Skip to main content
CVE-2012-0787 LOW POC PATCH Monitor

The clone_file function in transfer.c in Augeas before 1.0.0, when copy_if_rename_fails is set and EXDEV or EBUSY is returned by the rename function, allows local users to overwrite arbitrary files. Rated low severity (CVSS 3.7). Public exploit code available.

Information Disclosure Enterprise Linux Augeas
NVD GitHub
CVSS 2.0
3.7
EPSS
0.1%
CVE-2013-4459 LOW POC Monitor

LightDM 1.7.5 through 1.8.3 and 1.9.x before 1.9.2 does not apply the AppArmor profile to the Guest account, which allows local users to bypass intended restrictions by leveraging the Guest account. Rated low severity (CVSS 3.3). Public exploit code available and no vendor patch available.

Privilege Escalation Lightdm Ubuntu Linux
NVD
CVSS 2.0
3.3
EPSS
0.1%
CVE-2013-0223 LOW POC Monitor

The SUSE coreutils-i18n.patch for GNU coreutils allows context-dependent attackers to cause a denial of service (segmentation fault and crash) via a long string to the join command, when using the -i. Rated low severity (CVSS 1.9). Public exploit code available and no vendor patch available.

Buffer Overflow Denial Of Service Opensuse Enterprise Linux
NVD
CVSS 2.0
1.9
EPSS
0.1%
CVE-2013-6384 LOW POC Monitor

(1) impl_db2.py and (2) impl_mongodb.py in OpenStack Ceilometer 2013.2 and earlier, when the logging level is set to INFO, logs the connection string from ceilometer.conf, which allows local users to. Rated low severity (CVSS 1.9). Public exploit code available and no vendor patch available.

Information Disclosure Ceilometer
NVD
CVSS 2.0
1.9
EPSS
0.1%
CVE-2012-0786 LOW Monitor

The transform_save function in transform.c in Augeas before 1.0.0 allows local users to overwrite arbitrary files and obtain sensitive information via a symlink attack on a .augnew file. Rated low severity (CVSS 3.3). No vendor patch available.

Information Disclosure Augeas
NVD GitHub
CVSS 2.0
3.3
EPSS
0.1%
CVE-2012-6607 LOW Monitor

The transform_save function in transform.c in Augeas before 1.0.0 allows local users to overwrite arbitrary files and obtain sensitive information via a symlink attack on a .augsave file in a backup. Rated low severity (CVSS 3.3). No vendor patch available.

Path Traversal Augeas
NVD GitHub
CVSS 2.0
3.3
EPSS
0.0%
CVE-2013-0222 LOW Monitor

The SUSE coreutils-i18n.patch for GNU coreutils allows context-dependent attackers to cause a denial of service (segmentation fault and crash) via a long string to the uniq command, which triggers a. Rated low severity (CVSS 2.1), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Denial Of Service Opensuse Enterprise Linux
NVD
CVSS 2.0
2.1
EPSS
0.1%
CVE-2013-4354 LOW Monitor

The API before 2.1 in OpenStack Image Registry and Delivery Service (Glance) makes it easier for local users to inject images into arbitrary tenants by adding the tenant as a member of the image. Rated low severity (CVSS 2.1), this vulnerability is low attack complexity. No vendor patch available.

Code Injection Image Registry And Delivery Service Glance
NVD
CVSS 2.0
2.1
EPSS
0.1%
CVE-2013-4509 LOW PATCH Monitor

The default configuration of IBUS 1.5.4, and possibly 1.5.2 and earlier, when IBus.InputPurpose.PASSWORD is not set and used with GNOME 3, does not obscure the entered password characters, which. Rated low severity (CVSS 1.9).

Authentication Bypass Ibus Opensuse
NVD GitHub
CVSS 2.0
1.9
EPSS
0.1%
CVE-2013-4481 LOW Monitor

Race condition in Luci 0.26.0 creates /var/lib/luci/etc/luci.ini with world-readable permissions before restricting the permissions, which allows local users to read the file and obtain sensitive. Rated low severity (CVSS 1.9). No vendor patch available.

Information Disclosure Race Condition Luci Enterprise Linux
NVD
CVSS 2.0
1.9
EPSS
0.0%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy