Skip to main content
CVE-2013-0248 LOW PATCH Monitor

The default configuration of javax.servlet.context.tempdir in Apache Commons FileUpload 1.0 through 1.2.2 uses the /tmp directory for uploaded files, which allows local users to overwrite arbitrary. Rated low severity (CVSS 3.3).

Privilege Escalation Apache Commons Fileupload
NVD
CVSS 2.0
3.3
EPSS
0.1%
CVE-2013-2547 LOW Monitor

The crypto_report_one function in crypto/crypto_user.c in the report API in the crypto user configuration API in the Linux kernel through 3.8.2 does not initialize certain structure members, which. Rated low severity (CVSS 2.1), this vulnerability is low attack complexity. No vendor patch available.

Linux Information Disclosure Linux Kernel Enterprise Mrg
NVD GitHub
CVSS 2.0
2.1
EPSS
0.1%
CVE-2012-6536 LOW PATCH Monitor

net/xfrm/xfrm_user.c in the Linux kernel before 3.6 does not verify that the actual Netlink message length is consistent with a certain header field, which allows local users to obtain sensitive. Rated low severity (CVSS 2.1), this vulnerability is low attack complexity. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

Information Disclosure Linux Linux Kernel
NVD GitHub
CVSS 2.0
2.1
EPSS
0.1%
CVE-2013-2548 LOW Monitor

The crypto_report_one function in crypto/crypto_user.c in the report API in the crypto user configuration API in the Linux kernel through 3.8.2 uses an incorrect length value during a copy operation,. Rated low severity (CVSS 2.1), this vulnerability is low attack complexity. No vendor patch available.

Linux Information Disclosure Linux Kernel Enterprise Mrg
NVD GitHub
CVSS 2.0
2.1
EPSS
0.1%
CVE-2013-2546 LOW Monitor

The report API in the crypto user configuration API in the Linux kernel through 3.8.2 uses an incorrect C library function for copying strings, which allows local users to obtain sensitive. Rated low severity (CVSS 2.1), this vulnerability is low attack complexity. No vendor patch available.

Linux Information Disclosure Linux Kernel Enterprise Mrg
NVD GitHub
CVSS 2.0
2.1
EPSS
0.1%
CVE-2012-6542 LOW PATCH Monitor

The llc_ui_getname function in net/llc/af_llc.c in the Linux kernel before 3.6 has an incorrect return value in certain circumstances, which allows local users to obtain sensitive information from. Rated low severity (CVSS 1.9). This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

Information Disclosure Linux Linux Kernel Enterprise Linux
NVD GitHub
CVSS 2.0
1.9
EPSS
0.1%
CVE-2012-6537 LOW PATCH Monitor

net/xfrm/xfrm_user.c in the Linux kernel before 3.6 does not initialize certain structures, which allows local users to obtain sensitive information from kernel memory by leveraging the CAP_NET_ADMIN. Rated low severity (CVSS 1.9). This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

Information Disclosure Linux Linux Kernel Enterprise Linux
NVD GitHub
CVSS 2.0
1.9
EPSS
0.1%
CVE-2012-6545 LOW PATCH Monitor

The Bluetooth RFCOMM implementation in the Linux kernel before 3.6 does not properly initialize certain structures, which allows local users to obtain sensitive information from kernel memory via a. Rated low severity (CVSS 1.9). This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

Information Disclosure Linux Enterprise Linux Linux Kernel
NVD GitHub
CVSS 2.0
1.9
EPSS
0.1%
CVE-2012-6544 LOW PATCH Monitor

The Bluetooth protocol stack in the Linux kernel before 3.6 does not properly initialize certain structures, which allows local users to obtain sensitive information from kernel stack memory via a. Rated low severity (CVSS 1.9). This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

Information Disclosure Linux Linux Kernel Enterprise Linux
NVD GitHub
CVSS 2.0
1.9
EPSS
0.1%
CVE-2012-6538 LOW PATCH Monitor

The copy_to_user_auth function in net/xfrm/xfrm_user.c in the Linux kernel before 3.6 uses an incorrect C library function for copying a string, which allows local users to obtain sensitive. Rated low severity (CVSS 1.9). This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

Information Disclosure Linux Linux Kernel Enterprise Linux
NVD GitHub
CVSS 2.0
1.9
EPSS
0.1%
CVE-2012-6543 LOW PATCH Monitor

The l2tp_ip6_getname function in net/l2tp/l2tp_ip6.c in the Linux kernel before 3.6 does not initialize a certain structure member, which allows local users to obtain sensitive information from. Rated low severity (CVSS 1.9). This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

Information Disclosure Linux Linux Kernel
NVD GitHub
CVSS 2.0
1.9
EPSS
0.1%
CVE-2012-6540 LOW PATCH Monitor

The do_ip_vs_get_ctl function in net/netfilter/ipvs/ip_vs_ctl.c in the Linux kernel before 3.6 does not initialize a certain structure for IP_VS_SO_GET_TIMEOUT commands, which allows local users to. Rated low severity (CVSS 1.9). This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

Information Disclosure Linux Linux Kernel
NVD GitHub
CVSS 2.0
1.9
EPSS
0.1%
CVE-2012-6539 LOW PATCH Monitor

The dev_ifconf function in net/socket.c in the Linux kernel before 3.6 does not initialize a certain structure, which allows local users to obtain sensitive information from kernel stack memory via a. Rated low severity (CVSS 1.9). This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

Information Disclosure Linux Linux Kernel
NVD GitHub
CVSS 2.0
1.9
EPSS
0.1%
CVE-2012-6541 LOW PATCH Monitor

The ccid3_hc_tx_getsockopt function in net/dccp/ccids/ccid3.c in the Linux kernel before 3.6 does not initialize a certain structure, which allows local users to obtain sensitive information from. Rated low severity (CVSS 1.9). This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

Information Disclosure Linux Linux Kernel
NVD GitHub
CVSS 2.0
1.9
EPSS
0.1%
CVE-2012-6548 LOW PATCH Monitor

The udf_encode_fh function in fs/udf/namei.c in the Linux kernel before 3.6 does not initialize a certain structure member, which allows local users to obtain sensitive information from kernel heap. Rated low severity (CVSS 1.9). This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

Information Disclosure Linux Linux Kernel Enterprise Linux
NVD GitHub
CVSS 2.0
1.9
EPSS
0.0%
CVE-2012-6549 LOW PATCH Monitor

The isofs_export_encode_fh function in fs/isofs/export.c in the Linux kernel before 3.6 does not initialize a certain structure member, which allows local users to obtain sensitive information from. Rated low severity (CVSS 1.9). This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

Information Disclosure Linux Linux Kernel
NVD GitHub
CVSS 2.0
1.9
EPSS
0.0%
CVE-2012-6547 LOW PATCH Monitor

The __tun_chr_ioctl function in drivers/net/tun.c in the Linux kernel before 3.6 does not initialize a certain structure, which allows local users to obtain sensitive information from kernel stack. Rated low severity (CVSS 1.9). This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

Information Disclosure Linux Linux Kernel
NVD GitHub
CVSS 2.0
1.9
EPSS
0.0%
CVE-2012-6546 LOW PATCH Monitor

The ATM implementation in the Linux kernel before 3.6 does not initialize certain structures, which allows local users to obtain sensitive information from kernel stack memory via a crafted. Rated low severity (CVSS 1.9). This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

Information Disclosure Linux Linux Kernel Enterprise Linux
NVD GitHub
CVSS 2.0
1.9
EPSS
0.0%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy