Skip to main content
CVE-2013-2105 LOW POC Monitor

The Show In Browser (show_in_browser) gem 0.0.3 for Ruby allows local users to inject arbitrary web script or HTML via a symlink attack on /tmp/browser.html. Rated low severity (CVSS 3.3). Public exploit code available and no vendor patch available.

Code Injection Show In Browser
NVD VulDB
CVSS 2.0
3.3
EPSS
0.1%
CVE-2013-4116 LOW PATCH Monitor

lib/npm.js in Node Packaged Modules (npm) before 1.3.3 allows local users to overwrite arbitrary files via a symlink attack on temporary files with predictable names that are created when unpacking. Rated low severity (CVSS 3.3).

Information Disclosure Node.js Node Packaged Modules
NVD GitHub VulDB
CVSS 2.0
3.3
EPSS
0.1%
CVE-2013-4472 LOW Monitor

The openTempFile function in goo/gfile.cc in Xpdf and Poppler 0.24.3 and earlier, when running on a system other than Unix, allows local users to overwrite arbitrary files via a symlink attack on. Rated low severity (CVSS 3.3). No vendor patch available.

Information Disclosure Poppler
NVD VulDB
CVSS 2.0
3.3
EPSS
0.1%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy