Skip to main content
CVE-2012-5660 MEDIUM POC This Month

abrt-action-install-debuginfo in Automatic Bug Reporting Tool (ABRT) 2.0.9 and earlier allows local users to set world-writable permissions for arbitrary files and possibly gain privileges via a. Rated medium severity (CVSS 6.9). Public exploit code available and no vendor patch available.

Privilege Escalation Automatic Bug Reporting Tool
NVD
CVSS 2.0
6.9
EPSS
0.0%
CVE-2012-6118 MEDIUM POC This Month

The Administer tab in Aeolus Conductor allows remote authenticated users to bypass intended quota restrictions by updating the Maximum Running Instances quota user setting. Rated medium severity (CVSS 5.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Privilege Escalation Aeolus Conductor
NVD
CVSS 2.0
5.5
EPSS
0.1%
CVE-2012-5633 MEDIUM PATCH This Month

The URIMappingInterceptor in Apache CXF before 2.5.8, 2.6.x before 2.6.5, and 2.7.x before 2.7.2, when using the WSS4JInInterceptor, bypasses WS-Security processing, which allows remote attackers to. Rated medium severity (CVSS 5.8), this vulnerability is remotely exploitable. This Improper Authentication vulnerability could allow attackers to bypass authentication mechanisms to gain unauthorized access.

Apache Authentication Bypass Cxf
NVD
CVSS 2.0
5.8
EPSS
1.8%
CVE-2013-0239 MEDIUM PATCH This Month

Apache CXF before 2.5.9, 2.6.x before 2.6.6, and 2.7.x before 2.7.3, when the plaintext UsernameToken WS-SecurityPolicy is enabled, allows remote attackers to bypass authentication via a security. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. This Improper Authentication vulnerability could allow attackers to bypass authentication mechanisms to gain unauthorized access.

Apache Authentication Bypass Cxf
NVD
CVSS 2.0
5.0
EPSS
2.7%
CVE-2013-0252 MEDIUM This Month

boost::locale::utf::utf_traits in the Boost.Locale library in Boost 1.48 through 1.52 does not properly detect certain invalid UTF-8 sequences, which might allow remote attackers to bypass input. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Boost
NVD
CVSS 2.0
5.0
EPSS
0.9%
CVE-2013-2293 MEDIUM This Month

The CTransaction::FetchInputs method in bitcoind and Bitcoin-Qt before 0.8.0rc1 copies transactions from disk to memory without incrementally checking for spent prevouts, which allows remote. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Bitcoin Qt Bitcoin Core Bitcoind
NVD
CVSS 2.0
5.0
EPSS
0.5%
CVE-2013-2273 MEDIUM This Month

bitcoind and Bitcoin-Qt before 0.4.9rc1, 0.5.x before 0.5.8rc1, 0.6.0 before 0.6.0.11rc1, 0.6.1 through 0.6.5 before 0.6.5rc1, and 0.7.x before 0.7.3rc1 make it easier for remote attackers to obtain. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Bitcoin Qt Bitcoin Core Bitcoind
NVD
CVSS 2.0
5.0
EPSS
0.2%
CVE-2013-2272 MEDIUM This Month

The penny-flooding protection mechanism in the CTxMemPool::accept method in bitcoind and Bitcoin-Qt before 0.4.9rc1, 0.5.x before 0.5.8rc1, 0.6.0 before 0.6.0.11rc1, 0.6.1 through 0.6.5 before. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Bitcoin Qt Bitcoin Core Bitcoind
NVD
CVSS 2.0
5.0
EPSS
0.2%
CVE-2012-6076 MEDIUM This Month

Inkscape before 0.48.4 reads .eps files from /tmp instead of the current directory, which might cause Inkspace to process unintended files, allow local users to obtain sensitive information, and. Rated medium severity (CVSS 4.4). No vendor patch available.

Privilege Escalation Inkscape
NVD
CVSS 2.0
4.4
EPSS
0.1%
CVE-2013-0168 MEDIUM This Month

The MoveDisk command in Red Hat Enterprise Virtualization Manager (RHEV-M) 3.1 and earlier does not properly check permissions on storage domains, which allows remote authenticated storage admins to. Rated medium severity (CVSS 4.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Red Hat Privilege Escalation Denial Of Service Enterprise Virtualization Manager
NVD
CVSS 2.0
4.0
EPSS
0.6%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy