Search
14,631 CVEs · Low severity
CVEs (14,631, showing first 500)
Only the first 500 CVEs (by current sort) are shown when searching without a keyword. Add a search term above to narrow the results.
Showing 451–475 of 14,631 (capped at 500)
| CVE ID | Severity | Patch | CVSS ↑ | Published | Description |
|---|---|---|---|---|---|
| CVE-2013-4369 | LOW | 1.9 | 2013-10-17 | The xlu_vif_parse_rate function in the libxlu library in Xen 4.2.x and 4.3.x allows local users to cause a denial of service (NULL pointer dereference) by using the "@" cha… | |
| CVE-2013-1921 | LOW | Patched | 1.9 | 2013-09-28 | PicketBox, as used in Red Hat JBoss Enterprise Application Platform before 6.1.1, allows local users to obtain the admin encryption key by reading the Vault data file. |
| CVE-2013-4025 | LOW | Patched | 1.9 | 2013-09-25 | IBM Data Studio Web Console 3.x before 3.2, Optim Performance Manager 5.x before 5.2, InfoSphere Optim Configuration Manager 2.x before 2.2, and DB2 Recovery Expert 2.x do … |
| CVE-2013-5150 | LOW | Patched | 1.9 | 2013-09-19 | The history-clearing feature in Safari in Apple iOS before 7 does not clear the back/forward history of an open tab, which allows physically proximate attackers to obtain s… |
| CVE-2013-4259 | LOW | Patched | 1.9 | 2013-09-16 | runner/connection_plugins/ssh.py in Ansible before 1.2.3, when using ControlPersist, allows local users to redirect a ssh session via a symlink attack on a socket file with… |
| CVE-2013-2898 | LOW | Patched | 1.9 | 2013-09-16 | drivers/hid/hid-sensor-hub.c in the Human Interface Device (HID) subsystem in the Linux kernel through 3.11, when CONFIG_HID_SENSOR_HUB is enabled, allows physically proxim… |
| CVE-2013-2976 | LOW | Patched | 1.9 | 2013-08-21 | The Administrative console in IBM WebSphere Application Server (WAS) 6.1 before 6.1.0.47, 7.0 before 7.0.0.29, 8.0 before 8.0.0.7, and 8.5 before 8.5.5.0 does not properly … |
| CVE-2013-4242 | LOW | Patched | 1.9 | 2013-08-19 | GnuPG before 1.4.14, and Libgcrypt before 1.5.3 as used in GnuPG 2.0.x and possibly other products, allows local users to obtain private RSA keys via a cache side-channel a… |
| CVE-2013-2162 | LOW | 1.9 | 2013-08-19 | Race condition in the post-installation script (mysql-server-5.5.postinst) for MySQL Server 5.5 for Debian GNU/Linux and Ubuntu Linux creates a configuration file with worl… | |
| CVE-2013-2168 | LOW | Patched | 1.9 | 2013-07-03 | The _dbus_printf_string_upper_bound function in dbus/dbus-sysdeps-unix.c in D-Bus (aka DBus) 1.4.x before 1.4.26, 1.6.x before 1.6.12, and 1.7.x before 1.7.4 allows local u… |
| CVE-2013-0527 | LOW | Patched | 1.9 | 2013-06-21 | The Browser in IBM Sterling Connect:Direct 1.4 before 1.4.0.11 and 1.5 through 1.5.0.1 does not close pages upon the timeout of a session, which allows physically proximate… |
| CVE-2013-0534 | LOW | 1.9 | 2013-06-21 | The Connect client in IBM Sametime 8.5.1, 8.5.1.1, 8.5.1.2, 8.5.2, and 8.5.2.1, as used in the Lotus Notes client and separately, might allow local users to obtain sensitiv… | |
| CVE-2011-2693 | LOW | 1.9 | 2013-06-08 | The perf subsystem in the kernel package 2.6.32-122.el6.x86_64 in Red Hat Enterprise Linux (RHEL) 6 does not properly handle NMIs, which might allow local users to cause a … | |
| CVE-2011-4098 | LOW | Patched | 1.9 | 2013-06-08 | The fallocate implementation in the GFS2 filesystem in the Linux kernel before 3.2 relies on the page cache, which might allow local users to cause a denial of service by p… |
| CVE-2013-1952 | LOW | 1.9 | 2013-05-13 | Xen 4.x, when using Intel VT-d for a bus mastering capable PCI device, does not properly check the source when accessing a bridge device's interrupt remapping table entries… | |
| CVE-2013-1917 | LOW | 1.9 | 2013-05-13 | Xen 3.1 through 4.x, when running 64-bit hosts on Intel CPUs, does not clear the NT flag when using an IRET after a SYSENTER instruction, which allows PV guest users to cau… | |
| CVE-2013-1958 | LOW | Patched | 1.9 | 2013-04-24 | The scm_check_creds function in net/core/scm.c in the Linux kernel before 3.8.6 does not properly enforce capability requirements for controlling the PID value associated w… |
| CVE-2012-6140 | LOW | Patched | 1.9 | 2013-04-24 | pam_google_authenticator.c in the PAM module in Google Authenticator before 1.0 requires user-readable permissions for the secret file, which allows local users to bypass i… |
| CVE-2013-0541 | LOW | Patched | 1.9 | 2013-04-24 | Buffer overflow in IBM WebSphere Application Server (WAS) 6.1 before 6.1.0.47, 7.0 before 7.0.0.29, 8.0 before 8.0.0.6, and 8.5 before 8.5.0.2 on Windows, when a localOS re… |
| CVE-2013-0122 | LOW | Patched | 1.9 | 2013-04-22 | The avast! Mobile Security application before 2.0.4400 for Android allows attackers to cause a denial of service (application crash) via a crafted application that sends an… |
| CVE-2013-0403 | LOW | 1.9 | 2013-04-17 | Unspecified vulnerability in Oracle Sun Solaris 8, 9, 10, and 11 allows local users to affect availability via unknown vectors related to Utility. | |
| CVE-2013-2302 | LOW | 1.9 | 2013-04-04 | TransWARE Active! mail 6, when an external public interface is used, allows local users to obtain sensitive information belonging to arbitrary users by leveraging shell acc… | |
| CVE-2013-2636 | LOW | Patched | 1.9 | 2013-03-22 | net/bridge/br_mdb.c in the Linux kernel before 3.8.4 does not initialize certain structures, which allows local users to obtain sensitive information from kernel memory via… |
| CVE-2013-2634 | LOW | Patched | 1.9 | 2013-03-22 | net/dcb/dcbnl.c in the Linux kernel before 3.8.4 does not initialize certain structures, which allows local users to obtain sensitive information from kernel stack memory v… |
| CVE-2013-2635 | LOW | Patched | 1.9 | 2013-03-22 | The rtnl_fill_ifinfo function in net/core/rtnetlink.c in the Linux kernel before 3.8.4 does not initialize a certain structure member, which allows local users to obtain se… |