in Rack 1.1.x before 1.1.5, 1.2.x before 1.2.7, 1.3.x before 1.3.9, and 1.4.x before 1.4.4 allows remote attackers to cause a denial of. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable.

Denial Of Service Rack
NVD
CVSS 2.0
4.3
EPSS
0.7%
CVE-2013-0709 MEDIUM This Month

Cross-site scripting (XSS) vulnerability in dopvSTAR* 0091 allows remote attackers to inject arbitrary web script or HTML via the HTTP Referer header, which is not properly handled during display of. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

XSS Dopvstar
NVD
CVSS 2.0
4.3
EPSS
0.3%
CVE-2013-0708 MEDIUM This Month

Cross-site scripting (XSS) vulnerability in dopvCOMET* 0009b allows remote attackers to inject arbitrary web script or HTML via the HTTP Referer header, which is not properly handled during display. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

XSS Dopvcomet
NVD
CVSS 2.0
4.3
EPSS
0.3%
CVE-2012-5604 MEDIUM PATCH This Month

The ldap_fluff gem for Ruby, as used in Red Hat CloudForms 1.1, when using Active Directory for authentication, allows remote attackers to bypass authentication via unspecified vectors. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable.

Red Hat Privilege Escalation Cloudforms
NVD
CVSS 2.0
4.3
EPSS
0.2%
CVE-2013-0162 LOW PATCH Monitor

The diff_pp function in lib/gauntlet_rubyparser.rb in the ruby_parser gem 3.1.1 and earlier for Ruby allows local users to overwrite arbitrary files via a symlink attack on a temporary file with a. Rated low severity (CVSS 2.1), this vulnerability is low attack complexity.

Privilege Escalation Ruby Parser
NVD
CVSS 2.0
2.1
EPSS
0.1%
CVE-2012-5561 LOW Monitor

script/katello-generate-passphrase in Katello 1.1 uses world-readable permissions for /etc/katello/secure/passphrase, which allows local users to obtain the passphrase by reading the file. Rated low severity (CVSS 2.1), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Katello
NVD GitHub
CVSS 2.0
2.1
EPSS
0.1%
CVE-2012-6116 LOW Monitor

modules/certs/manifests/config.pp in katello-configure before 1.3.3.pulpv2 in Katello uses weak permissions (666) for the Candlepin bootstrap RPM, which allows local users to modify the Candlepin CA. Rated low severity (CVSS 2.1), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Katello Katello Configure
NVD GitHub
CVSS 2.0
2.1
EPSS
0.1%
CVE-2012-1568 LOW Monitor

The ExecShield feature in a certain Red Hat patch for the Linux kernel in Red Hat Enterprise Linux (RHEL) 5 and 6 and Fedora 15 and 16 does not properly handle use of many shared libraries by a. Rated low severity (CVSS 1.9). No vendor patch available.

Red Hat Linux Authentication Bypass Fedora Enterprise Linux
NVD
CVSS 2.0
1.9
EPSS
0.0%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy