Skip to main content
CVE-2013-5722 MEDIUM This Month

Unspecified vulnerability in the LDAP dissector in Wireshark 1.8.x before 1.8.10 and 1.10.x before 1.10.2 allows remote attackers to cause a denial of service (application crash) via a crafted packet. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

Denial Of Service Wireshark
NVD
CVSS 2.0
4.3
EPSS
0.3%
CVE-2013-4181 MEDIUM This Month

Cross-site scripting (XSS) vulnerability in the addAlert function in the RedirectServlet servlet in oVirt Engine and Red Hat Enterprise Virtualization Manager (RHEV-M), as used in Red Hat Enterprise. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

Red Hat XSS Enterprise Virtualization
NVD
CVSS 2.0
4.3
EPSS
0.3%
CVE-2013-5495 MEDIUM This Month

Cross-site scripting (XSS) vulnerability in the web framework in the Application Server in Cisco Unified MeetingPlace allows remote attackers to inject arbitrary web script or HTML via an unspecified. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

Cisco XSS Unified Meetingplace
NVD
CVSS 2.0
4.3
EPSS
0.3%
CVE-2013-4704 MEDIUM This Month

Cross-site scripting (XSS) vulnerability in ChamaNet ChamaCargo 7.0000 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

XSS Chamacargo
NVD
CVSS 2.0
4.3
EPSS
0.3%
CVE-2013-4047 MEDIUM This Month

Cross-site scripting (XSS) vulnerability in IBM SPSS Analytical Decision Management 6.1 before IF1, 6.2 before IF1, and 7.0 before FP1 IF6 allows remote attackers to inject arbitrary web script or. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

IBM XSS Spss Analytical Decision Management
NVD
CVSS 2.0
4.3
EPSS
0.2%
CVE-2013-5717 MEDIUM PATCH This Month

The Bluetooth HCI ACL dissector in Wireshark 1.10.x before 1.10.2 does not properly maintain a certain free list, which allows remote attackers to cause a denial of service (application crash) via a. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable.

Denial Of Service Wireshark
NVD
CVSS 2.0
4.3
EPSS
0.2%
CVE-2013-4278 LOW PATCH Monitor

The "create an instance" API in OpenStack Compute (Nova) Folsom, Grizzly, and Havana does not properly enforce the os-flavor-access:is_public property, which allows remote authenticated users to boot. Rated low severity (CVSS 3.5), this vulnerability is remotely exploitable.

Privilege Escalation Compute
NVD
CVSS 2.0
3.5
EPSS
0.2%
CVE-2013-4048 LOW Monitor

Cross-site scripting (XSS) vulnerability in IBM SPSS Analytical Decision Management 6.1 before IF1, 6.2 before IF1, and 7.0 before FP1 IF6 allows remote authenticated users to inject arbitrary web. Rated low severity (CVSS 3.5), this vulnerability is remotely exploitable. No vendor patch available.

IBM XSS Spss Analytical Decision Management
NVD
CVSS 2.0
3.5
EPSS
0.2%
CVE-2013-4277 LOW Monitor

Svnserve in Apache Subversion 1.4.0 through 1.7.12 and 1.8.0 through 1.8.1 allows local users to overwrite arbitrary files or kill arbitrary processes via a symlink attack on the file specified by. Rated low severity (CVSS 3.3). No vendor patch available.

Privilege Escalation Apache Subversion
NVD
CVSS 2.0
3.3
EPSS
0.2%
CVE-2013-4260 LOW PATCH Monitor

lib/ansible/playbook/__init__.py in Ansible 1.2.x before 1.2.3, when playbook does not run due to an error, allows local users to overwrite arbitrary files via a symlink attack on a retry file with a. Rated low severity (CVSS 3.3).

Privilege Escalation Ansible
NVD
CVSS 2.0
3.3
EPSS
0.1%
CVE-2013-1031 LOW PATCH Monitor

Power Management in Apple Mac OS X before 10.8.5 does not properly perform locking upon occurrences of a power assertion, which allows physically proximate attackers to bypass intended access. Rated low severity (CVSS 3.3).

Privilege Escalation Apple Mac Os X
NVD
CVSS 2.0
3.3
EPSS
0.1%
CVE-2013-4183 LOW PATCH Monitor

The clear_volume function in LVMVolumeDriver driver in OpenStack Cinder 2013.1.1 through 2013.1.2 does not properly clear data when deleting a snapshot, which allows local users to obtain sensitive. Rated low severity (CVSS 2.1), this vulnerability is low attack complexity. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

Information Disclosure Cinder
NVD
CVSS 2.0
2.1
EPSS
0.2%
CVE-2013-1030 LOW PATCH Monitor

mdmclient in Mobile Device Management in Apple Mac OS X before 10.8.5 places a password on the command line, which allows local users to obtain sensitive information by listing the process. Rated low severity (CVSS 2.1), this vulnerability is low attack complexity. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

Information Disclosure Apple Mac Os X
NVD
CVSS 2.0
2.1
EPSS
0.1%
CVE-2013-2898 LOW Monitor

drivers/hid/hid-sensor-hub.c in the Human Interface Device (HID) subsystem in the Linux kernel through 3.11, when CONFIG_HID_SENSOR_HUB is enabled, allows physically proximate attackers to obtain. Rated low severity (CVSS 1.9). No vendor patch available.

Linux Information Disclosure Linux Kernel
NVD
CVSS 2.0
1.9
EPSS
0.1%
CVE-2013-4259 LOW PATCH Monitor

runner/connection_plugins/ssh.py in Ansible before 1.2.3, when using ControlPersist, allows local users to redirect a ssh session via a symlink attack on a socket file with a predictable name in. Rated low severity (CVSS 1.9).

Privilege Escalation Ansible
NVD
CVSS 2.0
1.9
EPSS
0.1%
Prev Page 2 of 2

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy