Skip to main content
CVE-2013-5315 LOW POC PATCH Monitor

Cross-site scripting (XSS) vulnerability in the Resource Manager in the MEE submodule (mee.module) in the Scald module 6.x-1.x before 6.x-1.0-beta3 and 7.x-1.x before 7.x-1.1 for Drupal allows remote. Rated low severity (CVSS 2.6), this vulnerability is remotely exploitable. Public exploit code available.

XSS Scald
NVD
CVSS 2.0
2.6
EPSS
0.7%
CVE-2013-2162 LOW POC Monitor

Race condition in the post-installation script (mysql-server-5.5.postinst) for MySQL Server 5.5 for Debian GNU/Linux and Ubuntu Linux creates a configuration file with world-readable permissions. Rated low severity (CVSS 1.9). Public exploit code available and no vendor patch available.

Debian Information Disclosure Race Condition Ubuntu Ubuntu Linux
NVD
CVSS 2.0
1.9
EPSS
0.1%
CVE-2013-4236 LOW Monitor

VDSM in Red Hat Enterprise Virtualization 3 and 3.2 allows privileged guest users to cause the host to become "unavailable to the managment server" via invalid XML characters in a guest agent. Rated low severity (CVSS 2.7), this vulnerability is low attack complexity. No vendor patch available.

Red Hat Information Disclosure Enterprise Virtualization
NVD
CVSS 2.0
2.7
EPSS
0.1%
CVE-2013-0167 LOW Monitor

VDSM in Red Hat Enterprise Virtualization 3 and 3.2 allows privileged guest users to cause the host to become "unavailable to the managment server" via guestInfo dictionaries with "unexpected fields.". Rated low severity (CVSS 2.7), this vulnerability is low attack complexity. No vendor patch available.

Red Hat Information Disclosure Enterprise Virtualization
NVD
CVSS 2.0
2.7
EPSS
0.1%
CVE-2013-4208 LOW Monitor

The rsa_verify function in PuTTY before 0.63 (1) does not clear sensitive process memory after use and (2) does not free certain structures containing sensitive process memory, which might allow. Rated low severity (CVSS 2.1), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Putty
NVD
CVSS 2.0
2.1
EPSS
0.1%
CVE-2013-4242 LOW Monitor

GnuPG before 1.4.14, and Libgcrypt before 1.5.3 as used in GnuPG 2.0.x and possibly other products, allows local users to obtain private RSA keys via a cache side-channel attack involving the L3. Rated low severity (CVSS 1.9). No vendor patch available.

Information Disclosure Ubuntu Linux Debian Linux Gnupg Libgcrypt +1
NVD
CVSS 2.0
1.9
EPSS
0.1%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy