| # |
CVE ID
|
CWE ID
|
# of Exploits
|
Vulnerability Type(s)
|
Publish Date
|
Update Date
|
Score
|
Gained Access Level
|
Access
|
Complexity
|
Authentication
|
Conf.
|
Integ.
|
Avail.
|
|
1 |
CVE-2013-2636 |
399 |
|
+Info |
2013-03-22 |
2013-04-05 |
1.9 |
None |
Local |
Medium |
Not required |
Partial |
None |
None |
|
net/bridge/br_mdb.c in the Linux kernel before 3.8.4 does not initialize certain structures, which allows local users to obtain sensitive information from kernel memory via a crafted application. |
|
2 |
CVE-2013-2635 |
399 |
|
+Info |
2013-03-22 |
2013-04-05 |
1.9 |
None |
Local |
Medium |
Not required |
Partial |
None |
None |
|
The rtnl_fill_ifinfo function in net/core/rtnetlink.c in the Linux kernel before 3.8.4 does not initialize a certain structure member, which allows local users to obtain sensitive information from kernel stack memory via a crafted application. |
|
3 |
CVE-2013-2634 |
399 |
|
+Info |
2013-03-22 |
2013-04-05 |
1.9 |
None |
Local |
Medium |
Not required |
Partial |
None |
None |
|
net/dcb/dcbnl.c in the Linux kernel before 3.8.4 does not initialize certain structures, which allows local users to obtain sensitive information from kernel stack memory via a crafted application. |
|
4 |
CVE-2013-2393 |
|
|
|
2013-04-17 |
2013-04-18 |
1.5 |
None |
Local |
Medium |
Single system |
None |
None |
Partial |
|
Unspecified vulnerability in the Oracle Outside In Technology component in Oracle Fusion Middleware 8.3.7 and 8.4.0 allows context-dependent attackers to affect availability via unknown vectors related to Outside In Filters. |
|
5 |
CVE-2013-2382 |
|
|
|
2013-04-17 |
2013-04-18 |
1.7 |
None |
Local |
Low |
Single system |
Partial |
None |
None |
|
Unspecified vulnerability in the Oracle FLEXCUBE Direct Banking component in Oracle Financial Services Software 2.8.0 through 12.0.1 allows local users to affect confidentiality via vectors related to BASE. |
|
6 |
CVE-2013-2302 |
200 |
|
+Info |
2013-04-04 |
2013-04-05 |
1.9 |
None |
Local |
Medium |
Not required |
Partial |
None |
None |
|
TransWARE Active! mail 6, when an external public interface is used, allows local users to obtain sensitive information belonging to arbitrary users by leveraging shell access, as demonstrated by a TELNET or SSH session to the server. |
|
7 |
CVE-2013-1958 |
264 |
|
Bypass |
2013-04-24 |
2013-05-01 |
1.9 |
None |
Local |
Medium |
Not required |
None |
Partial |
None |
|
The scm_check_creds function in net/core/scm.c in the Linux kernel before 3.8.6 does not properly enforce capability requirements for controlling the PID value associated with a UNIX domain socket, which allows local users to bypass intended access restrictions by leveraging the time interval during which a user namespace has been created but a PID namespace has not been created. |
|
8 |
CVE-2013-1952 |
20 |
|
DoS |
2013-05-13 |
2013-05-14 |
1.9 |
None |
Local |
Medium |
Not required |
None |
None |
Partial |
|
Xen 4.x, when using Intel VT-d for a bus mastering capable PCI device, does not properly check the source when accessing a bridge device's interrupt remapping table entries for MSI interrupts, which allows local guest domains to cause a denial of service (interrupt injection) via unspecified vectors. |
|
9 |
CVE-2013-1917 |
20 |
|
DoS |
2013-05-13 |
2013-05-14 |
1.9 |
None |
Local |
Medium |
Not required |
None |
None |
Partial |
|
Xen 3.1 through 4.x, when running 64-bit hosts on Intel CPUs, does not clear the NT flag when using an IRET after a SYSENTER instruction, which allows PV guest users to cause a denial of service (hypervisor crash) by triggering a #GP fault, which is not properly handled by another IRET instruction. |
|
10 |
CVE-2013-1546 |
|
|
|
2013-04-17 |
2013-04-17 |
1.5 |
None |
Local |
Medium |
Single system |
Partial |
None |
None |
|
Unspecified vulnerability in the Oracle FLEXCUBE Direct Banking component in Oracle Financial Services Software 2.8.0 through 3.1.0 and 5.0.2 through 12.0.1 allows local users to affect confidentiality via vectors related to BASE. |
|
11 |
CVE-2013-1502 |
|
|
|
2013-04-17 |
2013-04-17 |
1.5 |
None |
Local |
Medium |
Single system |
None |
None |
Partial |
|
Unspecified vulnerability in Oracle MySQL 5.5.30 and earlier and 5.6.9 and earlier allows local users to affect availability via unknown vectors related to Server Partition. |
|
12 |
CVE-2013-1499 |
|
|
|
2013-04-17 |
2013-04-17 |
1.7 |
None |
Local |
Low |
Single system |
None |
None |
Partial |
|
Unspecified vulnerability in Oracle Sun Solaris 11 allows local users to affect availability via unknown vectors related to Network Configuration. |
|
13 |
CVE-2013-1495 |
264 |
|
|
2013-03-18 |
2013-04-17 |
1.9 |
None |
Local |
Medium |
Not required |
None |
Partial |
None |
|
asr in Oracle Auto Service Request in Oracle Support Tools before 4.3.2 allows local users to modify arbitrary files via a symlink attack on a predictable filename in /tmp. |
|
14 |
CVE-2013-1427 |
|
|
|
2013-03-21 |
2013-03-22 |
1.9 |
None |
Local |
Medium |
Not required |
None |
Partial |
None |
|
The configuration file for the FastCGI PHP support for lighthttpd before 1.4.28 on Debian GNU/Linux creates a socket file with a predictable name in /tmp, which allows local users to hijack the PHP control socket and perform unauthorized actions such as forcing the use of a different version of PHP via a symlink attack or a race condition. |
|
15 |
CVE-2013-0979 |
264 |
|
|
2013-03-20 |
2013-03-21 |
1.9 |
None |
Local |
Medium |
Not required |
None |
Partial |
None |
|
lockdownd in Lockdown in Apple iOS before 6.1.3 does not properly consider file types during the permission-setting step of a backup restoration, which allows local users to change the permissions of arbitrary files via a backup that contains a pathname with a symlink. |
|
16 |
CVE-2013-0541 |
119 |
|
DoS Overflow |
2013-04-24 |
2013-04-24 |
1.9 |
None |
Local |
Medium |
Not required |
None |
None |
Partial |
|
Buffer overflow in IBM WebSphere Application Server (WAS) 6.1 before 6.1.0.47, 7.0 before 7.0.0.29, 8.0 before 8.0.0.6, and 8.5 before 8.5.0.2 on Windows, when a localOS registry is used in conjunction with WebSphere Identity Manger (WIM), allows local users to cause a denial of service (daemon crash) via unspecified vectors. |
|
17 |
CVE-2013-0525 |
79 |
|
XSS |
2013-03-26 |
2013-03-27 |
1.5 |
None |
Local |
Medium |
Single system |
None |
Partial |
None |
|
Multiple cross-site scripting (XSS) vulnerabilities in IBM iNotes 8.5.x allow local users to inject arbitrary web script or HTML via a shared mail file, aka SPR DKEN8PDNTX. |
|
18 |
CVE-2013-0403 |
|
|
|
2013-04-17 |
2013-04-17 |
1.9 |
None |
Local |
Medium |
Not required |
None |
None |
Partial |
|
Unspecified vulnerability in Oracle Sun Solaris 8, 9, 10, and 11 allows local users to affect availability via unknown vectors related to Utility. |
|
19 |
CVE-2013-0349 |
200 |
|
+Info |
2013-02-28 |
2013-02-28 |
1.9 |
None |
Local |
Medium |
Not required |
Partial |
None |
None |
|
The hidp_setup_hid function in net/bluetooth/hidp/core.c in the Linux kernel before 3.7.6 does not properly copy a certain name field, which allows local users to obtain sensitive information from kernel memory by setting a long name and making an HIDPCONNADD ioctl call. |
|
20 |
CVE-2013-0200 |
59 |
|
|
2013-03-06 |
2013-03-07 |
1.9 |
None |
Local |
Medium |
Not required |
None |
Partial |
None |
|
HP Linux Imaging and Printing (HPLIP) through 3.12.4 allows local users to overwrite arbitrary files via a symlink attack on the (1) /tmp/hpcupsfilterc_#.bmp, (2) /tmp/hpcupsfilterk_#.bmp, (3) /tmp/hpcups_job#.out, (4) /tmp/hpijs_#####.out, or (5) /tmp/hpps_job#.out temporary file, a different vulnerability than CVE-2011-2722. |
|
21 |
CVE-2013-0154 |
|
|
DoS |
2013-01-11 |
2013-05-14 |
1.9 |
None |
Local |
Medium |
Not required |
None |
None |
Partial |
|
The get_page_type function in xen/arch/x86/mm.c in Xen 4.2, when debugging is enabled, allows local PV or HVM guest administrators to cause a denial of service (assertion failure and hypervisor crash) via unspecified vectors related to a hypercall. |
|
22 |
CVE-2013-0122 |
20 |
|
DoS |
2013-04-21 |
2013-04-22 |
1.9 |
None |
Local |
Medium |
Not required |
None |
None |
Partial |
|
The avast! Mobile Security application before 2.0.4400 for Android allows attackers to cause a denial of service (application crash) via a crafted application that sends an intent to com.avast.android.mobilesecurity.app.scanner.DeleteFileActivity with zero arguments. |
|
23 |
CVE-2012-6549 |
200 |
|
+Info |
2013-03-15 |
2013-03-18 |
1.9 |
None |
Local |
Medium |
Not required |
Partial |
None |
None |
|
The isofs_export_encode_fh function in fs/isofs/export.c in the Linux kernel before 3.6 does not initialize a certain structure member, which allows local users to obtain sensitive information from kernel heap memory via a crafted application. |
|
24 |
CVE-2012-6548 |
200 |
|
+Info |
2013-03-15 |
2013-03-18 |
1.9 |
None |
Local |
Medium |
Not required |
Partial |
None |
None |
|
The udf_encode_fh function in fs/udf/namei.c in the Linux kernel before 3.6 does not initialize a certain structure member, which allows local users to obtain sensitive information from kernel heap memory via a crafted application. |
|
25 |
CVE-2012-6547 |
200 |
|
+Info |
2013-03-15 |
2013-03-18 |
1.9 |
None |
Local |
Medium |
Not required |
Partial |
None |
None |
|
The __tun_chr_ioctl function in drivers/net/tun.c in the Linux kernel before 3.6 does not initialize a certain structure, which allows local users to obtain sensitive information from kernel stack memory via a crafted application. |
|
26 |
CVE-2012-6546 |
200 |
|
+Info |
2013-03-15 |
2013-03-18 |
1.9 |
None |
Local |
Medium |
Not required |
Partial |
None |
None |
|
The ATM implementation in the Linux kernel before 3.6 does not initialize certain structures, which allows local users to obtain sensitive information from kernel stack memory via a crafted application. |
|
27 |
CVE-2012-6545 |
200 |
|
+Info |
2013-03-15 |
2013-03-18 |
1.9 |
None |
Local |
Medium |
Not required |
Partial |
None |
None |
|
The Bluetooth RFCOMM implementation in the Linux kernel before 3.6 does not properly initialize certain structures, which allows local users to obtain sensitive information from kernel memory via a crafted application. |
|
28 |
CVE-2012-6544 |
200 |
|
+Info |
2013-03-15 |
2013-03-18 |
1.9 |
None |
Local |
Medium |
Not required |
Partial |
None |
None |
|
The Bluetooth protocol stack in the Linux kernel before 3.6 does not properly initialize certain structures, which allows local users to obtain sensitive information from kernel stack memory via a crafted application that targets the (1) L2CAP or (2) HCI implementation. |
|
29 |
CVE-2012-6543 |
200 |
|
+Info |
2013-03-15 |
2013-03-18 |
1.9 |
None |
Local |
Medium |
Not required |
Partial |
None |
None |
|
The l2tp_ip6_getname function in net/l2tp/l2tp_ip6.c in the Linux kernel before 3.6 does not initialize a certain structure member, which allows local users to obtain sensitive information from kernel stack memory via a crafted application. |
|
30 |
CVE-2012-6542 |
200 |
|
+Info |
2013-03-15 |
2013-03-18 |
1.9 |
None |
Local |
Medium |
Not required |
Partial |
None |
None |
|
The llc_ui_getname function in net/llc/af_llc.c in the Linux kernel before 3.6 has an incorrect return value in certain circumstances, which allows local users to obtain sensitive information from kernel stack memory via a crafted application that leverages an uninitialized pointer argument. |
|
31 |
CVE-2012-6541 |
200 |
|
+Info |
2013-03-15 |
2013-03-18 |
1.9 |
None |
Local |
Medium |
Not required |
Partial |
None |
None |
|
The ccid3_hc_tx_getsockopt function in net/dccp/ccids/ccid3.c in the Linux kernel before 3.6 does not initialize a certain structure, which allows local users to obtain sensitive information from kernel stack memory via a crafted application. |
|
32 |
CVE-2012-6540 |
200 |
|
+Info |
2013-03-15 |
2013-05-14 |
1.9 |
None |
Local |
Medium |
Not required |
Partial |
None |
None |
|
The do_ip_vs_get_ctl function in net/netfilter/ipvs/ip_vs_ctl.c in the Linux kernel before 3.6 does not initialize a certain structure for IP_VS_SO_GET_TIMEOUT commands, which allows local users to obtain sensitive information from kernel stack memory via a crafted application. |
|
33 |
CVE-2012-6539 |
200 |
|
+Info |
2013-03-15 |
2013-05-14 |
1.9 |
None |
Local |
Medium |
Not required |
Partial |
None |
None |
|
The dev_ifconf function in net/socket.c in the Linux kernel before 3.6 does not initialize a certain structure, which allows local users to obtain sensitive information from kernel stack memory via a crafted application. |
|
34 |
CVE-2012-6538 |
200 |
|
+Info |
2013-03-15 |
2013-03-18 |
1.9 |
None |
Local |
Medium |
Not required |
Partial |
None |
None |
|
The copy_to_user_auth function in net/xfrm/xfrm_user.c in the Linux kernel before 3.6 uses an incorrect C library function for copying a string, which allows local users to obtain sensitive information from kernel heap memory by leveraging the CAP_NET_ADMIN capability. |
|
35 |
CVE-2012-6537 |
200 |
|
+Info |
2013-03-15 |
2013-05-14 |
1.9 |
None |
Local |
Medium |
Not required |
Partial |
None |
None |
|
net/xfrm/xfrm_user.c in the Linux kernel before 3.6 does not initialize certain structures, which allows local users to obtain sensitive information from kernel memory by leveraging the CAP_NET_ADMIN capability. |
|
36 |
CVE-2012-6140 |
200 |
|
Bypass +Info |
2013-04-24 |
2013-05-07 |
1.9 |
None |
Local |
Medium |
Not required |
Partial |
None |
None |
|
pam_google_authenticator.c in the PAM module in Google Authenticator before 1.0 requires user-readable permissions for the secret file, which allows local users to bypass intended access restrictions and discover a shared secret via standard filesystem operations, a different vulnerability than CVE-2013-0258. |
|
37 |
CVE-2012-6095 |
362 |
|
|
2013-01-24 |
2013-01-25 |
1.2 |
None |
Local |
High |
Not required |
None |
Partial |
None |
|
ProFTPD before 1.3.5rc1, when using the UserOwner directive, allows local users to modify the ownership of arbitrary files via a race condition and a symlink attack on the (1) MKD or (2) XMKD commands. |
|
38 |
CVE-2012-5616 |
255 |
|
+Info |
2013-01-22 |
2013-04-01 |
1.5 |
None |
Local |
Medium |
Single system |
Partial |
None |
None |
|
Apache CloudStack 4.0.0-incubating and Citrix CloudPlatform (formerly Citrix CloudStack) before 3.0.6 stores sensitive information in the log4j.conf log file, which allows local users to obtain (1) the SSH private key as recorded by the createSSHKeyPair API, (2) the password of an added host as recorded by the AddHost API, or the password of an added VM as recorded by the (3) DeployVM or (4) ResetPasswordForVM API. |
|
39 |
CVE-2012-4838 |
|
|
+Info |
2012-12-08 |
2012-12-26 |
1.9 |
None |
Local |
Medium |
Not required |
Partial |
None |
None |
|
IBM Flex System Chassis Management Module (CMM) and Integrated Management Module 2 (IMM2) allow local users to obtain sensitive information about (1) local accounts, (2) SSH private keys, (3) SSL/TLS private keys, (4) SNMPv3 communities, and (5) LDAP credentials by leveraging unspecified side effects of service or maintenance activity. |
|
40 |
CVE-2012-4832 |
200 |
|
+Info |
2013-01-31 |
2013-01-31 |
1.9 |
None |
Local |
Medium |
Not required |
Partial |
None |
None |
|
Information Services Framework (ISF) in IBM InfoSphere Information Server 8.1, 8.5 before FP3, and 8.7 and InfoSphere Business Glossary 8.1.1 and 8.1.2 does not have an off autocomplete attribute for the password field on the login page, which makes it easier for remote attackers to obtain access by leveraging an unattended workstation. |
|
41 |
CVE-2012-4693 |
310 |
|
|
2012-12-18 |
2012-12-19 |
1.9 |
None |
Local |
Medium |
Not required |
Partial |
None |
None |
|
Invensys Wonderware InTouch 2012 R2 and earlier and Siemens ProcessSuite use a weak encryption algorithm for data in Ps_security.ini, which makes it easier for local users to discover passwords by reading this file. |
|
42 |
CVE-2012-4676 |
59 |
|
|
2012-08-26 |
2012-08-27 |
1.2 |
None |
Local |
High |
Not required |
None |
Partial |
None |
|
The errorExitIfAttackViaString function in Tunnelblick 3.3beta20 and earlier allows local users to delete arbitrary files by constructing a (1) symlink or (2) hard link, a different vulnerability than CVE-2012-3485. |
|
43 |
CVE-2012-4535 |
399 |
|
DoS |
2012-11-21 |
2013-01-29 |
1.9 |
None |
Local |
Medium |
Not required |
None |
None |
Partial |
|
Xen 3.4 through 4.2, and possibly earlier versions, allows local guest OS administrators to cause a denial of service (Xen infinite loop and physical CPU consumption) by setting a VCPU with an "inappropriate deadline." |
|
44 |
CVE-2012-4508 |
362 |
|
+Info |
2012-12-21 |
2013-01-29 |
1.9 |
None |
Local |
Medium |
Not required |
Partial |
None |
None |
|
Race condition in fs/ext4/extents.c in the Linux kernel before 3.4.16 allows local users to obtain sensitive information from a deleted file by reading an extent that was not properly marked as uninitialized. |
|
45 |
CVE-2012-4461 |
|
|
DoS |
2013-01-22 |
2013-04-10 |
1.9 |
None |
Local |
Medium |
Not required |
None |
None |
Partial |
|
The KVM subsystem in the Linux kernel before 3.6.9, when running on hosts that use qemu userspace without XSAVE, allows local users to cause a denial of service (kernel OOPS) by using the KVM_SET_SREGS ioctl to set the X86_CR4_OSXSAVE bit in the guest cr4 register, then calling the KVM_RUN ioctl. |
|
46 |
CVE-2012-3741 |
287 |
|
Bypass |
2012-09-20 |
2013-03-25 |
1.9 |
None |
Local |
Medium |
Not required |
None |
Partial |
None |
|
The Restrictions (aka Parental Controls) implementation in Apple iOS before 6 does not properly handle purchase attempts after a Disable Restrictions action, which allows local users to bypass an intended Apple ID authentication step via an app that performs purchase transactions. |
|
47 |
CVE-2012-3734 |
310 |
|
Bypass |
2012-09-20 |
2013-03-25 |
1.9 |
None |
Local |
Medium |
Not required |
Partial |
None |
None |
|
Office Viewer in Apple iOS before 6 writes cleartext document data to a temporary file, which might allow local users to bypass a document's intended (1) Data Protection level or (2) encryption state by reading the temporary content. |
|
48 |
CVE-2012-3729 |
264 |
|
+Info |
2012-09-20 |
2013-03-25 |
1.9 |
None |
Local |
Medium |
Not required |
Partial |
None |
None |
|
The Berkeley Packet Filter (BPF) interpreter implementation in the kernel in Apple iOS before 6 accesses uninitialized memory locations, which allows local users to obtain sensitive information about the layout of kernel memory via a crafted program that uses a BPF interface. |
|
49 |
CVE-2012-3520 |
287 |
|
|
2012-10-03 |
2013-02-21 |
1.9 |
None |
Local |
Medium |
Not required |
None |
Partial |
None |
|
The Netlink implementation in the Linux kernel before 3.2.30 does not properly handle messages that lack SCM_CREDENTIALS data, which might allow local users to spoof Netlink communication via a crafted message, as demonstrated by a message to (1) Avahi or (2) NetworkManager. |
|
50 |
CVE-2012-3500 |
362 |
|
|
2012-09-30 |
2013-03-21 |
1.2 |
None |
Local |
High |
Not required |
None |
Partial |
None |
|
scripts/annotate-output.sh in devscripts before 2.12.2, as used in rpmdevtools before 8.3, allows local users to modify arbitrary files via a symlink attack on the temporary (1) standard output or (2) standard error output file. |
