CVE-2013-0208
- EPSS 2.51%
- Veröffentlicht 13.02.2013 16:55:01
- Zuletzt bearbeitet 29.04.2026 01:13:23
The boot-from-volume feature in OpenStack Compute (Nova) Folsom and Essex, when using nova-volumes, allows remote authenticated users to boot from other users' volumes via a volume id in the block_device_mapping parameter.
CVE-2013-0241
- EPSS 0.39%
- Veröffentlicht 13.02.2013 01:55:04
- Zuletzt bearbeitet 29.04.2026 01:13:23
The QXL display driver in QXL Virtual GPU 0.1.0 allows local users to cause a denial of service (guest crash or hang) via a SPICE connection that prevents other threads from obtaining the qemu_mutex mutex. NOTE: some of these details are obtained fr...
CVE-2012-6075
- EPSS 4.9%
- Veröffentlicht 13.02.2013 01:55:03
- Zuletzt bearbeitet 29.04.2026 01:13:23
Buffer overflow in the e1000_receive function in the e1000 device driver (hw/e1000.c) in QEMU 1.3.0-rc2 and other versions, when the SBP and LPE flags are disabled, allows remote attackers to cause a denial of service (guest OS crash) and possibly ex...
CVE-2013-0170
- EPSS 5.77%
- Veröffentlicht 08.02.2013 20:55:01
- Zuletzt bearbeitet 29.04.2026 01:13:23
Use-after-free vulnerability in the virNetMessageFree function in rpc/virnetserverclient.c in libvirt 1.0.x before 1.0.2, 0.10.2 before 0.10.2.3, 0.9.11 before 0.9.11.9, and 0.9.6 before 0.9.6.4 allows remote attackers to cause a denial of service (c...
- EPSS 23.03%
- Veröffentlicht 08.02.2013 20:55:01
- Zuletzt bearbeitet 29.04.2026 01:13:23
cachemgr.cgi in Squid 3.1.x and 3.2.x, possibly 3.1.22, 3.2.4, and other versions, allows remote attackers to cause a denial of service (resource consumption) via a crafted request. NOTE: this issue is due to an incorrect fix for CVE-2012-5643, poss...
CVE-2013-1620
- EPSS 3.72%
- Veröffentlicht 08.02.2013 19:55:01
- Zuletzt bearbeitet 29.04.2026 01:13:23
The TLS implementation in Mozilla Network Security Services (NSS) does not properly consider timing side-channel attacks on a noncompliant MAC check operation during the processing of malformed CBC padding, which allows remote attackers to conduct di...
CVE-2012-5689
- EPSS 12.04%
- Veröffentlicht 25.01.2013 12:00:46
- Zuletzt bearbeitet 29.04.2026 01:13:23
ISC BIND 9.8.x through 9.8.4-P1 and 9.9.x through 9.9.2-P1, in certain configurations involving DNS64 with a Response Policy Zone that lacks an AAAA rewrite rule, allows remote attackers to cause a denial of service (assertion failure and named daemo...
CVE-2012-2137
- EPSS 0.52%
- Veröffentlicht 22.01.2013 23:55:02
- Zuletzt bearbeitet 29.04.2026 01:13:23
Buffer overflow in virt/kvm/irq_comm.c in the KVM subsystem in the Linux kernel before 3.2.24 allows local users to cause a denial of service (crash) and possibly execute arbitrary code via vectors related to Message Signaled Interrupts (MSI), irq ro...
CVE-2012-5656
- EPSS 1.16%
- Veröffentlicht 18.01.2013 11:48:40
- Zuletzt bearbeitet 29.04.2026 01:13:23
The rasterization process in Inkscape before 0.48.4 allows local users to read arbitrary files via an external entity in a SVG file, aka an XML external entity (XXE) injection attack.
CVE-2013-0383
- EPSS 2.65%
- Veröffentlicht 17.01.2013 01:55:05
- Zuletzt bearbeitet 29.04.2026 01:13:23
Unspecified vulnerability in the Server component in Oracle MySQL 5.1.66 and earlier, and 5.5.28 and earlier, allows remote attackers to affect availability via unknown vectors related to Server Locking.