Vulnerabilities > Low
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2014-03-11 | CVE-2013-4199 | Improper Input Validation vulnerability in Plone (1) cb_decode.py and (2) linkintegrity.py in Plone 2.1 through 4.1, 4.2.x through 4.2.5, and 4.3.x through 4.3.1 allow remote authenticated users to cause a denial of service (resource consumption) via a large zip archive, which is expanded (decompressed). | 3.5 |
2014-03-09 | CVE-2013-6232 | Cross-Site Scripting vulnerability in ENG Spagobi 4.0 Cross-site scripting (XSS) vulnerability in SpagoBI before 4.1 allows remote authenticated users to inject arbitrary web script or HTML via a document note in the execution page. | 3.5 |
2014-03-06 | CVE-2011-3153 | Link Following vulnerability in multiple products dmrc.c in Light Display Manager (aka LightDM) before 1.1.1 allows local users to read arbitrary files via a symlink attack on ~/.dmrc. | 1.9 |
2014-03-06 | CVE-2014-0890 | Credentials Management vulnerability in IBM Sametime The Connect client in IBM Sametime 8.5.1, 8.5.1.1, 8.5.1.2, 8.5.2, 8.5.2.1, 9.0, and 9.0.0.1, when a certain com.ibm.collaboration.realtime.telephony.*.level setting is used, logs cleartext passwords during Audio/Video chat sessions, which allows local users to obtain sensitive information by reading a log file. | 1.9 |
2014-03-06 | CVE-2014-0624 | Unspecified vulnerability in EMC RSA Data Loss Prevention 9.0/9.5/9.6 EMC RSA Data Loss Prevention (DLP) 9.x before 9.6-SP2 does not properly manage sessions, which allows remote authenticated users to gain privileges and bypass intended content-reading restrictions via unspecified vectors. low complexity emc | 2.7 |
2014-03-06 | CVE-2013-6314 | Cross-Site Scripting vulnerability in IBM Enterprise Records and Infosphere Enterprise Records Cross-site scripting (XSS) vulnerability in IBM InfoSphere Enterprise Records 4.5.1 before 4.5.1.7-IER-IF001 and Enterprise Records 5.1.1 before 5.1.1.1-IER-IF003 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors. | 3.5 |
2014-03-05 | CVE-2013-6333 | Cross-Site Scripting vulnerability in IBM Algo ONE Cross-site scripting (XSS) vulnerability in IBM Algo One, as used in MetaData Management Tools in UDS 4.7.0 through 5.0.0, ACSWeb in Algo Security Access Control Management 4.7.0 through 4.9.0, and ACSWeb in AlgoWebApps 5.0.0, allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors, a different vulnerability than CVE-2013-6299, CVE-2013-6300, CVE-2013-6301, and CVE-2013-6320. | 3.5 |
2014-03-05 | CVE-2013-6320 | Cross-Site Scripting vulnerability in IBM Algo ONE Cross-site scripting (XSS) vulnerability in IBM Algo One, as used in MetaData Management Tools in UDS 4.7.0 through 5.0.0, ACSWeb in Algo Security Access Control Management 4.7.0 through 4.9.0, and ACSWeb in AlgoWebApps 5.0.0, allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors, a different vulnerability than CVE-2013-6299, CVE-2013-6300, CVE-2013-6301, and CVE-2013-6333. | 3.5 |
2014-03-05 | CVE-2013-6301 | Cross-Site Scripting vulnerability in IBM Algo ONE Cross-site scripting (XSS) vulnerability in IBM Algo One, as used in MetaData Management Tools in UDS 4.7.0 through 5.0.0, ACSWeb in Algo Security Access Control Management 4.7.0 through 4.9.0, and ACSWeb in AlgoWebApps 5.0.0, allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors, a different vulnerability than CVE-2013-6299, CVE-2013-6300, CVE-2013-6320, and CVE-2013-6333. | 3.5 |
2014-03-05 | CVE-2013-6300 | Cross-Site Scripting vulnerability in IBM Algo ONE Cross-site scripting (XSS) vulnerability in IBM Algo One, as used in MetaData Management Tools in UDS 4.7.0 through 5.0.0, ACSWeb in Algo Security Access Control Management 4.7.0 through 4.9.0, and ACSWeb in AlgoWebApps 5.0.0, allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors, a different vulnerability than CVE-2013-6299, CVE-2013-6301, CVE-2013-6320, and CVE-2013-6333. | 3.5 |