Skip to main content
CVE-2013-4278 LOW PATCH Monitor

The "create an instance" API in OpenStack Compute (Nova) Folsom, Grizzly, and Havana does not properly enforce the os-flavor-access:is_public property, which allows remote authenticated users to boot. Rated low severity (CVSS 3.5), this vulnerability is remotely exploitable.

Privilege Escalation Compute
NVD
CVSS 2.0
3.5
EPSS
0.2%
CVE-2013-4048 LOW Monitor

Cross-site scripting (XSS) vulnerability in IBM SPSS Analytical Decision Management 6.1 before IF1, 6.2 before IF1, and 7.0 before FP1 IF6 allows remote authenticated users to inject arbitrary web. Rated low severity (CVSS 3.5), this vulnerability is remotely exploitable. No vendor patch available.

IBM XSS Spss Analytical Decision Management
NVD
CVSS 2.0
3.5
EPSS
0.2%
CVE-2013-4277 LOW Monitor

Svnserve in Apache Subversion 1.4.0 through 1.7.12 and 1.8.0 through 1.8.1 allows local users to overwrite arbitrary files or kill arbitrary processes via a symlink attack on the file specified by. Rated low severity (CVSS 3.3). No vendor patch available.

Privilege Escalation Apache Subversion
NVD
CVSS 2.0
3.3
EPSS
0.2%
CVE-2013-4260 LOW PATCH Monitor

lib/ansible/playbook/__init__.py in Ansible 1.2.x before 1.2.3, when playbook does not run due to an error, allows local users to overwrite arbitrary files via a symlink attack on a retry file with a. Rated low severity (CVSS 3.3).

Privilege Escalation Ansible
NVD
CVSS 2.0
3.3
EPSS
0.1%
CVE-2013-1031 LOW PATCH Monitor

Power Management in Apple Mac OS X before 10.8.5 does not properly perform locking upon occurrences of a power assertion, which allows physically proximate attackers to bypass intended access. Rated low severity (CVSS 3.3).

Privilege Escalation Apple Mac Os X
NVD
CVSS 2.0
3.3
EPSS
0.1%
CVE-2013-4183 LOW PATCH Monitor

The clear_volume function in LVMVolumeDriver driver in OpenStack Cinder 2013.1.1 through 2013.1.2 does not properly clear data when deleting a snapshot, which allows local users to obtain sensitive. Rated low severity (CVSS 2.1), this vulnerability is low attack complexity. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

Information Disclosure Cinder
NVD
CVSS 2.0
2.1
EPSS
0.2%
CVE-2013-1030 LOW PATCH Monitor

mdmclient in Mobile Device Management in Apple Mac OS X before 10.8.5 places a password on the command line, which allows local users to obtain sensitive information by listing the process. Rated low severity (CVSS 2.1), this vulnerability is low attack complexity. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

Information Disclosure Apple Mac Os X
NVD
CVSS 2.0
2.1
EPSS
0.1%
CVE-2013-2898 LOW Monitor

drivers/hid/hid-sensor-hub.c in the Human Interface Device (HID) subsystem in the Linux kernel through 3.11, when CONFIG_HID_SENSOR_HUB is enabled, allows physically proximate attackers to obtain. Rated low severity (CVSS 1.9). No vendor patch available.

Linux Information Disclosure Linux Kernel
NVD
CVSS 2.0
1.9
EPSS
0.1%
CVE-2013-4259 LOW PATCH Monitor

runner/connection_plugins/ssh.py in Ansible before 1.2.3, when using ControlPersist, allows local users to redirect a ssh session via a symlink attack on a socket file with a predictable name in. Rated low severity (CVSS 1.9).

Privilege Escalation Ansible
NVD
CVSS 2.0
1.9
EPSS
0.1%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy