Skip to main content
CVE-2013-7262 MEDIUM This Month

SQL injection vulnerability in the msPostGISLayerSetTimeFilter function in mappostgis.c in MapServer before 6.4.1, when a WMS-Time service is used, allows remote attackers to execute arbitrary SQL. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable. No vendor patch available.

SQLi Mapserver
NVD GitHub
CVSS 2.0
6.8
EPSS
0.2%
CVE-2012-2898 MEDIUM This Month

Google Chrome before 21.0.1180.82 on iOS on iPad devices allows remote attackers to spoof the Omnibox URL via vectors involving SSL error messages, a related issue to CVE-2012-0674. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Google Information Disclosure Apple Chrome
NVD
CVSS 2.0
5.0
EPSS
0.1%
CVE-2012-2899 MEDIUM This Month

Google Chrome before 21.0.1180.82 on iOS makes certain incorrect calls to WebView methods that trigger use of an applewebdata: URL, which allows remote attackers to bypass the Same Origin Policy and. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

Google Apple XSS Chrome
NVD
CVSS 2.0
4.3
EPSS
0.1%
CVE-2013-6402 LOW Monitor

base/pkit.py in HP Linux Imaging and Printing (HPLIP) through 3.13.11 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/hp-pkservice.log temporary file. Rated low severity (CVSS 2.1), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure HP Linux Imaging And Printing Project
NVD
CVSS 2.0
2.1
EPSS
0.1%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy