Skip to main content
CVE-2013-0228 MEDIUM This Month

The xen_iret function in arch/x86/xen/xen-asm_32.S in the Linux kernel before 3.7.9 on 32-bit Xen paravirt_ops platforms does not properly handle an invalid value in the DS segment register, which. Rated medium severity (CVSS 6.2). No vendor patch available.

Linux Information Disclosure Linux Kernel
NVD GitHub
CVSS 2.0
6.2
EPSS
0.1%
CVE-2013-0183 MEDIUM PATCH This Month

multipart/parser.rb in Rack 1.3.x before 1.3.8 and 1.4.x before 1.4.3 allows remote attackers to cause a denial of service (memory consumption and out-of-memory error) via a long string in a. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. This Buffer Overflow vulnerability could allow attackers to corrupt memory to execute arbitrary code or crash the application.

Buffer Overflow Denial Of Service Rack
NVD GitHub
CVSS 2.0
5.0
EPSS
1.8%
CVE-2013-0256 MEDIUM PATCH This Month

darkfish.js in RDoc 2.3.0 through 3.12 and 4.x before 4.0.0.preview2.1, as used in Ruby, does not properly generate documents, which allows remote attackers to conduct cross-site scripting (XSS). Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable.

XSS Rdoc Ruby Ubuntu Linux
NVD GitHub
CVSS 2.0
4.3
EPSS
3.6%
CVE-2012-6109 MEDIUM PATCH This Month

lib/rack/multipart.rb in Rack before 1.1.4, 1.2.x before 1.2.6, 1.3.x before 1.3.7, and 1.4.x before 1.4.2 uses an incorrect regular expression, which allows remote attackers to cause a denial of. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable.

Denial Of Service Rack
NVD GitHub
CVSS 2.0
4.3
EPSS
0.8%
CVE-2013-0184 MEDIUM PATCH This Month

Unspecified vulnerability in Rack::Auth::AbstractRequest in Rack 1.1.x before 1.1.5, 1.2.x before 1.2.7, 1.3.x before 1.3.9, and 1.4.x before 1.4.4 allows remote attackers to cause a denial of. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable.

Denial Of Service Rack
NVD
CVSS 2.0
4.3
EPSS
0.7%
CVE-2013-0709 MEDIUM This Month

Cross-site scripting (XSS) vulnerability in dopvSTAR* 0091 allows remote attackers to inject arbitrary web script or HTML via the HTTP Referer header, which is not properly handled during display of. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

XSS Dopvstar
NVD
CVSS 2.0
4.3
EPSS
0.3%
CVE-2013-0708 MEDIUM This Month

Cross-site scripting (XSS) vulnerability in dopvCOMET* 0009b allows remote attackers to inject arbitrary web script or HTML via the HTTP Referer header, which is not properly handled during display. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

XSS Dopvcomet
NVD
CVSS 2.0
4.3
EPSS
0.3%
CVE-2012-5604 MEDIUM PATCH This Month

The ldap_fluff gem for Ruby, as used in Red Hat CloudForms 1.1, when using Active Directory for authentication, allows remote attackers to bypass authentication via unspecified vectors. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable.

Red Hat Privilege Escalation Cloudforms
NVD
CVSS 2.0
4.3
EPSS
0.2%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy