Skip to main content
CVE-2013-5679 LOW POC PATCH Monitor

The authenticated-encryption feature in the symmetric-encryption implementation in the OWASP Enterprise Security API (ESAPI) for Java 2.x before 2.1.0 does not properly resist tampering with. Rated low severity (CVSS 2.6). Public exploit code available.

Java Authentication Bypass Enterprise Security Api
NVD
CVSS 2.0
2.6
EPSS
0.1%
CVE-2013-1444 LOW Monitor

A certain Debian patch for txt2man 1.5.5, as used in txt2man 1.5.5-2, 1.5.5-4, and others, allows local users to overwrite arbitrary files via a symlink attack on /tmp/2222. Rated low severity (CVSS 3.3). No vendor patch available.

Debian Information Disclosure Txt2Man
NVD
CVSS 2.0
3.3
EPSS
0.0%
CVE-2013-5964 LOW PATCH Monitor

Cross-site scripting (XSS) vulnerability in the administration page in the Flag module 7.x-3.x before 7.x-3.1 for Drupal allows remote authenticated users with the "Administer flags" permission to. Rated low severity (CVSS 2.1), this vulnerability is remotely exploitable.

XSS Flag Module
NVD
CVSS 2.0
2.1
EPSS
0.2%
CVE-2013-4292 LOW Monitor

libvirt 1.1.0 and 1.1.1 allows local users to cause a denial of service (memory consumption) via a large number of domain migrate parameters in certain RPC calls in (1) daemon/remote.c and (2). Rated low severity (CVSS 2.1), this vulnerability is low attack complexity. No vendor patch available.

Denial Of Service Libvirt
NVD
CVSS 2.0
2.1
EPSS
0.1%
CVE-2013-1442 LOW Monitor

Xen 4.0 through 4.3.x, when using AVX or LWP capable CPUs, does not properly clear previous data from registers when using an XSAVE or XRSTOR to extend the state components of a saved or restored. Rated low severity (CVSS 1.2). No vendor patch available.

Information Disclosure Xen
NVD
CVSS 2.0
1.2
EPSS
0.1%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy