Max CVSS 10.0 Min CVSS 1.2 Total Count2
IDCVSSSummaryLast (major) updatePublished
CVE-2015-7222 6.8
Integer underflow in the Metadata::setData function in MetaData.cpp in libstagefright in Mozilla Firefox before 43.0 and Firefox ESR 38.x before 38.5 allows remote attackers to execute arbitrary code or cause a denial of service (incorrect memory all
22-10-2024 - 13:42 16-12-2015 - 11:59
CVE-2015-7205 10.0
Integer underflow in the RTPReceiverVideo::ParseRtpPacket function in Mozilla Firefox before 43.0 and Firefox ESR 38.x before 38.5 might allow remote attackers to obtain sensitive information, cause a denial of service, or possibly have unspecified o
22-10-2024 - 13:42 16-12-2015 - 11:59
CVE-2015-7213 6.8
Integer overflow in the MPEG4Extractor::readMetaData function in MPEG4Extractor.cpp in libstagefright in Mozilla Firefox before 43.0 and Firefox ESR 38.x before 38.5 on 64-bit platforms allows remote attackers to execute arbitrary code via a crafted
22-10-2024 - 13:42 16-12-2015 - 11:59
CVE-2015-7201 10.0
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 43.0 and Firefox ESR 38.x before 38.5 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary cod
22-10-2024 - 13:42 16-12-2015 - 11:59
CVE-2015-7212 7.5
Integer overflow in the mozilla::layers::BufferTextureClient::AllocateForSurface function in Mozilla Firefox before 43.0 and Firefox ESR 38.x before 38.5 allows remote attackers to execute arbitrary code by triggering a graphics operation that requir
22-10-2024 - 13:42 16-12-2015 - 11:59
CVE-2015-7214 5.0
Mozilla Firefox before 43.0 and Firefox ESR 38.x before 38.5 allow remote attackers to bypass the Same Origin Policy via data: and view-source: URIs.
22-10-2024 - 13:42 16-12-2015 - 11:59
CVE-2015-7210 7.5
Use-after-free vulnerability in Mozilla Firefox before 43.0 and Firefox ESR 38.x before 38.5 allows remote attackers to execute arbitrary code by triggering attempted use of a data channel that has been closed by a WebRTC function.
22-10-2024 - 13:42 16-12-2015 - 11:59
CVE-2015-4000 4.3
The TLS protocol 1.2 and earlier, when a DHE_EXPORT ciphersuite is enabled on a server but not on a client, does not properly convey a DHE_EXPORT choice, which allows man-in-the-middle attackers to conduct cipher-downgrade attacks by rewriting a Clie
22-10-2024 - 13:42 21-05-2015 - 00:59
CVE-2015-4491 6.8
Integer overflow in the make_filter_table function in pixops/pixops.c in gdk-pixbuf before 2.31.5, as used in Mozilla Firefox before 40.0 and Firefox ESR 38.x before 38.2 on Linux, Google Chrome on Linux, and other products, allows remote attackers t
22-10-2024 - 13:42 16-08-2015 - 01:59
CVE-2016-1526 5.8
The TtfUtil:LocaLookup function in TtfUtil.cpp in Libgraphite in Graphite 2 1.2.4, as used in Mozilla Firefox before 43.0 and Firefox ESR 38.x before 38.6.1, incorrectly validates a size value, which allows remote attackers to obtain sensitive inform
22-10-2024 - 13:42 13-02-2016 - 02:59
CVE-2016-1521 6.8
The directrun function in directmachine.cpp in Libgraphite in Graphite 2 1.2.4, as used in Mozilla Firefox before 43.0 and Firefox ESR 38.x before 38.6.1, does not validate a certain skip operation, which allows remote attackers to execute arbitrary
22-10-2024 - 13:42 13-02-2016 - 02:59
CVE-2016-1523 4.3
The SillMap::readFace function in FeatureMap.cpp in Libgraphite in Graphite 2 1.2.4, as used in Mozilla Firefox before 43.0 and Firefox ESR 38.x before 38.6.1, mishandles a return value, which allows remote attackers to cause a denial of service (mis
22-10-2024 - 13:42 13-02-2016 - 02:59
CVE-2016-1522 9.3
Code.cpp in Libgraphite in Graphite 2 1.2.4, as used in Mozilla Firefox before 43.0 and Firefox ESR 38.x before 38.6.1, does not consider recursive load calls during a size check, which allows remote attackers to cause a denial of service (heap-based
22-10-2024 - 13:42 13-02-2016 - 02:59
CVE-2015-8370 6.9
Multiple integer underflows in Grub2 1.98 through 2.02 allow physically proximate attackers to bypass authentication, obtain sensitive information, or cause a denial of service (disk corruption) via backspace characters in the (1) grub_username_get f
21-10-2024 - 17:35 16-12-2015 - 21:59
CVE-2013-1722 9.3
Use-after-free vulnerability in the nsAnimationManager::BuildAnimations function in the Animation Manager in Mozilla Firefox before 24.0, Firefox ESR 17.x before 17.0.9, Thunderbird before 24.0, Thunderbird ESR 17.x before 17.0.9, and SeaMonkey befor
21-10-2024 - 13:55 18-09-2013 - 10:08
CVE-2014-1577 6.4
The mozilla::dom::OscillatorNodeEngine::ComputeCustom function in the Web Audio subsystem in Mozilla Firefox before 33.0, Firefox ESR 31.x before 31.2, and Thunderbird 31.x before 31.2 allows remote attackers to obtain sensitive information from proc
21-10-2024 - 13:55 15-10-2014 - 10:55
CVE-2013-1725 6.8
Mozilla Firefox before 24.0, Firefox ESR 17.x before 17.0.9, Thunderbird before 24.0, Thunderbird ESR 17.x before 17.0.9, and SeaMonkey before 2.21 do not ensure that initialization occurs for JavaScript objects with compartments, which allows remote
21-10-2024 - 13:55 18-09-2013 - 10:08
CVE-2013-1736 10.0
The nsGfxScrollFrameInner::IsLTR function in Mozilla Firefox before 24.0, Firefox ESR 17.x before 17.0.9, Thunderbird before 24.0, Thunderbird ESR 17.x before 17.0.9, and SeaMonkey before 2.21 allows remote attackers to execute arbitrary code or caus
21-10-2024 - 13:55 18-09-2013 - 10:08
CVE-2013-1726 6.2
Mozilla Updater in Mozilla Firefox before 24.0, Firefox ESR 17.x before 17.0.9, Thunderbird before 24.0, Thunderbird ESR 17.x before 17.0.9, and SeaMonkey before 2.21 does not ensure exclusive access to a MAR file, which allows local users to gain pr
21-10-2024 - 13:55 18-09-2013 - 10:08
CVE-2013-1730 6.8
Mozilla Firefox before 24.0, Firefox ESR 17.x before 17.0.9, Thunderbird before 24.0, Thunderbird ESR 17.x before 17.0.9, and SeaMonkey before 2.21 do not properly handle movement of XBL-backed nodes between documents, which allows remote attackers t
21-10-2024 - 13:55 18-09-2013 - 10:08
CVE-2014-1574 7.5
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 33.0, Firefox ESR 31.x before 31.2, and Thunderbird 31.x before 31.2 allow remote attackers to cause a denial of service (memory corruption and application crash) or
21-10-2024 - 13:55 15-10-2014 - 10:55
CVE-2014-1576 7.5
Heap-based buffer overflow in the nsTransformedTextRun function in Mozilla Firefox before 33.0, Firefox ESR 31.x before 31.2, and Thunderbird 31.x before 31.2 allows remote attackers to execute arbitrary code via Cascading Style Sheets (CSS) token se
21-10-2024 - 13:55 15-10-2014 - 10:55
CVE-2013-1718 10.0
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 24.0, Firefox ESR 17.x before 17.0.9, Thunderbird before 24.0, Thunderbird ESR 17.x before 17.0.9, and SeaMonkey before 2.21 allow remote attackers to cause a denial
21-10-2024 - 13:55 18-09-2013 - 10:08
CVE-2014-1578 7.5
The get_tile function in Mozilla Firefox before 33.0, Firefox ESR 31.x before 31.2, and Thunderbird 31.x before 31.2 allows remote attackers to cause a denial of service (out-of-bounds write and application crash) or possibly execute arbitrary code v
21-10-2024 - 13:55 15-10-2014 - 10:55
CVE-2013-1737 5.0
Mozilla Firefox before 24.0, Firefox ESR 17.x before 17.0.9, Thunderbird before 24.0, Thunderbird ESR 17.x before 17.0.9, and SeaMonkey before 2.21 do not properly identify the "this" object during use of user-defined getter methods on DOM proxies, w
21-10-2024 - 13:55 18-09-2013 - 10:08
CVE-2013-1735 9.3
Use-after-free vulnerability in the mozilla::layout::ScrollbarActivity function in Mozilla Firefox before 24.0, Firefox ESR 17.x before 17.0.9, Thunderbird before 24.0, Thunderbird ESR 17.x before 17.0.9, and SeaMonkey before 2.21 allows remote attac
21-10-2024 - 13:55 18-09-2013 - 10:08
CVE-2014-1581 7.5
Use-after-free vulnerability in DirectionalityUtils.cpp in Mozilla Firefox before 33.0, Firefox ESR 31.x before 31.2, and Thunderbird 31.x before 31.2 allows remote attackers to execute arbitrary code via text that is improperly handled during the in
21-10-2024 - 13:55 15-10-2014 - 10:55
CVE-2014-1585 5.0
The WebRTC video-sharing feature in dom/media/MediaManager.cpp in Mozilla Firefox before 33.0, Firefox ESR 31.x before 31.2, and Thunderbird 31.x before 31.2 does not properly recognize Stop Sharing actions for videos in IFRAME elements, which allows
21-10-2024 - 13:55 15-10-2014 - 10:55
CVE-2013-1732 9.3
Buffer overflow in the nsFloatManager::GetFlowArea function in Mozilla Firefox before 24.0, Firefox ESR 17.x before 17.0.9, Thunderbird before 24.0, Thunderbird ESR 17.x before 17.0.9, and SeaMonkey before 2.21 allows remote attackers to execute arbi
21-10-2024 - 13:55 18-09-2013 - 10:08
CVE-2014-1583 5.0
The Alarm API in Mozilla Firefox before 33.0 and Firefox ESR 31.x before 31.2 does not properly restrict toJSON calls, which allows remote attackers to bypass the Same Origin Policy via crafted API calls that access sensitive information within the J
21-10-2024 - 13:55 15-10-2014 - 10:55
CVE-2014-1586 5.0
content/base/src/nsDocument.cpp in Mozilla Firefox before 33.0, Firefox ESR 31.x before 31.2, and Thunderbird 31.x before 31.2 does not consider whether WebRTC video sharing is occurring, which allows remote attackers to obtain sensitive information
21-10-2024 - 13:55 15-10-2014 - 10:55
CVE-2010-0047 9.3
Use-after-free vulnerability in WebKit in Apple Safari before 4.0.5 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via vectors related to "HTML object element fallback content."
15-10-2024 - 21:35 15-03-2010 - 13:28
CVE-2010-0048 9.3
Use-after-free vulnerability in WebKit in Apple Safari before 4.0.5 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted XML document.
15-10-2024 - 21:35 15-03-2010 - 13:28
CVE-2021-1723 5.0
ASP.NET Core and Visual Studio Denial of Service Vulnerability
08-10-2024 - 17:15 12-01-2021 - 20:15
CVE-2018-19881 4.3
In Artifex MuPDF 1.14.0, svg/svg-run.c allows remote attackers to cause a denial of service (recursive calls followed by a fitz/xml.c fz_xml_att crash from excessive stack consumption) via a crafted svg file, as demonstrated by mupdf-gl.
16-09-2024 - 16:15 06-12-2018 - 00:29
CVE-2018-19777 4.3
In Artifex MuPDF 1.14.0, there is an infinite loop in the function svg_dev_end_tile in fitz/svg-device.c, as demonstrated by mutool.
12-09-2024 - 17:15 30-11-2018 - 10:29
CVE-2018-19882 4.3
In Artifex MuPDF 1.14.0, the svg_run_image function in svg/svg-run.c allows remote attackers to cause a denial of service (href_att NULL pointer dereference and application crash) via a crafted svg file, as demonstrated by mupdf-gl.
12-09-2024 - 17:15 06-12-2018 - 00:29
CVE-2019-6130 4.3
Artifex MuPDF 1.14.0 has a SEGV in the function fz_load_page of the fitz/document.c file, as demonstrated by mutool. This is related to page-number mishandling in cbz/mucbz.c, cbz/muimg.c, and svg/svg-doc.c.
11-09-2024 - 16:15 11-01-2019 - 05:29
CVE-2019-6131 4.3
svg-run.c in Artifex MuPDF 1.14.0 has infinite recursion with stack consumption in svg_run_use_symbol, svg_run_element, and svg_run_use, as demonstrated by mutool.
11-09-2024 - 16:15 11-01-2019 - 05:29
CVE-2020-24370 5.0
ldebug.c in Lua 5.4.0 allows a negation overflow and segmentation fault in getlocal and setlocal, as demonstrated by getlocal(3,2^31).
09-09-2024 - 13:54 17-08-2020 - 17:15
CVE-2016-9243 5.0
HKDF in cryptography before 1.5.2 returns an empty byte-string if used with a length less than algorithm.digest_size.
09-09-2024 - 13:52 27-03-2017 - 17:59
CVE-2019-19064 7.8
A memory leak in the fsl_lpspi_probe() function in drivers/spi/spi-fsl-lpspi.c in the Linux kernel through 5.3.11 allows attackers to cause a denial of service (memory consumption) by triggering pm_runtime_get_sync() failures, aka CID-057b8945f78f. N
27-08-2024 - 19:38 18-11-2019 - 06:15
CVE-2020-28242 4.0
An issue was discovered in Asterisk Open Source 13.x before 13.37.1, 16.x before 16.14.1, 17.x before 17.8.1, and 18.x before 18.0.1 and Certified Asterisk before 16.8-cert5. If Asterisk is challenged on an outbound INVITE and the nonce is changed in
15-08-2024 - 12:44 06-11-2020 - 06:15
CVE-2020-13965 4.3
An issue was discovered in Roundcube Webmail before 1.3.12 and 1.4.x before 1.4.5. There is XSS via a malicious XML attachment because text/xml is among the allowed types for a preview.
14-08-2024 - 20:09 09-06-2020 - 03:15
CVE-2008-7258 2.1
The standardise function in Anibal Monsalve Salazar sSMTP 2.61 and 2.62 allows local users to cause a denial of service (application exit) via an e-mail message containing a long line that begins with a . (dot) character. NOTE: CVE disputes this iss
07-08-2024 - 12:15 20-08-2010 - 18:00
CVE-2008-1467 6.8
CenterIM 4.22.3 and earlier allows user-assisted remote attackers to execute arbitrary commands via shell metacharacters in a URI, related to "received URLs in the message window." NOTE: this issue has been disputed due to the user-assisted nature,
07-08-2024 - 09:15 24-03-2008 - 21:44
CVE-2009-2936 7.5
The Command Line Interface (aka Server CLI or administration interface) in the master process in the reverse proxy server in Varnish before 2.1.0 does not require authentication for commands received through a TCP port, which allows remote attackers
07-08-2024 - 06:16 05-04-2010 - 16:30
CVE-2010-4001 4.6
GMXRC.bash in Gromacs 4.5.1 and earlier places a zero-length directory name in the LD_LIBRARY_PATH, which allows local users to gain privileges via a Trojan horse shared library in the current working directory. NOTE: CVE disputes this issue because
07-08-2024 - 04:15 06-11-2010 - 00:00
CVE-2013-1937 4.3
Multiple cross-site scripting (XSS) vulnerabilities in tbl_gis_visualization.php in phpMyAdmin 3.5.x before 3.5.8 might allow remote attackers to inject arbitrary web script or HTML via the (1) visualizationSettings[width] or (2) visualizationSetting
06-08-2024 - 16:15 16-04-2013 - 14:04
CVE-2014-2913 7.5
Incomplete blacklist vulnerability in nrpe.c in Nagios Remote Plugin Executor (NRPE) 2.15 and earlier allows remote attackers to execute arbitrary commands via a newline character in the -a option to libexec/check_nrpe. NOTE: this issue is disputed
06-08-2024 - 11:15 07-05-2014 - 10:55
CVE-2015-8709 6.9
kernel/ptrace.c in the Linux kernel through 4.4.1 mishandles uid and gid mappings, which allows local users to gain privileges by establishing a user namespace, waiting for a root process to enter that namespace with an unsafe uid or gid, and then us
06-08-2024 - 09:15 08-02-2016 - 03:59
CVE-2018-21029 7.5
systemd 239 through 245 accepts any certificate signed by a trusted certificate authority for DNS Over TLS. Server Name Indication (SNI) is not sent, and there is no hostname validation with the GnuTLS backend. NOTE: This has been disputed by the dev
05-08-2024 - 13:15 30-10-2019 - 22:15
CVE-2018-18405 4.3
jQuery v2.2.2 allows XSS via a crafted onerror attribute of an IMG element. NOTE: this vulnerability has been reported to be spam entry
05-08-2024 - 11:15 22-04-2020 - 18:15
CVE-2019-19232 5.0
In Sudo through 1.8.29, an attacker with access to a Runas ALL sudoer account can impersonate a nonexistent user by invoking sudo with a numeric uid that is not associated with any user. NOTE: The software maintainer believes that this is not a vulne
05-08-2024 - 02:16 19-12-2019 - 21:15
CVE-2019-19234 5.0
In Sudo through 1.8.29, the fact that a user has been blocked (e.g., by using the ! character in the shadow file instead of a password hash) is not considered, allowing an attacker (who has access to a Runas ALL sudoer account) to impersonate any blo
05-08-2024 - 02:16 19-12-2019 - 21:15
CVE-2019-19070 7.8
A memory leak in the spi_gpio_probe() function in drivers/spi/spi-gpio.c in the Linux kernel through 5.3.11 allows attackers to cause a denial of service (memory consumption) by triggering devm_add_action_or_reset() failures, aka CID-d3b0ffa1d75d. NO
05-08-2024 - 02:15 18-11-2019 - 06:15
CVE-2019-19055 4.9
A memory leak in the nl80211_get_ftm_responder_stats() function in net/wireless/nl80211.c in the Linux kernel through 5.3.11 allows attackers to cause a denial of service (memory consumption) by triggering nl80211hdr_put() failures, aka CID-1399c59fa
05-08-2024 - 02:15 18-11-2019 - 06:15
CVE-2019-19046 6.8
A memory leak in the __ipmi_bmc_register() function in drivers/char/ipmi/ipmi_msghandler.c in the Linux kernel through 5.3.11 allows attackers to cause a denial of service (memory consumption) by triggering ida_simple_get() failure, aka CID-4aa7afb0e
05-08-2024 - 02:15 18-11-2019 - 06:15
CVE-2019-12382 4.9
An issue was discovered in drm_load_edid_firmware in drivers/gpu/drm/drm_edid_load.c in the Linux kernel through 5.1.5. There is an unchecked kstrdup of fwstr, which might allow an attacker to cause a denial of service (NULL pointer dereference and s
05-08-2024 - 00:15 28-05-2019 - 03:29
CVE-2019-12378 4.9
An issue was discovered in ip6_ra_control in net/ipv6/ipv6_sockglue.c in the Linux kernel through 5.1.5. There is an unchecked kmalloc of new_ra, which might allow an attacker to cause a denial of service (NULL pointer dereference and system crash).
05-08-2024 - 00:15 28-05-2019 - 03:29
CVE-2019-12454 7.2
An issue was discovered in wcd9335_codec_enable_dec in sound/soc/codecs/wcd9335.c in the Linux kernel through 5.1.5. It uses kstrndup instead of kmemdup_nul, which allows attackers to have an unspecified impact via unknown vectors. NOTE: The vendor d
05-08-2024 - 00:15 30-05-2019 - 04:29
CVE-2019-12455 4.9
An issue was discovered in sunxi_divs_clk_setup in drivers/clk/sunxi/clk-sunxi.c in the Linux kernel through 5.1.5. There is an unchecked kstrndup of derived_name, which might allow an attacker to cause a denial of service (NULL pointer dereference a
05-08-2024 - 00:15 30-05-2019 - 04:29
CVE-2019-12381 4.9
An issue was discovered in ip_ra_control in net/ipv4/ip_sockglue.c in the Linux kernel through 5.1.5. There is an unchecked kmalloc of new_ra, which might allow an attacker to cause a denial of service (NULL pointer dereference and system crash). NOT
05-08-2024 - 00:15 28-05-2019 - 03:29
CVE-2019-12456 7.2
An issue was discovered in the MPT3COMMAND case in _ctl_ioctl_main in drivers/scsi/mpt3sas/mpt3sas_ctl.c in the Linux kernel through 5.1.5. It allows local users to cause a denial of service or possibly have unspecified other impact by changing the v
05-08-2024 - 00:15 30-05-2019 - 14:29
CVE-2019-12379 4.9
An issue was discovered in con_insert_unipair in drivers/tty/vt/consolemap.c in the Linux kernel through 5.1.5. There is a memory leak in a certain case of an ENOMEM outcome of kmalloc. NOTE: This id is disputed as not being an issue
05-08-2024 - 00:15 28-05-2019 - 03:29
CVE-2019-10143 6.9
It was discovered freeradius up to and including version 3.0.19 does not correctly configure logrotate, allowing a local attacker who already has control of the radiusd user to escalate his privileges to root, by tricking logrotate into writing a rad
04-08-2024 - 22:15 24-05-2019 - 17:29
CVE-2019-6446 7.5
An issue was discovered in NumPy 1.16.0 and earlier. It uses the pickle Python module unsafely, which allows remote attackers to execute arbitrary code via a crafted serialized object, as demonstrated by a numpy.load call. NOTE: third parties dispute
04-08-2024 - 21:15 16-01-2019 - 05:29
CVE-2020-24890 2.6
libraw 20.0 has a null pointer dereference vulnerability in parse_tiff_ifd in src/metadata/tiff.cpp, which may result in context-dependent arbitrary code execution. Note: this vulnerability occurs only if you compile the software in a certain way
04-08-2024 - 16:15 16-09-2020 - 15:15
CVE-2019-17626 7.5
ReportLab through 3.5.26 allows remote code execution because of toColor(eval(arg)) in colors.py, as demonstrated by a crafted XML document with '<span color="' followed by arbitrary Python code.
01-08-2024 - 13:41 16-10-2019 - 12:15
CVE-2020-16846 7.5
An issue was discovered in SaltStack Salt through 3002. Sending crafted web requests to the Salt API, with the SSH client enabled, can result in shell injection.
26-07-2024 - 19:53 06-11-2020 - 08:15
CVE-2020-16009 6.8
Inappropriate implementation in V8 in Google Chrome prior to 86.0.4240.183 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
25-07-2024 - 17:26 03-11-2020 - 03:15
CVE-2020-15999 4.3
Heap buffer overflow in Freetype in Google Chrome prior to 86.0.4240.111 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
25-07-2024 - 17:25 03-11-2020 - 03:15
CVE-2019-0211 7.2
In Apache HTTP Server 2.4 releases 2.4.17 to 2.4.38, with MPM event, worker or prefork, code executing in less-privileged child processes or threads (including scripts executed by an in-process scripting interpreter) could execute arbitrary code with
25-07-2024 - 14:58 08-04-2019 - 22:29
CVE-2020-6418 6.8
Type confusion in V8 in Google Chrome prior to 80.0.3987.122 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
25-07-2024 - 14:32 27-02-2020 - 23:15
CVE-2019-5544 7.5
OpenSLP as used in ESXi and the Horizon DaaS appliances has a heap overwrite issue. VMware has evaluated the severity of this issue to be in the Critical severity range with a maximum CVSSv3 base score of 9.8.
25-07-2024 - 14:15 06-12-2019 - 16:15
CVE-2019-13272 7.2
In the Linux kernel before 5.1.17, ptrace_link in kernel/ptrace.c mishandles the recording of the credentials of a process that wants to create a ptrace relationship, which allows local users to obtain root access by leveraging certain scenarios with
24-07-2024 - 16:51 17-07-2019 - 13:15
CVE-2020-13671 6.5
Drupal core does not properly sanitize certain filenames on uploaded files, which can lead to files being interpreted as the incorrect extension and served as the wrong MIME type or executed as PHP for certain hosting configurations. This issue affec
24-07-2024 - 16:44 20-11-2020 - 16:15
CVE-2019-16928 7.5
Exim 4.92 through 4.92.2 allows remote code execution, a different vulnerability than CVE-2019-15846. There is a heap-based buffer overflow in string_vformat in string.c involving a long EHLO command.
24-07-2024 - 14:24 27-09-2019 - 21:15
CVE-2020-1938 7.5
When using the Apache JServ Protocol (AJP), care must be taken when trusting incoming connections to Apache Tomcat. Tomcat treats AJP connections as having higher trust than, for example, a similar HTTP connection. If such connections are available t
24-07-2024 - 14:23 24-02-2020 - 22:15
CVE-2007-6353 7.5
Integer overflow in exif.cpp in exiv2 library allows context-dependent attackers to execute arbitrary code via a crafted EXIF file that triggers a heap-based buffer overflow.
19-07-2024 - 13:04 20-12-2007 - 01:46
CVE-2016-0752 5.0
Directory traversal vulnerability in Action View in Ruby on Rails before 3.2.22.1, 4.0.x and 4.1.x before 4.1.14.1, 4.2.x before 4.2.5.1, and 5.x before 5.0.0.beta1.1 allows remote attackers to read arbitrary files by leveraging an application's unre
16-07-2024 - 17:56 16-02-2016 - 02:59
CVE-2019-11043 7.5
In PHP versions 7.1.x below 7.1.33, 7.2.x below 7.2.24 and 7.3.x below 7.3.11 in certain configurations of FPM setup it is possible to cause FPM module to write past allocated buffers into the space reserved for FCGI protocol data, thus opening the p
16-07-2024 - 17:52 28-10-2019 - 15:15
CVE-2020-7247 10.0
smtp_mailaddr in smtp_session.c in OpenSMTPD 6.6, as used in OpenBSD 6.6 and other products, allows remote attackers to execute arbitrary commands as root via a crafted SMTP session, as demonstrated by shell metacharacters in a MAIL FROM field. This
16-07-2024 - 17:40 29-01-2020 - 16:15
CVE-2020-14323 2.1
A null pointer dereference flaw was found in samba's Winbind service in versions before 4.11.15, before 4.12.9 and before 4.13.1. A local user could use this flaw to crash the winbind service causing denial of service.
03-07-2024 - 01:36 29-10-2020 - 20:15
CVE-2020-12667 5.0
Knot Resolver before 5.1.1 allows traffic amplification via a crafted DNS answer from an attacker-controlled server, aka an "NXNSAttack" issue. This is triggered by random subdomains in the NSDNAME in NS records.
03-07-2024 - 01:36 19-05-2020 - 13:15
CVE-2019-14232 5.0
An issue was discovered in Django 1.11.x before 1.11.23, 2.1.x before 2.1.11, and 2.2.x before 2.2.4. If django.utils.text.Truncator's chars() and words() methods were passed the html=True argument, they were extremely slow to evaluate certain inputs
03-07-2024 - 01:35 02-08-2019 - 15:15
CVE-2014-0160 5.0
The (1) TLS and (2) DTLS implementations in OpenSSL 1.0.1 before 1.0.1g do not properly handle Heartbeat Extension packets, which allows remote attackers to obtain sensitive information from process memory via crafted packets that trigger a buffer ov
02-07-2024 - 16:52 07-04-2014 - 22:55
CVE-2020-28949 6.8
Archive_Tar through 1.4.10 has :// filename sanitization only to address phar attacks, and thus any other stream-wrapper attack (such as file:// to overwrite files) can still succeed.
28-06-2024 - 14:06 19-11-2020 - 19:15
CVE-2020-35730 4.3
An XSS issue was discovered in Roundcube Webmail before 1.2.13, 1.3.x before 1.3.16, and 1.4.x before 1.4.10. The attacker can send a plain text e-mail message, with JavaScript in a link reference element that is mishandled by linkref_addindex in rcu
27-06-2024 - 19:16 28-12-2020 - 20:15
CVE-2019-20503 4.3
usrsctp before 2019-12-20 has out-of-bounds reads in sctp_load_addresses_from_init.
27-06-2024 - 12:46 06-03-2020 - 20:15
CVE-2019-1387 6.8
An issue was found in Git before v2.24.1, v2.23.1, v2.22.2, v2.21.1, v2.20.2, v2.19.3, v2.18.2, v2.17.3, v2.16.6, v2.15.4, and v2.14.6. Recursive clones are currently affected by a vulnerability that is caused by too-lax validation of submodule names
26-06-2024 - 10:15 18-12-2019 - 21:15
CVE-2019-14861 3.5
All Samba versions 4.x.x before 4.9.17, 4.10.x before 4.10.11 and 4.11.x before 4.11.3 have an issue, where the (poorly named) dnsserver RPC pipe provides administrative facilities to modify DNS records and zones. Samba, when acting as an AD DC, stor
25-06-2024 - 02:15 10-12-2019 - 23:15
CVE-2020-1971 4.3
The X.509 GeneralName type is a generic type for representing different types of names. One of those name types is known as EDIPartyName. OpenSSL provides a function GENERAL_NAME_cmp which compares different instances of a GENERAL_NAME to see if they
21-06-2024 - 19:15 08-12-2020 - 16:15
CVE-2019-1547 1.9
Normally in OpenSSL EC groups always have a co-factor present and this is used in side channel resistant code paths. However, in some cases, it is possible to construct a group using explicit parameters (instead of using a named curve). In those case
21-06-2024 - 19:15 10-09-2019 - 17:15
CVE-2014-8159 6.9
The InfiniBand (IB) implementation in the Linux kernel package before 2.6.32-504.12.2 on Red Hat Enterprise Linux (RHEL) 6 does not properly restrict use of User Verbs for registration of memory regions, which allows local users to access arbitrary p
06-06-2024 - 19:46 16-03-2015 - 10:59
CVE-2020-1472 9.3
An elevation of privilege vulnerability exists when an attacker establishes a vulnerable Netlogon secure channel connection to a domain controller, using the Netlogon Remote Protocol (MS-NRPC). An attacker who successfully exploited the vulnerability
23-05-2024 - 17:56 17-08-2020 - 19:15
CVE-2018-5730 5.5
MIT krb5 1.6 or later allows an authenticated kadmin with permission to add principals to an LDAP Kerberos database to circumvent a DN containership check by supplying both a "linkdn" and "containerdn" database argument, or by supplying a DN string w
23-05-2024 - 17:53 06-03-2018 - 20:29
CVE-2018-5729 6.5
MIT krb5 1.6 or later allows an authenticated kadmin with permission to add principals to an LDAP Kerberos database to cause a denial of service (NULL pointer dereference) or bypass a DN container check by supplying tagged data that is internal to th
23-05-2024 - 17:52 06-03-2018 - 20:29
CVE-2019-3900 6.8
An infinite loop issue was found in the vhost_net kernel module in Linux Kernel up to and including v5.1-rc6, while handling incoming packets in handle_rx(). It could occur if one end sends packets faster than the other end can process them. A guest
26-04-2024 - 16:08 25-04-2019 - 15:29
CVE-2019-10191 5.0
A vulnerability was discovered in DNS resolver of knot resolver before version 4.1.0 which allows remote attackers to downgrade DNSSEC-secure domains to DNSSEC-insecure state, opening possibility of domain hijack using attacks against insecure DNS pr
26-04-2024 - 07:15 16-07-2019 - 18:15
CVE-2019-10190 5.0
A vulnerability was discovered in DNS resolver component of knot resolver through version 3.2.0 before 4.1.0 which allows remote attackers to bypass DNSSEC validation for non-existence answer. NXDOMAIN answer would get passed through to the client ev
26-04-2024 - 07:15 16-07-2019 - 18:15
CVE-2020-14002 4.3
PuTTY 0.68 through 0.73 has an Observable Discrepancy leading to an information leak in the algorithm negotiation. This allows man-in-the-middle attackers to target initial connection attempts (where no host key for the server has been cached by the
25-04-2024 - 22:15 29-06-2020 - 18:15
CVE-2019-13132 7.5
In ZeroMQ libzmq before 4.0.9, 4.1.x before 4.1.7, and 4.2.x before 4.3.2, a remote, unauthenticated client connecting to a libzmq application, running with a socket listening with CURVE encryption/authentication enabled, may cause a stack overflow a
11-04-2024 - 22:15 10-07-2019 - 19:15
CVE-2019-20454 5.0
An out-of-bounds read was discovered in PCRE before 10.34 when the pattern \X is JIT compiled and used to match specially crafted subjects in non-UTF mode. Applications that use PCRE to parse untrusted input may be vulnerable to this flaw, which woul
27-03-2024 - 16:05 14-02-2020 - 14:15
CVE-2020-8284 4.3
A malicious server can use the FTP PASV response to trick curl 7.73.0 and earlier into connecting back to a given IP address and port, and this way potentially make curl extract information about services that are otherwise private and not disclosed,
27-03-2024 - 15:50 14-12-2020 - 20:15
CVE-2020-8285 5.0
curl 7.21.0 to and including 7.73.0 is vulnerable to uncontrolled recursion due to a stack overflow issue in FTP wildcard match parsing.
27-03-2024 - 15:47 14-12-2020 - 20:15
CVE-2020-8286 5.0
curl 7.41.0 through 7.73.0 is vulnerable to an improper check for certificate revocation due to insufficient verification of the OCSP response.
27-03-2024 - 15:47 14-12-2020 - 20:15
CVE-2009-3563 6.4
ntp_request.c in ntpd in NTP before 4.2.4p8, and 4.2.5, allows remote attackers to cause a denial of service (CPU and bandwidth consumption) by using MODE_PRIVATE to send a spoofed (1) request or (2) response packet that triggers a continuous exchang
19-03-2024 - 21:15 09-12-2009 - 18:30
CVE-2015-2666 6.9
Stack-based buffer overflow in the get_matching_model_microcode function in arch/x86/kernel/cpu/microcode/intel_early.c in the Linux kernel before 4.0 allows context-dependent attackers to gain privileges by constructing a crafted microcode header an
14-03-2024 - 19:59 27-05-2015 - 10:59
CVE-2012-2143 4.3
The crypt_des (aka DES-based crypt) function in FreeBSD before 9.0-RELEASE-p2, as used in PHP, PostgreSQL, and other products, does not process the complete cleartext password if this password contains a 0x80 character, which makes it easier for cont
14-03-2024 - 19:59 05-07-2012 - 14:55
CVE-2014-9529 6.9
Race condition in the key_gc_unused_keys function in security/keys/gc.c in the Linux kernel through 3.18.2 allows local users to cause a denial of service (memory corruption or panic) or possibly have unspecified other impact via keyctl commands that
14-03-2024 - 19:58 09-01-2015 - 21:59
CVE-2020-5395 6.8
FontForge 20190801 has a use-after-free in SFD_GetFontMetaData in sfd.c.
08-03-2024 - 01:15 03-01-2020 - 20:15
CVE-2019-15605 7.5
HTTP request smuggling in Node.js 10, 12, and 13 causes malicious payload delivery when transfer-encoding is malformed
07-03-2024 - 21:24 07-02-2020 - 15:15
CVE-2009-3720 5.0
The updatePosition function in lib/xmltok_impl.c in libexpat in Expat 2.0.1, as used in Python, PyXML, w3c-libwww, and other software, allows context-dependent attackers to cause a denial of service (application crash) via an XML document with crafte
22-02-2024 - 03:40 03-11-2009 - 16:30
CVE-2009-0115 7.2
The Device Mapper multipathing driver (aka multipath-tools or device-mapper-multipath) 0.4.8, as used in SUSE openSUSE, SUSE Linux Enterprise Server (SLES), Fedora, and possibly other operating systems, uses world-writable permissions for the socket
16-02-2024 - 20:28 30-03-2009 - 16:30
CVE-2016-2107 2.6
The AES-NI implementation in OpenSSL before 1.0.1t and 1.0.2 before 1.0.2h does not consider memory allocation during a certain padding check, which allows remote attackers to obtain sensitive cleartext information via a padding-oracle attack against
16-02-2024 - 19:19 05-05-2016 - 01:59
CVE-2019-14821 7.2
An out-of-bounds access issue was found in the Linux kernel, all versions through 5.3, in the way Linux kernel's KVM hypervisor implements the Coalesced MMIO write operation. It operates on an MMIO ring buffer 'struct kvm_coalesced_mmio' object, wher
16-02-2024 - 18:44 19-09-2019 - 18:15
CVE-2008-0411 6.8
Stack-based buffer overflow in the zseticcspace function in zicc.c in Ghostscript 8.61 and earlier allows remote attackers to execute arbitrary code via a postscript (.ps) file containing a long Range array in a .seticcspace operator.
16-02-2024 - 16:39 28-02-2008 - 21:44
CVE-2019-11358 4.3
jQuery before 3.4.0, as used in Drupal, Backdrop CMS, and other products, mishandles jQuery.extend(true, {}, ...) because of Object.prototype pollution. If an unsanitized source object contained an enumerable __proto__ property, it could extend the n
16-02-2024 - 16:32 20-04-2019 - 00:29
CVE-2009-3547 6.9
Multiple race conditions in fs/pipe.c in the Linux kernel before 2.6.32-rc6 allow local users to cause a denial of service (NULL pointer dereference and system crash) or gain privileges by attempting to open an anonymous pipe via a /proc/*/fd/ pathna
15-02-2024 - 21:12 04-11-2009 - 15:30
CVE-2004-0184 5.0
Integer underflow in the isakmp_id_print for TCPDUMP 3.8.1 and earlier allows remote attackers to cause a denial of service (crash) via an ISAKMP packet with an Identification payload with a length that becomes less than 8 during byte order conversio
15-02-2024 - 21:09 04-05-2004 - 04:00
CVE-2004-0183 5.0
TCPDUMP 3.8.1 and earlier allows remote attackers to cause a denial of service (crash) via ISAKMP packets containing a Delete payload with a large number of SPI's, which causes an out-of-bounds read, as demonstrated by the Striker ISAKMP Protocol Tes
15-02-2024 - 20:53 04-05-2004 - 04:00
CVE-2012-5656 2.1
The rasterization process in Inkscape before 0.48.4 allows local users to read arbitrary files via an external entity in a SVG file, aka an XML external entity (XXE) injection attack.
15-02-2024 - 20:18 18-01-2013 - 11:48
CVE-2007-1863 5.0
cache_util.c in the mod_cache module in Apache HTTP Server (httpd), when caching is enabled and a threaded Multi-Processing Module (MPM) is used, allows remote attackers to cause a denial of service (child processing handler crash) via a request with
15-02-2024 - 19:19 27-06-2007 - 17:30
CVE-2009-1195 4.9
The Apache HTTP Server 2.2.11 and earlier 2.2 versions does not properly handle Options=IncludesNOEXEC in the AllowOverride directive, which allows local users to gain privileges by configuring (1) Options Includes, (2) Options +Includes, or (3) Opti
15-02-2024 - 18:54 28-05-2009 - 20:30
CVE-2008-2108 7.5
The GENERATE_SEED macro in PHP 4.x before 4.4.8 and 5.x before 5.2.5, when running on 64-bit systems, performs a multiplication that generates a portion of zero bits during conversion due to insufficient precision, which produces 24 bits of entropy a
15-02-2024 - 03:29 07-05-2008 - 21:20
CVE-2012-0037 4.3
Redland Raptor (aka libraptor) before 2.0.7, as used by OpenOffice 3.3 and 3.4 Beta, LibreOffice before 3.4.6 and 3.5.x before 3.5.1, and other products, allows user-assisted remote attackers to read arbitrary files via a crafted XML external entity
15-02-2024 - 03:22 17-06-2012 - 03:41
CVE-2012-3363 6.4
Zend_XmlRpc in Zend Framework 1.x before 1.11.12 and 1.12.x before 1.12.0 does not properly handle SimpleXMLElement classes, which allows remote attackers to read arbitrary files or create TCP connections via an external entity reference in a DOCTYPE
15-02-2024 - 03:20 13-02-2013 - 17:55
CVE-2008-1567 2.1
phpMyAdmin before 2.11.5.1 stores the MySQL (1) username and (2) password, and the (3) Blowfish secret key, in cleartext in a Session file under /tmp, which allows local users to obtain sensitive information.
14-02-2024 - 15:31 31-03-2008 - 22:44
CVE-2009-1603 4.3
src/tools/pkcs11-tool.c in pkcs11-tool in OpenSC 0.11.7, when used with unspecified third-party PKCS#11 modules, generates RSA keys with incorrect public exponents, which allows attackers to read the cleartext form of messages that were intended to b
14-02-2024 - 15:19 11-05-2009 - 16:30
CVE-2015-6496 5.0
conntrackd in conntrack-tools 1.4.2 and earlier does not ensure that the optional kernel modules are loaded before using them, which allows remote attackers to cause a denial of service (crash) via a (1) DCCP, (2) SCTP, or (3) ICMPv6 packet.
14-02-2024 - 01:17 24-08-2015 - 14:59
CVE-2008-5005 10.0
Multiple stack-based buffer overflows in (1) University of Washington IMAP Toolkit 2002 through 2007c, (2) University of Washington Alpine 2.00 and earlier, and (3) Panda IMAP allow (a) local users to gain privileges by specifying a long folder exten
14-02-2024 - 01:17 10-11-2008 - 14:12
CVE-2014-1487 5.0
The Web workers implementation in Mozilla Firefox before 27.0, Firefox ESR 24.x before 24.3, Thunderbird before 24.3, and SeaMonkey before 2.24 allows remote attackers to bypass the Same Origin Policy and obtain sensitive authentication information v
14-02-2024 - 01:17 06-02-2014 - 05:44
CVE-2014-1486 10.0
Use-after-free vulnerability in the imgRequestProxy function in Mozilla Firefox before 27.0, Firefox ESR 24.x before 24.3, Thunderbird before 24.3, and SeaMonkey before 2.24 allows remote attackers to execute arbitrary code via vectors involving unsp
14-02-2024 - 01:17 06-02-2014 - 05:44
CVE-2014-1479 5.0
The System Only Wrapper (SOW) implementation in Mozilla Firefox before 27.0, Firefox ESR 24.x before 24.3, Thunderbird before 24.3, and SeaMonkey before 2.24 does not prevent certain cloning operations, which allows remote attackers to bypass intende
14-02-2024 - 01:17 06-02-2014 - 05:44
CVE-2014-1490 9.3
Race condition in libssl in Mozilla Network Security Services (NSS) before 3.15.4, as used in Mozilla Firefox before 27.0, Firefox ESR 24.x before 24.3, Thunderbird before 24.3, SeaMonkey before 2.24, and other products, allows remote attackers to ca
14-02-2024 - 01:17 06-02-2014 - 05:44
CVE-2014-1481 5.0
Mozilla Firefox before 27.0, Firefox ESR 24.x before 24.3, Thunderbird before 24.3, and SeaMonkey before 2.24 allow remote attackers to bypass intended restrictions on window objects by leveraging inconsistency in native getter methods across differe
14-02-2024 - 01:17 06-02-2014 - 05:44
CVE-2009-3156 2.1
Cross-site scripting (XSS) vulnerability in the Date Tools sub-module in the Date module 6.x before 6.x-2.3 for Drupal allows remote authenticated users, with "use date tools" or "administer content types" privileges, to inject arbitrary web script o
14-02-2024 - 01:17 10-09-2009 - 18:30
CVE-2014-1477 6.8
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 27.0, Firefox ESR 24.x before 24.3, Thunderbird before 24.3, and SeaMonkey before 2.24 allow remote attackers to cause a denial of service (memory corruption and app
14-02-2024 - 01:17 06-02-2014 - 05:44
CVE-2014-1482 9.3
RasterImage.cpp in Mozilla Firefox before 27.0, Firefox ESR 24.x before 24.3, Thunderbird before 24.3, and SeaMonkey before 2.24 does not prevent access to discarded data, which allows remote attackers to execute arbitrary code or cause a denial of s
14-02-2024 - 01:17 06-02-2014 - 05:44
CVE-2006-1934 5.0
Multiple buffer overflows in Ethereal 0.10.x up to 0.10.14 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via the (1) ALCAP dissector, (2) Network Instruments file code, or (3) NetXray/Windows Sniffer
14-02-2024 - 01:17 25-04-2006 - 12:50
CVE-2006-1938 5.0
Multiple unspecified vulnerabilities in Ethereal 0.8.x up to 0.10.14 allow remote attackers to cause a denial of service (crash from null dereference) via the (1) Sniffer capture or (2) SMB PIPE dissector.
14-02-2024 - 01:17 25-04-2006 - 12:50
CVE-2004-0633 5.0
The iSNS dissector for Ethereal 0.10.3 through 0.10.4 allows remote attackers to cause a denial of service (process abort) via an integer overflow.
14-02-2024 - 01:17 06-12-2004 - 05:00
CVE-2006-1933 5.0
Multiple unspecified vulnerabilities in Ethereal 0.10.x up to 0.10.14 allow remote attackers to cause a denial of service (large or infinite loops) viarafted packets to the (1) UMA and (2) BER dissectors.
14-02-2024 - 01:17 25-04-2006 - 12:50
CVE-2006-1936 5.0
Buffer overflow in Ethereal 0.8.5 up to 0.10.14 allows remote attackers to execute arbitrary code via the telnet dissector.
14-02-2024 - 01:17 25-04-2006 - 12:50
CVE-2006-1932 10.0
Off-by-one error in the OID printing routine in Ethereal 0.10.x up to 0.10.14 has unknown impact and remote attack vectors.
14-02-2024 - 01:17 25-04-2006 - 12:50
CVE-2006-1935 5.0
Buffer overflow in Ethereal 0.9.15 up to 0.10.14 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via the COPS dissector.
14-02-2024 - 01:17 25-04-2006 - 12:50
CVE-2006-1940 5.0
Unspecified vulnerability in Ethereal 0.10.4 up to 0.10.14 allows remote attackers to cause a denial of service (abort) via the SNDCP dissector.
14-02-2024 - 01:17 25-04-2006 - 12:50
CVE-2006-1939 5.0
Multiple unspecified vulnerabilities in Ethereal 0.9.x up to 0.10.14 allow remote attackers to cause a denial of service (crash from null dereference) via (1) an invalid display filter, or the (2) GSM SMS, (3) ASN.1-based, (4) DCERPC NT, (5) PER, (6)
14-02-2024 - 01:17 25-04-2006 - 12:50
CVE-2006-1937 5.0
Multiple unspecified vulnerabilities in Ethereal 0.10.x up to 0.10.14 allow remote attackers to cause a denial of service (crash from null dereference) via (1) multiple vectors in H.248, and the (2) X.509if, (3) SRVLOC, (4) H.245, (5) AIM, and (6) ge
14-02-2024 - 01:17 25-04-2006 - 12:50
CVE-2004-0634 5.0
The SMB SID snooping capability in Ethereal 0.9.15 to 0.10.4 allows remote attackers to cause a denial of service (process crash) via a handle without a policy name, which causes a null dereference.
14-02-2024 - 01:17 06-12-2004 - 05:00
CVE-2004-0635 5.0
The SNMP dissector in Ethereal 0.8.15 through 0.10.4 allows remote attackers to cause a denial of service (process crash) via a (1) malformed or (2) missing community string, which causes an out-of-bounds read.
14-02-2024 - 01:17 06-12-2004 - 05:00
CVE-2004-0411 7.5
The URI handlers in Konqueror for KDE 3.2.2 and earlier do not properly filter "-" characters that begin a hostname in a (1) telnet, (2) rlogin, (3) ssh, or (4) mailto URI, which allows remote attackers to manipulate the options that are passed to th
13-02-2024 - 18:01 07-07-2004 - 04:00
CVE-2006-1865 7.5
Argument injection vulnerability in Beagle before 0.2.5 allows attackers to execute arbitrary commands via crafted filenames that inject command line arguments when Beagle launches external helper applications while indexing.
13-02-2024 - 17:54 21-04-2006 - 23:06
CVE-2009-3231 6.8
The core server component in PostgreSQL 8.3 before 8.3.8 and 8.2 before 8.2.14, when using LDAP authentication with anonymous binds, allows remote attackers to bypass authentication via an empty password.
13-02-2024 - 17:41 17-09-2009 - 10:30
CVE-2008-2374 7.5
src/sdp.c in bluez-libs 3.30 in BlueZ, and other bluez-libs before 3.34 and bluez-utils before 3.34 versions, does not validate string length fields in SDP packets, which allows remote SDP servers to cause a denial of service or possibly have unspeci
13-02-2024 - 16:09 07-07-2008 - 23:41
CVE-2006-6143 9.3
The RPC library in Kerberos 5 1.4 through 1.4.4, and 1.5 through 1.5.1, as used in Kerberos administration daemon (kadmind) and other products that use this library, calls an uninitialized function pointer in freed memory, which allows remote attacke
09-02-2024 - 03:26 31-12-2006 - 05:00
CVE-2009-0040 6.8
The PNG reference library (aka libpng) before 1.0.43, and 1.2.x before 1.2.35, as used in pngcrush and other applications, allows context-dependent attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a cr
09-02-2024 - 03:25 22-02-2009 - 22:30
CVE-2007-4000 8.5
The kadm5_modify_policy_internal function in lib/kadm5/srv/svr_policy.c in the Kerberos administration daemon (kadmind) in MIT Kerberos 5 (krb5) 1.5 through 1.6.2 does not properly check return values when the policy does not exist, which might allow
09-02-2024 - 03:24 05-09-2007 - 10:17
CVE-2009-1721 6.8
The decompression implementation in the Imf::hufUncompress function in OpenEXR 1.2.2 and 1.6.1 allows context-dependent attackers to cause a denial of service (application crash) or possibly execute arbitrary code via vectors that trigger a free of a
09-02-2024 - 03:22 31-07-2009 - 19:00
CVE-2009-0846 10.0
The asn1_decode_generaltime function in lib/krb5/asn.1/asn1_decode.c in the ASN.1 GeneralizedTime decoder in MIT Kerberos 5 (aka krb5) before 1.6.4 allows remote attackers to cause a denial of service (daemon crash) or possibly execute arbitrary code
09-02-2024 - 03:21 09-04-2009 - 00:30
CVE-2008-4989 4.3
The _gnutls_x509_verify_certificate function in lib/x509/verify.c in libgnutls in GnuTLS before 2.6.1 trusts certificate chains in which the last certificate is an arbitrary trusted, self-signed certificate, which allows man-in-the-middle attackers t
09-02-2024 - 03:19 13-11-2008 - 01:00
CVE-2007-6013 6.8
Wordpress 1.5 through 2.3.1 uses cookie values based on the MD5 hash of a password MD5 hash, which allows attackers to bypass authentication by obtaining the MD5 hash from the user database, then generating the authentication cookie from that hash.
09-02-2024 - 03:15 19-11-2007 - 21:46
CVE-2015-8854 7.8
The marked package before 0.3.4 for Node.js allows attackers to cause a denial of service (CPU consumption) via unspecified vectors that trigger a "catastrophic backtracking issue for the em inline rule," aka a "regular expression denial of service (
09-02-2024 - 03:01 23-01-2017 - 21:59
CVE-2008-2951 5.8
Open redirect vulnerability in the search script in Trac before 0.10.5 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the q parameter, possibly related to the quickjump function.
09-02-2024 - 02:30 27-07-2008 - 22:41
CVE-2011-4107 4.3
The simplexml_load_string function in the XML import plug-in (libraries/import/xml.php) in phpMyAdmin 3.4.x before 3.4.7.1 and 3.3.x before 3.3.10.5 allows remote authenticated users to read arbitrary files via XML data containing external entity ref
09-02-2024 - 02:27 17-11-2011 - 19:55
CVE-2008-0062 9.3
KDC in MIT Kerberos 5 (krb5kdc) does not set a global variable for some krb4 message types, which allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via crafted messages that trigger a NULL pointer derefe
09-02-2024 - 00:42 19-03-2008 - 10:44
CVE-2008-0063 4.3
The Kerberos 4 support in KDC in MIT Kerberos 5 (krb5kdc) does not properly clear the unused portion of a buffer when generating an error message, which might allow remote attackers to obtain sensitive information, aka "Uninitialized stack values."
09-02-2024 - 00:35 19-03-2008 - 10:44
CVE-2004-0421 5.0
The Portable Network Graphics library (libpng) 1.0.15 and earlier allows attackers to cause a denial of service (crash) via a malformed PNG image file that triggers an error that causes an out-of-bounds read when creating the error message.
09-02-2024 - 00:27 18-08-2004 - 04:00
CVE-2009-3620 4.9
The ATI Rage 128 (aka r128) driver in the Linux kernel before 2.6.31-git11 does not properly verify Concurrent Command Engine (CCE) state initialization, which allows local users to cause a denial of service (NULL pointer dereference and system crash
09-02-2024 - 00:20 22-10-2009 - 16:00
CVE-2020-20739 5.0
im_vips2dz in /libvips/libvips/deprecated/im_vips2dz.c in libvips before 8.8.2 has an uninitialized variable which may cause the leakage of remote server path or stack address.
08-02-2024 - 23:50 20-11-2020 - 19:15
CVE-2010-1637 4.0
The Mail Fetch plugin in SquirrelMail 1.4.20 and earlier allows remote authenticated users to bypass firewall restrictions and use SquirrelMail as a proxy to scan internal networks via a modified POP3 port number.
08-02-2024 - 19:56 22-06-2010 - 17:30
CVE-2008-3282 9.3
Integer overflow in the rtl_allocateMemory function in sal/rtl/source/alloc_global.c in the memory allocator in OpenOffice.org (OOo) 2.4.1, on 64-bit platforms, allows remote attackers to cause a denial of service (application crash) or possibly exec
08-02-2024 - 02:18 29-08-2008 - 18:41
CVE-2010-0050 9.3
Use-after-free vulnerability in WebKit in Apple Safari before 4.0.5 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via an HTML document with improperly nested tags.
03-02-2024 - 02:24 15-03-2010 - 14:15
CVE-2010-0302 4.3
Use-after-free vulnerability in the abstract file-descriptor handling interface in the cupsdDoSelect function in scheduler/select.c in the scheduler in cupsd in CUPS before 1.4.4, when kqueue or epoll is used, allows remote attackers to cause a denia
03-02-2024 - 02:22 05-03-2010 - 19:30
CVE-2008-5021 9.3
nsFrameManager in Firefox 3.x before 3.0.4, Firefox 2.x before 2.0.0.18, Thunderbird 2.x before 2.0.0.18, and SeaMonkey 1.x before 1.1.13 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code by modifying pr
02-02-2024 - 17:07 13-11-2008 - 11:30
CVE-2010-0629 4.0
Use-after-free vulnerability in kadmin/server/server_stubs.c in kadmind in MIT Kerberos 5 (aka krb5) 1.5 through 1.6.3 allows remote authenticated users to cause a denial of service (daemon crash) via a request from a kadmin client that sends an inva
02-02-2024 - 16:52 07-04-2010 - 15:30
CVE-2010-4168 5.0
Multiple use-after-free vulnerabilities in OpenTTD 1.0.x before 1.0.5 allow (1) remote attackers to cause a denial of service (invalid write and daemon crash) by abruptly disconnecting during transmission of the map from the server, related to networ
02-02-2024 - 16:40 17-11-2010 - 16:00
CVE-2010-2941 9.3
ipp.c in cupsd in CUPS 1.4.4 and earlier does not properly allocate memory for attribute values with invalid string data types, which allows remote attackers to cause a denial of service (use-after-free and application crash) or possibly execute arbi
02-02-2024 - 16:35 05-11-2010 - 17:00
CVE-2010-2547 5.1
Use-after-free vulnerability in kbx/keybox-blob.c in GPGSM in GnuPG 2.x through 2.0.16 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a certificate with a large number of Subject Alternate Names,
02-02-2024 - 16:34 05-08-2010 - 18:17
CVE-2009-0023 4.3
The apr_strmatch_precompile function in strmatch/apr_strmatch.c in Apache APR-util before 1.3.5 allows remote attackers to cause a denial of service (daemon crash) via crafted input involving (1) a .htaccess file used with the Apache HTTP Server, (2)
02-02-2024 - 16:32 08-06-2009 - 01:00
CVE-2010-1772 6.8
Use-after-free vulnerability in page/Geolocation.cpp in WebCore in WebKit before r59859, as used in Google Chrome before 5.0.375.70, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted web
02-02-2024 - 16:27 24-09-2010 - 19:00
CVE-2007-6388 4.3
Cross-site scripting (XSS) vulnerability in mod_status in the Apache HTTP Server 2.2.0 through 2.2.6, 2.0.35 through 2.0.61, and 1.3.2 through 1.3.39, when the server-status page is enabled, allows remote attackers to inject arbitrary web script or H
02-02-2024 - 16:16 08-01-2008 - 18:46
CVE-2009-3553 5.0
Use-after-free vulnerability in the abstract file-descriptor handling interface in the cupsdDoSelect function in scheduler/select.c in the scheduler in cupsd in CUPS 1.3.7 and 1.3.10 allows remote attackers to cause a denial of service (daemon crash
02-02-2024 - 16:04 20-11-2009 - 02:30
CVE-2009-2416 4.3
Multiple use-after-free vulnerabilities in libxml2 2.5.10, 2.6.16, 2.6.26, 2.6.27, and 2.6.32, and libxml 1.8.17, allow context-dependent attackers to cause a denial of service (application crash) via crafted (1) Notation or (2) Enumeration attribute
02-02-2024 - 16:04 11-08-2009 - 18:30
CVE-2009-1837 9.3
Race condition in the NPObjWrapper_NewResolve function in modules/plugin/base/src/nsJSNPRuntime.cpp in xul.dll in Mozilla Firefox 3 before 3.0.11 might allow remote attackers to execute arbitrary code via a page transition during Java applet loading,
02-02-2024 - 16:03 12-06-2009 - 21:30
CVE-2012-1988 6.0
Puppet 2.6.x before 2.6.15 and 2.7.x before 2.7.13, and Puppet Enterprise (PE) Users 1.0, 1.1, 1.2.x, 2.0.x, and 2.5.x before 2.5.1 allows remote authenticated users with agent SSL keys and file-creation permissions on the puppet master to execute ar
02-02-2024 - 15:14 29-05-2012 - 20:55
CVE-2008-3281 4.3
libxml2 2.6.32 and earlier does not properly detect recursion during entity expansion in an attribute value, which allows context-dependent attackers to cause a denial of service (memory and CPU consumption) via a crafted XML document.
02-02-2024 - 15:02 27-08-2008 - 20:41
CVE-2011-1755 5.0
jabberd2 before 2.2.14 does not properly detect recursion during entity expansion, which allows remote attackers to cause a denial of service (memory and CPU consumption) via a crafted XML document containing a large number of nested entity reference
02-02-2024 - 15:01 21-06-2011 - 02:52
CVE-2009-1955 5.0
The expat XML parser in the apr_xml_* interface in xml/apr_xml.c in Apache APR-util before 1.3.7, as used in the mod_dav and mod_dav_svn modules in the Apache HTTP Server, allows remote attackers to cause a denial of service (memory consumption) via
02-02-2024 - 14:11 08-06-2009 - 01:00
CVE-2008-0599 10.0
The init_request_info function in sapi/cgi/cgi_main.c in PHP before 5.2.6 does not properly consider operator precedence when calculating the length of PATH_TRANSLATED, which might allow remote attackers to execute arbitrary code via a crafted URI.
02-02-2024 - 13:52 05-05-2008 - 17:20
CVE-2019-5736 9.3
runc through 1.0-rc6, as used in Docker before 18.09.2 and other products, allows attackers to overwrite the host runc binary (and consequently obtain host root access) by leveraging the ability to execute a command as root within one of these types
02-02-2024 - 12:15 11-02-2019 - 19:29
CVE-2020-15811 4.0
An issue was discovered in Squid before 4.13 and 5.x before 5.0.4. Due to incorrect data validation, HTTP Request Splitting attacks may succeed against HTTP and HTTPS traffic. This leads to cache poisoning. This allows any client, including browser s
02-02-2024 - 03:04 02-09-2020 - 17:15
CVE-2010-4577 5.0
The CSSParser::parseFontFaceSrc function in WebCore/css/CSSParser.cpp in WebKit, as used in Google Chrome before 8.0.552.224, Chrome OS before 8.0.552.343, webkitgtk before 1.2.6, and other products does not properly parse Cascading Style Sheets (CSS
02-02-2024 - 02:39 22-12-2010 - 01:00
CVE-2008-0595 4.6
dbus-daemon in D-Bus before 1.0.3, and 1.1.x before 1.1.20, recognizes send_interface attributes in allow directives in the security policy only for fully qualified method calls, which allows local users to bypass intended access restrictions via a m
01-02-2024 - 02:08 29-02-2008 - 19:44
CVE-2005-3181 2.1
The audit system in Linux kernel 2.6.6, and other versions before 2.6.13.4, when CONFIG_AUDITSYSCALL is enabled, uses an incorrect function to free names_cache memory, which prevents the memory from being tracked by AUDITSYSCALL code and leads to a m
26-01-2024 - 18:56 12-10-2005 - 13:04
CVE-2004-0427 2.1
The do_fork function in Linux 2.4.x before 2.4.26, and 2.6.x before 2.6.6, does not properly decrement the mm_count counter when an error occurs after the mm_struct for a child process has been activated, which triggers a memory leak that allows loca
26-01-2024 - 18:56 07-07-2004 - 04:00
CVE-2010-0013 5.0
Directory traversal vulnerability in slp.c in the MSN protocol plugin in libpurple in Pidgin 2.6.4 and Adium 1.3.8 allows remote attackers to read arbitrary files via a .. (dot dot) in an application/x-msnmsgrp2p MSN emoticon (aka custom smiley) requ
26-01-2024 - 17:47 09-01-2010 - 18:30
CVE-2009-3611 3.6
common/snapshots.py in Back In Time (aka backintime) 0.9.26 changes certain permissions to 0777 before deleting the files in an old backup snapshot, which allows local users to obtain sensitive information by reading these files, or interfere with ba
25-01-2024 - 21:37 26-10-2009 - 16:30
CVE-2012-4406 7.5
OpenStack Object Storage (swift) before 1.7.0 uses the loads function in the pickle Python module unsafely when storing and loading metadata in memcached, which allows remote attackers to execute arbitrary code via a crafted pickle object.
25-01-2024 - 02:13 22-10-2012 - 23:55
CVE-2020-25613 5.0
An issue was discovered in Ruby through 2.5.8, 2.6.x through 2.6.6, and 2.7.x through 2.7.1. WEBrick, a simple HTTP server bundled with Ruby, had not checked the transfer-encoding header value rigorously. An attacker may potentially exploit this issu
24-01-2024 - 05:15 06-10-2020 - 13:15
CVE-2019-17570 7.5
An untrusted deserialization was found in the org.apache.xmlrpc.parser.XmlRpcResponseParser:addResult method of Apache XML-RPC (aka ws-xmlrpc) library. A malicious XML-RPC server could target a XML-RPC client causing it to execute arbitrary code. Apa
22-01-2024 - 17:15 23-01-2020 - 22:15
CVE-2011-2520 6.0
fw_dbus.py in system-config-firewall 1.2.29 and earlier uses the pickle Python module unsafely during D-Bus communication between the GUI and the backend, which might allow local users to gain privileges via a crafted serialized object.
21-01-2024 - 02:53 21-07-2011 - 23:55
CVE-2008-4577 6.4
The ACL plugin in Dovecot before 1.1.4 treats negative access rights as if they are positive access rights, which allows attackers to bypass intended access restrictions.
21-01-2024 - 02:46 15-10-2008 - 20:08
CVE-2020-10757 6.9
A flaw was found in the Linux Kernel in versions after 4.5-rc1 in the way mremap handled DAX Huge Pages. This flaw allows a local attacker with access to a DAX enabled storage to escalate their privileges on the system.
19-01-2024 - 17:51 09-06-2020 - 13:15
CVE-2007-4465 4.3
Cross-site scripting (XSS) vulnerability in mod_autoindex.c in the Apache HTTP Server before 2.2.6, when the charset on a server-generated page is not defined, allows remote attackers to inject arbitrary web script or HTML via the P parameter using t
19-01-2024 - 15:13 14-09-2007 - 00:17
CVE-2005-3352 4.3
Cross-site scripting (XSS) vulnerability in the mod_imap module of Apache httpd before 1.3.35-dev and Apache httpd 2.0.x before 2.0.56-dev allows remote attackers to inject arbitrary web script or HTML via the Referer when using image maps.
19-01-2024 - 15:12 13-12-2005 - 20:03
CVE-2020-1597 5.0
A denial of service vulnerability exists when ASP.NET Core improperly handles web requests. An attacker who successfully exploited this vulnerability could cause a denial of service against an ASP.NET Core web application. The vulnerability can be ex
19-01-2024 - 00:15 17-08-2020 - 19:15
CVE-2012-2314 2.1
The bootloader configuration module (pyanaconda/bootloader.py) in Anaconda uses 755 permissions for /etc/grub.d, which allows local users to obtain password hashes and conduct brute force password guessing attacks.
16-01-2024 - 01:15 03-07-2012 - 22:55
CVE-2008-3424 7.5
Condor before 7.0.4 does not properly handle wildcards in the ALLOW_WRITE, DENY_WRITE, HOSTALLOW_WRITE, or HOSTDENY_WRITE configuration variables in authorization policy lists, which might allow remote attackers to bypass intended access restrictions
12-01-2024 - 20:45 31-07-2008 - 22:41
CVE-2008-0008 7.2
The pa_drop_root function in PulseAudio 0.9.8, and a certain 0.9.9 build, does not check return values from (1) setresuid, (2) setreuid, (3) setuid, and (4) seteuid calls when attempting to drop privileges, which might allow local users to gain privi
09-01-2024 - 02:46 29-01-2008 - 00:00
CVE-2020-1045 5.0
<p>A security feature bypass vulnerability exists in the way Microsoft ASP.NET Core parses encoded cookie names.</p> <p>The ASP.NET Core cookie parser decodes entire cookie strings which could allow a malicious attacker to set a second cookie with th
31-12-2023 - 22:15 11-09-2020 - 17:15
CVE-2020-12803 4.3
ODF documents can contain forms to be filled out by the user. Similar to HTML forms, the contained form data can be submitted to a URI, for example, to an external web server. To create submittable forms, ODF implements the XForms W3C standard, which
31-12-2023 - 14:15 08-06-2020 - 16:15
CVE-2020-12802 4.3
LibreOffice has a 'stealth mode' in which only documents from locations deemed 'trusted' are allowed to retrieve remote resources. This mode is not the default mode, but can be enabled by users who want to disable LibreOffice's ability to include rem
31-12-2023 - 14:15 08-06-2020 - 16:15
CVE-2019-16892 7.1
In Rubyzip before 1.3.0, a crafted ZIP file can bypass application checks on ZIP entry sizes because data about the uncompressed size can be spoofed. This allows attackers to cause a denial of service (disk consumption).
28-12-2023 - 17:04 25-09-2019 - 22:15
CVE-2004-0079 5.0
The do_change_cipher_spec function in OpenSSL 0.9.6c to 0.9.6k, and 0.9.7a to 0.9.7c, allows remote attackers to cause a denial of service (crash) via a crafted SSL/TLS handshake that triggers a null dereference.
28-12-2023 - 15:33 23-11-2004 - 05:00
CVE-2013-2168 1.9
The _dbus_printf_string_upper_bound function in dbus/dbus-sysdeps-unix.c in D-Bus (aka DBus) 1.4.x before 1.4.26, 1.6.x before 1.6.12, and 1.7.x before 1.7.4 allows local users to cause a denial of service (service crash) via a crafted message.
27-12-2023 - 16:36 03-07-2013 - 18:55
CVE-2011-1027 5.0
Off-by-one error in the convert_query_hexchar function in html.c in cgit.cgi in cgit before 0.8.3.5 allows remote attackers to cause a denial of service (infinite loop) via a string composed of a % (percent) character followed by invalid hex characte
22-12-2023 - 18:50 20-03-2011 - 02:00
CVE-2011-1002 5.0
avahi-core/socket.c in avahi-daemon in Avahi before 0.6.29 allows remote attackers to cause a denial of service (infinite loop) via an empty mDNS (1) IPv4 or (2) IPv6 UDP packet to port 5353. NOTE: this vulnerability exists because of an incorrect f
22-12-2023 - 18:19 22-02-2011 - 19:00
CVE-2011-4517 6.8
The jpc_crg_getparms function in libjasper/jpc/jpc_cs.c in JasPer 1.900.1 uses an incorrect data type during a certain size calculation, which allows remote attackers to trigger a heap-based buffer overflow and execute arbitrary code, or cause a deni
20-12-2023 - 18:29 15-12-2011 - 03:57
CVE-2011-4516 6.8
Heap-based buffer overflow in the jpc_cox_getcompparms function in libjasper/jpc/jpc_cs.c in JasPer 1.900.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted numrlvls value in a coding st
20-12-2023 - 18:29 15-12-2011 - 03:57
CVE-2019-14835 7.2
A buffer overflow flaw was found, in versions from 2.6.34 to 5.2.x, in the way Linux kernel's vhost functionality that translates virtqueue buffers to IOVs, logged the buffer descriptors during migration. A privileged guest user able to pass descript
15-12-2023 - 15:29 17-09-2019 - 16:15
CVE-2009-3560 5.0
The big2_toUtf8 function in lib/xmltok.c in libexpat in Expat 2.0.1, as used in the XML-Twig module for Perl, allows context-dependent attackers to cause a denial of service (application crash) via an XML document with malformed UTF-8 sequences that
01-11-2023 - 17:16 04-12-2009 - 21:30
CVE-2010-0408 5.0
The ap_proxy_ajp_request function in mod_proxy_ajp.c in mod_proxy_ajp in the Apache HTTP Server 2.2.x before 2.2.15 does not properly handle certain situations in which a client sends no request body, which allows remote attackers to cause a denial o
01-11-2023 - 15:32 05-03-2010 - 16:30
CVE-2020-25648 5.0
A flaw was found in the way NSS handled CCS (ChangeCipherSpec) messages in TLS 1.3. This flaw allows a remote attacker to send multiple CCS messages, causing a denial of service for servers compiled with the NSS library. The highest threat from this
28-10-2023 - 17:15 20-10-2020 - 22:15
CVE-2019-9199 6.8
PoDoFo::Impose::PdfTranslator::setSource() in pdftranslator.cpp in PoDoFo 0.9.6 has a NULL pointer dereference that can (for example) be triggered by sending a crafted PDF file to the podofoimpose binary. It allows an attacker to cause Denial of Serv
27-10-2023 - 21:15 26-02-2019 - 23:29
CVE-2020-27781 3.6
User credentials can be manipulated and stolen by Native CephFS consumers of OpenStack Manila, resulting in potential privilege escalation. An Open Stack Manila user can request access to a share to an arbitrary cephx user, including existing users.
23-10-2023 - 19:15 18-12-2020 - 21:15
CVE-2020-1760 4.3
A flaw was found in the Ceph Object Gateway, where it supports request sent by an anonymous user in Amazon S3. This flaw could lead to potential XSS attacks due to the lack of proper neutralization of untrusted input.
23-10-2023 - 19:15 23-04-2020 - 15:15
CVE-2020-10753 4.3
A flaw was found in the Red Hat Ceph Storage RadosGW (Ceph Object Gateway). The vulnerability is related to the injection of HTTP headers via a CORS ExposeHeader tag. The newline character in the ExposeHeader tag in the CORS configuration file genera
23-10-2023 - 19:15 26-06-2020 - 15:15
CVE-2020-11096 6.4
In FreeRDP before version 2.1.2, there is a global OOB read in update_read_cache_bitmap_v3_order. As a workaround, one can disable bitmap cache with -bitmap-cache (default). This is fixed in version 2.1.2.
20-10-2023 - 19:38 22-06-2020 - 22:15
CVE-2020-11095 5.5
In FreeRDP before version 2.1.2, an out of bound reads occurs resulting in accessing a memory location that is outside of the boundaries of the static array PRIMARY_DRAWING_ORDER_FIELD_BYTES. This is fixed in version 2.1.2.
20-10-2023 - 19:38 22-06-2020 - 22:15
CVE-2020-11097 5.5
In FreeRDP before version 2.1.2, an out of bounds read occurs resulting in accessing a memory location that is outside of the boundaries of the static array PRIMARY_DRAWING_ORDER_FIELD_BYTES. This is fixed in version 2.1.2.
20-10-2023 - 19:38 22-06-2020 - 22:15
CVE-2020-4031 4.3
In FreeRDP before version 2.1.2, there is a use-after-free in gdi_SelectObject. All FreeRDP clients using compatibility mode with /relax-order-checks are affected. This is fixed in version 2.1.2.
20-10-2023 - 19:27 22-06-2020 - 22:15
CVE-2020-4030 6.4
In FreeRDP before version 2.1.2, there is an out of bounds read in TrioParse. Logging might bypass string length checks due to an integer overflow. This is fixed in version 2.1.2.
20-10-2023 - 19:27 22-06-2020 - 22:15
CVE-2020-4032 4.3
In FreeRDP before version 2.1.2, there is an integer casting vulnerability in update_recv_secondary_order. All clients with +glyph-cache /relax-order-checks are affected. This is fixed in version 2.1.2.
20-10-2023 - 19:27 22-06-2020 - 22:15
CVE-2020-11099 6.4
In FreeRDP before version 2.1.2, there is an out of bounds read in license_read_new_or_upgrade_license_packet. A manipulated license packet can lead to out of bound reads to an internal buffer. This is fixed in version 2.1.2.
20-10-2023 - 19:27 22-06-2020 - 22:15
CVE-2020-11098 5.8
In FreeRDP before version 2.1.2, there is an out-of-bound read in glyph_cache_put. This affects all FreeRDP clients with `+glyph-cache` option enabled This is fixed in version 2.1.2.
20-10-2023 - 19:27 22-06-2020 - 22:15
CVE-2020-4033 6.4
In FreeRDP before version 2.1.2, there is an out of bounds read in RLEDECOMPRESS. All FreeRDP based clients with sessions with color depth < 32 are affected. This is fixed in version 2.1.2.
20-10-2023 - 19:26 22-06-2020 - 22:15
CVE-2020-15103 3.5
In FreeRDP less than or equal to 2.1.2, an integer overflow exists due to missing input sanitation in rdpegfx channel. All FreeRDP clients are affected. The input rectangles from the server are not checked against local surface coordinates and blindl
20-10-2023 - 19:26 27-07-2020 - 18:15
CVE-2008-1897 4.3
The IAX2 channel driver (chan_iax2) in Asterisk Open Source 1.0.x, 1.2.x before 1.2.28, and 1.4.x before 1.4.19.1; Business Edition A.x.x, B.x.x before B.2.5.2, and C.x.x before C.1.8.1; AsteriskNOW before 1.0.3; Appliance Developer Kit 0.x.x; and s8
20-10-2023 - 02:15 23-04-2008 - 16:05
CVE-2019-9514 7.8
Some HTTP/2 implementations are vulnerable to a reset flood, potentially leading to a denial of service. The attacker opens a number of streams and sends an invalid request over each stream that should solicit a stream of RST_STREAM frames from the p
19-10-2023 - 03:15 13-08-2019 - 21:15
CVE-2020-11080 5.0
In nghttp2 before version 1.41.0, the overly large HTTP/2 SETTINGS frame payload causes denial of service. The proof of concept attack involves a malicious client constructing a SETTINGS frame with a length of 14,400 bytes (2400 individual settings e
16-10-2023 - 18:15 03-06-2020 - 23:15
CVE-2020-11884 6.9
In the Linux kernel 4.19 through 5.6.7 on the s390 platform, code execution may occur because of a race condition, as demonstrated by code in enable_sacf_uaccess in arch/s390/lib/uaccess.c that fails to protect against a concurrent page table upgrade
12-10-2023 - 13:31 29-04-2020 - 13:15
CVE-2015-8104 4.7
The KVM subsystem in the Linux kernel through 4.2.6, and Xen 4.3.x through 4.6.x, allows guest OS users to cause a denial of service (host OS panic or hang) by triggering many #DB (aka Debug) exceptions, related to svm.c.
10-10-2023 - 15:15 16-11-2015 - 11:59
CVE-2019-11324 5.0
The urllib3 library before 1.24.2 for Python mishandles certain cases where the desired set of CA certificates is different from the OS store of CA certificates, which results in SSL connections succeeding in situations where a verification failure i
08-10-2023 - 14:15 18-04-2019 - 21:29
CVE-2019-11236 4.3
In the urllib3 library through 1.24.1 for Python, CRLF injection is possible if the attacker controls the request parameter.
08-10-2023 - 14:15 15-04-2019 - 15:29
CVE-2019-14870 6.4
All Samba versions 4.x.x before 4.9.17, 4.10.x before 4.10.11 and 4.11.x before 4.11.3 have an issue, where the S4U (MS-SFU) Kerberos delegation model includes a feature allowing for a subset of clients to be opted out of constrained delegation in an
08-10-2023 - 09:15 10-12-2019 - 23:15
CVE-2010-1623 5.0
Memory leak in the apr_brigade_split_line function in buckets/apr_brigade.c in the Apache Portable Runtime Utility library (aka APR-util) before 1.3.10, as used in the mod_reqtimeout module in the Apache HTTP Server and other software, allows remote
03-10-2023 - 15:39 04-10-2010 - 21:00
CVE-2019-3885 5.0
A use-after-free flaw was found in pacemaker up to and including version 2.0.1 which could result in certain sensitive information to be leaked via the system logs.
29-09-2023 - 11:15 18-04-2019 - 18:29
CVE-2018-16878 2.1
A flaw was found in pacemaker up to and including version 2.0.1. An insufficient verification inflicted preference of uncontrolled processes can lead to DoS
29-09-2023 - 11:15 18-04-2019 - 18:29
CVE-2018-16877 4.6
A flaw was found in the way pacemaker's client-server authentication was implemented in versions up to and including 2.0.0. A local attacker could use this flaw, and combine it with other IPC weaknesses, to achieve local privilege escalation.
29-09-2023 - 11:15 18-04-2019 - 18:29
CVE-2019-14814 7.2
There is heap-based buffer overflow in Linux kernel, all versions up to, excluding 5.3, in the marvell wifi chip driver in Linux kernel, that allows local users to cause a denial of service(system crash) or possibly execute arbitrary code.
28-09-2023 - 19:09 20-09-2019 - 19:15
CVE-2018-12207 4.9
Improper invalidation for page table updates by a virtual guest operating system for multiple Intel(R) Processors may allow an authenticated user to potentially enable denial of service of the host system via local access.
27-09-2023 - 20:51 14-11-2019 - 20:15
CVE-2013-6370 5.0
Buffer overflow in the printbuf APIs in json-c before 0.12 allows remote attackers to cause a denial of service via unspecified vectors.
25-09-2023 - 02:30 22-04-2014 - 13:06
CVE-2013-6371 5.0
The hash functionality in json-c before 0.12 allows context-dependent attackers to cause a denial of service (CPU consumption) via crafted JSON data, involving collisions.
25-09-2023 - 02:30 22-04-2014 - 13:06
CVE-2020-12762 6.8
json-c through 0.14 has an integer overflow and out-of-bounds write via a large JSON file, as demonstrated by printbuf_memappend.
25-09-2023 - 02:30 09-05-2020 - 18:15
CVE-2016-1238 7.2
(1) cpan/Archive-Tar/bin/ptar, (2) cpan/Archive-Tar/bin/ptardiff, (3) cpan/Archive-Tar/bin/ptargrep, (4) cpan/CPAN/scripts/cpan, (5) cpan/Digest-SHA/shasum, (6) cpan/Encode/bin/enc2xs, (7) cpan/Encode/bin/encguess, (8) cpan/Encode/bin/piconv, (9) cpa
22-09-2023 - 16:58 02-08-2016 - 14:59
CVE-2019-19344 4.0
There is a use-after-free issue in all samba 4.9.x versions before 4.9.18, all samba 4.10.x versions before 4.10.12 and all samba 4.11.x versions before 4.11.5, essentially due to a call to realloc() while other local variables still point at the ori
14-09-2023 - 17:15 21-01-2020 - 18:15
CVE-2019-14833 4.9
A flaw was found in Samba, all versions starting samba 4.5.0 before samba 4.9.15, samba 4.10.10, samba 4.11.2, in the way it handles a user password change or a new password for a samba user. The Samba Active Directory Domain Controller can be config
14-09-2023 - 17:15 06-11-2019 - 10:15
CVE-2019-14902 5.5
There is an issue in all samba 4.11.x versions before 4.11.5, all samba 4.10.x versions before 4.10.12 and all samba 4.9.x versions before 4.9.18, where the removal of the right to create or modify a subtree would not automatically be taken away on a
14-09-2023 - 17:15 21-01-2020 - 18:15
CVE-2019-14847 4.0
A flaw was found in samba 4.0.0 before samba 4.9.15 and samba 4.10.x before 4.10.10. An attacker can crash AD DC LDAP server via dirsync resulting in denial of service. Privilege escalation is not possible with this issue.
14-09-2023 - 17:15 06-11-2019 - 10:15
CVE-2019-14907 2.6
All samba versions 4.9.x before 4.9.18, 4.10.x before 4.10.12 and 4.11.x before 4.11.5 have an issue where if it is set with "log level = 3" (or above) then the string obtained from the client, after a failed character conversion, is printed. Such st
14-09-2023 - 17:15 21-01-2020 - 18:15
CVE-2019-10218 4.3
A flaw was found in the samba client, all samba versions before samba 4.11.2, 4.10.10 and 4.9.15, where a malicious server can supply a pathname to the client with separators. This could allow the client to access files and folders outside of the SMB
14-09-2023 - 17:15 06-11-2019 - 10:15
CVE-2012-2098 5.0
Algorithmic complexity vulnerability in the sorting algorithms in bzip2 compressing stream (BZip2CompressorOutputStream) in Apache Commons Compress before 1.4.1 allows remote attackers to cause a denial of service (CPU consumption) via a file with ma
14-09-2023 - 00:15 29-06-2012 - 19:55
CVE-2019-16943 6.8
A Polymorphic Typing issue was discovered in FasterXML jackson-databind 2.0.0 through 2.9.10. When Default Typing is enabled (either globally or for a specific property) for an externally exposed JSON endpoint and the service has the p6spy (3.8.6) ja
13-09-2023 - 14:55 01-10-2019 - 17:15
CVE-2019-16335 7.5
A Polymorphic Typing issue was discovered in FasterXML jackson-databind before 2.9.10. It is related to com.zaxxer.hikari.HikariDataSource. This is a different vulnerability than CVE-2019-14540.
13-09-2023 - 14:55 15-09-2019 - 22:15
CVE-2019-14439 5.0
A Polymorphic Typing issue was discovered in FasterXML jackson-databind 2.x before 2.9.9.2. This occurs when Default Typing is enabled (either globally or for a specific property) for an externally exposed JSON endpoint and the service has the logbac
13-09-2023 - 14:54 30-07-2019 - 11:15
CVE-2019-14540 7.5
A Polymorphic Typing issue was discovered in FasterXML jackson-databind before 2.9.10. It is related to com.zaxxer.hikari.HikariConfig.
13-09-2023 - 14:54 15-09-2019 - 22:15
CVE-2019-14379 7.5
SubTypeValidator.java in FasterXML jackson-databind before 2.9.9.2 mishandles default typing when ehcache is used (because of net.sf.ehcache.transaction.manager.DefaultTransactionManagerLookup), leading to remote code execution.
13-09-2023 - 14:53 29-07-2019 - 12:15
CVE-2019-12384 4.3
FasterXML jackson-databind 2.x before 2.9.9.1 might allow attackers to have a variety of impacts by leveraging failure to block the logback-core class from polymorphic deserialization. Depending on the classpath content, remote code execution may be
13-09-2023 - 14:16 24-06-2019 - 16:15
CVE-2019-12086 5.0
A Polymorphic Typing issue was discovered in FasterXML jackson-databind 2.x before 2.9.9. When Default Typing is enabled (either globally or for a specific property) for an externally exposed JSON endpoint, the service has the mysql-connector-java ja
13-09-2023 - 14:16 17-05-2019 - 17:29
CVE-2019-12814 4.3
A Polymorphic Typing issue was discovered in FasterXML jackson-databind 2.x through 2.9.9. When Default Typing is enabled (either globally or for a specific property) for an externally exposed JSON endpoint and the service has JDOM 1.x or 2.x jar in
13-09-2023 - 14:15 19-06-2019 - 14:15
CVE-2016-4482 2.1
The proc_connectinfo function in drivers/usb/core/devio.c in the Linux kernel through 4.6 does not initialize a certain data structure, which allows local users to obtain sensitive information from kernel stack memory via a crafted USBDEVFS_CONNECTIN
12-09-2023 - 14:55 23-05-2016 - 10:59
CVE-2014-3566 4.3
The SSL protocol 3.0, as used in OpenSSL through 1.0.1i and other products, uses nondeterministic CBC padding, which makes it easier for man-in-the-middle attackers to obtain cleartext data via a padding-oracle attack, aka the "POODLE" issue.
12-09-2023 - 14:55 15-10-2014 - 00:55
CVE-2016-3672 4.6
The arch_pick_mmap_layout function in arch/x86/mm/mmap.c in the Linux kernel through 4.5.2 does not properly randomize the legacy base address, which makes it easier for local users to defeat the intended restrictions on the ADDR_NO_RANDOMIZE flag, a
12-09-2023 - 14:55 27-04-2016 - 17:59
CVE-2016-9960 2.1
game-music-emu before 0.6.1 allows local users to cause a denial of service (divide by zero and process crash).
12-09-2023 - 14:45 06-06-2017 - 18:29
CVE-2016-9961 10.0
game-music-emu before 0.6.1 mishandles unspecified integer values.
12-09-2023 - 14:45 06-06-2017 - 18:29
CVE-2013-4589 4.3
The ExportAlphaQuantumType function in export.c in GraphicsMagick before 1.3.18 might allow remote attackers to cause a denial of service (crash) via vectors related to exporting the alpha of an 8-bit RGBA image.
12-09-2023 - 14:45 23-11-2013 - 11:55
CVE-2019-17498 5.8
In libssh2 v1.9.0 and earlier versions, the SSH_MSG_DISCONNECT logic in packet.c has an integer overflow in a bounds check, enabling an attacker to specify an arbitrary (out-of-bounds) offset for a subsequent memory read. A crafted SSH server may be
08-09-2023 - 14:15 21-10-2019 - 22:15
CVE-2019-13115 5.8
In libssh2 before 1.9.0, kex_method_diffie_hellman_group_exchange_sha256_key_exchange in kex.c has an integer overflow that could lead to an out-of-bounds read in the way packets are read from the server. A remote attacker who compromises a SSH serve
08-09-2023 - 14:15 16-07-2019 - 18:15
CVE-2020-11023 4.3
In jQuery versions greater than or equal to 1.0.3 and before 3.5.0, passing HTML containing <option> elements from untrusted sources - even after sanitizing it - to one of jQuery's DOM manipulation methods (i.e. .html(), .append(), and others) may ex
31-08-2023 - 03:15 29-04-2020 - 21:15
CVE-2020-11022 4.3
In jQuery versions greater than or equal to 1.2 and before 3.5.0, passing HTML from untrusted sources - even after sanitizing it - to one of jQuery's DOM manipulation methods (i.e. .html(), .append(), and others) may execute untrusted code. This prob
31-08-2023 - 03:15 29-04-2020 - 22:15
CVE-2019-12402 5.0
The file name encoding algorithm used internally in Apache Commons Compress 1.15 to 1.18 can get into an infinite loop when faced with specially crafted inputs. This can lead to a denial of service attack if an attacker can choose the file names insi
18-08-2023 - 14:15 30-08-2019 - 09:15
CVE-2018-14468 5.0
The FRF.16 parser in tcpdump before 4.9.3 has a buffer over-read in print-fr.c:mfr_print().
16-08-2023 - 14:17 03-10-2019 - 16:15
CVE-2018-16229 5.0
The DCCP parser in tcpdump before 4.9.3 has a buffer over-read in print-dccp.c:dccp_print_option().
16-08-2023 - 14:17 03-10-2019 - 16:15
CVE-2018-14469 5.0
The IKEv1 parser in tcpdump before 4.9.3 has a buffer over-read in print-isakmp.c:ikev1_n_print().
16-08-2023 - 14:17 03-10-2019 - 16:15
CVE-2018-14462 5.0
The ICMP parser in tcpdump before 4.9.3 has a buffer over-read in print-icmp.c:icmp_print().
16-08-2023 - 14:17 03-10-2019 - 16:15
CVE-2018-14880 5.0
The OSPFv3 parser in tcpdump before 4.9.3 has a buffer over-read in print-ospf6.c:ospf6_print_lshdr().
16-08-2023 - 14:17 03-10-2019 - 16:15
CVE-2018-14879 5.1
The command-line argument parser in tcpdump before 4.9.3 has a buffer overflow in tcpdump.c:get_next_file().
16-08-2023 - 14:17 03-10-2019 - 16:15
CVE-2018-14465 5.0
The RSVP parser in tcpdump before 4.9.3 has a buffer over-read in print-rsvp.c:rsvp_obj_print().
16-08-2023 - 14:17 03-10-2019 - 16:15
CVE-2018-14463 5.0
The VRRP parser in tcpdump before 4.9.3 has a buffer over-read in print-vrrp.c:vrrp_print() for VRRP version 2, a different vulnerability than CVE-2019-15167.
16-08-2023 - 14:17 03-10-2019 - 16:15
CVE-2018-14882 5.0
The ICMPv6 parser in tcpdump before 4.9.3 has a buffer over-read in print-icmp6.c.
16-08-2023 - 14:17 03-10-2019 - 16:15
CVE-2005-0372 5.0
Directory traversal vulnerability in gftp before 2.0.18 for GTK+ allows remote malicious FTP servers to read arbitrary files via .. (dot dot) sequences in filenames returned from a LIST command.
03-08-2023 - 17:17 02-05-2005 - 04:00
CVE-2007-4965 5.8
Multiple integer overflows in the imageop module in Python 2.5.1 and earlier allow context-dependent attackers to cause a denial of service (application crash) and possibly obtain sensitive information (memory contents) via crafted arguments to (1) t
02-08-2023 - 18:52 18-09-2007 - 22:17
CVE-2008-1145 5.0
Directory traversal vulnerability in WEBrick in Ruby 1.8 before 1.8.5-p115 and 1.8.6-p114, and 1.9 through 1.9.0-1, when running on systems that support backslash (\) path separators or case-insensitive file names, allows remote attackers to access a
01-08-2023 - 18:58 04-03-2008 - 23:44
CVE-2020-36158 7.2
mwifiex_cmd_802_11_ad_hoc_start in drivers/net/wireless/marvell/mwifiex/join.c in the Linux kernel through 5.10.4 might allow remote attackers to execute arbitrary code via a long SSID value, aka CID-5c455c5ab332.
28-07-2023 - 19:36 05-01-2021 - 05:15
CVE-2008-2383 9.3
CRLF injection vulnerability in xterm allows user-assisted attackers to execute arbitrary commands via LF (aka \n) characters surrounding a command name within a Device Control Request Status String (DECRQSS) escape sequence in a text file, a related
27-07-2023 - 05:15 02-01-2009 - 18:11
CVE-2019-14816 7.2
There is heap-based buffer overflow in kernel, all versions up to, excluding 5.3, in the marvell wifi chip driver in Linux kernel, that allows local users to cause a denial of service(system crash) or possibly execute arbitrary code.
12-07-2023 - 19:27 20-09-2019 - 19:15
CVE-2016-7103 4.3
Cross-site scripting (XSS) vulnerability in jQuery UI before 1.12.0 might allow remote attackers to inject arbitrary web script or HTML via the closeText parameter of the dialog function.
22-06-2023 - 19:50 15-03-2017 - 16:59
CVE-2013-6629 5.0
The get_sos function in jdmarker.c in (1) libjpeg 6b and (2) libjpeg-turbo through 1.3.0, as used in Google Chrome before 31.0.1650.48, Ghostscript, and other products, does not check for certain duplications of component data during the reading of s
21-06-2023 - 18:19 19-11-2013 - 04:50
CVE-2016-3630 6.8
The binary delta decoder in Mercurial before 3.7.3 allows remote attackers to execute arbitrary code via a (1) clone, (2) push, or (3) pull command, related to (a) a list sizing rounding error and (b) short records.
21-06-2023 - 15:19 13-04-2016 - 16:59
CVE-2016-2315 10.0
revision.c in git before 2.7.4 uses an incorrect integer data type, which allows remote attackers to execute arbitrary code via a (1) long filename or (2) many nested trees, leading to a heap-based buffer overflow.
21-06-2023 - 15:18 08-04-2016 - 14:59
CVE-2016-2324 10.0
Integer overflow in Git before 2.7.4 allows remote attackers to execute arbitrary code via a (1) long filename or (2) many nested trees, which triggers a heap-based buffer overflow.
21-06-2023 - 15:18 08-04-2016 - 14:59
CVE-2020-10188 10.0
utility.c in telnetd in netkit telnet through 0.17 allows remote attackers to execute arbitrary code via short writes or urgent data, because of a buffer overflow involving the netclear and nextitem functions.
16-06-2023 - 17:44 06-03-2020 - 15:15
CVE-2020-15972 6.8
Use after free in audio in Google Chrome prior to 86.0.4240.75 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
12-06-2023 - 07:15 03-11-2020 - 03:15
CVE-2020-6449 6.8
Use after free in audio in Google Chrome prior to 80.0.3987.149 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
12-06-2023 - 07:15 23-03-2020 - 16:15
CVE-2019-16942 7.5
A Polymorphic Typing issue was discovered in FasterXML jackson-databind 2.0.0 through 2.9.10. When Default Typing is enabled (either globally or for a specific property) for an externally exposed JSON endpoint and the service has the commons-dbcp (1.
08-06-2023 - 18:00 01-10-2019 - 17:15
CVE-2013-4279 5.0
imapsync 1.564 and earlier performs a release check by default, which sends sensitive information (imapsync, operating system, and Perl version) to the developer's site.
07-06-2023 - 13:59 18-04-2014 - 22:14
CVE-2014-2014 4.3
imapsync before 1.584, when running with the --tls option, attempts a cleartext login when a certificate verification failure occurs, which allows remote attackers to obtain credentials by sniffing the network.
07-06-2023 - 13:59 18-04-2014 - 22:14
CVE-2019-14889 9.3
A flaw was found with the libssh API function ssh_scp_new() in versions before 0.9.3 and before 0.8.8. When the libssh SCP client connects to a server, the scp command, which includes a user-provided path, is executed on the server-side. In case the
30-05-2023 - 00:15 10-12-2019 - 23:15
CVE-2019-20479 5.8
A flaw was found in mod_auth_openidc before version 2.4.1. An open redirect issue exists in URLs with a slash and backslash at the beginning.
25-05-2023 - 20:18 20-02-2020 - 06:15
CVE-2017-6059 5.0
Mod_auth_openidc.c in the Ping Identity OpenID Connect authentication module for Apache (aka mod_auth_openidc) before 2.14 allows remote attackers to spoof page content via a malicious URL provided to the user, which triggers an invalid request.
25-05-2023 - 20:18 12-04-2017 - 20:59
CVE-2017-6413 5.0
The "OpenID Connect Relying Party and OAuth 2.0 Resource Server" (aka mod_auth_openidc) module before 2.1.6 for the Apache HTTP Server does not skip OIDC_CLAIM_ and OIDCAuthNHeader headers in an "AuthType oauth20" configuration, which allows remote a
25-05-2023 - 20:18 02-03-2017 - 06:59
CVE-2017-6062 5.0
The "OpenID Connect Relying Party and OAuth 2.0 Resource Server" (aka mod_auth_openidc) module before 2.1.5 for the Apache HTTP Server does not skip OIDC_CLAIM_ and OIDCAuthNHeader headers in an "OIDCUnAuthAction pass" configuration, which allows rem
25-05-2023 - 20:18 02-03-2017 - 06:59
CVE-2021-3177 7.5
Python 3.x through 3.9.1 has a buffer overflow in PyCArg_repr in _ctypes/callproc.c, which may lead to remote code execution in certain Python applications that accept floating-point numbers as untrusted input, as demonstrated by a 1e300 argument to
24-05-2023 - 21:15 19-01-2021 - 06:15
CVE-2019-20907 5.0
In Lib/tarfile.py in Python through 3.8.3, an attacker is able to craft a TAR archive leading to an infinite loop when opened by tarfile.open, because _proc_pax lacks header validation.
24-05-2023 - 21:15 13-07-2020 - 13:15
CVE-2020-8492 7.1
Python 2.7 through 2.7.17, 3.5 through 3.5.9, 3.6 through 3.6.10, 3.7 through 3.7.6, and 3.8 through 3.8.1 allows an HTTP server to conduct Regular Expression Denial of Service (ReDoS) attacks against a client because of urllib.request.AbstractBasicA
24-05-2023 - 21:15 30-01-2020 - 19:15
CVE-2020-26116 6.4
http.client in Python 3.x before 3.5.10, 3.6.x before 3.6.12, 3.7.x before 3.7.9, and 3.8.x before 3.8.5 allows CRLF injection if the attacker controls the HTTP request method, as demonstrated by inserting CR and LF control characters in the first ar
24-05-2023 - 21:15 27-09-2020 - 04:15
CVE-2018-8740 5.0
In SQLite through 3.22.0, databases whose schema is corrupted using a CREATE TABLE AS statement could cause a NULL pointer dereference, related to build.c and prepare.c.
22-05-2023 - 13:15 17-03-2018 - 00:29
CVE-2016-6153 4.6
os_unix.c in SQLite before 3.13.0 improperly implements the temporary directory search algorithm, which might allow local users to obtain sensitive information, cause a denial of service (application crash), or have unspecified other impact by levera
22-05-2023 - 13:15 26-09-2016 - 16:59
CVE-2017-18640 5.0
The Alias feature in SnakeYAML before 1.26 allows entity expansion during a load operation, a related issue to CVE-2003-1564.
21-05-2023 - 22:15 12-12-2019 - 03:15
CVE-2016-0753 5.0
Active Model in Ruby on Rails 4.1.x before 4.1.14.1, 4.2.x before 4.2.5.1, and 5.x before 5.0.0.beta1.1 supports the use of instance-level writers for class accessors, which allows remote attackers to bypass intended validation steps via crafted para
19-05-2023 - 16:36 16-02-2016 - 02:59
CVE-2020-14619 4.0
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Parser). Supported versions that are affected are 8.0.20 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protoco
18-05-2023 - 18:00 15-07-2020 - 18:15
CVE-2020-14614 4.0
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.20 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple pro
18-05-2023 - 18:00 15-07-2020 - 18:15
CVE-2020-14597 4.0
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.20 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple pro
18-05-2023 - 17:39 15-07-2020 - 18:15
CVE-2020-14575 4.0
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: DML). Supported versions that are affected are 8.0.20 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols
16-05-2023 - 22:55 15-07-2020 - 18:15
CVE-2018-16872 3.5
A flaw was found in qemu Media Transfer Protocol (MTP). The code opening files in usb_mtp_get_object and usb_mtp_get_partial_object and directories in usb_mtp_object_readdir doesn't consider that the underlying filesystem may have changed since the t
16-05-2023 - 10:48 13-12-2018 - 21:29
CVE-2020-14422 4.3
Lib/ipaddress.py in Python through 3.8.3 improperly computes hash values in the IPv4Interface and IPv6Interface classes, which might allow a remote attacker to cause a denial of service if an application is affected by the performance of a dictionary
16-05-2023 - 02:15 18-06-2020 - 14:15
CVE-2010-4645 5.0
strtod.c, as used in the zend_strtod function in PHP 5.2 before 5.2.17 and 5.3 before 5.3.5, and other products, allows context-dependent attackers to cause a denial of service (infinite loop) via a certain floating-point value in scientific notation
15-05-2023 - 00:15 11-01-2011 - 03:00
CVE-2013-0169 2.6
The TLS protocol 1.1 and 1.2 and the DTLS protocol 1.0 and 1.2, as used in OpenSSL, OpenJDK, PolarSSL, and other products, do not properly consider timing side-channel attacks on a MAC check requirement during the processing of malformed CBC padding,
12-05-2023 - 12:58 08-02-2013 - 19:55
CVE-2019-0160 7.5
Buffer overflow in system firmware for EDK II may allow unauthenticated user to potentially enable escalation of privilege and/or denial of service via network access.
12-05-2023 - 05:15 27-03-2019 - 20:29
CVE-2020-8597 7.5
eap.c in pppd in ppp 2.4.2 through 2.4.8 has an rhostname buffer overflow in the eap_request and eap_response functions.
05-05-2023 - 17:48 03-02-2020 - 23:15
CVE-2019-7576 6.8
SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x through 2.0.9 has a heap-based buffer over-read in InitMS_ADPCM in audio/SDL_wave.c (outside the wNumCoef loop).
03-05-2023 - 12:15 07-02-2019 - 07:29
CVE-2019-7573 6.8
SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x through 2.0.9 has a heap-based buffer over-read in InitMS_ADPCM in audio/SDL_wave.c (inside the wNumCoef loop).
03-05-2023 - 12:15 07-02-2019 - 07:29
CVE-2019-7635 5.8
SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x through 2.0.9 has a heap-based buffer over-read in Blit1to4 in video/SDL_blit_1.c.
03-05-2023 - 12:15 08-02-2019 - 11:29
CVE-2019-7574 6.8
SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x through 2.0.9 has a heap-based buffer over-read in IMA_ADPCM_decode in audio/SDL_wave.c.
03-05-2023 - 12:15 07-02-2019 - 07:29
CVE-2019-7572 6.8
SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x through 2.0.9 has a buffer over-read in IMA_ADPCM_nibble in audio/SDL_wave.c.
03-05-2023 - 12:15 07-02-2019 - 07:29
CVE-2019-7575 6.8
SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x through 2.0.9 has a heap-based buffer overflow in MS_ADPCM_decode in audio/SDL_wave.c.
03-05-2023 - 12:15 07-02-2019 - 07:29
CVE-2019-7638 6.8
SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x through 2.0.9 has a heap-based buffer over-read in Map1toN in video/SDL_pixels.c.
03-05-2023 - 12:15 08-02-2019 - 11:29
CVE-2019-7636 5.8
SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x through 2.0.9 has a heap-based buffer over-read in SDL_GetRGB in video/SDL_pixels.c.
03-05-2023 - 12:15 08-02-2019 - 11:29
CVE-2019-7578 5.8
SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x through 2.0.9 has a heap-based buffer over-read in InitIMA_ADPCM in audio/SDL_wave.c.
03-05-2023 - 12:15 07-02-2019 - 07:29
CVE-2019-7577 6.8
SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x through 2.0.9 has a buffer over-read in SDL_LoadWAV_RW in audio/SDL_wave.c.
03-05-2023 - 12:15 07-02-2019 - 07:29
CVE-2019-13616 5.8
SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x through 2.0.9 has a heap-based buffer over-read in BlitNtoN in video/SDL_blit_N.c when called from SDL_SoftBlit in video/SDL_blit.c.
03-05-2023 - 12:15 16-07-2019 - 17:15
CVE-2020-12695 7.8
The Open Connectivity Foundation UPnP specification before 2020-04-17 does not forbid the acceptance of a subscription request with a delivery URL on a different network segment than the fully qualified event-subscription URL, aka the CallStranger is
26-04-2023 - 18:55 08-06-2020 - 17:15
CVE-2020-28367 5.1
Code injection in the go command with cgo before Go 1.14.12 and Go 1.15.5 allows arbitrary code execution at build time via malicious gcc flags specified via a #cgo directive.
20-04-2023 - 00:15 18-11-2020 - 17:15
CVE-2020-10675 5.0
The Library API in buger jsonparser through 2019-12-04 allows attackers to cause a denial of service (infinite loop) via a Delete call.
17-04-2023 - 17:42 19-03-2020 - 14:15
CVE-2020-15803 4.3
Zabbix before 3.0.32rc1, 4.x before 4.0.22rc1, 4.1.x through 4.4.x before 4.4.10rc1, and 5.x before 5.0.2rc1 allows stored XSS in the URL Widget.
12-04-2023 - 16:15 17-07-2020 - 03:15
CVE-2018-14379 6.8
MP4Atom::factory in mp4atom.cpp in MP4v2 2.0.0 incorrectly uses the MP4ItemAtom data type in a certain case where MP4DataAtom is required, which allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified oth
11-04-2023 - 14:15 18-07-2018 - 05:29
CVE-2018-14446 6.8
MP4Integer32Property::Read in atom_avcC.cpp in MP4v2 2.1.0 allows remote attackers to cause a denial of service (heap-based buffer overflow and application crash) or possibly have unspecified other impact via a crafted MP4 file.
11-04-2023 - 14:15 20-07-2018 - 13:29
CVE-2018-14403 7.5
MP4NameFirstMatches in mp4util.cpp in MP4v2 2.0.0 mishandles substrings of atom names, leading to use of an inappropriate data type for associated atoms. The resulting type confusion can cause out-of-bounds memory access.
11-04-2023 - 14:15 19-07-2018 - 05:29
CVE-2018-14054 7.5
A double free exists in the MP4StringProperty class in mp4property.cpp in MP4v2 2.0.0. A dangling pointer is freed again in the destructor once an exception is triggered.
11-04-2023 - 14:15 13-07-2018 - 17:29
CVE-2018-14325 6.8
In MP4v2 2.0.0, there is an integer underflow (with resultant memory corruption) when parsing MP4Atom in mp4atom.cpp.
11-04-2023 - 14:15 16-07-2018 - 18:29
CVE-2018-14326 6.8
In MP4v2 2.0.0, there is an integer overflow (with resultant memory corruption) when resizing MP4Array for the ftyp atom in mp4array.h.
11-04-2023 - 14:15 16-07-2018 - 18:29
CVE-2019-13118 5.0
In numbers.c in libxslt 1.1.33, a type holding grouping characters of an xsl:number instruction was too narrow and an invalid character/length combination could be passed to xsltNumberFormatDecimal, leading to a read of uninitialized stack data.
10-04-2023 - 15:52 01-07-2019 - 02:15
CVE-2019-13117 5.0
In numbers.c in libxslt 1.1.33, an xsl:number with certain format strings could lead to a uninitialized read in xsltNumberFormatInsertNumbers. This could allow an attacker to discern whether a byte on the stack contains the characters A, a, I, i, or
06-04-2023 - 19:30 01-07-2019 - 02:15
CVE-2019-16378 7.5
OpenDMARC through 1.3.2 and 1.4.x through 1.4.0-Beta1 is prone to a signature-bypass vulnerability with multiple From: addresses, which might affect applications that consider a domain name to be relevant to the origin of an e-mail message.
29-03-2023 - 18:42 17-09-2019 - 12:15
CVE-2019-16239 7.5
process_http_response in OpenConnect before 8.05 has a Buffer Overflow when a malicious server uses HTTP chunked encoding with crafted chunk sizes.
29-03-2023 - 18:42 17-09-2019 - 12:15
CVE-2019-5481 7.5
Double-free vulnerability in the FTP-kerberos code in cURL 7.52.0 to 7.65.3.
29-03-2023 - 18:41 16-09-2019 - 19:15
CVE-2019-18423 8.5
An issue was discovered in Xen through 4.12.x allowing ARM guest OS users to cause a denial of service via a XENMEM_add_to_physmap hypercall. p2m->max_mapped_gfn is used by the functions p2m_resolve_translation_fault() and p2m_get_entry() to sanity c
29-03-2023 - 18:21 31-10-2019 - 14:15
CVE-2019-18421 7.1
An issue was discovered in Xen through 4.12.x allowing x86 PV guest OS users to gain host OS privileges by leveraging race conditions in pagetable promotion and demotion operations. There are issues with restartable PV type change operations. To avoi
29-03-2023 - 18:21 31-10-2019 - 14:15
CVE-2019-18425 9.3
An issue was discovered in Xen through 4.12.x allowing 32-bit PV guest OS users to gain guest OS privileges by installing and using descriptors. There is missing descriptor table limit checking in x86 PV emulation. When emulating certain PV guest ope
29-03-2023 - 18:20 31-10-2019 - 14:15
CVE-2019-18424 6.9
An issue was discovered in Xen through 4.12.x allowing attackers to gain host OS privileges via DMA in a situation where an untrusted domain has access to a physical device. This occurs because passed through PCI devices may corrupt host memory after
29-03-2023 - 18:20 31-10-2019 - 14:15
CVE-2019-2126 9.3
In ParseContentEncodingEntry of mkvparser.cc, there is a possible double free due to a missing reset of a freed pointer. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitat
29-03-2023 - 16:24 20-08-2019 - 20:15
CVE-2020-10663 5.0
The JSON gem through 2.2.0 for Ruby, as used in Ruby 2.4 through 2.4.9, 2.5 through 2.5.7, and 2.6 through 2.6.5, has an Unsafe Object Creation Vulnerability. This is quite similar to CVE-2013-0269, but does not rely on poor garbage-collection behavi
28-03-2023 - 18:06 28-04-2020 - 21:15
CVE-2019-16884 5.0
runc through 1.0.0-rc8, as used in Docker through 19.03.2-ce and other products, allows AppArmor restriction bypass because libcontainer/rootfs_linux.go incorrectly checks mount targets, and thus a malicious Docker image can mount over a /proc direct
27-03-2023 - 18:15 25-09-2019 - 18:15
CVE-2019-12450 7.5
file_copy_fallback in gio/gfile.c in GNOME GLib 2.15.0 through 2.61.1 does not properly restrict file permissions while a copy operation is in progress. Instead, default permissions are used.
24-03-2023 - 18:29 29-05-2019 - 17:29
CVE-2019-11068 7.5
libxslt through 1.1.33 allows bypass of a protection mechanism because callers of xsltCheckRead and xsltCheckWrite permit access even upon receiving a -1 error code. xsltCheckRead can return -1 for a crafted URL that is not actually invalid and is su
24-03-2023 - 18:27 10-04-2019 - 20:29
CVE-2019-6111 5.8
An issue was discovered in OpenSSH 7.9. Due to the scp implementation being derived from 1983 rcp, the server chooses which files/directories are sent to the client. However, the scp client only performs cursory validation of the object name returned
24-03-2023 - 18:12 31-01-2019 - 18:29
CVE-2019-13107 7.5
Multiple integer overflows exist in MATIO before 1.5.16, related to mat.c, mat4.c, mat5.c, mat73.c, and matvar_struct.c
24-03-2023 - 18:05 30-06-2019 - 22:15
CVE-2019-13108 4.3
An integer overflow in Exiv2 through 0.27.1 allows an attacker to cause a denial of service (SIGSEGV) via a crafted PNG image file, because PngImage::readMetadata mishandles a zero value for iccOffset.
24-03-2023 - 18:05 30-06-2019 - 23:15
CVE-2019-13109 4.3
An integer overflow in Exiv2 through 0.27.1 allows an attacker to cause a denial of service (SIGSEGV) via a crafted PNG image file, because PngImage::readMetadata mishandles a chunkLength - iccOffset subtraction.
24-03-2023 - 18:05 30-06-2019 - 23:15
CVE-2019-16168 4.3
In SQLite through 3.29.0, whereLoopAddBtreeIndex in sqlite3.c can crash a browser or other application because of missing validation of a sqlite_stat1 sz field, aka a "severe division by zero in the query planner."
23-03-2023 - 18:11 09-09-2019 - 17:15
CVE-2020-29130 4.0
slirp.c in libslirp through 4.3.1 has a buffer over-read because it tries to read a certain amount of header data even if that exceeds the total packet length.
15-03-2023 - 00:15 26-11-2020 - 20:15
CVE-2020-10749 6.0
A vulnerability was found in all versions of containernetworking/plugins before version 0.8.6, that allows malicious containers in Kubernetes clusters to perform man-in-the-middle (MitM) attacks. A malicious container can exploit this flaw by sending
14-03-2023 - 15:35 03-06-2020 - 14:15
CVE-2019-13038 4.3
mod_auth_mellon through 0.14.2 has an Open Redirect via the login?ReturnTo= substring, as demonstrated by omitting the // after http: in the target URL.
13-03-2023 - 00:15 29-06-2019 - 14:15
CVE-2019-15237 4.3
Roundcube Webmail through 1.3.9 mishandles Punycode xn-- domain names, leading to homograph attacks.
08-03-2023 - 01:11 20-08-2019 - 01:15
CVE-2007-5000 4.3
Cross-site scripting (XSS) vulnerability in the (1) mod_imap module in the Apache HTTP Server 1.3.0 through 1.3.39 and 2.0.35 through 2.0.61 and the (2) mod_imagemap module in the Apache HTTP Server 2.2.0 through 2.2.6 allows remote attackers to inje
07-03-2023 - 18:11 13-12-2007 - 18:46
CVE-2019-12083 6.8
The Rust Programming Language Standard Library 1.34.x before 1.34.2 contains a stabilized method which, if overridden, can violate Rust's safety guarantees and cause memory unsafety. If the `Error::type_id` method is overridden then any type can be s
03-03-2023 - 20:55 13-05-2019 - 20:29
CVE-2019-11884 2.1
The do_hidp_sock_ioctl function in net/bluetooth/hidp/sock.c in the Linux kernel before 5.0.15 allows a local user to obtain potentially sensitive information from kernel stack memory via a HIDPCONNADD command, because a name field may not end with a
03-03-2023 - 20:53 10-05-2019 - 22:29
CVE-2019-11459 4.3
The tiff_document_render() and tiff_document_get_thumbnail() functions in the TIFF document backend in GNOME Evince through 3.32.0 did not handle errors from TIFFReadRGBAImageOriented(), leading to uninitialized memory use when processing certain TIF
03-03-2023 - 20:51 22-04-2019 - 22:29
CVE-2009-1956 6.4
Off-by-one error in the apr_brigade_vprintf function in Apache APR-util before 1.3.5 on big-endian platforms allows remote attackers to obtain sensitive information or cause a denial of service (application crash) via crafted input.
03-03-2023 - 18:45 08-06-2009 - 01:00
CVE-2019-13111 4.3
A WebPImage::decodeChunks integer overflow in Exiv2 through 0.27.1 allows an attacker to cause a denial of service (large heap allocation followed by a very long running loop) via a crafted WEBP image file.
03-03-2023 - 18:41 30-06-2019 - 23:15
CVE-2019-14459 5.0
nfdump 1.6.17 and earlier is affected by an integer overflow in the function Process_ipfix_template_withdraw in ipfix.c that can be abused in order to crash the process remotely (denial of service).
03-03-2023 - 18:35 31-07-2019 - 21:15
CVE-2019-14745 6.8
In radare2 before 3.7.0, a command injection vulnerability exists in bin_symbols() in libr/core/cbin.c. By using a crafted executable file, it's possible to execute arbitrary shell commands with the permissions of the victim. This vulnerability is du
03-03-2023 - 17:40 07-08-2019 - 15:15
CVE-2020-10932 1.9
An issue was discovered in Arm Mbed TLS before 2.16.6 and 2.7.x before 2.7.15. An attacker that can get precise enough side-channel measurements can recover the long-term ECDSA private key by (1) reconstructing the projective coordinate of the result
03-03-2023 - 15:32 15-04-2020 - 14:15
CVE-2019-18222 1.9
The ECDSA signature implementation in ecdsa.c in Arm Mbed Crypto 2.1 and Mbed TLS through 2.19.1 does not reduce the blinded scalar before computing the inverse, which allows a local attacker to recover the private key via side-channel attacks.
03-03-2023 - 15:25 23-01-2020 - 17:15
CVE-2019-16910 2.6
Arm Mbed TLS before 2.19.0 and Arm Mbed Crypto before 2.0.0, when deterministic ECDSA is enabled, use an RNG with insufficient entropy for blinding, which might allow an attacker to recover a private key via side-channel attacks if a victim signs the
03-03-2023 - 15:24 26-09-2019 - 13:15
CVE-2020-15565 6.1
An issue was discovered in Xen through 4.13.x, allowing x86 Intel HVM guest OS users to cause a host OS denial of service or possibly gain privileges because of insufficient cache write-back under VT-d. When page tables are shared between IOMMU and C
03-03-2023 - 15:09 07-07-2020 - 13:15
CVE-2020-3350 3.3
A vulnerability in the endpoint software of Cisco AMP for Endpoints and Clam AntiVirus could allow an authenticated, local attacker to cause the running software to delete arbitrary files on the system. The vulnerability is due to a race condition th
03-03-2023 - 15:08 18-06-2020 - 03:15
CVE-2020-11077 5.0
In Puma (RubyGem) before 4.3.5 and 3.12.6, a client could smuggle a request through a proxy, causing the proxy to send a response back to another unknown client. If the proxy uses persistent connections and the client adds another request in via HTTP
03-03-2023 - 14:41 22-05-2020 - 15:15
CVE-2019-18676 5.0
An issue was discovered in Squid 3.x and 4.x through 4.8. Due to incorrect input validation, there is a heap-based buffer overflow that can result in Denial of Service to all clients using the proxy. Severity is high due to this vulnerability occurri
03-03-2023 - 14:27 26-11-2019 - 17:15
CVE-2020-13964 4.3
An issue was discovered in Roundcube Webmail before 1.3.12 and 1.4.x before 1.4.5. include/rcmail_output_html.php allows XSS via the username template object.
03-03-2023 - 02:46 09-06-2020 - 03:15
CVE-2020-11076 5.0
In Puma (RubyGem) before 4.3.4 and 3.12.5, an attacker could smuggle an HTTP response, by using an invalid transfer-encoding header. The problem has been fixed in Puma 3.12.5 and Puma 4.3.4.
03-03-2023 - 02:39 22-05-2020 - 15:15
CVE-2020-13231 4.3
In Cacti before 1.2.11, auth_profile.php?action=edit allows CSRF for an admin email change.
03-03-2023 - 02:36 20-05-2020 - 14:15
CVE-2019-14934 6.8
An issue was discovered in PDFResurrect before 0.18. pdf_load_pages_kids in pdf.c doesn't validate a certain size value, which leads to a malloc failure and out-of-bounds write.
02-03-2023 - 18:02 11-08-2019 - 22:15
CVE-2019-14973 4.3
_TIFFCheckMalloc and _TIFFCheckRealloc in tif_aux.c in LibTIFF through 4.0.10 mishandle Integer Overflow checks because they rely on compiler behavior that is undefined by the applicable C standards. This can, for example, lead to an application cras
02-03-2023 - 17:53 14-08-2019 - 06:15
CVE-2019-6116 6.8
In Artifex Ghostscript through 9.26, ephemeral or transient procedures can allow access to system operators, leading to remote code execution.
01-03-2023 - 18:41 21-03-2019 - 16:01
CVE-2018-20662 4.3
In Poppler 0.72.0, PDFDoc::setup in PDFDoc.cc allows attackers to cause a denial-of-service (application crash caused by Object.h SIGABRT, because of a wrong return value from PDFDoc::setup) by crafting a PDF file in which an xref data structure is m
01-03-2023 - 18:02 03-01-2019 - 13:29
CVE-2018-14599 7.5
An issue was discovered in libX11 through 1.6.5. The function XListExtensions in ListExt.c is vulnerable to an off-by-one error caused by malicious server responses, leading to DoS or possibly unspecified other impact.
01-03-2023 - 17:13 24-08-2018 - 19:29
CVE-2020-13777 5.8
GnuTLS 3.6.x before 3.6.14 uses incorrect cryptography for encrypting a session ticket (a loss of confidentiality in TLS 1.2, and an authentication bypass in TLS 1.3). The earliest affected version is 3.6.4 (2018-09-24) because of an error in a 2018-
01-03-2023 - 16:48 04-06-2020 - 07:15
CVE-2020-13401 6.0
An issue was discovered in Docker Engine before 19.03.11. An attacker in a container, with the CAP_NET_RAW capability, can craft IPv6 router advertisements, and consequently spoof external IPv6 hosts, obtain sensitive information, or cause a denial o
01-03-2023 - 16:48 02-06-2020 - 14:15
CVE-2020-13867 2.1
Open-iSCSI targetcli-fb through 2.1.52 has weak permissions for /etc/target (and for the backup directory and backup files).
01-03-2023 - 16:48 05-06-2020 - 18:15
CVE-2019-13282 6.8
In Xpdf 4.01.01, a heap-based buffer over-read could be triggered in SampledFunction::transform in Function.cc when using a large index for samples. It can, for example, be triggered by sending a crafted PDF document to the pdftotext tool. It allows
01-03-2023 - 16:43 04-07-2019 - 20:15
CVE-2019-13286 4.3
In Xpdf 4.01.01, there is a heap-based buffer over-read in the function JBIG2Stream::readTextRegionSeg() located at JBIG2Stream.cc. It can, for example, be triggered by sending a crafted PDF document to the pdftoppm tool. It might allow an attacker t
01-03-2023 - 16:43 04-07-2019 - 22:15
CVE-2019-13283 6.8
In Xpdf 4.01.01, a heap-based buffer over-read could be triggered in strncpy from FoFiType1::parse in fofi/FoFiType1.cc because it does not ensure the source string has a valid length before making a fixed-length copy. It can, for example, be trigger
01-03-2023 - 16:43 04-07-2019 - 20:15
CVE-2019-13281 6.8
In Xpdf 4.01.01, a heap-based buffer overflow could be triggered in DCTStream::decodeImage() in Stream.cc when writing to frameBuf memory. It can, for example, be triggered by sending a crafted PDF document to the pdftotext tool. It allows an attacke
01-03-2023 - 16:42 04-07-2019 - 20:15
CVE-2019-12815 7.5
An arbitrary file copy vulnerability in mod_copy in ProFTPD up to 1.3.5b allows for remote code execution and information disclosure without authentication, a related issue to CVE-2015-3306.
01-03-2023 - 16:39 19-07-2019 - 23:15
CVE-2019-1010142 5.0
scapy 2.4.0 is affected by: Denial of Service. The impact is: infinite loop, resource consumption and program unresponsive. The component is: _RADIUSAttrPacketListField.getfield(self..). The attack vector is: over the network or in a pcap. both work.
01-03-2023 - 16:39 19-07-2019 - 16:15
CVE-2019-13626 4.3
SDL (Simple DirectMedia Layer) 2.x through 2.0.9 has a heap-based buffer over-read in Fill_IMA_ADPCM_block, caused by an integer overflow in IMA_ADPCM_decode() in audio/SDL_wave.c.
01-03-2023 - 16:30 17-07-2019 - 16:15
CVE-2019-11833 2.1
fs/ext4/extents.c in the Linux kernel through 5.1.2 does not zero out the unused memory region in the extent tree block, which might allow local users to obtain sensitive information by reading uninitialized data in the filesystem.
01-03-2023 - 15:28 15-05-2019 - 13:29
CVE-2019-11499 5.0
In the IMAP Server in Dovecot 2.3.3 through 2.3.5.2, the submission-login component crashes if AUTH PLAIN is attempted over a TLS secured channel with an unacceptable authentication message.
01-03-2023 - 15:20 08-05-2019 - 17:29
CVE-2019-11494 5.0
In the IMAP Server in Dovecot 2.3.3 through 2.3.5.2, the submission-login service crashes when the client disconnects prematurely during the AUTH command.
01-03-2023 - 15:15 08-05-2019 - 18:29
CVE-2019-11474 4.3
coders/xwd.c in GraphicsMagick 1.3.31 allows attackers to cause a denial of service (floating-point exception and application crash) by crafting an XWD image file, a different vulnerability than CVE-2019-11008 and CVE-2019-11009.
01-03-2023 - 15:09 23-04-2019 - 14:29
CVE-2019-11065 4.3
Gradle versions from 1.4 to 5.3.1 use an insecure HTTP URL to download dependencies when the built-in JavaScript or CoffeeScript Gradle plugins are used. Dependency artifacts could have been maliciously compromised by a MITM attack against the ajax.g
01-03-2023 - 15:06 10-04-2019 - 00:29
CVE-2019-11026 4.3
FontInfoScanner::scanFonts in FontInfo.cc in Poppler 0.75.0 has infinite recursion, leading to a call to the error function in Error.cc.
01-03-2023 - 15:03 08-04-2019 - 23:29
CVE-2019-10906 5.0
In Pallets Jinja before 2.10.1, str.format_map allows a sandbox escape.
01-03-2023 - 14:56 07-04-2019 - 00:29
CVE-2020-13757 5.0
Python-RSA before 4.1 ignores leading '\0' bytes during decryption of ciphertext. This could conceivably have a security-relevant impact, e.g., by helping an attacker to infer that an application uses Python-RSA, or if the length of accepted cipherte
01-03-2023 - 03:09 01-06-2020 - 19:15
CVE-2020-12770 4.6
An issue was discovered in the Linux kernel through 5.6.11. sg_write lacks an sg_remove_request call in a certain failure case, aka CID-83c6f2390040.
01-03-2023 - 03:07 09-05-2020 - 21:15
CVE-2019-13313 2.1
libosinfo 1.5.0 allows local users to discover credentials by listing a process, because credentials are passed to osinfo-install-script via the command line.
28-02-2023 - 20:49 05-07-2019 - 14:15
CVE-2019-12527 6.8
An issue was discovered in Squid 4.0.23 through 4.7. When checking Basic Authentication with HttpHeader::getAuth, Squid uses a global buffer to store the decoded data. Squid does not check that the decoded length isn't greater than the buffer, leadin
28-02-2023 - 20:49 11-07-2019 - 19:15
CVE-2019-13112 4.3
A PngChunk::parseChunkContent uncontrolled memory allocation in Exiv2 through 0.27.1 allows an attacker to cause a denial of service (crash due to an std::bad_alloc exception) via a crafted PNG image file.
28-02-2023 - 20:48 30-06-2019 - 23:15
CVE-2019-13113 4.3
Exiv2 through 0.27.1 allows an attacker to cause a denial of service (crash due to assertion failure) via an invalid data location in a CRW image file.
28-02-2023 - 20:48 30-06-2019 - 23:15
CVE-2019-12387 4.3
In Twisted before 19.2.1, twisted.web did not validate or sanitize URIs or HTTP methods, allowing an attacker to inject invalid characters such as CRLF.
28-02-2023 - 20:47 10-06-2019 - 12:29
CVE-2019-12216 4.3
An issue was discovered in libSDL2.a in Simple DirectMedia Layer (SDL) 2.0.9 when used in conjunction with libSDL2_image.a in SDL2_image 2.0.4. There is a heap-based buffer overflow in the SDL2_image function IMG_LoadPCX_RW at IMG_pcx.c.
28-02-2023 - 20:47 20-05-2019 - 17:29
CVE-2019-7222 2.1
The KVM implementation in the Linux kernel through 4.20.5 has an Information Leak.
28-02-2023 - 20:45 21-03-2019 - 16:01
CVE-2020-8813 9.3
graph_realtime.php in Cacti 1.2.8 allows remote attackers to execute arbitrary OS commands via shell metacharacters in a cookie, if a guest user has the graph real-time privilege.
28-02-2023 - 19:23 22-02-2020 - 02:15
CVE-2019-14744 5.1
In KDE Frameworks KConfig before 5.61.0, malicious desktop files and configuration files lead to code execution with minimal user interaction. This relates to libKF5ConfigCore.so, and the mishandling of .desktop and .directory files, as demonstrated
28-02-2023 - 18:26 07-08-2019 - 15:15
CVE-2019-12523 6.4
An issue was discovered in Squid before 4.9. When handling a URN request, a corresponding HTTP request is made. This HTTP request doesn't go through the access checks that incoming HTTP requests go through. This causes all access checks to be bypasse
28-02-2023 - 16:20 26-11-2019 - 17:15
CVE-2019-14267 6.8
PDFResurrect 0.15 has a buffer overflow via a crafted PDF file because data associated with startxref and %%EOF is mishandled.
28-02-2023 - 15:19 29-07-2019 - 16:15
CVE-2019-1010302 4.3
jhead 3.03 is affected by: Incorrect Access Control. The impact is: Denial of service. The component is: iptc.c Line 122 show_IPTC(). The attack vector is: the victim must open a specially crafted JPEG file.
28-02-2023 - 15:17 15-07-2019 - 18:15
CVE-2019-11328 9.0
An issue was discovered in Singularity 3.1.0 to 3.2.0-rc2, a malicious user with local/network access to the host system (e.g. ssh) could exploit this vulnerability due to insecure permissions allowing a user to edit files within `/run/singularity/in
28-02-2023 - 15:15 14-05-2019 - 21:29
CVE-2020-28366 5.1
Code injection in the go command with cgo before Go 1.14.12 and Go 1.15.5 allows arbitrary code execution at build time via a malicious unquoted symbol name in a linked object file.
28-02-2023 - 14:52 18-11-2020 - 17:15
CVE-2019-16163 5.0
Oniguruma before 6.9.3 allows Stack Exhaustion in regcomp.c because of recursion in regparse.c.
28-02-2023 - 14:35 09-09-2019 - 17:15
CVE-2019-16056 5.0
An issue was discovered in Python through 2.7.16, 3.x through 3.5.7, 3.6.x through 3.6.9, and 3.7.x through 3.7.4. The email module wrongly parses email addresses that contain multiple @ characters. An application that uses the email module and imple
28-02-2023 - 14:30 06-09-2019 - 18:15
CVE-2020-4047 3.5
In affected versions of WordPress, authenticated users with upload permissions (like authors) are able to inject JavaScript into some media file attachment pages in a certain way. This can lead to script execution in the context of a higher privilege
27-02-2023 - 18:20 12-06-2020 - 16:15
CVE-2020-4048 4.9
In affected versions of WordPress, due to an issue in wp_validate_redirect() and URL sanitization, an arbitrary external link can be crafted leading to unintended/open redirect when clicked. This has been patched in version 5.4.2, along with all the
27-02-2023 - 18:20 12-06-2020 - 16:15
CVE-2020-4050 6.0
In affected versions of WordPress, misuse of the `set-screen-option` filter's return value allows arbitrary user meta fields to be saved. It does require an admin to install a plugin that would misuse the filter. Once installed, it can be leveraged b
27-02-2023 - 18:20 12-06-2020 - 16:15
CVE-2020-14954 4.3
Mutt before 1.14.4 and NeoMutt before 2020-06-19 have a STARTTLS buffering issue that affects IMAP, SMTP, and POP3. When a server sends a "begin TLS" response, the client reads additional data (e.g., from a man-in-the-middle attacker) and evaluates i
27-02-2023 - 18:09 21-06-2020 - 17:15
CVE-2020-10177 4.3
Pillow before 7.1.0 has multiple out-of-bounds reads in libImaging/FliDecode.c.
27-02-2023 - 18:07 25-06-2020 - 19:15
CVE-2020-10378 4.3
In libImaging/PcxDecode.c in Pillow before 7.1.0, an out-of-bounds read can occur when reading PCX files where state->shuffle is instructed to read beyond state->buffer.
27-02-2023 - 18:06 25-06-2020 - 19:15
CVE-2020-10379 6.8
In Pillow before 7.1.0, there are two Buffer Overflows in libImaging/TiffDecode.c.
27-02-2023 - 18:05 25-06-2020 - 19:15
CVE-2020-10994 4.3
In libImaging/Jpeg2KDecode.c in Pillow before 7.1.0, there are multiple out-of-bounds reads via a crafted JP2 file.
27-02-2023 - 18:05 25-06-2020 - 19:15
CVE-2020-4067 5.0
In coturn before version 4.5.1.3, there is an issue whereby STUN/TURN response buffer is not initialized properly. There is a leak of information between different client connections. One client (an attacker) could use their connection to intelligent
27-02-2023 - 18:03 29-06-2020 - 20:15
CVE-2020-16150 2.1
A Lucky 13 timing side channel in mbedtls_ssl_decrypt_buf in library/ssl_msg.c in Trusted Firmware Mbed TLS through 2.23.0 allows an attacker to recover secret key information. This affects CBC mode because of a computed time difference based on a pa
27-02-2023 - 18:03 02-09-2020 - 16:15
CVE-2020-11538 6.8
In libImaging/SgiRleDecode.c in Pillow through 7.0.0, a number of out-of-bounds reads exist in the parsing of SGI image files, a different issue than CVE-2020-5311.
27-02-2023 - 18:01 25-06-2020 - 19:15
CVE-2020-24659 5.0
An issue was discovered in GnuTLS before 3.6.15. A server can trigger a NULL pointer dereference in a TLS 1.3 client if a no_renegotiation alert is sent with unexpected timing, and then an invalid second handshake occurs. The crash happens in the app
27-02-2023 - 15:30 04-09-2020 - 15:15
CVE-2019-10903 5.0
In Wireshark 2.4.0 to 2.4.13, 2.6.0 to 2.6.7, and 3.0.0, the DCERPC SPOOLSS dissector could crash. This was addressed in epan/dissectors/packet-dcerpc-spoolss.c by adding a boundary check.
27-02-2023 - 15:28 09-04-2019 - 04:29
CVE-2019-10896 5.0
In Wireshark 2.4.0 to 2.4.13, 2.6.0 to 2.6.7, and 3.0.0, the DOF dissector could crash. This was addressed in epan/dissectors/packet-dof.c by properly handling generated IID and OID bytes.
27-02-2023 - 15:28 09-04-2019 - 04:29
CVE-2019-10894 5.0
In Wireshark 2.4.0 to 2.4.13, 2.6.0 to 2.6.7, and 3.0.0, the GSS-API dissector could crash. This was addressed in epan/dissectors/packet-gssapi.c by ensuring that a valid dissector is called.
27-02-2023 - 15:28 09-04-2019 - 04:29
CVE-2019-10901 5.0
In Wireshark 2.4.0 to 2.4.13, 2.6.0 to 2.6.7, and 3.0.0, the LDSS dissector could crash. This was addressed in epan/dissectors/packet-ldss.c by handling file digests properly.
27-02-2023 - 15:28 09-04-2019 - 04:29
CVE-2015-5289 6.4
Multiple stack-based buffer overflows in json parsing in PostgreSQL before 9.3.x before 9.3.10 and 9.4.x before 9.4.5 allow attackers to cause a denial of service (server crash) via unspecified vectors, which are not properly handled in (1) json or (
24-02-2023 - 18:44 26-10-2015 - 14:59
CVE-2020-8835 7.2
In the Linux kernel 5.5.0 and newer, the bpf verifier (kernel/bpf/verifier.c) did not properly restrict the register bounds for 32-bit operations, leading to out-of-bounds reads and writes in kernel memory. The vulnerability also affects the Linux 5.
24-02-2023 - 18:42 02-04-2020 - 18:15
CVE-2020-14386 7.2
A flaw was found in the Linux kernel before 5.9-rc4. Memory corruption can be exploited to gain root privileges from unprivileged processes. The highest threat from this vulnerability is to data confidentiality and integrity.
24-02-2023 - 18:42 16-09-2020 - 13:15
CVE-2020-10941 4.3
Arm Mbed TLS before 2.16.5 allows attackers to obtain sensitive information (an RSA private key) by measuring cache usage during an import.
24-02-2023 - 00:10 24-03-2020 - 20:15
CVE-2019-6109 4.0
An issue was discovered in OpenSSH 7.9. Due to missing character encoding in the progress display, a malicious server (or Man-in-The-Middle attacker) can employ crafted object names to manipulate the client output, e.g., by using ANSI control codes t
23-02-2023 - 23:16 31-01-2019 - 18:29
CVE-2019-18420 6.3
An issue was discovered in Xen through 4.12.x allowing x86 PV guest OS users to cause a denial of service via a VCPUOP_initialise hypercall. hypercall_create_continuation() is a variadic function which uses a printf-like format string to interpret it
23-02-2023 - 02:33 31-10-2019 - 14:15
CVE-2015-8391 9.0
The pcre_compile function in pcre_compile.c in PCRE before 8.38 mishandles certain [: nesting, which allows remote attackers to cause a denial of service (CPU consumption) or possibly have unspecified other impact via a crafted regular expression, as
16-02-2023 - 14:15 02-12-2015 - 01:59
CVE-2015-8394 7.5
PCRE before 8.38 mishandles the (?(<digits>) and (?(R<digits>) conditions, which allows remote attackers to cause a denial of service (integer overflow) or possibly have unspecified other impact via a crafted regular expression, as demonstrated by a
16-02-2023 - 14:15 02-12-2015 - 01:59
CVE-2015-8386 7.5
PCRE before 8.38 mishandles the interaction of lookbehind assertions and mutually recursive subpatterns, which allows remote attackers to cause a denial of service (buffer overflow) or possibly have unspecified other impact via a crafted regular expr
16-02-2023 - 14:15 02-12-2015 - 01:59
CVE-2015-8390 7.5
PCRE before 8.38 mishandles the [: and \\ substrings in character classes, which allows remote attackers to cause a denial of service (uninitialized memory read) or possibly have unspecified other impact via a crafted regular expression, as demonstra
16-02-2023 - 14:15 02-12-2015 - 01:59
CVE-2015-8389 7.5
PCRE before 8.38 mishandles the /(?:|a|){100}x/ pattern and related patterns, which allows remote attackers to cause a denial of service (infinite recursion) or possibly have unspecified other impact via a crafted regular expression, as demonstrated
16-02-2023 - 14:15 02-12-2015 - 01:59
CVE-2015-8383 7.5
PCRE before 8.38 mishandles certain repeated conditional groups, which allows remote attackers to cause a denial of service (buffer overflow) or possibly have unspecified other impact via a crafted regular expression, as demonstrated by a JavaScript
16-02-2023 - 14:15 02-12-2015 - 01:59
CVE-2015-8393 5.0
pcregrep in PCRE before 8.38 mishandles the -q option for binary files, which might allow remote attackers to obtain sensitive information via a crafted file, as demonstrated by a CGI script that sends stdout data to a client.
16-02-2023 - 14:15 02-12-2015 - 01:59
CVE-2015-8387 7.5
PCRE before 8.38 mishandles (?123) subroutine calls and related subroutine calls, which allows remote attackers to cause a denial of service (integer overflow) or possibly have unspecified other impact via a crafted regular expression, as demonstrate
16-02-2023 - 14:15 02-12-2015 - 01:59
CVE-2016-10937 5.0
IMAPFilter through 2.6.12 does not validate the hostname in an SSL certificate.
16-02-2023 - 03:02 08-09-2019 - 16:15
CVE-2019-11281 3.5
Pivotal RabbitMQ, versions prior to v3.7.18, and RabbitMQ for PCF, versions 1.15.x prior to 1.15.13, versions 1.16.x prior to 1.16.6, and versions 1.17.x prior to 1.17.3, contain two components, the virtual host limits page, and the federation manage
15-02-2023 - 02:33 16-10-2019 - 16:15
CVE-2019-13762 2.1
Insufficient policy enforcement in downloads in Google Chrome on Windows prior to 79.0.3945.79 allowed a local attacker to spoof downloaded files via local code.
15-02-2023 - 02:28 10-12-2019 - 22:15
CVE-2019-13758 4.3
Insufficient policy enforcement in navigation in Google Chrome on Android prior to 79.0.3945.79 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page.
15-02-2023 - 02:26 10-12-2019 - 22:15
CVE-2019-13747 6.8
Uninitialized data in rendering in Google Chrome on Android prior to 79.0.3945.79 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
15-02-2023 - 02:23 10-12-2019 - 22:15
CVE-2019-13742 4.3
Incorrect security UI in Omnibox in Google Chrome on iOS prior to 79.0.3945.79 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted domain name.
15-02-2023 - 02:22 10-12-2019 - 22:15
CVE-2019-13763 4.3
Insufficient policy enforcement in payments in Google Chrome prior to 79.0.3945.79 allowed a remote attacker who had compromised the renderer process to leak cross-origin data via a crafted HTML page.
15-02-2023 - 02:21 10-12-2019 - 22:15
CVE-2019-13761 4.3
Incorrect security UI in Omnibox in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to perform domain spoofing via IDN homographs via a crafted domain name.
15-02-2023 - 02:20 10-12-2019 - 22:15
CVE-2019-16707 4.3
Hunspell 1.7.0 has an invalid read operation in SuggestMgr::leftcommonsubstring in suggestmgr.cxx.
13-02-2023 - 19:08 23-09-2019 - 12:15
CVE-2018-1098 6.8
A cross-site request forgery flaw was found in etcd 3.3.1 and earlier. An attacker can set up a website that tries to send a POST request to the etcd server and modify a key. Adding a key is done with PUT so it is theoretically safe (can't PUT from a
13-02-2023 - 04:53 03-04-2018 - 16:29
CVE-2016-6342 5.0
elog 3.1.1 allows remote attackers to post data as any username in the logbook.
13-02-2023 - 04:50 27-06-2017 - 20:29
CVE-2016-6299 9.3
The scm plug-in in mock might allow attackers to bypass the intended chroot protection mechanism and gain root privileges via a crafted spec file.
13-02-2023 - 04:50 14-04-2017 - 18:59
CVE-2016-4001 4.3
Buffer overflow in the stellaris_enet_receive function in hw/net/stellaris_enet.c in QEMU, when the Stellaris ethernet controller is configured to accept large packets, allows remote attackers to cause a denial of service (QEMU crash) via a large pac
13-02-2023 - 04:50 23-05-2016 - 19:59
CVE-2018-10846 1.9
A cache-based side channel in GnuTLS implementation that leads to plain text recovery in cross-VM attack setting was found. An attacker could use a combination of "Just in Time" Prime+probe attack in combination with Lucky-13 attack to recover plain
13-02-2023 - 04:50 22-08-2018 - 13:29
CVE-2016-3110 5.0
mod_cluster, as used in Red Hat JBoss Web Server 2.1, allows remote attackers to cause a denial of service (Apache http server crash) via an MCMP message containing a series of = (equals) characters after a legitimate element.
13-02-2023 - 04:50 26-09-2016 - 14:59
CVE-2018-10844 4.3
It was found that the GnuTLS implementation of HMAC-SHA-256 was vulnerable to a Lucky thirteen style attack. Remote attackers could use this flaw to conduct distinguishing attacks and plaintext-recovery attacks via statistical analysis of timing data
13-02-2023 - 04:50 22-08-2018 - 13:29
CVE-2016-3696 2.1
The pulp-qpid-ssl-cfg script in Pulp before 2.8.5 allows local users to obtain the CA key.
13-02-2023 - 04:50 13-06-2017 - 16:29
CVE-2016-3096 7.2
The create_script function in the lxc_container module in Ansible before 1.9.6-1 and 2.x before 2.0.2.0 allows local users to write to arbitrary files or gain privileges via a symlink attack on (1) /opt/.lxc-attach-script, (2) the archived container
13-02-2023 - 04:50 03-06-2016 - 14:59
CVE-2018-10845 4.3
It was found that the GnuTLS implementation of HMAC-SHA-384 was vulnerable to a Lucky thirteen style attack. Remote attackers could use this flaw to conduct distinguishing attacks and plain text recovery attacks via statistical analysis of timing dat
13-02-2023 - 04:50 22-08-2018 - 13:29
CVE-2016-3099 5.0
mod_ns in Red Hat Enterprise Linux Desktop 7, Red Hat Enterprise Linux HPC Node 7, Red Hat Enterprise Linux Server 7, and Red Hat Enterprise Linux Workstation 7 allows remote attackers to force the use of ciphers that were not intended to be enabled.
13-02-2023 - 04:50 08-06-2017 - 19:29
CVE-2013-6399 7.5
Array index error in the virtio_load function in hw/virtio/virtio.c in QEMU before 1.7.2 allows remote attackers to execute arbitrary code via a crafted savevm image.
13-02-2023 - 04:49 04-11-2014 - 21:55
CVE-2013-4533 7.5
Buffer overflow in the pxa2xx_ssp_load function in hw/arm/pxa2xx.c in QEMU before 1.7.2 allows remote attackers to cause a denial of service or possibly execute arbitrary code via a crafted s->rx_level value in a savevm image.
13-02-2023 - 04:47 04-11-2014 - 21:55
CVE-2013-4529 7.5
Buffer overflow in hw/pci/pcie_aer.c in QEMU before 1.7.2 allows remote attackers to cause a denial of service and possibly execute arbitrary code via a large log_num value in a savevm image.
13-02-2023 - 04:47 04-11-2014 - 21:55
CVE-2013-4549 5.0
QXmlSimpleReader in Qt before 5.2 allows context-dependent attackers to cause a denial of service (memory consumption) via an XML Entity Expansion (XEE) attack.
13-02-2023 - 04:47 23-12-2013 - 22:55
CVE-2013-4537 7.5
The ssi_sd_transfer function in hw/sd/ssi-sd.c in QEMU before 1.7.2 allows remote attackers to execute arbitrary code via a crafted arglen value in a savevm image.
13-02-2023 - 04:47 04-11-2014 - 21:55
CVE-2013-4542 7.5
The virtio_scsi_load_request function in hw/scsi/scsi-bus.c in QEMU before 1.7.2 might allow remote attackers to execute arbitrary code via a crafted savevm image, which triggers an out-of-bounds array access.
13-02-2023 - 04:47 04-11-2014 - 21:55
CVE-2013-4530 7.5
Buffer overflow in hw/ssi/pl022.c in QEMU before 1.7.2 allows remote attackers to cause a denial of service or possibly execute arbitrary code via crafted tx_fifo_head and rx_fifo_head values in a savevm image.
13-02-2023 - 04:47 04-11-2014 - 21:55
CVE-2013-4527 7.5
Buffer overflow in hw/timer/hpet.c in QEMU before 1.7.2 might allow remote attackers to execute arbitrary code via vectors related to the number of timers.
13-02-2023 - 04:47 04-11-2014 - 21:55
CVE-2013-4538 7.5
Multiple buffer overflows in the ssd0323_load function in hw/display/ssd0323.c in QEMU before 1.7.2 allow remote attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via crafted (1) cmd_len, (2) row, or (3) co
13-02-2023 - 04:47 04-11-2014 - 21:55
CVE-2013-4531 7.5
Buffer overflow in target-arm/machine.c in QEMU before 1.7.2 allows remote attackers to cause a denial of service and possibly execute arbitrary code via a negative value in cpreg_vmstate_array_len in a savevm image.
13-02-2023 - 04:47 04-11-2014 - 21:55
CVE-2013-4488 4.3
libgadu before 1.12.0 does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers.
13-02-2023 - 04:47 10-10-2014 - 01:55
CVE-2013-4534 7.5
Buffer overflow in hw/intc/openpic.c in QEMU before 1.7.2 allows remote attackers to cause a denial of service or possibly execute arbitrary code via vectors related to IRQDest elements.
13-02-2023 - 04:47 04-11-2014 - 21:55
CVE-2013-4539 7.5
Multiple buffer overflows in the tsc210x_load function in hw/input/tsc210x.c in QEMU before 1.7.2 might allow remote attackers to execute arbitrary code via a crafted (1) precision, (2) nextprecision, (3) function, or (4) nextfunction value in a save
13-02-2023 - 04:47 04-11-2014 - 21:55
CVE-2013-4541 7.5
The usb_device_post_load function in hw/usb/bus.c in QEMU before 1.7.2 might allow remote attackers to execute arbitrary code via a crafted savevm image, related to a negative setup_len or setup_index value.
13-02-2023 - 04:47 04-11-2014 - 21:55
CVE-2013-4540 7.5
Buffer overflow in scoop_gpio_handler_update in QEMU before 1.7.2 might allow remote attackers to execute arbitrary code via a large (1) prev_level, (2) gpio_level, or (3) gpio_dir value in a savevm image.
13-02-2023 - 04:47 04-11-2014 - 21:55
CVE-2013-4400 7.2
virt-login-shell in libvirt 1.1.2 through 1.1.3 allows local users to overwrite arbitrary files and possibly gain privileges via unspecified environment variables or command-line arguments.
13-02-2023 - 04:46 09-12-2013 - 16:36
CVE-2013-4312 4.9
The Linux kernel before 4.4.1 allows local users to bypass file-descriptor limits and cause a denial of service (memory consumption) by sending each descriptor over a UNIX socket before closing it, related to net/unix/af_unix.c and net/unix/garbage.c
13-02-2023 - 04:46 08-02-2016 - 03:59
CVE-2013-4408 8.3
Heap-based buffer overflow in the dcerpc_read_ncacn_packet_done function in librpc/rpc/dcerpc_util.c in winbindd in Samba 3.x before 3.6.22, 4.0.x before 4.0.13, and 4.1.x before 4.1.3 allows remote AD domain controllers to execute arbitrary code via
13-02-2023 - 04:46 10-12-2013 - 06:14
CVE-2013-4222 6.5
OpenStack Identity (Keystone) Folsom, Grizzly 2013.1.3 and earlier, and Havana before havana-3 does not properly revoke user tokens when a tenant is disabled, which allows remote authenticated users to retain access via the token.
13-02-2023 - 04:45 30-09-2013 - 22:55
CVE-2013-4148 7.5
Integer signedness error in the virtio_net_load function in hw/net/virtio-net.c in QEMU 1.x before 1.7.2 allows remote attackers to execute arbitrary code via a crafted savevm image, which triggers a buffer overflow.
13-02-2023 - 04:44 04-11-2014 - 21:55
CVE-2013-4150 7.5
The virtio_net_load function in hw/net/virtio-net.c in QEMU 1.5.0 through 1.7.x before 1.7.2 allows remote attackers to cause a denial of service or possibly execute arbitrary code via vectors in which the value of curr_queues is greater than max_que
13-02-2023 - 04:44 04-11-2014 - 21:55
CVE-2013-4151 7.5
The virtio_load function in virtio/virtio.c in QEMU 1.x before 1.7.2 allows remote attackers to execute arbitrary code via a crafted savevm image, which triggers an out-of-bounds write.
13-02-2023 - 04:44 04-11-2014 - 21:55
CVE-2013-4149 7.5
Buffer overflow in virtio_net_load function in net/virtio-net.c in QEMU 1.3.0 through 1.7.x before 1.7.2 might allow remote attackers to execute arbitrary code via a large MAC table.
13-02-2023 - 04:44 04-11-2014 - 21:55
CVE-2013-2063 6.8
Integer overflow in X.org libXtst 1.2.1 and earlier allows X servers to trigger allocation of insufficient memory and a buffer overflow via vectors related to the XRecordGetContext function.
13-02-2023 - 04:42 15-06-2013 - 19:55
CVE-2013-1979 6.9
The scm_set_cred function in include/net/scm.h in the Linux kernel before 3.8.11 uses incorrect uid and gid values during credentials passing, which allows local users to gain privileges via a crafted application.
13-02-2023 - 04:42 03-05-2013 - 11:57
CVE-2013-1929 4.4
Heap-based buffer overflow in the tg3_read_vpd function in drivers/net/ethernet/broadcom/tg3.c in the Linux kernel before 3.8.6 allows physically proximate attackers to cause a denial of service (system crash) or possibly execute arbitrary code via c
13-02-2023 - 04:42 07-06-2013 - 14:03
CVE-2013-1961 9.3
Stack-based buffer overflow in the t2p_write_pdf_page function in tiff2pdf in libtiff before 4.0.3 allows remote attackers to cause a denial of service (application crash) via a crafted image length and resolution in a TIFF image file.
13-02-2023 - 04:42 03-07-2013 - 18:55
CVE-2013-1960 9.3
Heap-based buffer overflow in the t2p_process_jpeg_strip function in tiff2pdf in libtiff 4.0.3 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted TIFF image file.
13-02-2023 - 04:42 03-07-2013 - 18:55
CVE-2013-1962 5.0
The remoteDispatchStoragePoolListAllVolumes function in the storage pool manager in libvirt 1.0.5 allows remote attackers to cause a denial of service (file descriptor consumption) via a large number of requests "to list all volumes for the particula
13-02-2023 - 04:42 29-05-2013 - 00:55
CVE-2013-1892 6.0
MongoDB before 2.0.9 and 2.2.x before 2.2.4 does not properly validate requests to the nativeHelper function in SpiderMonkey, which allows remote authenticated users to cause a denial of service (invalid memory access and server crash) or execute arb
13-02-2023 - 04:41 01-10-2013 - 20:55
CVE-2013-0288 6.8
nss-pam-ldapd before 0.7.18 and 0.8.x before 0.8.11 allows context-dependent attackers to cause a denial of service (application crash) and possibly execute arbitrary code by performing a name lookup on an application with a large number of open file
13-02-2023 - 04:41 05-03-2013 - 21:38
CVE-2013-0170 6.8
Use-after-free vulnerability in the virNetMessageFree function in rpc/virnetserverclient.c in libvirt 1.0.x before 1.0.2, 0.10.2 before 0.10.2.3, 0.9.11 before 0.9.11.9, and 0.9.6 before 0.9.6.4 allows remote attackers to cause a denial of service (c
13-02-2023 - 04:38 08-02-2013 - 20:55
CVE-2013-0220 5.0
The (1) sss_autofs_cmd_getautomntent and (2) sss_autofs_cmd_getautomntbyname function in responder/autofs/autofssrv_cmd.c and the (3) ssh_cmd_parse_request function in responder/ssh/sshsrv_cmd.c in System Security Services Daemon (SSSD) before 1.9.4
13-02-2023 - 04:38 24-02-2013 - 19:55
CVE-2013-0219 3.7
System Security Services Daemon (SSSD) before 1.9.4, when (1) creating, (2) copying, or (3) removing a user home directory tree, allows local users to create, modify, or delete arbitrary files via a symlink attack on another user's files.
13-02-2023 - 04:38 24-02-2013 - 19:55
CVE-2012-6075 9.3
Buffer overflow in the e1000_receive function in the e1000 device driver (hw/e1000.c) in QEMU 1.3.0-rc2 and other versions, when the SBP and LPE flags are disabled, allows remote attackers to cause a denial of service (guest OS crash) and possibly ex
13-02-2023 - 04:37 13-02-2013 - 01:55
CVE-2012-6085 5.8
The read_block function in g10/import.c in GnuPG 1.4.x before 1.4.13 and 2.0.x through 2.0.19, when importing a key, allows remote attackers to corrupt the public keyring database or cause a denial of service (application crash) via a crafted length
13-02-2023 - 04:37 24-01-2013 - 01:55
CVE-2012-4508 1.9
Race condition in fs/ext4/extents.c in the Linux kernel before 3.4.16 allows local users to obtain sensitive information from a deleted file by reading an extent that was not properly marked as uninitialized.
13-02-2023 - 04:34 21-12-2012 - 11:47
CVE-2012-4527 6.8
Stack-based buffer overflow in mcrypt 2.6.8 and earlier allows user-assisted remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long file name. NOTE: it is not clear whether this is a vulnerability.
13-02-2023 - 04:34 21-11-2012 - 23:55
CVE-2012-4565 4.7
The tcp_illinois_info function in net/ipv4/tcp_illinois.c in the Linux kernel before 3.4.19, when the net.ipv4.tcp_congestion_control illinois setting is enabled, allows local users to cause a denial of service (divide-by-zero error and OOPS) by read
13-02-2023 - 04:34 21-12-2012 - 11:47
CVE-2012-3500 1.2
scripts/annotate-output.sh in devscripts before 2.12.2, as used in rpmdevtools before 8.3, allows local users to modify arbitrary files via a symlink attack on the temporary (1) standard output or (2) standard error output file.
13-02-2023 - 04:34 01-10-2012 - 00:55
CVE-2012-3535 6.8
Heap-based buffer overflow in OpenJPEG 1.5.0 and earlier allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a crafted JPEG2000 file.
13-02-2023 - 04:34 05-09-2012 - 23:55
CVE-2012-3386 4.4
The "make distcheck" rule in GNU Automake before 1.11.6 and 1.12.x before 1.12.2 grants world-writable permissions to the extraction directory, which introduces a race condition that allows local users to execute arbitrary code via unspecified vector
13-02-2023 - 04:33 07-08-2012 - 21:55
CVE-2012-2334 6.8
Integer overflow in filter/source/msfilter/msdffimp.cxx in OpenOffice.org (OOo) 3.3, 3.4 Beta, and possibly earlier, and LibreOffice before 3.5.3, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via th
13-02-2023 - 04:33 19-06-2012 - 20:55
CVE-2012-1595 4.3
The pcap_process_pseudo_header function in wiretap/pcap-common.c in Wireshark 1.4.x before 1.4.12 and 1.6.x before 1.6.6 allows remote attackers to cause a denial of service (application crash) via a WTAP_ENCAP_ERF file containing an Extension or Mul
13-02-2023 - 04:33 11-04-2012 - 10:39
CVE-2012-1146 4.9
The mem_cgroup_usage_unregister_event function in mm/memcontrol.c in the Linux kernel before 3.2.10 does not properly handle multiple events that are attached to the same eventfd, which allows local users to cause a denial of service (NULL pointer de
13-02-2023 - 04:33 17-05-2012 - 11:00
CVE-2011-4131 4.6
The NFSv4 implementation in the Linux kernel before 3.2.2 does not properly handle bitmap sizes in GETACL replies, which allows remote NFS servers to cause a denial of service (OOPS) by sending an excessive number of bitmap words.
13-02-2023 - 04:32 17-05-2012 - 11:00
CVE-2011-2911 6.8
Integer overflow in the CSoundFile::ReadWav function in src/load_wav.cpp in libmodplug before 0.8.8.4 allows remote attackers to cause a denial of service and possibly execute arbitrary code via a crafted WAV file, which triggers a heap-based buffer
13-02-2023 - 04:32 07-06-2012 - 19:55
CVE-2011-2721 5.0
Off-by-one error in the cli_hm_scan function in matcher-hash.c in libclamav in ClamAV before 0.97.2 allows remote attackers to cause a denial of service (daemon crash) via an e-mail message that is not properly handled during certain hash calculation
13-02-2023 - 04:31 05-08-2011 - 21:55
CVE-2011-2698 4.3
Off-by-one error in the elem_cell_id_aux function in epan/dissectors/packet-ansi_a.c in the ANSI MAP dissector in Wireshark 1.4.x before 1.4.8 and 1.6.x before 1.6.1 allows remote attackers to cause a denial of service (infinite loop) via an invalid
13-02-2023 - 04:31 23-08-2011 - 21:55
CVE-2011-2719 6.4
libraries/auth/swekey/swekey.auth.lib.php in phpMyAdmin 3.x before 3.3.10.3 and 3.4.x before 3.4.3.2 does not properly manage sessions associated with Swekey authentication, which allows remote attackers to modify the SESSION superglobal array, other
13-02-2023 - 04:31 01-08-2011 - 19:55
CVE-2011-2718 6.0
Multiple directory traversal vulnerabilities in the relational schema implementation in phpMyAdmin 3.4.x before 3.4.3.2 allow remote authenticated users to include and execute arbitrary local files via directory traversal sequences in an export type
13-02-2023 - 04:31 01-08-2011 - 19:55
CVE-2011-2691 4.3
The png_err function in pngerror.c in libpng 1.0.x before 1.0.55, 1.2.x before 1.2.45, 1.4.x before 1.4.8, and 1.5.x before 1.5.4 makes a function call using a NULL pointer argument instead of an empty-string argument, which allows remote attackers t
13-02-2023 - 04:31 17-07-2011 - 20:55
CVE-2011-2511 4.0
Integer overflow in libvirt before 0.9.3 allows remote authenticated users to cause a denial of service (libvirtd crash) and possibly execute arbitrary code via a crafted VirDomainGetVcpus RPC call that triggers memory corruption.
13-02-2023 - 04:31 10-08-2011 - 20:55
CVE-2011-1958 4.3
Wireshark 1.2.x before 1.2.17 and 1.4.x before 1.4.7 allows user-assisted remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted Diameter dictionary file.
13-02-2023 - 04:30 06-06-2011 - 19:55
CVE-2011-1770 7.8
Integer underflow in the dccp_parse_options function (net/dccp/options.c) in the Linux kernel before 2.6.33.14 allows remote attackers to cause a denial of service via a Datagram Congestion Control Protocol (DCCP) packet with an invalid feature optio
13-02-2023 - 04:30 24-06-2011 - 20:55
CVE-2011-1951 4.3
lib/logmatcher.c in Balabit syslog-ng before 3.2.4, when the global flag is set and when using PCRE 8.12 and possibly other versions, allows remote attackers to cause a denial of service (memory consumption) via a message that does not match a regula
13-02-2023 - 04:30 11-07-2011 - 20:55
CVE-2011-1750 7.4
Multiple heap-based buffer overflows in the virtio-blk driver (hw/virtio-blk.c) in qemu-kvm 0.14.0 allow local guest users to cause a denial of service (guest crash) and possibly gain privileges via a (1) write request to the virtio_blk_handle_write
13-02-2023 - 04:30 21-06-2012 - 15:55
CVE-2011-2178 4.4
The virSecurityManagerGetPrivateData function in security/security_manager.c in libvirt 0.8.8 through 0.9.1 uses the wrong argument for a sizeof call, which causes incorrect processing of "security manager private data" that "reopens disk probing" an
13-02-2023 - 04:30 10-08-2011 - 20:55
CVE-2011-1758 3.7
The krb5_save_ccname_done function in providers/krb5/krb5_auth.c in System Security Services Daemon (SSSD) 1.5.x before 1.5.7, when automatic ticket renewal and offline authentication are configured, uses a pathname string as a password, which allows
13-02-2023 - 04:30 26-05-2011 - 18:55
CVE-2011-1590 4.3
The X.509if dissector in Wireshark 1.2.x before 1.2.16 and 1.4.x before 1.4.5 does not properly initialize certain global variables, which allows remote attackers to cause a denial of service (application crash) via a crafted .pcap file.
13-02-2023 - 04:29 29-04-2011 - 22:55
CVE-2011-1098 1.9
Race condition in the createOutputFile function in logrotate.c in logrotate 3.7.9 and earlier allows local users to read log data by opening a file before the intended permissions are in place.
13-02-2023 - 04:29 30-03-2011 - 22:55
CVE-2011-1091 4.0
libymsg.c in the Yahoo! protocol plugin in libpurple in Pidgin 2.6.0 through 2.7.10 allows (1) remote authenticated users to cause a denial of service (NULL pointer dereference and application crash) via a malformed YMSG notification packet, and allo
13-02-2023 - 04:29 14-03-2011 - 19:55
CVE-2010-4351 6.8
The JNLP SecurityManager in IcedTea (IcedTea.so) 1.7 before 1.7.7, 1.8 before 1.8.4, and 1.9 before 1.9.4 for Java OpenJDK returns from the checkPermission method instead of throwing an exception in certain circumstances, which might allow context-de
13-02-2023 - 04:28 20-01-2011 - 19:00
CVE-2010-4249 4.9
The wait_for_unix_gc function in net/unix/garbage.c in the Linux kernel before 2.6.37-rc3-next-20101125 does not properly select times for garbage collection of inflight sockets, which allows local users to cause a denial of service (system hang) via
13-02-2023 - 04:28 29-11-2010 - 16:00
CVE-2010-4171 2.1
The staprun runtime tool in SystemTap 1.3 does not verify that a module to unload was previously loaded by SystemTap, which allows local users to cause a denial of service (unloading of arbitrary kernel modules).
13-02-2023 - 04:28 07-12-2010 - 22:00
CVE-2010-4170 7.2
The staprun runtime tool in SystemTap 1.3 does not properly clear the environment before executing modprobe, which allows local users to gain privileges by setting the MODPROBE_OPTIONS environment variable to specify a malicious configuration file.
13-02-2023 - 04:28 07-12-2010 - 22:00
CVE-2010-4258 6.2
The do_exit function in kernel/exit.c in the Linux kernel before 2.6.36.2 does not properly handle a KERNEL_DS get_fs value, which allows local users to bypass intended access_ok restrictions, overwrite arbitrary kernel memory locations, and gain pri
13-02-2023 - 04:28 30-12-2010 - 19:00
CVE-2010-4261 7.5
Off-by-one error in the icon_cb function in pe_icons.c in libclamav in ClamAV before 0.96.5 allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unspecified vectors. NOT
13-02-2023 - 04:28 07-12-2010 - 13:53
CVE-2010-4260 5.0
Multiple unspecified vulnerabilities in pdf.c in libclamav in ClamAV before 0.96.5 allow remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted PDF document, aka (1) "bb #2358" and (2) "bb #
13-02-2023 - 04:28 07-12-2010 - 13:53
CVE-2010-4158 2.1
The sk_run_filter function in net/core/filter.c in the Linux kernel before 2.6.36.2 does not check whether a certain memory location has been initialized before executing a (1) BPF_S_LD_MEM or (2) BPF_S_LDX_MEM instruction, which allows local users t
13-02-2023 - 04:27 30-12-2010 - 19:00
CVE-2010-4162 4.7
Multiple integer overflows in fs/bio.c in the Linux kernel before 2.6.36.2 allow local users to cause a denial of service (system crash) via a crafted device ioctl to a SCSI device.
13-02-2023 - 04:27 03-01-2011 - 20:00
CVE-2010-3864 7.6
Multiple race conditions in ssl/t1_lib.c in OpenSSL 0.9.8f through 0.9.8o, 1.0.0, and 1.0.0a, when multi-threading and internal caching are enabled on a TLS server, might allow remote attackers to execute arbitrary code via client data that triggers
13-02-2023 - 04:27 17-11-2010 - 16:00
CVE-2010-4157 6.2
Integer overflow in the ioc_general function in drivers/scsi/gdth.c in the Linux kernel before 2.6.36.1 on 64-bit platforms allows local users to cause a denial of service (memory corruption) or possibly have unspecified other impact via a large argu
13-02-2023 - 04:27 10-12-2010 - 19:00
CVE-2010-3870 6.8
The utf8_decode function in PHP before 5.3.4 does not properly handle non-shortest form UTF-8 encoding and ill-formed subsequences in UTF-8 data, which makes it easier for remote attackers to bypass cross-site scripting (XSS) and SQL injection protec
13-02-2023 - 04:27 12-11-2010 - 21:00
CVE-2010-4169 4.9
Use-after-free vulnerability in mm/mprotect.c in the Linux kernel before 2.6.37-rc2 allows local users to cause a denial of service via vectors involving an mprotect system call.
13-02-2023 - 04:27 22-11-2010 - 13:00
CVE-2010-3874 4.0
Heap-based buffer overflow in the bcm_connect function in net/can/bcm.c (aka the Broadcast Manager) in the Controller Area Network (CAN) implementation in the Linux kernel before 2.6.36.2 on 64-bit platforms might allow local users to cause a denial
13-02-2023 - 04:27 29-12-2010 - 18:00
CVE-2010-3846 6.9
Array index error in the apply_rcs_change function in rcs.c in CVS 1.11.23 allows local users to gain privileges via an RCS file containing crafted delta fragment changes that trigger a heap-based buffer overflow.
13-02-2023 - 04:26 05-11-2010 - 17:00
CVE-2010-3852 6.4
The default configuration of Luci 0.22.4 and earlier in Red Hat Conga uses "[INSERT SECRET HERE]" as its secret key for cookies, which makes it easier for remote attackers to bypass repoze.who authentication via a forged ticket cookie.
13-02-2023 - 04:26 06-11-2010 - 00:00
CVE-2010-3855 6.8
Buffer overflow in the ft_var_readpackedpoints function in truetype/ttgxvar.c in FreeType 2.4.3 and earlier allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted TrueType GX font.
13-02-2023 - 04:26 26-11-2010 - 20:00
CVE-2010-3709 4.3
The ZipArchive::getArchiveComment function in PHP 5.2.x through 5.2.14 and 5.3.x through 5.3.3 allows context-dependent attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted ZIP archive.
13-02-2023 - 04:25 09-11-2010 - 01:00
CVE-2010-3698 4.9
The KVM implementation in the Linux kernel before 2.6.36 does not properly reload the FS and GS segment registers, which allows host OS users to cause a denial of service (host OS crash) via a KVM_RUN ioctl call in conjunction with a modified Local D
13-02-2023 - 04:25 26-11-2010 - 19:00
CVE-2010-3705 8.3
The sctp_auth_asoc_get_hmac function in net/sctp/auth.c in the Linux kernel before 2.6.36 does not properly validate the hmac_ids array of an SCTP peer, which allows remote attackers to cause a denial of service (memory corruption and panic) via a cr
13-02-2023 - 04:25 26-11-2010 - 20:00
CVE-2010-3442 4.7
Multiple integer overflows in the snd_ctl_new function in sound/core/control.c in the Linux kernel before 2.6.36-rc5-next-20100929 allow local users to cause a denial of service (heap memory corruption) or possibly have unspecified other impact via a
13-02-2023 - 04:24 04-10-2010 - 21:00
CVE-2010-3302 6.5
Buffer overflow in programs/pluto/xauth.c in the client in Openswan 2.6.25 through 2.6.28 might allow remote authenticated gateways to execute arbitrary code or cause a denial of service via long (1) cisco_dns_info or (2) cisco_domain_info data in a
13-02-2023 - 04:23 05-10-2010 - 22:00
CVE-2010-3308 6.5
Buffer overflow in programs/pluto/xauth.c in the client in Openswan 2.6.26 through 2.6.28 might allow remote authenticated gateways to execute arbitrary code or cause a denial of service via a long cisco_banner (aka server_banner) field.
13-02-2023 - 04:23 05-10-2010 - 22:00
CVE-2010-3089 3.5
Multiple cross-site scripting (XSS) vulnerabilities in GNU Mailman before 2.1.14rc1 allow remote authenticated users to inject arbitrary web script or HTML via vectors involving (1) the list information field or (2) the list description field.
13-02-2023 - 04:22 15-09-2010 - 20:00
CVE-2010-2249 4.3
Memory leak in pngrutil.c in libpng before 1.2.44, and 1.4.x before 1.4.3, allows remote attackers to cause a denial of service (memory consumption and application crash) via a PNG image containing malformed Physical Scale (aka sCAL) chunks.
13-02-2023 - 04:21 30-06-2010 - 18:30
CVE-2010-3070 4.3
Cross-site scripting (XSS) vulnerability in NuSOAP 0.9.5, as used in MantisBT and other products, allows remote attackers to inject arbitrary web script or HTML via the PATH_INFO to an arbitrary PHP script that uses NuSOAP classes.
13-02-2023 - 04:21 28-09-2010 - 18:00
CVE-2010-3069 7.5
Stack-based buffer overflow in the (1) sid_parse and (2) dom_sid_parse functions in Samba before 3.5.5 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted Windows Security ID (SID) on a file
13-02-2023 - 04:21 15-09-2010 - 18:00
CVE-2010-2247 5.0
makepasswd 1.10 default settings generate insecure passwords
13-02-2023 - 04:21 06-11-2019 - 17:15
CVE-2010-1639 4.3
The cli_pdf function in libclamav/pdf.c in ClamAV before 0.96.1 allows remote attackers to cause a denial of service (crash) via a malformed PDF file, related to an inconsistency in the calculated stream length and the real stream length.
13-02-2023 - 04:19 26-05-2010 - 18:30
CVE-2010-1634 5.0
Multiple integer overflows in audioop.c in the audioop module in Python 2.6, 2.7, 3.1, and 3.2 allow context-dependent attackers to cause a denial of service (application crash) via a large fragment, as demonstrated by a call to audioop.lin2lin with
13-02-2023 - 04:18 27-05-2010 - 19:30
CVE-2010-1440 6.8
Multiple integer overflows in dvipsk/dospecial.c in dvips in TeX Live 2009 and earlier, and teTeX, allow remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a special command in a DVI file, related
13-02-2023 - 04:17 07-05-2010 - 18:24
CVE-2010-0739 6.8
Integer overflow in the predospecial function in dospecial.c in dvips in (1) TeX Live and (2) teTeX might allow user-assisted remote attackers to execute arbitrary code via a crafted DVI file that triggers a heap-based buffer overflow. NOTE: some of
13-02-2023 - 04:16 16-04-2010 - 18:30
CVE-2010-0740 5.0
The ssl3_get_record function in ssl/s3_pkt.c in OpenSSL 0.9.8f through 0.9.8m allows remote attackers to cause a denial of service (crash) via a malformed record in a TLS connection that triggers a NULL pointer dereference, related to the minor versi
13-02-2023 - 04:16 26-03-2010 - 18:30
CVE-2010-0415 4.6
The do_pages_move function in mm/migrate.c in the Linux kernel before 2.6.33-rc7 does not validate node values, which allows local users to read arbitrary kernel memory locations, cause a denial of service (OOPS), and possibly have unspecified other
13-02-2023 - 04:16 17-02-2010 - 18:30
CVE-2010-0433 4.3
The kssl_keytab_is_available function in ssl/kssl.c in OpenSSL before 0.9.8n, when Kerberos is enabled but Kerberos configuration files cannot be opened, does not check a certain return value, which allows remote attackers to cause a denial of servic
13-02-2023 - 04:16 05-03-2010 - 19:30
CVE-2010-0411 4.9
Multiple integer signedness errors in the (1) __get_argv and (2) __get_compat_argv functions in tapset/aux_syscalls.stp in SystemTap 1.1 allow local users to cause a denial of service (script crash, or system crash or hang) via a process with a large
13-02-2023 - 04:16 08-02-2010 - 20:30
CVE-2010-0434 4.3
The ap_read_request function in server/protocol.c in the Apache HTTP Server 2.2.x before 2.2.15, when a multithreaded MPM is used, does not properly handle headers in subrequests in certain circumstances involving a parent request that has a body, wh
13-02-2023 - 04:16 05-03-2010 - 19:30
CVE-2010-0424 3.3
The edit_cmd function in crontab.c in (1) cronie before 1.4.4 and (2) Vixie cron (vixie-cron) allows local users to change the modification times of arbitrary files, and consequently cause a denial of service, via a symlink attack on a temporary file
13-02-2023 - 04:16 25-02-2010 - 19:30
CVE-2010-0410 4.9
drivers/connector/connector.c in the Linux kernel before 2.6.32.8 allows local users to cause a denial of service (memory consumption and system crash) by sending the kernel many NETLINK_CONNECTOR messages.
13-02-2023 - 04:16 22-02-2010 - 13:00
CVE-2010-0412 7.5
stap-server in SystemTap 1.1 does not properly restrict the value of the -B (aka BUILD) option, which allows attackers to have an unspecified impact via vectors associated with executing the make program, a different vulnerability than CVE-2009-4273.
13-02-2023 - 04:16 25-02-2010 - 00:30
CVE-2010-0307 4.7
The load_elf_binary function in fs/binfmt_elf.c in the Linux kernel before 2.6.32.8 on the x86_64 platform does not ensure that the ELF interpreter is available before a call to the SET_PERSONALITY macro, which allows local users to cause a denial of
13-02-2023 - 04:15 17-02-2010 - 18:30
CVE-2012-3480 4.6
Multiple integer overflows in the (1) strtod, (2) strtof, (3) strtold, (4) strtod_l, and other unspecified "related functions" in stdlib in GNU C Library (aka glibc or libc6) 2.16 allow local users to cause a denial of service (application crash) and
13-02-2023 - 03:28 25-08-2012 - 10:29
CVE-2011-1011 6.9
The seunshare_mount function in sandbox/seunshare.c in seunshare in certain Red Hat packages of policycoreutils 2.0.83 and earlier in Red Hat Enterprise Linux (RHEL) 6 and earlier, and Fedora 14 and earlier, mounts a new directory on top of /tmp with
13-02-2023 - 03:23 24-02-2011 - 21:00
CVE-2011-1018 10.0
logwatch.pl in Logwatch 7.3.6 allows remote attackers to execute arbitrary commands via shell metacharacters in a log file name, as demonstrated via a crafted username to a Samba server.
13-02-2023 - 03:23 25-02-2011 - 19:00
CVE-2011-0008 6.9
A certain Fedora patch for parse.c in sudo before 1.7.4p5-1.fc14 on Fedora 14 does not properly interpret a system group (aka %group) in the sudoers file during authorization decisions for a user who belongs to that group, which allows local users to
13-02-2023 - 03:22 20-01-2011 - 19:00
CVE-2011-0009 4.3
Best Practical Solutions RT 3.x before 3.8.9rc2 and 4.x before 4.0.0rc4 uses the MD5 algorithm for password hashes, which makes it easier for context-dependent attackers to determine cleartext passwords via a brute-force attack on the database.
13-02-2023 - 03:22 25-01-2011 - 19:00
CVE-2010-4665 4.3
Integer overflow in the ReadDirectory function in tiffdump.c in tiffdump in LibTIFF before 3.9.5 allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted TIFF file containing a d
13-02-2023 - 03:21 03-05-2011 - 20:55
CVE-2010-4530 4.4
Signedness error in ccid_serial.c in libccid in the USB Chip/Smart Card Interface Devices (CCID) driver, as used in pcscd in PCSC-Lite 1.5.3 and possibly other products, allows physically proximate attackers to execute arbitrary code via a smart card
13-02-2023 - 03:20 18-01-2011 - 18:03
CVE-2010-4539 6.8
The walk function in repos.c in the mod_dav_svn module for the Apache HTTP Server, as distributed in Apache Subversion before 1.6.15, allows remote authenticated users to cause a denial of service (NULL pointer dereference and daemon crash) via vecto
13-02-2023 - 03:20 07-01-2011 - 19:00
CVE-2010-4647 4.3
Multiple cross-site scripting (XSS) vulnerabilities in the Help Contents web application (aka the Help Server) in Eclipse IDE before 3.6.2 allow remote attackers to inject arbitrary web script or HTML via the query string to (1) help/index.jsp or (2)
13-02-2023 - 03:20 13-01-2011 - 19:00
CVE-2010-4644 3.5
Multiple memory leaks in rev_hunt.c in Apache Subversion before 1.6.15 allow remote authenticated users to cause a denial of service (memory consumption and daemon crash) via the -g option to the blame command.
13-02-2023 - 03:20 07-01-2011 - 19:00
CVE-2010-4531 4.4
Stack-based buffer overflow in the ATRDecodeAtr function in the Answer-to-Reset (ATR) Handler (atrhandler.c) for pcscd in PCSC-Lite 1.5.3, and possibly other 1.5.x and 1.6.x versions, allows physically proximate attackers to cause a denial of service
13-02-2023 - 03:20 18-01-2011 - 18:03
CVE-2009-5030 6.8
The tcd_free_encode function in tcd.c in OpenJPEG 1.3 through 1.5 allows remote attackers to cause a denial of service (memory corruption) and possibly execute arbitrary code via crafted tile information in a Gray16 TIFF image, which causes insuffici
13-02-2023 - 02:20 18-07-2012 - 22:55
CVE-2009-4031 7.8
The do_insn_fetch function in arch/x86/kvm/emulate.c in the x86 emulator in the KVM subsystem in the Linux kernel before 2.6.32-rc8-next-20091125 tries to interpret instructions that contain too many bytes to be valid, which allows guest OS users to
13-02-2023 - 02:20 29-11-2009 - 13:07
CVE-2009-4131 7.2
The EXT4_IOC_MOVE_EXT (aka move extents) ioctl implementation in the ext4 filesystem in the Linux kernel before 2.6.32-git6 allows local users to overwrite arbitrary files via a crafted request, related to insufficient checks for file permissions.
13-02-2023 - 02:20 13-12-2009 - 01:30
CVE-2009-3608 9.3
Integer overflow in the ObjectStream::ObjectStream function in XRef.cc in Xpdf 3.x before 3.02pl4 and Poppler before 0.12.1, as used in GPdf, kdegraphics KPDF, CUPS pdftops, and teTeX, might allow remote attackers to execute arbitrary code via a craf
13-02-2023 - 02:20 21-10-2009 - 17:30
CVE-2009-1890 7.1
The stream_reqbody_cl function in mod_proxy_http.c in the mod_proxy module in the Apache HTTP Server before 2.3.3, when a reverse proxy is configured, does not properly handle an amount of streamed data that exceeds the Content-Length value, which al
13-02-2023 - 02:20 05-07-2009 - 16:30
CVE-2009-2906 4.0
smbd in Samba 3.0 before 3.0.37, 3.2 before 3.2.15, 3.3 before 3.3.8, and 3.4 before 3.4.2 allows remote authenticated users to cause a denial of service (infinite loop) via an unanticipated oplock break notification reply packet.
13-02-2023 - 02:20 07-10-2009 - 18:30
CVE-2009-3621 4.9
net/unix/af_unix.c in the Linux kernel 2.6.31.4 and earlier allows local users to cause a denial of service (system hang) by creating an abstract-namespace AF_UNIX listening socket, performing a shutdown operation on this socket, and then performing
13-02-2023 - 02:20 22-10-2009 - 16:00
CVE-2009-2406 6.9
Stack-based buffer overflow in the parse_tag_11_packet function in fs/ecryptfs/keystore.c in the eCryptfs subsystem in the Linux kernel before 2.6.30.4 allows local users to cause a denial of service (system crash) or possibly gain privileges via vec
13-02-2023 - 02:20 31-07-2009 - 19:00
CVE-2009-4135 4.4
The distcheck rule in dist-check.mk in GNU coreutils 5.2.1 through 8.1 allows local users to gain privileges via a symlink attack on a file in a directory tree under /tmp.
13-02-2023 - 02:20 11-12-2009 - 16:30
CVE-2009-3638 7.2
Integer overflow in the kvm_dev_ioctl_get_supported_cpuid function in arch/x86/kvm/x86.c in the KVM subsystem in the Linux kernel before 2.6.31.4 allows local users to have an unspecified impact via a KVM_GET_SUPPORTED_CPUID request to the kvm_arch_d
13-02-2023 - 02:20 29-10-2009 - 14:30
CVE-2009-3609 4.3
Integer overflow in the ImageStream::ImageStream function in Stream.cc in Xpdf before 3.02pl4 and Poppler before 0.12.1, as used in GPdf, kdegraphics KPDF, and CUPS pdftops, allows remote attackers to cause a denial of service (application crash) via
13-02-2023 - 02:20 21-10-2009 - 17:30
CVE-2009-3555 5.8
The TLS protocol, and the SSL protocol 3.0 and possibly earlier, as used in Microsoft Internet Information Services (IIS) 7.0, mod_ssl in the Apache HTTP Server 2.2.14 and earlier, OpenSSL before 0.9.8l, GnuTLS 2.8.5 and earlier, Mozilla Network Secu
13-02-2023 - 02:20 09-11-2009 - 17:30
CVE-2009-2908 4.9
The d_delete function in fs/ecryptfs/inode.c in eCryptfs in the Linux kernel 2.6.31 allows local users to cause a denial of service (kernel OOPS) and possibly execute arbitrary code via unspecified vectors that cause a "negative dentry" and trigger a
13-02-2023 - 02:20 13-10-2009 - 10:30
CVE-2009-2909 4.9
Integer signedness error in the ax25_setsockopt function in net/ax25/af_ax25.c in the ax25 subsystem in the Linux kernel before 2.6.31.2 allows local users to cause a denial of service (OOPS) via a crafted optlen value in an SO_BINDTODEVICE operation
13-02-2023 - 02:20 20-10-2009 - 17:30
CVE-2009-3607 9.3
Integer overflow in the create_surface_from_thumbnail_data function in glib/poppler-page.cc in Poppler 0.x allows remote attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via a crafted PDF document that tri
13-02-2023 - 02:20 21-10-2009 - 17:30
CVE-2009-2407 6.9
Heap-based buffer overflow in the parse_tag_3_packet function in fs/ecryptfs/keystore.c in the eCryptfs subsystem in the Linux kernel before 2.6.30.4 allows local users to cause a denial of service (system crash) or possibly gain privileges via vecto
13-02-2023 - 02:20 31-07-2009 - 19:00
CVE-2009-1895 7.2
The personality subsystem in the Linux kernel before 2.6.31-rc3 has a PER_CLEAR_ON_SETID setting that does not clear the ADDR_COMPAT_LAYOUT and MMAP_PAGE_ZERO flags when executing a setuid or setgid program, which makes it easier for local users to l
13-02-2023 - 02:20 16-07-2009 - 15:30
CVE-2009-2910 2.1
arch/x86/ia32/ia32entry.S in the Linux kernel before 2.6.31.4 on the x86_64 platform does not clear certain kernel registers before a return to user mode, which allows local users to read register values from an earlier process by switching an ia32 p
13-02-2023 - 02:20 20-10-2009 - 17:30
CVE-2009-3080 7.2
Array index error in the gdth_read_event function in drivers/scsi/gdth.c in the Linux kernel before 2.6.32-rc8 allows local users to cause a denial of service or possibly gain privileges via a negative event index in an IOCTL request.
13-02-2023 - 02:20 20-11-2009 - 17:30
CVE-2009-3606 9.3
Integer overflow in the PSOutputDev::doImageL1Sep function in Xpdf before 3.02pl4, and Poppler 0.x, as used in kdegraphics KPDF, might allow remote attackers to execute arbitrary code via a crafted PDF document that triggers a heap-based buffer overf
13-02-2023 - 02:20 21-10-2009 - 17:30
CVE-2009-1891 7.1
The mod_deflate module in Apache httpd 2.2.11 and earlier compresses large files until completion even after the associated network connection is closed, which allows remote attackers to cause a denial of service (CPU consumption).
13-02-2023 - 02:20 10-07-2009 - 15:30
CVE-2009-1376 9.3
Multiple integer overflows in the msn_slplink_process_msg functions in the MSN protocol handler in (1) libpurple/protocols/msn/slplink.c and (2) libpurple/protocols/msnp9/slplink.c in Pidgin (formerly Gaim) before 2.5.6 on 32-bit platforms allow remo
13-02-2023 - 02:20 26-05-2009 - 15:30
CVE-2009-1308 4.3
Cross-site scripting (XSS) vulnerability in Mozilla Firefox before 3.0.9, Thunderbird, and SeaMonkey allows remote attackers to inject arbitrary web script or HTML via vectors involving XBL JavaScript bindings and remote stylesheets, as exploited in
13-02-2023 - 02:20 22-04-2009 - 18:30
CVE-2009-1381 6.8
The map_yp_alias function in functions/imap_general.php in SquirrelMail before 1.4.19-1 on Debian GNU/Linux, and possibly other operating systems and versions, allows remote attackers to execute arbitrary commands via shell metacharacters in a userna
13-02-2023 - 02:20 22-05-2009 - 20:30
CVE-2009-1385 7.8
Integer underflow in the e1000_clean_rx_irq function in drivers/net/e1000/e1000_main.c in the e1000 driver in the Linux kernel before 2.6.30-rc8, the e1000e driver in the Linux kernel, and Intel Wired Ethernet (aka e1000) before 7.5.5 allows remote a
13-02-2023 - 02:20 04-06-2009 - 16:30
CVE-2010-0006 7.1
The ipv6_hop_jumbo function in net/ipv6/exthdrs.c in the Linux kernel before 2.6.32.4, when network namespaces are enabled, allows remote attackers to cause a denial of service (NULL pointer dereference) via an invalid IPv6 jumbogram, a related issue
13-02-2023 - 02:20 26-01-2010 - 18:30
CVE-2009-1389 7.8
Buffer overflow in the RTL8169 NIC driver (drivers/net/r8169.c) in the Linux kernel before 2.6.30 allows remote attackers to cause a denial of service (kernel memory corruption and crash) via a long packet.
13-02-2023 - 02:20 16-06-2009 - 23:30
CVE-2010-0007 2.1
net/bridge/netfilter/ebtables.c in the ebtables module in the netfilter framework in the Linux kernel before 2.6.33-rc4 does not require the CAP_NET_ADMIN capability for setting or modifying rules, which allows local users to bypass intended access r
13-02-2023 - 02:20 19-01-2010 - 16:30
CVE-2010-0003 5.4
The print_fatal_signal function in kernel/signal.c in the Linux kernel before 2.6.32.4 on the i386 platform, when print-fatal-signals is enabled, allows local users to discover the contents of arbitrary memory locations by jumping to an address and t
13-02-2023 - 02:20 26-01-2010 - 18:30
CVE-2008-5016 5.0
The layout engine in Mozilla Firefox 3.x before 3.0.4, Thunderbird 2.x before 2.0.0.18, and SeaMonkey 1.x before 1.1.13 allows remote attackers to cause a denial of service (crash) via multiple vectors that trigger an assertion failure or other conse
13-02-2023 - 02:19 13-11-2008 - 11:30
CVE-2008-4579 1.9
The (1) fence_apc and (2) fence_apc_snmp programs, as used in (a) fence 2.02.00-r1 and possibly (b) cman, when running in verbose mode, allows local users to append to arbitrary files via a symlink attack on the apclog temporary file.
13-02-2023 - 02:19 15-10-2008 - 20:08
CVE-2008-5515 5.0
Apache Tomcat 4.1.0 through 4.1.39, 5.5.0 through 5.5.27, 6.0.0 through 6.0.18, and possibly earlier versions normalizes the target pathname before filtering the query string when using the RequestDispatcher method, which allows remote attackers to b
13-02-2023 - 02:19 16-06-2009 - 21:00
CVE-2008-4316 4.6
Multiple integer overflows in glib/gbase64.c in GLib before 2.20 allow context-dependent attackers to execute arbitrary code via a long string that is converted either (1) from or (2) to a base64 representation.
13-02-2023 - 02:19 14-03-2009 - 18:30
CVE-2008-5012 5.0
Mozilla Firefox 2.x before 2.0.0.18, Thunderbird 2.x before 2.0.0.18, and SeaMonkey 1.x before 1.1.13 do not properly change the source URI when processing a canvas element and an HTTP redirect, which allows remote attackers to bypass the same origin
13-02-2023 - 02:19 13-11-2008 - 11:30
CVE-2008-5019 4.3
The session restore feature in Mozilla Firefox 3.x before 3.0.4 and 2.x before 2.0.0.18 allows remote attackers to violate the same origin policy to conduct cross-site scripting (XSS) attacks and execute arbitrary JavaScript with chrome privileges vi
13-02-2023 - 02:19 13-11-2008 - 11:30
CVE-2008-3831 4.7
The i915 driver in (1) drivers/char/drm/i915_dma.c in the Linux kernel 2.6.24 on Debian GNU/Linux and (2) sys/dev/pci/drm/i915_drv.c in OpenBSD does not restrict the DRM_I915_HWS_ADDR ioctl to the Direct Rendering Manager (DRM) master, which allows l
13-02-2023 - 02:19 20-10-2008 - 17:59
CVE-2008-3932 5.0
Wireshark (formerly Ethereal) 0.9.7 through 1.0.2 allows attackers to cause a denial of service (hang) via a crafted NCP packet that triggers an infinite loop.
13-02-2023 - 02:19 04-09-2008 - 19:41
CVE-2008-2936 6.2
Postfix before 2.3.15, 2.4 before 2.4.8, 2.5 before 2.5.4, and 2.6 before 2.6-20080814, when the operating system supports hard links to symlinks, allows local users to append e-mail messages to a file to which a root-owned symlink points, by creatin
13-02-2023 - 02:19 18-08-2008 - 19:41
CVE-2008-3274 5.0
The default configuration of Red Hat Enterprise IPA 1.0.0 and FreeIPA before 1.1.1 places ldap:///anyone on the read ACL for the krbMKey attribute, which allows remote attackers to obtain the Kerberos master key via an anonymous LDAP query.
13-02-2023 - 02:19 12-09-2008 - 16:56
CVE-2008-2109 5.0
field.c in the libid3tag 0.15.0b library allows context-dependent attackers to cause a denial of service (CPU consumption) via an ID3_FIELD_TYPE_STRINGLIST field that ends in '\0', which triggers an infinite loop.
13-02-2023 - 02:19 07-05-2008 - 21:20
CVE-2008-3525 7.2
The sbni_ioctl function in drivers/net/wan/sbni.c in the wan subsystem in the Linux kernel 2.6.26.3 does not check for the CAP_NET_ADMIN capability before processing a (1) SIOCDEVRESINSTATS, (2) SIOCDEVSHWSTATE, (3) SIOCDEVENSLAVE, or (4) SIOCDEVEMAN
13-02-2023 - 02:19 03-09-2008 - 14:12
CVE-2008-2932 7.5
Heap-based buffer overflow in Red Hat adminutil 1.1.6 allows remote attackers to cause a denial of service (daemon crash) or possibly execute arbitrary code via % (percent) encoded HTTP input to unspecified CGI scripts in Fedora Directory Server. NOT
13-02-2023 - 02:19 12-09-2008 - 16:56
CVE-2008-2938 4.3
Directory traversal vulnerability in Apache Tomcat 4.1.0 through 4.1.37, 5.5.0 through 5.5.26, and 6.0.0 through 6.0.16, when allowLinking and UTF-8 are enabled, allows remote attackers to read arbitrary files via encoded directory traversal sequence
13-02-2023 - 02:19 13-08-2008 - 00:41
CVE-2008-1720 7.5
Buffer overflow in rsync 2.6.9 to 3.0.1, with extended attribute (xattr) support enabled, might allow remote attackers to execute arbitrary code via unknown vectors.
13-02-2023 - 02:19 10-04-2008 - 19:05
CVE-2008-1947 4.3
Cross-site scripting (XSS) vulnerability in Apache Tomcat 5.5.9 through 5.5.26 and 6.0.0 through 6.0.16 allows remote attackers to inject arbitrary web script or HTML via the name parameter (aka the hostname attribute) to host-manager/html/add.
13-02-2023 - 02:19 04-06-2008 - 19:32
CVE-2008-2376 7.5
Integer overflow in the rb_ary_fill function in array.c in Ruby before revision 17756 allows context-dependent attackers to cause a denial of service (crash) or possibly have unspecified other impact via a call to the Array#fill method with a start (
13-02-2023 - 02:19 09-07-2008 - 00:41
CVE-2008-2370 5.0
Apache Tomcat 4.1.0 through 4.1.37, 5.5.0 through 5.5.26, and 6.0.0 through 6.0.16, when a RequestDispatcher is used, performs path normalization before removing the query string from the URI, which allows remote attackers to conduct directory traver
13-02-2023 - 02:19 04-08-2008 - 01:41
CVE-2008-1926 7.5
Argument injection vulnerability in login (login-utils/login.c) in util-linux-ng 2.14 and earlier makes it easier for remote attackers to hide activities by modifying portions of log events, as demonstrated by appending an "addr=" statement to the lo
13-02-2023 - 02:19 24-04-2008 - 05:05
CVE-2008-2364 5.0
The ap_proxy_http_process_response function in mod_proxy_http.c in the mod_proxy module in the Apache HTTP Server 2.0.63 and 2.2.8 does not limit the number of forwarded interim responses, which allows remote HTTP servers to cause a denial of service
13-02-2023 - 02:19 13-06-2008 - 18:41
CVE-2009-1179 6.8
Integer overflow in the JBIG2 decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and earlier, Poppler before 0.10.6, and other products allows remote attackers to execute arbitrary code via a crafted PDF file.
13-02-2023 - 02:19 23-04-2009 - 17:30
CVE-2009-0781 4.3
Cross-site scripting (XSS) vulnerability in jsp/cal/cal2.jsp in the calendar application in the examples web application in Apache Tomcat 4.1.0 through 4.1.39, 5.5.0 through 5.5.27, and 6.0.0 through 6.0.18 allows remote attackers to inject arbitrary
13-02-2023 - 02:19 09-03-2009 - 21:30
CVE-2009-1185 7.2
udev before 1.4.1 does not verify whether a NETLINK message originates from kernel space, which allows local users to gain privileges by sending a NETLINK message from user space.
13-02-2023 - 02:19 17-04-2009 - 14:30
CVE-2009-1186 2.1
Buffer overflow in the util_path_encode function in udev/lib/libudev-util.c in udev before 1.4.1 allows local users to cause a denial of service (service outage) via vectors that trigger a call with crafted arguments.
13-02-2023 - 02:19 17-04-2009 - 14:30
CVE-2009-0580 4.3
Apache Tomcat 4.1.0 through 4.1.39, 5.5.0 through 5.5.27, and 6.0.0 through 6.0.18, when FORM authentication is used, allows remote attackers to enumerate valid usernames via requests to /j_security_check with malformed URL encoding of passwords, rel
13-02-2023 - 02:19 05-06-2009 - 16:00
CVE-2009-0771 10.0
The layout engine in Mozilla Firefox before 3.0.7, Thunderbird before 2.0.0.21, and SeaMonkey 1.1.15 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via certain vectors that trigger memory corruption a
13-02-2023 - 02:19 05-03-2009 - 02:30
CVE-2009-1187 5.0
Integer overflow in the JBIG2 decoding feature in Poppler before 0.10.6 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via vectors related to CairoOutputDev (CairoOutputDev.cc).
13-02-2023 - 02:19 23-04-2009 - 19:30
CVE-2009-1188 5.0
Integer overflow in the JBIG2 decoding feature in the SplashBitmap::SplashBitmap function in SplashBitmap.cc in Xpdf 3.x before 3.02pl4 and Poppler before 0.10.6, as used in GPdf and kdegraphics KPDF, allows remote attackers to execute arbitrary code
13-02-2023 - 02:19 23-04-2009 - 19:30
CVE-2009-0356 5.1
Mozilla Firefox before 3.0.6 and SeaMonkey do not block links to the (1) about:plugins and (2) about:config URIs from .desktop files, which allows user-assisted remote attackers to bypass the Same Origin Policy and execute arbitrary code with chrome
13-02-2023 - 02:19 04-02-2009 - 19:30
CVE-2009-0029 7.2
The ABI in the Linux kernel 2.6.28 and earlier on s390, powerpc, sparc64, and mips 64-bit platforms requires that a 32-bit argument in a 64-bit register was properly sign extended when sent from a user-mode application, but cannot verify this, which
13-02-2023 - 02:19 15-01-2009 - 17:30
CVE-2009-1181 4.3
The JBIG2 decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and earlier, Poppler before 0.10.6, and other products allows remote attackers to cause a denial of service (crash) via a crafted PDF file that triggers a NULL pointer dereference.
13-02-2023 - 02:19 23-04-2009 - 17:30
CVE-2009-0800 6.8
Multiple "input validation flaws" in the JBIG2 decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and earlier, Poppler before 0.10.6, and other products allow remote attackers to execute arbitrary code via a crafted PDF file.
13-02-2023 - 02:19 23-04-2009 - 17:30
CVE-2009-0581 4.3
Memory leak in LittleCMS (aka lcms or liblcms) before 1.18beta2, as used in Firefox 3.1beta, OpenJDK, and GIMP, allows context-dependent attackers to cause a denial of service (memory consumption and application crash) via a crafted image file.
13-02-2023 - 02:19 23-03-2009 - 14:19
CVE-2007-5497 5.8
Multiple integer overflows in libext2fs in e2fsprogs before 1.40.3 allow user-assisted remote attackers to execute arbitrary code via a crafted filesystem image.
13-02-2023 - 02:18 07-12-2007 - 11:46
CVE-2007-5339 4.3
Multiple vulnerabilities in Mozilla Firefox before 2.0.0.8, Thunderbird before 2.0.0.8, and SeaMonkey before 1.1.5 allow remote attackers to cause a denial of service (crash) via crafted HTML that triggers memory corruption or assert errors.
13-02-2023 - 02:18 21-10-2007 - 19:17
CVE-2007-5707 7.1
OpenLDAP before 2.3.39 allows remote attackers to cause a denial of service (slapd crash) via an LDAP request with a malformed objectClasses attribute. NOTE: this has been reported as a double free, but the reports are inconsistent.
13-02-2023 - 02:18 30-10-2007 - 19:46
CVE-2007-5342 6.4
The default catalina.policy in the JULI logging component in Apache Tomcat 5.5.9 through 5.5.25 and 6.0.0 through 6.0.15 does not restrict certain permissions for web applications, which allows attackers to modify logging configuration options and ov
13-02-2023 - 02:18 27-12-2007 - 22:46
CVE-2007-5333 5.0
Apache Tomcat 6.0.0 through 6.0.14, 5.5.0 through 5.5.25, and 4.1.0 through 4.1.36 does not properly handle (1) double quote (") characters or (2) %5C (encoded backslash) sequences in a cookie value, which might cause sensitive information such as se
13-02-2023 - 02:18 12-02-2008 - 01:00
CVE-2007-5501 7.8
The tcp_sacktag_write_queue function in net/ipv4/tcp_input.c in Linux kernel 2.6.21 through 2.6.23.7, and 2.6.24-rc through 2.6.24-rc2, allows remote attackers to cause a denial of service (crash) via crafted ACK responses that trigger a NULL pointer
13-02-2023 - 02:18 15-11-2007 - 20:46
CVE-2007-5503 6.8
Multiple integer overflows in Cairo before 1.4.12 might allow remote attackers to execute arbitrary code, as demonstrated using a crafted PNG image with large width and height values, which is not properly handled by the read_png function.
13-02-2023 - 02:18 30-11-2007 - 01:46
CVE-2007-6284 5.0
The xmlCurrentChar function in libxml2 before 2.6.31 allows context-dependent attackers to cause a denial of service (infinite loop) via XML containing invalid UTF-8 sequences.
13-02-2023 - 02:18 12-01-2008 - 02:46
CVE-2007-5340 4.3
Multiple vulnerabilities in the Javascript engine in Mozilla Firefox before 2.0.0.8, Thunderbird before 2.0.0.8, and SeaMonkey before 1.1.5 allow remote attackers to cause a denial of service (crash) via crafted HTML that triggers memory corruption.
13-02-2023 - 02:18 21-10-2007 - 19:17
CVE-2007-5500 4.9
The wait_task_stopped function in the Linux kernel before 2.6.23.8 checks a TASK_TRACED bit instead of an exit_state value, which allows local users to cause a denial of service (machine crash) via unspecified vectors. NOTE: some of these details are
13-02-2023 - 02:18 20-11-2007 - 02:46
CVE-2007-5960 4.3
Mozilla Firefox before 2.0.0.10 and SeaMonkey before 1.1.7 sets the Referer header to the window or frame in which script is running, instead of the address of the content that initiated the script, which allows remote attackers to spoof HTTP Referer
13-02-2023 - 02:18 26-11-2007 - 23:46
CVE-2007-5962 7.1
Memory leak in a certain Red Hat patch, applied to vsftpd 2.0.5 on Red Hat Enterprise Linux (RHEL) 5 and Fedora 6 through 8, and on Foresight Linux and rPath appliances, allows remote attackers to cause a denial of service (memory consumption) via a
13-02-2023 - 02:18 22-05-2008 - 13:09
CVE-2007-4568 6.8
Integer overflow in the build_range function in X.Org X Font Server (xfs) before 1.0.5 allows context-dependent attackers to execute arbitrary code via (1) QueryXBitmaps and (2) QueryXExtents protocol requests with crafted size values, which triggers
13-02-2023 - 02:18 05-10-2007 - 21:17
CVE-2007-4571 2.1
The snd_mem_proc_read function in sound/core/memalloc.c in the Advanced Linux Sound Architecture (ALSA) in the Linux kernel before 2.6.22.8 does not return the correct write size, which allows local users to obtain sensitive information (kernel memor
13-02-2023 - 02:18 26-09-2007 - 10:17
CVE-2008-1673 10.0
The asn1 implementation in (a) the Linux kernel 2.4 before 2.4.36.6 and 2.6 before 2.6.25.5, as used in the cifs and ip_nat_snmp_basic modules; and (b) the gxsnmp package; does not properly validate length values during decoding of ASN.1 BER data, wh
13-02-2023 - 02:18 10-06-2008 - 00:32
CVE-2008-1612 4.3
The arrayShrink function (lib/Array.c) in Squid 2.6.STABLE17 allows attackers to cause a denial of service (process exit) via unknown vectors that cause an array to shrink to 0 entries, which triggers an assert error. NOTE: this issue is due to an in
13-02-2023 - 02:18 01-04-2008 - 17:44
CVE-2008-1678 5.0
Memory leak in the zlib_stateful_init function in crypto/comp/c_zlib.c in libssl in OpenSSL 0.9.8f through 0.9.8h allows remote attackers to cause a denial of service (memory consumption) via multiple calls, as demonstrated by initial SSL client hand
13-02-2023 - 02:18 10-07-2008 - 17:41
CVE-2007-4137 7.5
Off-by-one error in the QUtf8Decoder::toUnicode function in Trolltech Qt 3 allows context-dependent attackers to cause a denial of service (crash) via a crafted Unicode string that triggers a heap-based buffer overflow. NOTE: Qt 4 has the same error
13-02-2023 - 02:18 18-09-2007 - 19:17
CVE-2007-3847 5.0
The date handling code in modules/proxy/proxy_util.c (mod_proxy) in Apache 2.3.0, when using a threaded MPM, allows remote origin servers to cause a denial of service (caching forward proxy process crash) via crafted date headers that trigger a buffe
13-02-2023 - 02:18 23-08-2007 - 22:17
CVE-2008-1232 4.3
Cross-site scripting (XSS) vulnerability in Apache Tomcat 4.1.0 through 4.1.37, 5.5.0 through 5.5.26, and 6.0.0 through 6.0.16 allows remote attackers to inject arbitrary web script or HTML via a crafted string that is used in the message argument to
13-02-2023 - 02:18 04-08-2008 - 01:41
CVE-2008-0600 7.2
The vmsplice_to_pipe function in Linux kernel 2.6.17 through 2.6.24.1 does not validate a certain userspace pointer before dereference, which allows local users to gain root privileges via crafted arguments in a vmsplice system call, a different vuln
13-02-2023 - 02:18 12-02-2008 - 21:00
CVE-2008-0001 3.6
VFS in the Linux kernel before 2.6.22.16, and 2.6.23.x before 2.6.23.14, performs tests of access mode by using the flag variable instead of the acc_mode variable, which might allow local users to bypass intended permissions and remove directories.
13-02-2023 - 02:18 15-01-2008 - 20:00
CVE-2008-1380 9.3
The JavaScript engine in Mozilla Firefox before 2.0.0.14, Thunderbird before 2.0.0.14, and SeaMonkey before 1.1.10 allows remote attackers to cause a denial of service (garbage collector crash) and possibly have other impacts via a crafted web page.
13-02-2023 - 02:18 17-04-2008 - 19:05
CVE-2008-0414 4.3
Mozilla Firefox before 2.0.0.12 and SeaMonkey before 1.1.8 allows user-assisted remote attackers to trick the user into uploading arbitrary files via label tags that shift focus to a file input field, aka "focus spoofing."
13-02-2023 - 02:18 08-02-2008 - 22:00
CVE-2008-1078 7.2
expn in the am-utils and net-fs packages for Gentoo, rPath Linux, and other distributions, allows local users to overwrite arbitrary files via a symlink attack on the expn[PID] temporary file. NOTE: this is the same issue as CVE-2003-0308.1.
13-02-2023 - 02:18 29-02-2008 - 02:44
CVE-2008-0891 4.3
Double free vulnerability in OpenSSL 0.9.8f and 0.9.8g, when the TLS server name extensions are enabled, allows remote attackers to cause a denial of service (crash) via a malformed Client Hello packet. NOTE: some of these details are obtained from t
13-02-2023 - 02:18 29-05-2008 - 16:32
CVE-2007-2872 6.8
Multiple integer overflows in the chunk_split function in PHP 5 before 5.2.3 and PHP 4 before 4.4.8 allow remote attackers to cause a denial of service (crash) or execute arbitrary code via the (1) chunks, (2) srclen, and (3) chunklen arguments.
13-02-2023 - 02:17 04-06-2007 - 17:30
CVE-2007-2754 6.8
Integer signedness error in truetype/ttgload.c in Freetype 2.3.4 and earlier might allow remote attackers to execute arbitrary code via a crafted TTF image with a negative n_points value, which leads to an integer overflow and heap-based buffer overf
13-02-2023 - 02:17 17-05-2007 - 22:30
CVE-2007-0493 7.8
Use-after-free vulnerability in ISC BIND 9.3.0 up to 9.3.3, 9.4.0a1 up to 9.4.0a6, 9.4.0b1 up to 9.4.0b4, 9.4.0rc1, and 9.5.0a1 (Bind Forum only) allows remote attackers to cause a denial of service (named daemon crash) via unspecified vectors that c
13-02-2023 - 02:17 25-01-2007 - 20:28
CVE-2006-5753 7.2
Unspecified vulnerability in the listxattr system call in Linux kernel, when a "bad inode" is present, allows local users to cause a denial of service (data corruption) and possibly gain privileges via unknown vectors.
13-02-2023 - 02:16 30-01-2007 - 19:28
CVE-2006-2656 7.5
Stack-based buffer overflow in the tiffsplit command in libtiff 3.8.2 and earlier might might allow attackers to execute arbitrary code via a long filename. NOTE: tiffsplit is not setuid. If there is not a common scenario under which tiffsplit is cal
13-02-2023 - 02:16 30-05-2006 - 18:02
CVE-2006-1522 4.9
The sys_add_key function in the keyring code in Linux kernel 2.6.16.1 and 2.6.17-rc1, and possibly earlier versions, allows local users to cause a denial of service (OOPS) via keyctl requests that add a key to a user key instead of a keyring key, whi
13-02-2023 - 02:16 10-04-2006 - 20:02
CVE-2006-1861 7.5
Multiple integer overflows in FreeType before 2.2 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via attack vectors related to (1) bdf/bdflib.c, (2) sfnt/ttcmap.c, (3) cff/cffgload.c, and (4) the read_
13-02-2023 - 02:16 23-05-2006 - 10:06
CVE-2006-0455 4.6
gpgv in GnuPG before 1.4.2.1, when using unattended signature verification, returns a 0 exit code in certain cases even when the detached signature file does not carry a signature, which could cause programs that use gpgv to assume that the signature
13-02-2023 - 02:16 15-02-2006 - 22:06
CVE-2005-3357 5.4
mod_ssl in Apache 2.0 up to 2.0.55, when configured with an SSL vhost with access control and a custom error 400 error page, allows remote attackers to cause a denial of service (application crash) via a non-SSL request to an SSL port, which triggers
13-02-2023 - 02:15 31-12-2005 - 05:00
CVE-2005-2974 2.6
libungif library before 4.1.0 allows attackers to cause a denial of service via a crafted GIF file that triggers a null dereference.
13-02-2023 - 02:15 04-11-2005 - 00:02
CVE-2005-2973 2.1
The udp_v6_get_port function in udp.c in Linux 2.6 before 2.6.14-rc5, when running IPv6, allows local users to cause a denial of service (infinite loop and crash).
13-02-2023 - 02:15 27-10-2005 - 18:02
CVE-2011-3627 4.3
The bytecode engine in ClamAV before 0.97.3 allows remote attackers to cause a denial of service (crash) via vectors related to "recursion level" and (1) libclamav/bytecode.c and (2) libclamav/bytecode_api.c.
13-02-2023 - 01:21 17-11-2011 - 19:55
CVE-2011-2692 6.8
The png_handle_sCAL function in pngrutil.c in libpng 1.0.x before 1.0.55, 1.2.x before 1.2.45, 1.4.x before 1.4.8, and 1.5.x before 1.5.4 does not properly handle invalid sCAL chunks, which allows remote attackers to cause a denial of service (memory
13-02-2023 - 01:20 17-07-2011 - 20:55
CVE-2011-2913 6.8
Off-by-one error in the CSoundFile::ReadAMS function in src/load_ams.cpp in libmodplug before 0.8.8.4 allows remote attackers to cause a denial of service (stack memory corruption) and possibly execute arbitrary code via a crafted AMS file with a lar
13-02-2023 - 01:20 07-06-2012 - 19:55
CVE-2011-2912 6.8
Stack-based buffer overflow in the CSoundFile::ReadS3M function in src/load_s3m.cpp in libmodplug before 0.8.8.4 allows remote attackers to cause a denial of service and possibly execute arbitrary code via a crafted S3M file with an invalid offset.
13-02-2023 - 01:20 07-06-2012 - 19:55
CVE-2011-2696 6.8
Integer overflow in libsndfile before 1.0.25 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted PARIS Audio Format (PAF) file that triggers a heap-based buffer overflow.
13-02-2023 - 01:20 27-07-2011 - 02:55
CVE-2011-2686 5.0
Ruby before 1.8.7-p352 does not reset the random seed upon forking, which makes it easier for context-dependent attackers to predict the values of random numbers by leveraging knowledge of the number sequence obtained in a different child process, a
13-02-2023 - 01:20 05-08-2011 - 21:55
CVE-2011-1957 4.3
The dissect_dcm_main function in epan/dissectors/packet-dcm.c in the DICOM dissector in Wireshark 1.2.x before 1.2.17 and 1.4.x before 1.4.7 allows remote attackers to cause a denial of service (infinite loop) via an invalid PDU length.
13-02-2023 - 01:19 06-06-2011 - 19:55
CVE-2011-2516 5.0
Off-by-one error in the XML signature feature in Apache XML Security for C++ 1.6.0, as used in Shibboleth before 2.4.3 and possibly other products, allows remote attackers to cause a denial of service (crash) via a signature using a large RSA key, wh
13-02-2023 - 01:19 11-07-2011 - 20:55
CVE-2011-1167 6.8
Heap-based buffer overflow in the thunder (aka ThunderScan) decoder in tif_thunder.c in LibTIFF 3.9.4 and earlier allows remote attackers to execute arbitrary code via crafted THUNDER_2BITDELTAS data in a .tiff file that has an unexpected BitsPerSamp
13-02-2023 - 01:19 28-03-2011 - 16:55
CVE-2011-1146 6.9
libvirt.c in the API in Red Hat libvirt 0.8.8 does not properly restrict operations in a read-only connection, which allows remote attackers to cause a denial of service (host OS crash) or possibly execute arbitrary code via a (1) virNodeDeviceDettac
13-02-2023 - 01:19 15-03-2011 - 17:55
CVE-2009-5022 6.8
Heap-based buffer overflow in tif_ojpeg.c in the OJPEG decoder in LibTIFF before 3.9.5 allows remote attackers to execute arbitrary code via a crafted TIFF file.
13-02-2023 - 01:18 03-05-2011 - 20:55
CVE-2009-4273 10.0
stap-server in SystemTap before 1.1 allows remote attackers to execute arbitrary commands via shell metacharacters in stap command-line arguments in a request.
13-02-2023 - 01:18 26-01-2010 - 18:30
CVE-2011-0713 6.8
Heap-based buffer overflow in wiretap/dct3trace.c in Wireshark 1.2.0 through 1.2.14 and 1.4.0 through 1.4.3 allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a long record in a Noki
13-02-2023 - 01:18 03-03-2011 - 01:00
CVE-2011-0706 7.5
The JNLPClassLoader class in IcedTea-Web before 1.0.1, as used in OpenJDK Runtime Environment 1.6.0, allows remote attackers to gain privileges via unknown vectors related to multiple signers and the assignment of "an inappropriate security descripto
13-02-2023 - 01:18 19-02-2011 - 01:00
CVE-2011-1006 7.2
Heap-based buffer overflow in the parse_cgroup_spec function in tools/tools-common.c in the Control Group Configuration Library (aka libcgroup or libcg) before 0.37.1 allows local users to gain privileges via a crafted controller list on the command
13-02-2023 - 01:18 22-03-2011 - 17:55
CVE-2011-1003 6.8
Double free vulnerability in the vba_read_project_strings function in vba_extract.c in libclamav in ClamAV before 0.97 might allow remote attackers to execute arbitrary code via crafted Visual Basic for Applications (VBA) data in a Microsoft Office d
13-02-2023 - 01:18 23-02-2011 - 19:00
CVE-2011-0707 4.3
Multiple cross-site scripting (XSS) vulnerabilities in Cgi/confirm.py in GNU Mailman 2.1.14 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) full name or (2) username field in a confirmation message.
13-02-2023 - 01:18 22-02-2011 - 19:00
CVE-2011-1097 5.1
rsync 3.x before 3.0.8, when certain recursion, deletion, and ownership options are used, allows remote rsync servers to cause a denial of service (heap memory corruption and application crash) or possibly execute arbitrary code via malformed data.
13-02-2023 - 01:18 30-03-2011 - 22:55
CVE-2009-4032 4.3
Multiple cross-site scripting (XSS) vulnerabilities in Cacti 0.8.7e allow remote attackers to inject arbitrary web script or HTML via vectors related to (1) graph.php, (2) include/top_graph_header.php, (3) lib/html_form.php, and (4) lib/timespan_sett
13-02-2023 - 01:17 29-11-2009 - 13:07
CVE-2009-1884 4.3
Off-by-one error in the bzinflate function in Bzip2.xs in the Compress-Raw-Bzip2 module before 2.018 for Perl allows context-dependent attackers to cause a denial of service (application hang or crash) via a crafted bzip2 compressed stream that trigg
13-02-2023 - 01:17 19-08-2009 - 17:30
CVE-2009-3604 9.3
The Splash::drawImage function in Splash.cc in Xpdf 2.x and 3.x before 3.02pl4, and Poppler 0.x, as used in GPdf and kdegraphics KPDF, does not properly allocate memory, which allows remote attackers to cause a denial of service (application crash) o
13-02-2023 - 01:17 21-10-2009 - 17:30
CVE-2009-3612 2.1
The tcf_fill_node function in net/sched/cls_api.c in the netlink subsystem in the Linux kernel 2.6.x before 2.6.32-rc5, and 2.4.37.6 and earlier, does not initialize a certain tcm__pad2 structure member, which might allow local users to obtain sensit
13-02-2023 - 01:17 19-10-2009 - 20:00
CVE-2009-2412 10.0
Multiple integer overflows in the Apache Portable Runtime (APR) library and the Apache Portable Utility library (aka APR-util) 0.9.x and 1.3.x allow remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code
13-02-2023 - 01:17 06-08-2009 - 15:30
CVE-2009-2414 4.3
Stack consumption vulnerability in libxml2 2.5.10, 2.6.16, 2.6.26, 2.6.27, and 2.6.32, and libxml 1.8.17, allows context-dependent attackers to cause a denial of service (application crash) via a large depth of element declarations in a DTD, related
13-02-2023 - 01:17 11-08-2009 - 18:30
CVE-2009-3603 9.3
Integer overflow in the SplashBitmap::SplashBitmap function in Xpdf 3.x before 3.02pl4 and Poppler before 0.12.1 might allow remote attackers to execute arbitrary code via a crafted PDF document that triggers a heap-based buffer overflow. NOTE: some
13-02-2023 - 01:17 21-10-2009 - 17:30
CVE-2009-0033 5.0
Apache Tomcat 4.1.0 through 4.1.39, 5.5.0 through 5.5.27, and 6.0.0 through 6.0.18, when the Java AJP connector and mod_jk load balancing are used, allows remote attackers to cause a denial of service (application outage) via a crafted request with i
13-02-2023 - 01:17 05-06-2009 - 16:00
CVE-2009-0354 2.6
Cross-domain vulnerability in js/src/jsobj.cpp in Mozilla Firefox 3.x before 3.0.6 allows remote attackers to bypass the Same Origin Policy, and access the properties of an arbitrary window and conduct cross-site scripting (XSS) attacks, via vectors
13-02-2023 - 01:17 04-02-2009 - 19:30
CVE-2009-0793 4.3
cmsxform.c in LittleCMS (aka lcms or liblcms) 1.18, as used in OpenJDK and other products, allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted image that triggers execution of incorrect
13-02-2023 - 01:17 09-04-2009 - 15:08
CVE-2009-1373 7.1
Buffer overflow in the XMPP SOCKS5 bytestream server in Pidgin (formerly Gaim) before 2.5.6 allows remote authenticated users to execute arbitrary code via vectors involving an outbound XMPP file transfer. NOTE: some of these details are obtained fro
13-02-2023 - 01:17 26-05-2009 - 15:30
CVE-2009-0792 9.3
Multiple integer overflows in icc.c in the International Color Consortium (ICC) Format library (aka icclib), as used in Ghostscript 8.64 and earlier and Argyll Color Management System (CMS) 1.0.3 and earlier, allow context-dependent attackers to caus
13-02-2023 - 01:17 14-04-2009 - 16:26
CVE-2009-1183 4.3
The JBIG2 MMR decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and earlier, Poppler before 0.10.6, and other products allows remote attackers to cause a denial of service (infinite loop and hang) via a crafted PDF file.
13-02-2023 - 01:17 23-04-2009 - 17:30
CVE-2009-0794 5.0
Integer overflow in the PulseAudioTargetDataL class in src/java/org/classpath/icedtea/pulseaudio/PulseAudioTargetDataLine.java in Pulse-Java, as used in OpenJDK 1.6.0.0 and other products, allows remote attackers to cause a denial of service (applet
13-02-2023 - 01:17 13-04-2009 - 16:30
CVE-2009-0783 4.6
Apache Tomcat 4.1.0 through 4.1.39, 5.5.0 through 5.5.27, and 6.0.0 through 6.0.18 permits web applications to replace an XML parser used for other web applications, which allows local users to read or modify the (1) web.xml, (2) context.xml, or (3)
13-02-2023 - 01:17 05-06-2009 - 16:00
CVE-2009-0583 9.3
Multiple integer overflows in icc.c in the International Color Consortium (ICC) Format library (aka icclib), as used in Ghostscript 8.64 and earlier and Argyll Color Management System (CMS) 1.0.3 and earlier, allow context-dependent attackers to caus
13-02-2023 - 01:17 23-03-2009 - 20:00
CVE-2005-2970 5.0
Memory leak in the worker MPM (worker.c) for Apache 2, in certain circumstances, allows remote attackers to cause a denial of service (memory consumption) via aborted connections, which prevents the memory for the transaction pool from being reused f
13-02-2023 - 01:16 25-10-2005 - 17:06
CVE-2015-7549 2.1
The MSI-X MMIO support in hw/pci/msix.c in QEMU (aka Quick Emulator) allows local guest OS privileged users to cause a denial of service (NULL pointer dereference and QEMU process crash) by leveraging failure to define the .write method.
13-02-2023 - 00:54 30-10-2017 - 14:29
CVE-2015-5302 5.0
libreport 2.0.7 before 2.6.3 only saves changes to the first file when editing a crash report, which allows remote attackers to obtain sensitive information via unspecified vectors related to the (1) backtrace, (2) cmdline, (3) environ, (4) open_fds,
13-02-2023 - 00:53 07-12-2015 - 18:59
CVE-2015-5292 6.8
Memory leak in the Privilege Attribute Certificate (PAC) responder plugin (sssd_pac_plugin.so) in System Security Services Daemon (SSSD) 1.10 before 1.13.1 allows remote authenticated users to cause a denial of service (memory consumption) via a larg
13-02-2023 - 00:53 29-10-2015 - 16:59
CVE-2015-5313 1.9
Directory traversal vulnerability in the virStorageBackendFileSystemVolCreate function in storage/storage_backend_fs.c in libvirt, when fine-grained Access Control Lists (ACL) are in effect, allows local users with storage_vol:create ACL but not doma
13-02-2023 - 00:53 11-04-2016 - 21:59
CVE-2015-5295 5.5
The template-validate command in OpenStack Orchestration API (Heat) before 2015.1.3 (kilo) and 5.0.x before 5.0.1 (liberty) allows remote authenticated users to cause a denial of service (memory consumption) or determine the existence of local files
13-02-2023 - 00:53 20-01-2016 - 16:59
CVE-2015-5279 7.2
Heap-based buffer overflow in the ne2000_receive function in hw/net/ne2000.c in QEMU before 2.4.0.1 allows guest OS users to cause a denial of service (instance crash) or possibly execute arbitrary code via vectors related to receiving packets.
13-02-2023 - 00:52 28-09-2015 - 16:59
CVE-2015-5225 7.2
Buffer overflow in the vnc_refresh_server_surface function in the VNC display driver in QEMU before 2.4.0.1 allows guest users to cause a denial of service (heap memory corruption and process crash) or possibly execute arbitrary code on the host via
13-02-2023 - 00:52 06-11-2015 - 21:59
CVE-2015-5262 4.3
http/conn/ssl/SSLConnectionSocketFactory.java in Apache HttpComponents HttpClient before 4.3.6 ignores the http.socket.timeout configuration setting during an SSL handshake, which allows remote attackers to cause a denial of service (HTTPS call hang)
13-02-2023 - 00:52 27-10-2015 - 16:59
CVE-2015-5273 3.6
The abrt-action-install-debuginfo-to-abrt-cache help program in Automatic Bug Reporting Tool (ABRT) before 2.7.1 allows local users to write to arbitrary files via a symlink attack on unpacked.cpio in a pre-created directory with a predictable name i
13-02-2023 - 00:52 07-12-2015 - 18:59
CVE-2015-5195 5.0
ntp_openssl.m4 in ntpd in NTP before 4.2.7p112 allows remote attackers to cause a denial of service (segmentation fault) via a crafted statistics or filegen configuration command that is not enabled during compilation.
13-02-2023 - 00:51 21-07-2017 - 14:29
CVE-2015-5194 5.0
The log_config_command function in ntp_parser.y in ntpd in NTP before 4.2.7p42 allows remote attackers to cause a denial of service (ntpd crash) via crafted logconfig commands.
13-02-2023 - 00:51 21-07-2017 - 14:29
CVE-2015-5219 5.0
The ULOGTOD function in ntp.d in SNTP before 4.2.7p366 does not properly perform type conversions from a precision value to a double, which allows remote attackers to cause a denial of service (infinite loop) via a crafted NTP packet.
13-02-2023 - 00:51 21-07-2017 - 14:29
CVE-2015-5165 9.3
The C+ mode offload emulation in the RTL8139 network card device model in QEMU, as used in Xen 4.5.x and earlier, allows remote attackers to read process heap memory via unspecified vectors.
13-02-2023 - 00:50 12-08-2015 - 14:59
CVE-2015-5154 7.2
Heap-based buffer overflow in the IDE subsystem in QEMU, as used in Xen 4.5.x and earlier, when the container has a CDROM drive enabled, allows local guest users to execute arbitrary code on the host via unspecified ATAPI commands.
13-02-2023 - 00:50 12-08-2015 - 14:59
CVE-2015-3405 5.0
ntp-keygen in ntp 4.2.8px before 4.2.8p2-RC2 and 4.3.x before 4.3.12 does not generate MD5 keys with sufficient entropy on big endian machines when the lowest order byte of the temp variable is between 0x20 and 0x7f and not #, which might allow remot
13-02-2023 - 00:49 09-08-2017 - 16:29
CVE-2015-3209 7.5
Heap-based buffer overflow in the PCNET controller in QEMU allows remote attackers to execute arbitrary code by sending a packet with TXSTATUS_STARTPACKET set and then a crafted packet with TXSTATUS_DEVICEOWNS set.
13-02-2023 - 00:48 15-06-2015 - 15:59
CVE-2015-3245 2.1
Incomplete blacklist vulnerability in the chfn function in libuser before 0.56.13-8 and 0.60 before 0.60-7, as used in the userhelper program in the usermode package, allows local users to cause a denial of service (/etc/passwd corruption) via a newl
13-02-2023 - 00:48 11-08-2015 - 14:59
CVE-2015-3230 7.5
389 Directory Server (formerly Fedora Directory Server) before 1.3.3.12 does not enforce the nsSSL3Ciphers preference when creating an sslSocket, which allows remote attackers to have unspecified impact by requesting to use a disabled cipher.
13-02-2023 - 00:48 29-10-2015 - 20:59
CVE-2015-3201 2.1
Thermostat before 2.0.0 uses world-readable permissions for the web.xml configuration file, which allows local users to obtain user credentials by reading the file.
13-02-2023 - 00:47 08-06-2015 - 14:59
CVE-2015-1815 10.0
The get_rpm_nvr_by_file_path_temporary function in util.py in setroubleshoot before 3.2.22 allows remote attackers to execute arbitrary commands via shell metacharacters in a file name.
13-02-2023 - 00:47 30-03-2015 - 14:59
CVE-2015-1854 5.0
389 Directory Server before 1.3.3.10 allows attackers to bypass intended access restrictions and modify directory entries via a crafted ldapmodrdn call.
13-02-2023 - 00:47 19-09-2017 - 15:29
CVE-2015-1781 6.8
Buffer overflow in the gethostbyname_r and other unspecified NSS functions in the GNU C Library (aka glibc or libc6) before 2.22 allows context-dependent attackers to cause a denial of service (crash) or execute arbitrary code via a crafted DNS respo
13-02-2023 - 00:46 28-09-2015 - 20:59
CVE-2015-1779 7.8
The VNC websocket frame decoder in QEMU allows remote attackers to cause a denial of service (memory and CPU consumption) via a large (1) websocket payload or (2) HTTP headers section.
13-02-2023 - 00:46 12-01-2016 - 19:59
CVE-2015-1782 6.8
The kex_agree_methods function in libssh2 before 1.5.0 allows remote servers to cause a denial of service (crash) or have other unspecified impact via crafted length values in an SSH_MSG_KEXINIT packet.
13-02-2023 - 00:46 13-03-2015 - 14:59
CVE-2015-1792 5.0
The do_free_upto function in crypto/cms/cms_smime.c in OpenSSL before 0.9.8zg, 1.0.0 before 1.0.0s, 1.0.1 before 1.0.1n, and 1.0.2 before 1.0.2b allows remote attackers to cause a denial of service (infinite loop) via vectors that trigger a NULL valu
13-02-2023 - 00:46 12-06-2015 - 19:59
CVE-2015-1789 4.3
The X509_cmp_time function in crypto/x509/x509_vfy.c in OpenSSL before 0.9.8zg, 1.0.0 before 1.0.0s, 1.0.1 before 1.0.1n, and 1.0.2 before 1.0.2b allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a cr
13-02-2023 - 00:46 12-06-2015 - 19:59
CVE-2015-0283 7.8
The slapi-nis plug-in before 0.54.2 does not properly reallocate memory when processing user accounts, which allows remote attackers to cause a denial of service (infinite loop and CPU consumption) via a request for a (1) group with a large number of
13-02-2023 - 00:46 30-03-2015 - 14:59
CVE-2014-9420 4.9
The rock_continue function in fs/isofs/rock.c in the Linux kernel through 3.18.1 does not restrict the number of Rock Ridge continuation entries, which allows local users to cause a denial of service (infinite loop, and system crash or hang) via a cr
13-02-2023 - 00:45 26-12-2014 - 00:59
CVE-2015-0224 5.0
qpidd in Apache Qpid 0.30 and earlier allows remote attackers to cause a denial of service (daemon crash) via a crafted protocol sequence set. NOTE: this vulnerability exists because of an incomplete fix for CVE-2015-0203.
13-02-2023 - 00:45 30-10-2017 - 14:29
CVE-2014-8124 5.0
OpenStack Dashboard (Horizon) before 2014.1.3 and 2014.2.x before 2014.2.1 does not properly handle session records when using a db or memcached session engine, which allows remote attackers to cause a denial of service via a large number of requests
13-02-2023 - 00:43 12-12-2014 - 15:59
CVE-2014-8105 5.0
389 Directory Server before 1.3.2.27 and 1.3.3.x before 1.3.3.9 does not properly restrict access to the "cn=changelog" LDAP sub-tree, which allows remote attackers to obtain sensitive information from the changelog via unspecified vectors.
13-02-2023 - 00:42 10-03-2015 - 14:59
CVE-2014-8112 4.0
389 Directory Server 1.3.1.x, 1.3.2.x before 1.3.2.27, and 1.3.3.x before 1.3.3.9 stores "unhashed" passwords even when the nsslapd-unhashed-pw-switch option is set to off, which allows remote authenticated users to obtain sensitive information by re
13-02-2023 - 00:42 10-03-2015 - 14:59
CVE-2014-7821 4.0
OpenStack Neutron before 2014.1.4 and 2014.2.x before 2014.2.1 allows remote authenticated users to cause a denial of service (crash) via a crafted dns_nameservers value in the DNS configuration.
13-02-2023 - 00:42 24-11-2014 - 15:59
CVE-2014-8109 4.3
mod_lua.c in the mod_lua module in the Apache HTTP Server 2.3.x and 2.4.x through 2.4.10 does not support an httpd configuration in which the same Lua authorization provider is used with different arguments within different contexts, which allows rem
13-02-2023 - 00:42 29-12-2014 - 23:59
CVE-2014-8106 4.6
Heap-based buffer overflow in the Cirrus VGA emulator (hw/display/cirrus_vga.c) in QEMU before 2.2.0 allows local guest users to execute arbitrary code via vectors related to blit regions. NOTE: this vulnerability exists because an incomplete fix for
13-02-2023 - 00:42 08-12-2014 - 16:59
CVE-2014-3537 1.2
The web interface in CUPS before 1.7.4 allows local users in the lp group to read arbitrary files via a symlink attack on a file in /var/cache/cups/rss/.
13-02-2023 - 00:40 23-07-2014 - 14:55
CVE-2014-3461 6.8
hw/usb/bus.c in QEMU 1.6.2 allows remote attackers to execute arbitrary code via crafted savevm data, which triggers a heap-based buffer overflow, related to "USB post load checks."
13-02-2023 - 00:39 04-11-2014 - 21:55
CVE-2014-3493 2.7
The push_ascii function in smbd in Samba 3.6.x before 3.6.24, 4.0.x before 4.0.19, and 4.1.x before 4.1.9 allows remote authenticated users to cause a denial of service (memory corruption and daemon crash) via an attempt to read a Unicode pathname wi
13-02-2023 - 00:39 23-06-2014 - 14:55
CVE-2014-0222 7.5
Integer overflow in the qcow_open function in block/qcow.c in QEMU before 1.7.2 allows remote attackers to cause a denial of service (crash) via a large L2 table in a QCOW version 1 image.
13-02-2023 - 00:37 04-11-2014 - 21:55
CVE-2014-0223 4.6
Integer overflow in the qcow_open function in block/qcow.c in QEMU before 1.7.2 allows local users to cause a denial of service (crash) and possibly execute arbitrary code via a large image size, which triggers a buffer overflow or out-of-bounds read
13-02-2023 - 00:37 04-11-2014 - 21:55
CVE-2014-0247 10.0
LibreOffice 4.2.4 executes unspecified VBA macros automatically, which has unspecified impact and attack vectors, possibly related to doc/docmacromode.cxx.
13-02-2023 - 00:37 03-07-2014 - 17:55
CVE-2014-0182 7.5
Heap-based buffer overflow in the virtio_load function in hw/virtio/virtio.c in QEMU before 1.7.2 might allow remote attackers to execute arbitrary code via a crafted config length in a savevm image.
13-02-2023 - 00:35 04-11-2014 - 21:55
CVE-2014-0114 7.5
Apache Commons BeanUtils, as distributed in lib/commons-beanutils-1.8.0.jar in Apache Struts 1.x through 1.3.10 and in other products requiring commons-beanutils through 1.9.2, does not suppress the class property, which allows remote attackers to "m
13-02-2023 - 00:32 30-04-2014 - 10:49
CVE-2013-6456 5.8
The LXC driver (lxc/lxc_driver.c) in libvirt 1.0.1 through 1.2.1 allows local users to (1) delete arbitrary host devices via the virDomainDeviceDettach API and a symlink attack on /dev in the container; (2) create arbitrary nodes (mknod) via the virD
13-02-2023 - 00:29 15-04-2014 - 23:55
CVE-2013-6885 4.7
The microcode on AMD 16h 00h through 0Fh processors does not properly handle the interaction between locked instructions and write-combined memory types, which allows local users to cause a denial of service (system hang) via a crafted application, a
13-02-2023 - 00:29 29-11-2013 - 04:33
CVE-2014-0027 3.3
The play_wave_from_socket function in audio/auserver.c in Flite 1.4 allows local users to modify arbitrary files via a symlink attack on /tmp/awb.wav. NOTE: some of these details are obtained from third party information.
13-02-2023 - 00:29 26-01-2014 - 01:55
CVE-2013-4526 7.5
Buffer overflow in hw/ide/ahci.c in QEMU before 1.7.2 allows remote attackers to cause a denial of service and possibly execute arbitrary code via vectors related to migrating ports.
13-02-2023 - 00:28 04-11-2014 - 21:55
CVE-2013-4125 5.4
The fib6_add_rt2node function in net/ipv6/ip6_fib.c in the IPv6 stack in the Linux kernel through 3.10.1 does not properly handle Router Advertisement (RA) messages in certain circumstances involving three routes that initially qualified for membersh
13-02-2023 - 00:28 15-07-2013 - 20:55
CVE-2013-1865 6.8
OpenStack Keystone Folsom (2012.2) does not properly perform revocation checks for Keystone PKI tokens when done through a server, which allows remote attackers to bypass intended access restrictions via a revoked PKI token.
13-02-2023 - 00:28 22-03-2013 - 21:55
CVE-2012-4423 5.0
The virNetServerProgramDispatchCall function in libvirt before 0.10.2 allows remote attackers to cause a denial of service (NULL pointer dereference and segmentation fault) via an RPC call with (1) an event as the RPC number or (2) an RPC number whos
13-02-2023 - 00:26 19-11-2012 - 12:10
CVE-2012-2683 4.3
Multiple cross-site scripting (XSS) vulnerabilities in Cumin before 0.1.5444, as used in Red Hat Enterprise Messaging, Realtime, and Grid (MRG) 2.0, allow remote attackers to inject arbitrary web script or HTML via unspecified vectors related to (1)
13-02-2023 - 00:25 28-09-2012 - 17:55
CVE-2012-1173 6.8
Multiple integer overflows in tiff_getimage.c in LibTIFF 3.9.4 allow remote attackers to execute arbitrary code via a crafted tile size in a TIFF file, which is not properly handled by the (1) gtTileSeparate or (2) gtStripSeparate function, leading t
13-02-2023 - 00:23 04-06-2012 - 20:55
CVE-2012-1149 7.5
Integer overflow in the vclmi.dll module in OpenOffice.org (OOo) 3.3, 3.4 Beta, and possibly earlier, and LibreOffice before 3.5.3, allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a cra
13-02-2023 - 00:23 21-06-2012 - 15:55
CVE-2012-0029 7.4
Heap-based buffer overflow in the process_tx_desc function in the e1000 emulation (hw/e1000.c) in qemu-kvm 0.12, and possibly other versions, allows guest OS users to cause a denial of service (QEMU crash) and possibly execute arbitrary code via craf
13-02-2023 - 00:22 27-01-2012 - 15:55
CVE-2011-4114 3.3
The par_mktmpdir function in the PAR::Packer module before 1.012 for Perl creates temporary files in a directory with a predictable name without verifying ownership and permissions of this directory, which allows local users to overwrite files when a
13-02-2023 - 00:20 13-01-2012 - 18:55
CVE-2011-3205 6.8
Buffer overflow in the gopherToHTML function in gopher.cc in the Gopher reply parser in Squid 3.0 before 3.0.STABLE26, 3.1 before 3.1.15, and 3.2 before 3.2.0.11 allows remote Gopher servers to cause a denial of service (memory corruption and daemon
13-02-2023 - 00:19 06-09-2011 - 15:55
CVE-2011-2915 6.8
Off-by-one error in the CSoundFile::ReadAMS2 function in src/load_ams.cpp in libmodplug before 0.8.8.4 allows remote attackers to cause a denial of service (memory corruption) and possibly execute arbitrary code via a crafted AMS file with a large nu
13-02-2023 - 00:19 07-06-2012 - 19:55
CVE-2011-2914 6.8
Off-by-one error in the CSoundFile::ReadDSM function in src/load_dms.cpp in libmodplug before 0.8.8.4 allows remote attackers to cause a denial of service (memory corruption) and possibly execute arbitrary code via a crafted DSM file with a large num
13-02-2023 - 00:19 07-06-2012 - 19:55
CVE-2011-1765 4.3
Cross-site scripting (XSS) vulnerability in MediaWiki before 1.16.5, when Internet Explorer 6 or earlier is used, allows remote attackers to inject arbitrary web script or HTML via an uploaded file accessed with a dangerous extension such as .shtml a
13-02-2023 - 00:17 23-05-2011 - 22:55
CVE-2011-1775 5.8
The CSecurityTLS::processMsg function in common/rfb/CSecurityTLS.cxx in the vncviewer component in TigerVNC 1.1beta1 does not properly verify the server's X.509 certificate, which allows man-in-the-middle attackers to spoof a TLS VNC server via an ar
13-02-2023 - 00:17 26-05-2011 - 18:55
CVE-2019-3887 4.7
A flaw was found in the way KVM hypervisor handled x2APIC Machine Specific Rregister (MSR) access with nested(=1) virtualization enabled. In that, L1 guest could access L0's APIC register values via L2 guest, when 'virtualize x2APIC mode' is enabled.
12-02-2023 - 23:38 09-04-2019 - 16:29
CVE-2019-3816 5.0
Openwsman, versions up to and including 2.6.9, are vulnerable to arbitrary file disclosure because the working directory of openwsmand daemon was set to root directory. A remote, unauthenticated attacker can exploit this vulnerability by sending a sp
12-02-2023 - 23:38 14-03-2019 - 22:29
CVE-2019-3846 8.3
A flaw that allowed an attacker to corrupt memory and possibly escalate privileges was found in the mwifiex kernel module while connecting to a malicious wireless network.
12-02-2023 - 23:38 03-06-2019 - 19:29
CVE-2019-3886 4.8
An incorrect permissions check was discovered in libvirt 4.8.0 and above. The readonly permission was allowed to invoke APIs depending on the guest agent, which could lead to potentially disclosing unintended information or denial of service by causi
12-02-2023 - 23:38 04-04-2019 - 16:29
CVE-2019-3833 5.0
Openwsman, versions up to and including 2.6.9, are vulnerable to infinite loop in process_connection() when parsing specially crafted HTTP requests. A remote, unauthenticated attacker can exploit this vulnerability by sending malicious HTTP request t
12-02-2023 - 23:38 14-03-2019 - 22:29
CVE-2019-3812 2.1
QEMU, through version 2.10 and through version 3.1.0, is vulnerable to an out-of-bounds read of up to 128 bytes in the hw/i2c/i2c-ddc.c:i2c_ddc() function. A local attacker with permission to execute i2c commands could exploit this to read stack memo
12-02-2023 - 23:38 19-02-2019 - 14:29
CVE-2019-14901 10.0
A heap overflow flaw was found in the Linux kernel, all versions 3.x.x and 4.x.x before 4.18.0, in Marvell WiFi chip driver. The vulnerability allows a remote attacker to cause a system crash, resulting in a denial of service, or execute arbitrary co
12-02-2023 - 23:37 29-11-2019 - 15:15
CVE-2019-14896 10.0
A heap-based buffer overflow vulnerability was found in the Linux kernel, version kernel-2.6.32, in Marvell WiFi chip driver. A remote attacker could cause a denial of service (system crash) or, possibly execute arbitrary code, when the lbs_ibss_join
12-02-2023 - 23:36 27-11-2019 - 09:15
CVE-2019-14897 7.5
A stack-based buffer overflow was found in the Linux kernel, version kernel-2.6.32, in Marvell WiFi chip driver. An attacker is able to cause a denial of service (system crash) or, possibly execute arbitrary code, when a STA works in IBSS mode (allow
12-02-2023 - 23:36 29-11-2019 - 15:15
CVE-2019-14895 7.5
A heap-based buffer overflow was discovered in the Linux kernel, all versions 3.x.x and 4.x.x before 4.18.0, in Marvell WiFi chip driver. The flaw could occur when the station attempts a connection negotiation during the handling of the remote device
12-02-2023 - 23:36 29-11-2019 - 14:15
CVE-2019-14844 5.0
A flaw was found in, Fedora versions of krb5 from 1.16.1 to, including 1.17.x, in the way a Kerberos client could crash the KDC by sending one of the RFC 4556 "enctypes". A remote unauthenticated user could use this flaw to crash the KDC.
12-02-2023 - 23:35 26-09-2019 - 12:15
CVE-2019-14823 5.8
A flaw was found in the "Leaf and Chain" OCSP policy implementation in JSS' CryptoManager versions after 4.4.6, 4.5.3, 4.6.0, where it implicitly trusted the root certificate of a certificate chain. Applications using this policy may not properly ver
12-02-2023 - 23:34 14-10-2019 - 20:15
CVE-2019-14834 4.3
A vulnerability was found in dnsmasq before version 2.81, where the memory leak allows remote attackers to cause a denial of service (memory consumption) via vectors involving DHCP response creation.
12-02-2023 - 23:34 07-01-2020 - 17:15
CVE-2019-10160 5.0
A security regression of CVE-2019-9636 was discovered in python since commit d537ab0ff9767ef024f26246899728f0116b1ec3 affecting versions 2.7, 3.5, 3.6, 3.7 and from v3.8.0a4 through v3.8.0b1, which still allows an attacker to exploit CVE-2019-9636 by
12-02-2023 - 23:33 07-06-2019 - 18:29
CVE-2018-1111 7.9
DHCP packages in Red Hat Enterprise Linux 6 and 7, Fedora 28, and earlier are vulnerable to a command injection flaw in the NetworkManager integration script included in the DHCP client. A malicious DHCP server, or an attacker on the local network ab
12-02-2023 - 23:32 17-05-2018 - 16:29
CVE-2019-10132 6.5
A vulnerability was found in libvirt >= 4.1.0 in the virtlockd-admin.socket and virtlogd-admin.socket systemd units. A missing SocketMode configuration parameter allows any user on the host to connect using virtlockd-admin-sock or virtlogd-admin-sock
12-02-2023 - 23:32 22-05-2019 - 18:29
CVE-2018-10931 7.5
It was found that cobbler 2.6.x exposed all functions from its CobblerXMLRPCInterface class over XMLRPC. A remote, unauthenticated attacker could use this flaw to gain high privileges within cobbler, upload files to arbitrary location in the context
12-02-2023 - 23:31 09-08-2018 - 20:29
CVE-2017-5884 6.8
gtk-vnc before 0.7.0 does not properly check boundaries of subrectangle-containing tiles, which allows remote servers to execute arbitrary code via the src x, y coordinates in a crafted (1) rre, (2) hextile, or (3) copyrect tile.
12-02-2023 - 23:29 28-02-2017 - 18:59
CVE-2017-5885 7.5
Multiple integer overflows in the (1) vnc_connection_server_message and (2) vnc_color_map_set functions in gtk-vnc before 0.7.0 allow remote servers to cause a denial of service (crash) or possibly execute arbitrary code via vectors involving SetColo
12-02-2023 - 23:29 28-02-2017 - 18:59
CVE-2016-5404 4.0
The cert_revoke command in FreeIPA does not check for the "revoke certificate" permission, which allows remote authenticated users to revoke arbitrary certificates by leveraging the "retrieve certificate" permission.
12-02-2023 - 23:24 07-09-2016 - 20:59
CVE-2016-5391 5.0
libreswan before 3.18 allows remote attackers to cause a denial of service (NULL pointer dereference and pluto daemon restart).
12-02-2023 - 23:23 13-06-2017 - 17:29
CVE-2016-5385 5.1
PHP through 7.0.8 does not attempt to address RFC 3875 section 4.1.18 namespace conflicts and therefore does not protect applications from the presence of untrusted client data in the HTTP_PROXY environment variable, which might allow remote attacker
12-02-2023 - 23:23 19-07-2016 - 02:00
CVE-2016-5384 4.6
fontconfig before 2.12.1 does not validate offsets, which allows local users to trigger arbitrary free calls and consequently conduct double free attacks and execute arbitrary code via a crafted cache file.
12-02-2023 - 23:23 13-08-2016 - 01:59
CVE-2016-5008 4.3
libvirt before 2.0.0 improperly disables password checking when the password on a VNC server is set to an empty string, which allows remote attackers to bypass authentication and establish a VNC session by connecting to the server.
12-02-2023 - 23:22 13-07-2016 - 15:59
CVE-2016-4037 4.9
The ehci_advance_state function in hw/usb/hcd-ehci.c in QEMU allows local guest OS administrators to cause a denial of service (infinite loop and CPU consumption) via a circular split isochronous transfer descriptor (siTD) list, a related issue to CV
12-02-2023 - 23:20 23-05-2016 - 19:59
CVE-2016-3704 5.0
Pulp before 2.8.5 uses bash's $RANDOM in an unsafe way to generate passwords.
12-02-2023 - 23:18 13-06-2017 - 17:29
CVE-2016-0738 5.0
OpenStack Object Storage (Swift) before 2.3.1 (Kilo), 2.4.x, and 2.5.x before 2.5.1 (Liberty) do not properly close server connections, which allows remote attackers to cause a denial of service (proxy-server resource consumption) via a series of int
12-02-2023 - 23:16 29-01-2016 - 20:59
CVE-2016-0794 9.3
The lwp filter in LibreOffice before 5.0.4 allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via a crafted LotusWordPro (lwp) document.
12-02-2023 - 23:16 18-02-2016 - 21:59
CVE-2016-0795 9.3
LibreOffice before 5.0.5 allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via a crafted LwpTocSuperLayout record in a LotusWordPro (lwp) document.
12-02-2023 - 23:16 18-02-2016 - 21:59
CVE-2015-7547 6.8
Multiple stack-based buffer overflows in the (1) send_dg and (2) send_vc functions in the libresolv library in the GNU C Library (aka glibc or libc6) before 2.23 allow remote attackers to cause a denial of service (crash) or possibly execute arbitrar
12-02-2023 - 23:15 18-02-2016 - 21:59
CVE-2015-5307 4.9
The KVM subsystem in the Linux kernel through 4.2.6, and Xen 4.3.x through 4.6.x, allows guest OS users to cause a denial of service (host OS panic or hang) by triggering many #AC (aka Alignment Check) exceptions, related to svm.c and vmx.c.
12-02-2023 - 23:15 16-11-2015 - 11:59
CVE-2015-5156 6.1
The virtnet_probe function in drivers/net/virtio_net.c in the Linux kernel before 4.2 attempts to support a FRAGLIST feature without proper memory allocation, which allows guest OS users to cause a denial of service (buffer overflow and memory corrup
12-02-2023 - 23:15 19-10-2015 - 10:59
CVE-2015-3248 4.7
openhpi/Makefile.am in OpenHPI before 3.6.0 uses world-writable permissions for /var/lib/openhpi directory, which allows local users, when quotas are not properly setup, to fill the filesystem hosting /var/lib and cause a denial of service (disk cons
12-02-2023 - 23:15 26-09-2017 - 15:29
CVE-2015-3238 5.8
The _unix_run_helper_binary function in the pam_unix module in Linux-PAM (aka pam) before 1.2.1, when unable to directly access passwords, allows local users to enumerate usernames or cause a denial of service (hang) via a large password.
12-02-2023 - 23:15 24-08-2015 - 14:59
CVE-2015-1848 6.8
The pcs daemon (pcsd) in PCS 0.9.137 and earlier does not set the secure flag for a cookie in an https session, which makes it easier for remote attackers to capture this cookie by intercepting its transmission within an http session. NOTE: this issu
12-02-2023 - 23:15 14-05-2015 - 14:59
CVE-2015-1798 1.8
The symmetric-key feature in the receive function in ntp_proto.c in ntpd in NTP 4.x before 4.2.8p2 requires a correct MAC only if the MAC field has a nonzero length, which makes it easier for man-in-the-middle attackers to spoof packets by omitting t
12-02-2023 - 23:15 08-04-2015 - 10:59
CVE-2015-1867 7.5
Pacemaker before 1.1.13 does not properly evaluate added nodes, which allows remote read-only users to gain privileges via an acl command.
12-02-2023 - 23:15 12-08-2015 - 14:59
CVE-2015-1827 5.0
The get_user_grouplist function in the extdom plug-in in FreeIPA before 4.1.4 does not properly reallocate memory when processing user accounts, which allows remote attackers to cause a denial of service (crash) via a group list request for a user th
12-02-2023 - 23:15 30-03-2015 - 14:59
CVE-2016-0721 4.3
Session fixation vulnerability in pcsd in pcs before 0.9.157.
12-02-2023 - 23:15 21-04-2017 - 15:59
CVE-2016-0728 7.2
The join_session_keyring function in security/keys/process_keys.c in the Linux kernel before 4.4.1 mishandles object references in a certain error case, which allows local users to gain privileges or cause a denial of service (integer overflow and us
12-02-2023 - 23:15 08-02-2016 - 03:59
CVE-2015-0278 10.0
libuv before 0.10.34 does not properly drop group privileges, which allows context-dependent attackers to gain privileges via unspecified vectors.
12-02-2023 - 23:15 18-05-2015 - 15:59
CVE-2016-0720 6.8
Cross-site request forgery (CSRF) vulnerability in pcsd web UI in pcs before 0.9.149.
12-02-2023 - 23:15 21-04-2017 - 15:59
CVE-2016-0701 2.6
The DH_check_pub_key function in crypto/dh/dh_check.c in OpenSSL 1.0.2 before 1.0.2f does not ensure that prime numbers are appropriate for Diffie-Hellman (DH) key exchange, which makes it easier for remote attackers to discover a private DH exponent
12-02-2023 - 23:15 15-02-2016 - 02:59
CVE-2019-9959 4.3
The JPXStream::init function in Poppler 0.78.0 and earlier doesn't check for negative values of stream length, leading to an Integer Overflow, thereby making it possible to allocate a large memory chunk on the heap, with a size controlled by an attac
11-02-2023 - 18:27 22-07-2019 - 15:15
CVE-2019-9903 4.3
PDFDoc::markObject in PDFDoc.cc in Poppler 0.74.0 mishandles dict marking, leading to stack consumption in the function Dict::find() located at Dict.cc, which can (for example) be triggered by passing a crafted pdf file to the pdfunite binary.
11-02-2023 - 18:12 21-03-2019 - 18:29
CVE-2019-13759 4.3
Incorrect security UI in interstitials in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to perform domain spoofing via a crafted HTML page.
10-02-2023 - 18:58 10-12-2019 - 22:15
CVE-2019-13757 4.3
Incorrect security UI in Omnibox in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to perform domain spoofing via IDN homographs via a crafted domain name.
10-02-2023 - 18:57 10-12-2019 - 22:15
CVE-2019-13756 4.3
Incorrect security UI in printing in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to perform domain spoofing via a crafted HTML page.
10-02-2023 - 18:54 10-12-2019 - 22:15
CVE-2019-13755 4.3
Insufficient policy enforcement in extensions in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to disable extensions via a crafted HTML page.
10-02-2023 - 18:53 10-12-2019 - 22:15
CVE-2019-13753 4.3
Out of bounds read in SQLite in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page.
10-02-2023 - 18:52 10-12-2019 - 22:15
CVE-2019-13752 4.3
Out of bounds read in SQLite in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page.
10-02-2023 - 18:51 10-12-2019 - 22:15
CVE-2019-13751 4.3
Uninitialized data in SQLite in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page.
10-02-2023 - 18:47 10-12-2019 - 22:15
CVE-2020-8624 4.0
In BIND 9.9.12 -> 9.9.13, 9.10.7 -> 9.10.8, 9.11.3 -> 9.11.21, 9.12.1 -> 9.16.5, 9.17.0 -> 9.17.3, also affects 9.9.12-S1 -> 9.9.13-S1, 9.11.3-S1 -> 9.11.21-S1 of the BIND 9 Supported Preview Edition, An attacker who has been granted privileges to ch
10-02-2023 - 17:42 21-08-2020 - 21:15
CVE-2020-25597 6.1
An issue was discovered in Xen through 4.14.x. There is mishandling of the constraint that once-valid event channels may not turn invalid. Logic in the handling of event channel operations in Xen assumes that an event channel, once valid, will not be
10-02-2023 - 17:00 23-09-2020 - 22:15
CVE-2019-18928 7.5
Cyrus IMAP 2.5.x before 2.5.14 and 3.x before 3.0.12 allows privilege escalation because an HTTP request may be interpreted in the authentication context of an unrelated previous request that arrived over the same connection.
10-02-2023 - 03:06 15-11-2019 - 04:15
CVE-2015-0252 5.0
internal/XMLReader.cpp in Apache Xerces-C before 3.1.2 allows remote attackers to cause a denial of service (segmentation fault and crash) via crafted XML data.
05-02-2023 - 21:10 24-03-2015 - 17:59
CVE-2019-13749 4.3
Incorrect security UI in Omnibox in Google Chrome on iOS prior to 79.0.3945.79 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page.
04-02-2023 - 00:08 10-12-2019 - 22:15
CVE-2019-13754 4.3
Insufficient policy enforcement in extensions in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page.
04-02-2023 - 00:04 10-12-2019 - 22:15
CVE-2019-13750 4.3
Insufficient data validation in SQLite in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to bypass defense-in-depth measures via a crafted HTML page.
04-02-2023 - 00:01 10-12-2019 - 22:15
CVE-2019-18422 8.5
An issue was discovered in Xen through 4.12.x allowing ARM guest OS users to cause a denial of service or gain privileges by leveraging the erroneous enabling of interrupts. Interrupts are unconditionally unmasked in exception handlers. When an excep
03-02-2023 - 23:58 31-10-2019 - 14:15
CVE-2019-13725 6.8
Use-after-free in Bluetooth in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to execute arbitrary code via a crafted HTML page.
03-02-2023 - 23:57 10-12-2019 - 22:15
CVE-2020-15503 5.0
LibRaw before 0.20-RC1 lacks a thumbnail size range check. This affects decoders/unpack_thumb.cpp, postprocessing/mem_image.cpp, and utils/thumb_utils.cpp. For example, malloc(sizeof(libraw_processed_image_t)+T.tlength) occurs without validating T.tl
03-02-2023 - 21:05 02-07-2020 - 14:15
CVE-2019-13744 4.3
Insufficient policy enforcement in cookies in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to leak cross-origin data via a crafted HTML page.
03-02-2023 - 20:55 10-12-2019 - 22:15
CVE-2019-13746 4.3
Insufficient policy enforcement in Omnibox in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page.
03-02-2023 - 20:49 10-12-2019 - 22:15
CVE-2019-13748 4.3
Insufficient policy enforcement in developer tools in Google Chrome prior to 79.0.3945.79 allowed a local attacker to obtain potentially sensitive information from process memory via a crafted HTML page.
03-02-2023 - 20:48 10-12-2019 - 22:15
CVE-2020-1747 10.0
A vulnerability was discovered in the PyYAML library in versions before 5.3.1, where it is susceptible to arbitrary code execution when it processes untrusted YAML files through the full_load method or with the FullLoader loader. Applications that us
03-02-2023 - 20:27 24-03-2020 - 15:15
CVE-2020-8287 6.4
Node.js versions before 10.23.1, 12.20.1, 14.15.4, 15.5.1 allow two copies of a header field in an HTTP request (for example, two Transfer-Encoding header fields). In this case, Node.js identifies the first header field and ignores the second. This c
03-02-2023 - 19:12 06-01-2021 - 21:15
CVE-2020-5267 3.5
In ActionView before versions 6.0.2.2 and 5.2.4.2, there is a possible XSS vulnerability in ActionView's JavaScript literal escape helpers. Views that use the `j` or `escape_javascript` methods may be susceptible to XSS attacks. The issue is fixed in
03-02-2023 - 16:39 19-03-2020 - 18:15
CVE-2019-20485 2.7
qemu/qemu_driver.c in libvirt before 6.0.0 mishandles the holding of a monitor job during a query to a guest agent, which allows attackers to cause a denial of service (API blockage).
03-02-2023 - 16:29 19-03-2020 - 02:15
CVE-2020-4788 1.9
IBM Power9 (AIX 7.1, 7.2, and VIOS 3.1) processors could allow a local user to obtain sensitive information from the data in the L1 cache under extenuating circumstances. IBM X-Force ID: 189296.
03-02-2023 - 14:59 20-11-2020 - 04:15
CVE-2020-16845 5.0
Go before 1.13.15 and 14.x before 1.14.7 can have an infinite read loop in ReadUvarint and ReadVarint in encoding/binary via invalid inputs.
03-02-2023 - 02:28 06-08-2020 - 18:15
CVE-2020-10730 4.0
A NULL pointer dereference, or possible use-after-free flaw was found in Samba AD LDAP server in versions before 4.10.17, before 4.11.11 and before 4.12.4. Although some versions of Samba shipped with Red Hat Enterprise Linux do not support Samba in
03-02-2023 - 02:26 07-07-2020 - 14:15
CVE-2020-12674 5.0
In Dovecot before 2.3.11.3, sending a specially formatted RPA request will crash the auth service because a length of zero is mishandled.
03-02-2023 - 02:23 12-08-2020 - 16:15
CVE-2020-12673 5.0
In Dovecot before 2.3.11.3, sending a specially formatted NTLM request will crash the auth service because of an out-of-bounds read.
03-02-2023 - 02:22 12-08-2020 - 16:15
CVE-2019-12922 5.8
A CSRF issue in phpMyAdmin 4.9.0.1 allows deletion of any server in the Setup page.
02-02-2023 - 19:52 13-09-2019 - 13:15
CVE-2019-13110 4.3
A CiffDirectory::readDirectory integer overflow and out-of-bounds read in Exiv2 through 0.27.1 allows an attacker to cause a denial of service (SIGSEGV) via a crafted CRW image file.
02-02-2023 - 19:43 30-06-2019 - 23:15
CVE-2020-10745 7.8
A flaw was found in all Samba versions before 4.10.17, before 4.11.11 and before 4.12.4 in the way it processed NetBios over TCP/IP. This flaw allows a remote attacker could to cause the Samba server to consume excessive CPU use, resulting in a denia
02-02-2023 - 15:00 07-07-2020 - 14:15
CVE-2019-19722 5.0
In Dovecot before 2.3.9.2, an attacker can crash a push-notification driver with a crafted email when push notifications are used, because of a NULL Pointer Dereference. The email must use a group address as either the sender or the recipient.
02-02-2023 - 02:26 13-12-2019 - 17:15
CVE-2019-19746 4.3
make_arrow in arrow.c in Xfig fig2dev 3.2.7b allows a segmentation fault and out-of-bounds write because of an integer overflow via a large arrow type.
02-02-2023 - 02:23 12-12-2019 - 03:15
CVE-2019-12213 4.3
When FreeImage 3.18.0 reads a special TIFF file, the TIFFReadDirectory function in PluginTIFF.cpp always returns 1, leading to stack exhaustion.
01-02-2023 - 20:21 20-05-2019 - 16:29
CVE-2019-12211 5.0
When FreeImage 3.18.0 reads a tiff file, it will be handed to the Load function of the PluginTIFF.cpp file, but a memcpy occurs in which the destination address and the size of the copied data are not considered, resulting in a heap overflow.
01-02-2023 - 19:52 20-05-2019 - 16:29
CVE-2019-3996 7.5
ELOG 3.1.4-57bea22 and below can be used as an HTTP GET request proxy when unauthenticated remote attackers send crafted HTTP POST requests.
01-02-2023 - 19:47 17-12-2019 - 22:15
CVE-2019-3995 5.0
ELOG 3.1.4-57bea22 and below is affected by a denial of service vulnerability due to a NULL pointer dereference. A remote unauthenticated attacker can crash the ELOG server by sending a crafted HTTP GET request.
01-02-2023 - 19:45 17-12-2019 - 22:15
CVE-2019-3994 5.0
ELOG 3.1.4-57bea22 and below is affected by a denial of service vulnerability due to a use after free. A remote unauthenticated attacker can crash the ELOG server by sending multiple HTTP POST requests which causes the ELOG function retrieve_url() to
01-02-2023 - 19:41 17-12-2019 - 22:15
CVE-2019-19630 6.8
HTMLDOC 1.9.7 allows a stack-based buffer overflow in the hd_strlcpy() function in string.c (when called from render_contents in ps-pdf.cxx) via a crafted HTML document.
01-02-2023 - 19:35 08-12-2019 - 02:15
CVE-2019-19911 5.0
There is a DoS vulnerability in Pillow before 6.2.2 caused by FpxImagePlugin.py calling the range function on an unvalidated 32-bit integer if the number of bands is large. On Windows running 32-bit Python, this results in an OverflowError or MemoryE
01-02-2023 - 18:00 05-01-2020 - 22:15
CVE-2019-19886 5.0
Trustwave ModSecurity 3.0.0 through 3.0.3 allows an attacker to send crafted requests that may, when sent quickly in large volumes, lead to the server becoming slow or unresponsive (Denial of Service) because of a flaw in Transaction::addRequestHeade
01-02-2023 - 17:07 21-01-2020 - 22:15
CVE-2019-13767 6.8
Use after free in media picker in Google Chrome prior to 79.0.3945.88 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page.
01-02-2023 - 16:22 10-01-2020 - 22:15
CVE-2020-26935 7.5
An issue was discovered in SearchController in phpMyAdmin before 4.9.6 and 5.x before 5.0.3. A SQL injection vulnerability was discovered in how phpMyAdmin processes SQL statements in the search feature. An attacker could use this flaw to inject mali
31-01-2023 - 21:44 10-10-2020 - 19:15
CVE-2020-26154 6.8
url.cpp in libproxy through 0.4.15 is prone to a buffer overflow when PAC is enabled, as demonstrated by a large PAC file that is delivered without a Content-length header.
31-01-2023 - 21:42 30-09-2020 - 18:15
CVE-2020-6574 4.6
Insufficient policy enforcement in installer in Google Chrome on OS X prior to 85.0.4183.102 allowed a local attacker to potentially achieve privilege escalation via a crafted binary.
31-01-2023 - 21:14 21-09-2020 - 20:15
CVE-2020-7105 5.0
async.c and dict.c in libhiredis.a in hiredis through 0.14.0 allow a NULL pointer dereference because malloc return values are unchecked.
31-01-2023 - 20:59 16-01-2020 - 04:15
CVE-2019-19547 4.3
Symantec Endpoint Detection and Response (SEDR), prior to 4.3.0, may be susceptible to a cross site scripting (XSS) issue. XSS is a type of issue that can enable attackers to inject client-side scripts into web pages viewed by other users. An XSS vul
31-01-2023 - 20:53 13-01-2020 - 16:15
CVE-2018-3849 6.8
In the ffghtb function in NASA CFITSIO 3.42, specially crafted images parsed via the library can cause a stack-based buffer overflow overwriting arbitrary data. An attacker can deliver an FIT image to trigger this vulnerability and potentially gain c
31-01-2023 - 20:15 16-04-2018 - 16:29
CVE-2018-3848 6.8
In the ffghbn function in NASA CFITSIO 3.42, specially crafted images parsed via the library can cause a stack-based buffer overflow overwriting arbitrary data. An attacker can deliver an FIT image to trigger this vulnerability and potentially gain c
31-01-2023 - 20:06 16-04-2018 - 16:29
CVE-2019-2982 4.0
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.17 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple pro
31-01-2023 - 19:07 16-10-2019 - 18:15
CVE-2019-2914 4.0
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Security: Encryption). Supported versions that are affected are 5.7.27 and prior and 8.0.17 and prior. Easily exploitable vulnerability allows low privileged attacker with
31-01-2023 - 19:07 16-10-2019 - 18:15
CVE-2019-2911 4.0
Vulnerability in the MySQL Server product of Oracle MySQL (component: Information Schema). Supported versions that are affected are 5.6.45 and prior, 5.7.27 and prior and 8.0.17 and prior. Easily exploitable vulnerability allows high privileged attac
31-01-2023 - 19:07 16-10-2019 - 18:15
CVE-2019-2967 4.0
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.17 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple prot
31-01-2023 - 19:06 16-10-2019 - 18:15
CVE-2019-2998 4.0
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.17 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple pro
31-01-2023 - 19:06 16-10-2019 - 18:15
CVE-2019-2997 4.0
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: DDL). Supported versions that are affected are 8.0.17 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols
31-01-2023 - 19:06 16-10-2019 - 18:15
CVE-2019-2991 5.5
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.017 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple prot
31-01-2023 - 19:06 16-10-2019 - 18:15
CVE-2019-2993 3.5
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: C API). Supported versions that are affected are 5.7.27 and prior and 8.0.17 and prior. Difficult to exploit vulnerability allows low privileged attacker with network acces
31-01-2023 - 19:06 16-10-2019 - 18:15
CVE-2019-2968 4.0
Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions that are affected are 8.0.17 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to c
31-01-2023 - 19:06 16-10-2019 - 18:15
CVE-2019-3009 4.0
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Connection). Supported versions that are affected are 8.0.17 and prior. Difficult to exploit vulnerability allows high privileged attacker with network access via multiple
31-01-2023 - 19:05 16-10-2019 - 18:15
CVE-2019-3004 4.0
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Parser). Supported versions that are affected are 8.0.17 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protoco
31-01-2023 - 19:05 16-10-2019 - 18:15
CVE-2019-3011 4.0
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: C API). Supported versions that are affected are 8.0.17 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocol
31-01-2023 - 19:05 16-10-2019 - 18:15
CVE-2019-3018 3.5
Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions that are affected are 8.0.17 and prior. Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols to
31-01-2023 - 19:04 16-10-2019 - 18:15
CVE-2019-2946 4.0
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: PS). Supported versions that are affected are 5.7.27 and prior and 8.0.17 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via
31-01-2023 - 19:04 16-10-2019 - 18:15
CVE-2019-2957 4.0
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Security: Encryption). Supported versions that are affected are 8.0.17 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via m
31-01-2023 - 19:03 16-10-2019 - 18:15
CVE-2019-2960 4.0
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Replication). Supported versions that are affected are 5.7.27 and prior and 8.0.17 and prior. Easily exploitable vulnerability allows high privileged attacker with network
31-01-2023 - 19:03 16-10-2019 - 18:15
CVE-2019-2966 4.0
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.17 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple prot
31-01-2023 - 19:02 16-10-2019 - 18:15
CVE-2019-2963 4.0
Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions that are affected are 8.0.17 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to c
31-01-2023 - 19:02 16-10-2019 - 18:15
CVE-2019-2585 4.0
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: InnoDB). Supported versions that are affected are 8.0.15 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols
31-01-2023 - 17:43 23-04-2019 - 19:32
CVE-2019-2584 4.0
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Security: Privileges). Supported versions that are affected are 8.0.15 and prior. Easily exploitable vulnerability allows high privileged attacker with network access
31-01-2023 - 17:43 23-04-2019 - 19:32
CVE-2019-2580 4.0
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: InnoDB). Supported versions that are affected are 8.0.15 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols
31-01-2023 - 17:42 23-04-2019 - 19:32
CVE-2019-2581 4.0
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are 5.7.25 and prior and 8.0.15 and prior. Easily exploitable vulnerability allows high privileged attacker with netwo
31-01-2023 - 17:42 23-04-2019 - 19:32
CVE-2019-2587 4.0
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Partition). Supported versions that are affected are 8.0.15 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multipl
31-01-2023 - 14:16 23-04-2019 - 19:32
CVE-2019-13741 6.8
Insufficient validation of untrusted input in Blink in Google Chrome prior to 79.0.3945.79 allowed a local attacker to bypass same origin policy via crafted clipboard content.
30-01-2023 - 19:25 10-12-2019 - 22:15
CVE-2019-13740 4.3
Incorrect security UI in sharing in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to perform domain spoofing via a crafted HTML page.
30-01-2023 - 19:25 10-12-2019 - 22:15
CVE-2019-13737 4.3
Insufficient policy enforcement in autocomplete in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page.
30-01-2023 - 19:25 10-12-2019 - 22:15
CVE-2019-13743 4.3
Incorrect security UI in external protocol handling in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to spoof security UI via a crafted HTML page.
30-01-2023 - 19:25 10-12-2019 - 22:15
CVE-2019-13738 4.3
Insufficient policy enforcement in navigation in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to bypass site isolation via a crafted HTML page.
30-01-2023 - 19:25 10-12-2019 - 22:15
CVE-2019-13739 4.3
Insufficient policy enforcement in Omnibox in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to perform domain spoofing via IDN homographs via a crafted domain name.
30-01-2023 - 19:25 10-12-2019 - 22:15
CVE-2019-13735 6.8
Out of bounds write in JavaScript in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page.
30-01-2023 - 19:24 10-12-2019 - 22:15
CVE-2019-13736 6.8
Integer overflow in PDFium in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file.
30-01-2023 - 19:24 10-12-2019 - 22:15
CVE-2019-13729 6.8
Use-after-free in WebSockets in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
30-01-2023 - 19:23 10-12-2019 - 22:15
CVE-2019-13732 6.8
Use-after-free in WebAudio in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
30-01-2023 - 19:23 10-12-2019 - 22:15
CVE-2019-13728 6.8
Out of bounds write in JavaScript in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
30-01-2023 - 19:22 10-12-2019 - 22:15
CVE-2019-13727 6.8
Insufficient policy enforcement in WebSockets in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to bypass same origin policy via a crafted HTML page.
30-01-2023 - 19:22 10-12-2019 - 22:15
CVE-2019-13726 6.8
Buffer overflow in password manager in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to execute arbitrary code via a crafted HTML page.
30-01-2023 - 19:22 10-12-2019 - 22:15
CVE-2019-2607 4.0
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are 8.0.15 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multipl
30-01-2023 - 15:52 23-04-2019 - 19:32
CVE-2019-2606 4.0
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Security: Privileges). Supported versions that are affected are 8.0.15 and prior. Easily exploitable vulnerability allows high privileged attacker with network access
30-01-2023 - 15:52 23-04-2019 - 19:32
CVE-2019-2592 4.0
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: PS). Supported versions that are affected are 5.7.25 and prior and 8.0.15 and prior. Easily exploitable vulnerability allows high privileged attacker with network acce
30-01-2023 - 15:52 23-04-2019 - 19:32
CVE-2019-2589 4.0
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Security: Privileges). Supported versions that are affected are 8.0.15 and prior. Easily exploitable vulnerability allows high privileged attacker with network access
30-01-2023 - 15:52 23-04-2019 - 19:32
CVE-2019-2596 4.0
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are 8.0.15 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multipl
30-01-2023 - 15:52 23-04-2019 - 19:32
CVE-2019-2593 4.0
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: InnoDB). Supported versions that are affected are 8.0.15 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols
30-01-2023 - 15:52 23-04-2019 - 19:32
CVE-2019-2738 3.5
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server : Compiling). Supported versions that are affected are 5.6.44 and prior, 5.7.26 and prior and 8.0.16 and prior. Difficult to exploit vulnerability allows low privileged
30-01-2023 - 15:51 23-07-2019 - 23:15
CVE-2019-2752 4.0
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Options). Supported versions that are affected are 8.0.16 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple
30-01-2023 - 15:49 23-07-2019 - 23:15
CVE-2019-2620 4.0
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Security: Privileges). Supported versions that are affected are 8.0.15 and prior. Easily exploitable vulnerability allows high privileged attacker with network access
30-01-2023 - 15:43 23-04-2019 - 19:32
CVE-2019-2617 3.5
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Replication). Supported versions that are affected are 8.0.15 and prior. Difficult to exploit vulnerability allows high privileged attacker with network access via mul
30-01-2023 - 15:42 23-04-2019 - 19:32
CVE-2019-2785 4.0
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: InnoDB). Supported versions that are affected are 8.0.16 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols
30-01-2023 - 15:39 23-07-2019 - 23:15
CVE-2019-2789 4.0
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Security: Privileges). Supported versions that are affected are 8.0.16 and prior. Easily exploitable vulnerability allows high privileged attacker with network access
30-01-2023 - 15:39 23-07-2019 - 23:15
CVE-2019-2784 4.0
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DML). Supported versions that are affected are 8.0.16 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple prot
30-01-2023 - 15:38 23-07-2019 - 23:15
CVE-2019-2780 4.0
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Components / Services). Supported versions that are affected are 8.0.16 and prior. Easily exploitable vulnerability allows high privileged attacker with network access
30-01-2023 - 15:38 23-07-2019 - 23:15
CVE-2019-2778 5.5
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Security: Privileges). Supported versions that are affected are 5.7.26 and prior and 8.0.16 and prior. Easily exploitable vulnerability allows low privileged attacker
30-01-2023 - 15:38 23-07-2019 - 23:15
CVE-2019-2774 4.0
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are 5.7.26 and prior and 8.0.16 and prior. Easily exploitable vulnerability allows high privileged attacker with netwo
30-01-2023 - 15:37 23-07-2019 - 23:15
CVE-2019-2757 4.0
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are 5.7.26 and prior and 8.0.16 and prior. Easily exploitable vulnerability allows high privileged attacker with netwo
30-01-2023 - 15:37 23-07-2019 - 23:15
CVE-2019-2755 4.0
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Replication). Supported versions that are affected are 5.7.25 and prior and 8.0.15 and prior. Easily exploitable vulnerability allows high privileged attacker with net
30-01-2023 - 15:37 23-07-2019 - 23:15
CVE-2020-14929 5.0
Alpine before 2.23 silently proceeds to use an insecure connection after a /tls is sent in certain circumstances involving PREAUTH, which is a less secure behavior than the alternative of closing the connection and letting the user decide what they w
28-01-2023 - 02:03 19-06-2020 - 19:15
CVE-2020-5238 4.0
The table extension in GitHub Flavored Markdown before version 0.29.0.gfm.1 takes O(n * n) time to parse certain inputs. An attacker could craft a markdown table which would take an unreasonably long time to process, causing a denial of service. This
28-01-2023 - 01:44 01-07-2020 - 23:15
CVE-2020-13753 7.5
The bubblewrap sandbox of WebKitGTK and WPE WebKit, prior to 2.28.3, failed to properly block access to CLONE_NEWUSER and the TIOCSTI ioctl. CLONE_NEWUSER could potentially be used to confuse xdg-desktop-portal, which allows access outside the sandbo
28-01-2023 - 01:10 14-07-2020 - 14:15
CVE-2017-9106 5.0
An issue was discovered in adns before 1.5.2. adns_rr_info mishandles a bogus *datap. The general pattern for formatting integers is to sprintf into a fixed-size buffer. This is correct if the input is in the right range; if it isn't, the buffer may
28-01-2023 - 01:04 18-06-2020 - 14:15
CVE-2017-9107 5.0
An issue was discovered in adns before 1.5.2. It overruns reading a buffer if a domain ends with backslash. If the query domain ended with \, and adns_qf_quoteok_query was specified, qdparselabel would read additional bytes from the buffer and try to
28-01-2023 - 01:01 18-06-2020 - 14:15
CVE-2019-13033 2.1
In CISOfy Lynis 2.x through 2.7.5, the license key can be obtained by looking at the process list when a data upload is being performed. This license can be used to upload data to a central Lynis server. Although no data can be extracted by knowing t
27-01-2023 - 20:31 18-06-2020 - 18:15
CVE-2017-9109 7.5
An issue was discovered in adns before 1.5.2. It fails to ignore apparent answers before the first RR that was found the first time. when this is fixed, the second answer scan finds the same RRs at the first. Otherwise, adns can be confused by interl
27-01-2023 - 19:05 18-06-2020 - 14:15
CVE-2017-9103 7.5
An issue was discovered in adns before 1.5.2. pap_mailbox822 does not properly check st from adns__findlabel_next. Without this, an uninitialised stack value can be used as the first label length. Depending on the circumstances, an attacker might be
27-01-2023 - 19:04 18-06-2020 - 15:15
CVE-2017-9104 7.5
An issue was discovered in adns before 1.5.2. It hangs, eating CPU, if a compression pointer loop is encountered.
27-01-2023 - 19:03 18-06-2020 - 15:15
CVE-2017-9108 5.0
An issue was discovered in adns before 1.5.2. adnshost mishandles a missing final newline on a stdin read. It is wrong to increment used as well as setting r, since used is incremented according to r, later. Rather one should be doing what read() wou
27-01-2023 - 19:01 18-06-2020 - 14:15
CVE-2017-9105 7.5
An issue was discovered in adns before 1.5.2. It corrupts a pointer when a nameserver speaks first because of a wrong number of pointer dereferences. This bug may well be exploitable as a remote code execution.
27-01-2023 - 19:00 18-06-2020 - 14:15
CVE-2020-14148 5.0
The Server-Server protocol implementation in ngIRCd before 26~rc2 allows an out-of-bounds access, as demonstrated by the IRC_NJOIN() function.
27-01-2023 - 18:59 15-06-2020 - 18:15
CVE-2020-13999 4.3
ScaleViewPortExtEx in libemf.cpp in libEMF (aka ECMA-234 Metafile Library) 1.0.12 allows an integer overflow and denial of service via a crafted EMF file.
27-01-2023 - 18:58 15-06-2020 - 16:15
CVE-2020-4046 3.5
In affected versions of WordPress, users with low privileges (like contributors and authors) can use the embed block in a certain way to inject unfiltered HTML in the block editor. When affected posts are viewed by a higher privileged user, this coul
27-01-2023 - 18:57 12-06-2020 - 16:15
CVE-2020-13775 3.5
ZNC 1.8.0 up to 1.8.1-rc1 allows authenticated users to trigger an application crash (with a NULL pointer dereference) if echo-message is not enabled and there is no network.
27-01-2023 - 18:53 02-06-2020 - 23:15
CVE-2020-12823 7.5
OpenConnect 8.09 has a buffer overflow, causing a denial of service (application crash) or possibly unspecified other impact, via crafted certificate data to get_cert_name in gnutls.c.
27-01-2023 - 18:44 12-05-2020 - 18:15
CVE-2020-1983 2.1
A use after free vulnerability in ip_reass() in ip_input.c of libslirp 4.2.0 and prior releases allows crafted packets to cause a denial of service.
27-01-2023 - 18:40 22-04-2020 - 20:15
CVE-2020-8552 4.0
The Kubernetes API server component in versions prior to 1.15.9, 1.16.0-1.16.6, and 1.17.0-1.17.2 has been found to be vulnerable to a denial of service attack via successful API requests.
27-01-2023 - 18:27 27-03-2020 - 15:15
CVE-2020-8551 3.3
The Kubelet component in versions 1.15.0-1.15.9, 1.16.0-1.16.6, and 1.17.0-1.17.2 has been found to be vulnerable to a denial of service attack via the kubelet API, including the unauthenticated HTTP read-only API typically served on port 10255, and
27-01-2023 - 18:26 27-03-2020 - 15:15
CVE-2020-11054 4.3
In qutebrowser versions less than 1.11.1, reloading a page with certificate errors shows a green URL. After a certificate error was overridden by the user, qutebrowser displays the URL as yellow (colors.statusbar.url.warn.fg). However, when the affec
27-01-2023 - 15:00 07-05-2020 - 21:15
CVE-2019-16775 4.0
Versions of the npm CLI prior to 6.13.3 are vulnerable to an Arbitrary File Write. It is possible for packages to create symlinks to files outside of thenode_modules folder through the bin field upon installation. A properly constructed entry in the
24-01-2023 - 16:10 13-12-2019 - 01:15
CVE-2020-17353 7.5
scm/define-stencil-commands.scm in LilyPond through 2.20.0, and 2.21.x through 2.21.4, when -dsafe is used, lacks restrictions on embedded-ps and embedded-svg, as demonstrated by including dangerous PostScript code.
24-01-2023 - 02:42 05-08-2020 - 14:15
CVE-2020-15094 7.5
In Symfony before versions 4.4.13 and 5.1.5, the CachingHttpClient class from the HttpClient Symfony component relies on the HttpCache class to handle requests. HttpCache uses internal headers like X-Body-Eval and X-Body-File to control the restorati
24-01-2023 - 02:07 02-09-2020 - 18:15
CVE-2020-5313 5.8
libImaging/FliDecode.c in Pillow before 6.2.2 has an FLI buffer overflow.
24-01-2023 - 01:43 03-01-2020 - 01:15
CVE-2020-5310 6.8
libImaging/TiffDecode.c in Pillow before 6.2.2 has a TIFF decoding integer overflow, related to realloc.
24-01-2023 - 01:34 03-01-2020 - 01:15
CVE-2020-15953 5.8
LibEtPan through 1.9.4, as used in MailCore 2 through 0.6.3 and other products, has a STARTTLS buffering issue that affects IMAP, SMTP, and POP3. When a server sends a "begin TLS" response, the client reads additional data (e.g., from a meddler-in-th
20-01-2023 - 21:03 27-07-2020 - 07:15
CVE-2020-16145 4.3
Roundcube Webmail before 1.3.15 and 1.4.8 allows stored XSS in HTML messages during message display via a crafted SVG document. This issue has been fixed in 1.4.8 and 1.3.15.
20-01-2023 - 21:00 12-08-2020 - 13:15
CVE-2019-20176 5.0
In Pure-FTPd 1.0.49, a stack exhaustion issue was discovered in the listdir function in ls.c.
20-01-2023 - 20:43 31-12-2019 - 15:15
CVE-2020-13625 5.0
PHPMailer before 6.1.6 contains an output escaping bug when the name of a file attachment contains a double quote character. This can result in the file type being misinterpreted by the receiver or any mail relay processing the message.
20-01-2023 - 20:27 08-06-2020 - 17:15
CVE-2019-20093 4.3
The PoDoFo::PdfVariant::DelayedLoad function in PdfVariant.h in PoDoFo 0.9.6 allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted file, because of ImageExtractor.cpp.
20-01-2023 - 20:24 30-12-2019 - 04:15
CVE-2019-15587 3.5
In the Loofah gem for Ruby through v2.3.0 unsanitized JavaScript may occur in sanitized output when a crafted SVG element is republished.
20-01-2023 - 16:48 22-10-2019 - 21:15
CVE-2019-20051 4.3
A floating-point exception was discovered in PackLinuxElf::elf_hash in p_lx_elf.cpp in UPX 3.95. The vulnerability causes an application crash, which leads to denial of service.
20-01-2023 - 16:21 27-12-2019 - 22:15
CVE-2019-14464 4.3
XMFile::read in XMFile.cpp in milkyplay in MilkyTracker 1.02.00 has a heap-based buffer overflow.
20-01-2023 - 16:07 31-07-2019 - 23:15
CVE-2019-20021 4.3
A heap-based buffer over-read was discovered in canUnpack in p_mach.cpp in UPX 3.95 via a crafted Mach-O file.
20-01-2023 - 15:47 27-12-2019 - 02:15
CVE-2018-18898 5.0
The email-ingestion feature in Best Practical Request Tracker 4.1.13 through 4.4 allows denial of service by remote attackers via an algorithmic complexity attack on email address parsing.
20-01-2023 - 15:37 21-03-2019 - 16:00
CVE-2014-9428 7.8
The batadv_frag_merge_packets function in net/batman-adv/fragmentation.c in the B.A.T.M.A.N. implementation in the Linux kernel through 3.18.1 uses an incorrect length field during a calculation of an amount of memory, which allows remote attackers t
20-01-2023 - 03:02 02-01-2015 - 21:59
CVE-2019-9517 7.8
Some HTTP/2 implementations are vulnerable to unconstrained interal data buffering, potentially leading to a denial of service. The attacker opens the HTTP/2 window so the peer can send without constraint; however, they leave the TCP window closed so
19-01-2023 - 20:13 13-08-2019 - 21:15
CVE-2007-0555 8.5
PostgreSQL 7.3 before 7.3.13, 7.4 before 7.4.16, 8.0 before 8.0.11, 8.1 before 8.1.7, and 8.2 before 8.2.2 allows attackers to disable certain checks for the data types of SQL function arguments, which allows remote authenticated users to cause a den
19-01-2023 - 20:10 06-02-2007 - 01:28
CVE-2015-8787 10.0
The nf_nat_redirect_ipv4 function in net/netfilter/nf_nat_redirect.c in the Linux kernel before 4.4 allows remote attackers to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact by sending
19-01-2023 - 16:26 08-02-2016 - 03:59
CVE-2016-1669 9.3
The Zone::New function in zone.cc in Google V8 before 5.0.71.47, as used in Google Chrome before 50.0.2661.102, does not properly determine when to expand certain memory allocations, which allows remote attackers to cause a denial of service (buffer
19-01-2023 - 16:26 14-05-2016 - 21:59
CVE-2019-15504 10.0
drivers/net/wireless/rsi/rsi_91x_usb.c in the Linux kernel through 5.2.9 has a Double Free via crafted USB device traffic (which may be remote via usbip or usbredir).
19-01-2023 - 16:24 23-08-2019 - 06:15
CVE-2019-11683 10.0
udp_gro_receive_segment in net/ipv4/udp_offload.c in the Linux kernel 5.x before 5.0.13 allows remote attackers to cause a denial of service (slab-out-of-bounds memory corruption) or possibly have unspecified other impact via UDP packets with a 0 pay
19-01-2023 - 16:12 02-05-2019 - 17:29
CVE-2019-17666 8.3
rtl_p2p_noa_ie in drivers/net/wireless/realtek/rtlwifi/ps.c in the Linux kernel through 5.3.6 lacks a certain upper-bound check, leading to a buffer overflow.
19-01-2023 - 16:05 17-10-2019 - 02:15
CVE-2019-16935 4.3
The documentation XML-RPC server in Python through 2.7.16, 3.x through 3.6.9, and 3.7.x through 3.7.4 has XSS via the server_title field. This occurs in Lib/DocXMLRPCServer.py in Python 2.x, and in Lib/xmlrpc/server.py in Python 3.x. If set_server_ti
19-01-2023 - 15:46 28-09-2019 - 02:15
CVE-2019-14494 4.3
An issue was discovered in Poppler through 0.78.0. There is a divide-by-zero error in the function SplashOutputDev::tilingPatternFill at SplashOutputDev.cc.
18-01-2023 - 21:19 01-08-2019 - 17:15
CVE-2007-6601 7.2
The DBLink module in PostgreSQL 8.2 before 8.2.6, 8.1 before 8.1.11, 8.0 before 8.0.15, 7.4 before 7.4.19, and 7.3 before 7.3.21, when local trust or ident authentication is used, allows remote attackers to gain privileges via unspecified vectors. N
18-01-2023 - 21:19 09-01-2008 - 21:46
CVE-2019-19071 7.8
A memory leak in the rsi_send_beacon() function in drivers/net/wireless/rsi/rsi_91x_mgmt.c in the Linux kernel through 5.3.11 allows attackers to cause a denial of service (memory consumption) by triggering rsi_prepare_beacon() failures, aka CID-d563
17-01-2023 - 21:33 18-11-2019 - 06:15
CVE-2019-18812 7.8
A memory leak in the sof_dfsentry_write() function in sound/soc/sof/debug.c in the Linux kernel through 5.3.9 allows attackers to cause a denial of service (memory consumption), aka CID-c0a333d842ef.
17-01-2023 - 21:31 07-11-2019 - 16:15
CVE-2019-19078 7.8
A memory leak in the ath10k_usb_hif_tx_sg() function in drivers/net/wireless/ath/ath10k/usb.c in the Linux kernel through 5.3.11 allows attackers to cause a denial of service (memory consumption) by triggering usb_submit_urb() failures, aka CID-b8d17
17-01-2023 - 21:28 18-11-2019 - 06:15
CVE-2019-19074 7.8
A memory leak in the ath9k_wmi_cmd() function in drivers/net/wireless/ath/ath9k/wmi.c in the Linux kernel through 5.3.11 allows attackers to cause a denial of service (memory consumption), aka CID-728c1e2a05e4.
17-01-2023 - 21:28 18-11-2019 - 06:15
CVE-2020-29661 7.2
A locking issue was discovered in the tty subsystem of the Linux kernel through 5.9.13. drivers/tty/tty_jobctrl.c allows a use-after-free attack against TIOCSPGRP, aka CID-54ffccbf053b.
17-01-2023 - 21:24 09-12-2020 - 17:15
CVE-2018-20097 4.3
There is a SEGV in Exiv2::Internal::TiffParserWorker::findPrimaryGroups of tiffimage_int.cpp in Exiv2 0.27-RC3. A crafted input will lead to a remote denial of service attack.
13-01-2023 - 16:45 12-12-2018 - 10:29
CVE-2019-13114 4.3
http.c in Exiv2 through 0.27.1 allows a malicious http server to cause a denial of service (crash due to a NULL pointer dereference) by returning a crafted response that lacks a space character.
13-01-2023 - 16:09 30-06-2019 - 23:15
CVE-2020-9983 6.8
An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in Safari 14.0. Processing maliciously crafted web content may lead to code execution.
09-01-2023 - 16:41 16-10-2020 - 17:15
CVE-2019-20044 7.2
In Zsh before 5.8, attackers able to execute commands can regain privileges dropped by the --no-PRIVILEGED option. Zsh fails to overwrite the saved uid, so the original privileges can be restored by executing MODULE_PATH=/dir/with/module zmodload wit
09-01-2023 - 16:41 24-02-2020 - 14:15
CVE-2020-13434 2.1
SQLite through 3.32.0 has an integer overflow in sqlite3_str_vappendf in printf.c.
09-01-2023 - 16:41 24-05-2020 - 22:15
CVE-2020-11763 4.3
An issue was discovered in OpenEXR before 2.4.1. There is an std::vector out-of-bounds read and write, as demonstrated by ImfTileOffsets.cpp.
09-01-2023 - 16:41 14-04-2020 - 23:15
CVE-2020-11760 4.3
An issue was discovered in OpenEXR before 2.4.1. There is an out-of-bounds read during RLE uncompression in rleUncompress in ImfRle.cpp.
09-01-2023 - 16:41 14-04-2020 - 23:15
CVE-2020-11764 4.3
An issue was discovered in OpenEXR before 2.4.1. There is an out-of-bounds write in copyIntoFrameBuffer in ImfMisc.cpp.
09-01-2023 - 16:41 14-04-2020 - 23:15
CVE-2020-11765 4.3
An issue was discovered in OpenEXR before 2.4.1. There is an off-by-one error in use of the ImfXdr.h read function by DwaCompressor::Classifier::Classifier, leading to an out-of-bounds read.
09-01-2023 - 16:41 14-04-2020 - 23:15
CVE-2020-11762 4.3
An issue was discovered in OpenEXR before 2.4.1. There is an out-of-bounds read and write in DwaCompressor::uncompress in ImfDwaCompressor.cpp when handling the UNKNOWN compression case.
09-01-2023 - 16:41 14-04-2020 - 23:15
CVE-2020-11761 4.3
An issue was discovered in OpenEXR before 2.4.1. There is an out-of-bounds read during Huffman uncompression, as demonstrated by FastHufDecoder::refill in ImfFastHuf.cpp.
09-01-2023 - 16:41 14-04-2020 - 23:15
CVE-2020-11759 4.3
An issue was discovered in OpenEXR before 2.4.1. Because of integer overflows in CompositeDeepScanLine::Data::handleDeepFrameBuffer and readSampleCountForLineBlock, an attacker can write to an out-of-bounds pointer.
09-01-2023 - 16:41 14-04-2020 - 23:15
CVE-2020-11758 4.3
An issue was discovered in OpenEXR before 2.4.1. There is an out-of-bounds read in ImfOptimizedPixelReading.h.
09-01-2023 - 16:41 14-04-2020 - 23:15
CVE-2017-1000367 6.9
Todd Miller's sudo version 1.8.20 and earlier is vulnerable to an input validation (embedded spaces) in the get_process_ttyname() function resulting in information disclosure and command execution.
22-12-2022 - 22:15 05-06-2017 - 14:29
CVE-2019-11050 6.4
When PHP EXIF extension is parsing EXIF information from an image, e.g. via exif_read_data() function, in PHP versions 7.2.x below 7.2.26, 7.3.x below 7.3.13 and 7.4.0 it is possible to supply it with data what will cause it to read past the allocate
20-12-2022 - 22:05 23-12-2019 - 03:15
CVE-2019-11049 7.5
In PHP versions 7.3.x below 7.3.13 and 7.4.0 on Windows, when supplying custom headers to mail() function, due to mistake introduced in commit 78f4b4a2dcf92ddbccea1bb95f8390a18ac3342e, if the header is supplied in lowercase, this can result in double
20-12-2022 - 21:50 23-12-2019 - 03:15
CVE-2019-11046 5.0
In PHP versions 7.2.x below 7.2.26, 7.3.x below 7.3.13 and 7.4.0, PHP bcmath extension functions on some systems, including Windows, can be tricked into reading beyond the allocated space by supplying it with string containing characters that are ide
20-12-2022 - 21:48 23-12-2019 - 03:15
CVE-2019-11045 4.3
In PHP versions 7.2.x below 7.2.26, 7.3.x below 7.3.13 and 7.4.0, PHP DirectoryIterator class accepts filenames with embedded \0 byte and treats them as terminating at that byte. This could lead to security vulnerabilities, e.g. in applications check
20-12-2022 - 21:38 23-12-2019 - 03:15
CVE-2019-11044 5.0
In PHP versions 7.2.x below 7.2.26, 7.3.x below 7.3.13 and 7.4.0 on Windows, PHP link() function accepts filenames with embedded \0 byte and treats them as terminating at that byte. This could lead to security vulnerabilities, e.g. in applications ch
14-12-2022 - 19:46 23-12-2019 - 03:15
CVE-2019-19918 6.8
Lout 3.40 has a heap-based buffer overflow in the srcnext() function in z02.c.
14-12-2022 - 18:36 20-12-2019 - 20:15
CVE-2020-13692 6.8
PostgreSQL JDBC Driver (aka PgJDBC) before 42.2.13 allows XXE.
13-12-2022 - 15:02 04-06-2020 - 16:15
CVE-2016-6515 7.8
The auth_password function in auth-passwd.c in sshd in OpenSSH before 7.3 does not limit password lengths for password authentication, which allows remote attackers to cause a denial of service (crypt CPU consumption) via a long string.
13-12-2022 - 12:15 07-08-2016 - 21:59
CVE-2019-1552 1.9
OpenSSL has internal defaults for a directory tree where it can find a configuration file as well as certificates used for verification in TLS. This directory is most commonly referred to as OPENSSLDIR, and is configurable with the --prefix / --opens
13-12-2022 - 12:15 30-07-2019 - 17:15
CVE-2015-6563 1.9
The monitor component in sshd in OpenSSH before 7.0 on non-OpenBSD platforms accepts extraneous username data in MONITOR_REQ_PAM_INIT_CTX requests, which allows local users to conduct impersonation attacks by leveraging any SSH login access in conjun
13-12-2022 - 12:15 24-08-2015 - 01:59
CVE-2015-6564 6.9
Use-after-free vulnerability in the mm_answer_pam_free_ctx function in monitor.c in sshd in OpenSSH before 7.0 on non-OpenBSD platforms might allow local users to gain privileges by leveraging control of the sshd uid to send an unexpectedly early MON
13-12-2022 - 12:15 24-08-2015 - 01:59
CVE-2015-5600 8.5
The kbdint_next_device function in auth2-chall.c in sshd in OpenSSH through 6.9 does not properly restrict the processing of keyboard-interactive devices within a single connection, which makes it easier for remote attackers to conduct brute-force at
13-12-2022 - 12:15 03-08-2015 - 01:59
CVE-2016-2106 5.0
Integer overflow in the EVP_EncryptUpdate function in crypto/evp/evp_enc.c in OpenSSL before 1.0.1t and 1.0.2 before 1.0.2h allows remote attackers to cause a denial of service (heap memory corruption) via a large amount of data.
13-12-2022 - 12:15 05-05-2016 - 01:59
CVE-2015-3194 5.0
crypto/rsa/rsa_ameth.c in OpenSSL 1.0.1 before 1.0.1q and 1.0.2 before 1.0.2e allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via an RSA PSS ASN.1 signature that lacks a mask generation function p
13-12-2022 - 12:15 06-12-2015 - 20:59
CVE-2016-2108 10.0
The ASN.1 implementation in OpenSSL before 1.0.1o and 1.0.2 before 1.0.2c allows remote attackers to execute arbitrary code or cause a denial of service (buffer underflow and memory corruption) via an ANY field in crafted serialized data, aka the "ne
13-12-2022 - 12:15 05-05-2016 - 01:59
CVE-2015-3196 4.3
ssl/s3_clnt.c in OpenSSL 1.0.0 before 1.0.0t, 1.0.1 before 1.0.1p, and 1.0.2 before 1.0.2d, when used for a multi-threaded client, writes the PSK identity hint to an incorrect data structure, which allows remote servers to cause a denial of service (
13-12-2022 - 12:15 06-12-2015 - 20:59
CVE-2016-1907 5.0
The ssh_packet_read_poll2 function in packet.c in OpenSSH before 7.1p2 allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via crafted network traffic.
13-12-2022 - 12:15 19-01-2016 - 05:59
CVE-2015-3197 4.3
ssl/s2_srvr.c in OpenSSL 1.0.1 before 1.0.1r and 1.0.2 before 1.0.2f does not prevent use of disabled ciphers, which makes it easier for man-in-the-middle attackers to defeat cryptographic protection mechanisms by performing computations on SSLv2 tra
13-12-2022 - 12:15 15-02-2016 - 02:59
CVE-2016-2105 5.0
Integer overflow in the EVP_EncodeUpdate function in crypto/evp/encode.c in OpenSSL before 1.0.1t and 1.0.2 before 1.0.2h allows remote attackers to cause a denial of service (heap memory corruption) via a large amount of binary data.
13-12-2022 - 12:15 05-05-2016 - 01:59
CVE-2015-3195 5.0
The ASN1_TFLG_COMBINE implementation in crypto/asn1/tasn_dec.c in OpenSSL before 0.9.8zh, 1.0.0 before 1.0.0t, 1.0.1 before 1.0.1q, and 1.0.2 before 1.0.2e mishandles errors caused by malformed X509_ATTRIBUTE data, which allows remote attackers to ob
13-12-2022 - 12:15 06-12-2015 - 20:59
CVE-2015-1790 5.0
The PKCS7_dataDecodefunction in crypto/pkcs7/pk7_doit.c in OpenSSL before 0.9.8zg, 1.0.0 before 1.0.0s, 1.0.1 before 1.0.1n, and 1.0.2 before 1.0.2b allows remote attackers to cause a denial of service (NULL pointer dereference and application crash)
13-12-2022 - 12:15 12-06-2015 - 19:59
CVE-2015-1791 6.8
Race condition in the ssl3_get_new_session_ticket function in ssl/s3_clnt.c in OpenSSL before 0.9.8zg, 1.0.0 before 1.0.0s, 1.0.1 before 1.0.1n, and 1.0.2 before 1.0.2b, when used for a multi-threaded client, allows remote attackers to cause a denial
13-12-2022 - 12:15 12-06-2015 - 19:59
CVE-2016-0777 4.0
The resend_bytes function in roaming_common.c in the client in OpenSSH 5.x, 6.x, and 7.x before 7.1p2 allows remote servers to obtain sensitive information from process memory by requesting transmission of an entire buffer, as demonstrated by reading
13-12-2022 - 12:15 14-01-2016 - 22:59
CVE-2016-0778 4.6
The (1) roaming_read and (2) roaming_write functions in roaming_common.c in the client in OpenSSH 5.x, 6.x, and 7.x before 7.1p2, when certain proxy and forward options are enabled, do not properly maintain connection file descriptors, which allows r
13-12-2022 - 12:15 14-01-2016 - 22:59
CVE-2015-0209 6.8
Use-after-free vulnerability in the d2i_ECPrivateKey function in crypto/ec/ec_asn1.c in OpenSSL before 0.9.8zf, 1.0.0 before 1.0.0r, 1.0.1 before 1.0.1m, and 1.0.2 before 1.0.2a might allow remote attackers to cause a denial of service (memory corrup
13-12-2022 - 12:15 19-03-2015 - 22:59
CVE-2015-0288 5.0
The X509_to_X509_REQ function in crypto/x509/x509_req.c in OpenSSL before 0.9.8zf, 1.0.0 before 1.0.0r, 1.0.1 before 1.0.1m, and 1.0.2 before 1.0.2a might allow attackers to cause a denial of service (NULL pointer dereference and application crash) v
13-12-2022 - 12:15 19-03-2015 - 22:59
CVE-2016-0799 10.0
The fmtstr function in crypto/bio/b_print.c in OpenSSL 1.0.1 before 1.0.1s and 1.0.2 before 1.0.2g improperly calculates string lengths, which allows remote attackers to cause a denial of service (overflow and out-of-bounds read) or possibly have uns
13-12-2022 - 12:15 03-03-2016 - 20:59
CVE-2016-0702 1.9
The MOD_EXP_CTIME_COPY_FROM_PREBUF function in crypto/bn/bn_exp.c in OpenSSL 1.0.1 before 1.0.1s and 1.0.2 before 1.0.2g does not properly consider cache-bank access times during modular exponentiation, which makes it easier for local users to discov
13-12-2022 - 12:15 03-03-2016 - 20:59
CVE-2016-0705 10.0
Double free vulnerability in the dsa_priv_decode function in crypto/dsa/dsa_ameth.c in OpenSSL 1.0.1 before 1.0.1s and 1.0.2 before 1.0.2g allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other imp
13-12-2022 - 12:15 03-03-2016 - 20:59
CVE-2015-0286 5.0
The ASN1_TYPE_cmp function in crypto/asn1/a_type.c in OpenSSL before 0.9.8zf, 1.0.0 before 1.0.0r, 1.0.1 before 1.0.1m, and 1.0.2 before 1.0.2a does not properly perform boolean-type comparisons, which allows remote attackers to cause a denial of ser
13-12-2022 - 12:15 19-03-2015 - 22:59
CVE-2015-0292 7.5
Integer underflow in the EVP_DecodeUpdate function in crypto/evp/encode.c in the base64-decoding implementation in OpenSSL before 0.9.8za, 1.0.0 before 1.0.0m, and 1.0.1 before 1.0.1h allows remote attackers to cause a denial of service (memory corru
13-12-2022 - 12:15 19-03-2015 - 22:59
CVE-2015-0287 5.0
The ASN1_item_ex_d2i function in crypto/asn1/tasn_dec.c in OpenSSL before 0.9.8zf, 1.0.0 before 1.0.0r, 1.0.1 before 1.0.1m, and 1.0.2 before 1.0.2a does not reinitialize CHOICE and ADB data structures, which might allow attackers to cause a denial o
13-12-2022 - 12:15 19-03-2015 - 22:59
CVE-2015-0293 5.0
The SSLv2 implementation in OpenSSL before 0.9.8zf, 1.0.0 before 1.0.0r, 1.0.1 before 1.0.1m, and 1.0.2 before 1.0.2a allows remote attackers to cause a denial of service (s2_lib.c assertion failure and daemon exit) via a crafted CLIENT-MASTER-KEY me
13-12-2022 - 12:15 19-03-2015 - 22:59
CVE-2015-0289 5.0
The PKCS#7 implementation in OpenSSL before 0.9.8zf, 1.0.0 before 1.0.0r, 1.0.1 before 1.0.1m, and 1.0.2 before 1.0.2a does not properly handle a lack of outer ContentInfo, which allows attackers to cause a denial of service (NULL pointer dereference
13-12-2022 - 12:15 19-03-2015 - 22:59
CVE-2012-4244 7.8
ISC BIND 9.x before 9.7.6-P3, 9.8.x before 9.8.3-P3, 9.9.x before 9.9.1-P3, and 9.4-ESV and 9.6-ESV before 9.6-ESV-R7-P3 allows remote attackers to cause a denial of service (assertion failure and named daemon exit) via a query for a long resource re
09-12-2022 - 19:15 14-09-2012 - 10:33
CVE-2019-16167 4.3
sysstat before 12.1.6 has memory corruption due to an Integer Overflow in remap_struct() in sa_common.c.
08-12-2022 - 22:18 09-09-2019 - 17:15
CVE-2019-20446 4.3
In xml.rs in GNOME librsvg before 2.46.2, a crafted SVG file with nested patterns can cause denial of service when passed to the library for processing. The attacker constructs pattern elements so that the number of final rendered objects grows expon
08-12-2022 - 22:16 02-02-2020 - 14:15
CVE-2020-25595 6.1
An issue was discovered in Xen through 4.14.x. The PCI passthrough code improperly uses register data. Code paths in Xen's MSI handling have been identified that act on unsanitized values read back from device hardware registers. While devices strict
08-12-2022 - 03:12 23-09-2020 - 21:15
CVE-2020-25685 4.3
A flaw was found in dnsmasq before version 2.83. When getting a reply from a forwarded query, dnsmasq checks in forward.c:reply_query(), which is the forwarded query that matches the reply, by only using a weak hash of the query name. Due to the weak
08-12-2022 - 03:08 20-01-2021 - 16:15
CVE-2019-2938 3.5
Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions that are affected are 5.7.27 and prior and 8.0.17 and prior. Difficult to exploit vulnerability allows high privileged attacker with network access via
08-12-2022 - 03:05 16-10-2019 - 18:15
CVE-2019-2614 3.5
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Replication). Supported versions that are affected are 5.6.43 and prior, 5.7.25 and prior and 8.0.15 and prior. Difficult to exploit vulnerability allows high privileg
07-12-2022 - 01:14 23-04-2019 - 19:32
CVE-2020-14393 3.6
A buffer overflow was found in perl-DBI < 1.643 in DBI.xs. A local attacker who is able to supply a string longer than 300 characters could cause an out-of-bounds write, affecting the availability of the service or integrity of data.
06-12-2022 - 21:30 16-09-2020 - 14:15
CVE-2020-14367 3.6
A flaw was found in chrony versions before 3.5.1 when creating the PID file under the /var/run/chrony folder. The file is created during chronyd startup while still running as the root user, and when it's opened for writing, chronyd does not check fo
06-12-2022 - 20:50 24-08-2020 - 15:15
CVE-2020-17507 5.0
An issue was discovered in Qt through 5.12.9, and 5.13.x through 5.15.x before 5.15.1. read_xbm_body in gui/image/qxbmhandler.cpp has a buffer over-read.
03-12-2022 - 15:13 12-08-2020 - 18:15
CVE-2020-3481 5.0
A vulnerability in the EGG archive parsing module in Clam AntiVirus (ClamAV) Software versions 0.102.0 - 0.102.3 could allow an unauthenticated, remote attacker to cause a denial of service condition on an affected device. The vulnerability is due to
03-12-2022 - 14:32 20-07-2020 - 18:15
CVE-2020-15586 4.3
Go before 1.13.13 and 1.14.x before 1.14.5 has a data race in some net/http servers, as demonstrated by the httputil.ReverseProxy Handler, because it reads a request body and writes a response at the same time.
03-12-2022 - 14:31 17-07-2020 - 16:15
CVE-2019-19221 2.1
In Libarchive 3.4.0, archive_wstring_append_from_mbs in archive_string.c has an out-of-bounds read because of an incorrect mbrtowc or mbtowc call. For example, bsdtar crashes via a crafted archive.
03-12-2022 - 14:24 21-11-2019 - 23:15
CVE-2020-25598 2.1
An issue was discovered in Xen 4.14.x. There is a missing unlock in the XENMEM_acquire_resource error path. The RCU (Read, Copy, Update) mechanism is a synchronisation primitive. A buggy error path in the XENMEM_acquire_resource exits without releasi
02-12-2022 - 20:13 23-09-2020 - 22:15
CVE-2018-19497 4.3
In The Sleuth Kit (TSK) through 4.6.4, hfs_cat_traverse in tsk/fs/hfs.c does not properly determine when a key length is too large, which allows attackers to cause a denial of service (SEGV on unknown address with READ memory access in a tsk_getu16 c
29-11-2022 - 19:18 29-11-2018 - 23:29
CVE-2019-1010065 4.3
The Sleuth Kit 4.6.0 and earlier is affected by: Integer Overflow. The impact is: Opening crafted disk image triggers crash in tsk/fs/hfs_dent.c:237. The component is: Overflow in fls tool used on HFS image. Bug is in tsk/fs/hfs.c file in function hf
29-11-2022 - 18:52 18-07-2019 - 17:15
CVE-2020-10232 7.5
In version 4.8.0 and earlier of The Sleuth Kit (TSK), there is a stack buffer overflow vulnerability in the YAFFS file timestamp parsing logic in yaffsfs_istat() in fs/yaffs.c.
29-11-2022 - 16:57 09-03-2020 - 00:15
CVE-2020-14344 4.6
An integer overflow leading to a heap-buffer overflow was found in The X Input Method (XIM) client was implemented in libX11 before version 1.6.10. As per upstream this is security relevant when setuid programs call XIM client functions while running
29-11-2022 - 02:19 05-08-2020 - 14:15
CVE-2020-15113 3.6
In etcd before versions 3.3.23 and 3.4.10, certain directory paths are created (etcd data directory and the directory path when provided to automatically generate self-signed certificates for TLS connections with clients) with restricted access permi
29-11-2022 - 02:18 05-08-2020 - 20:15
CVE-2020-10704 5.0
A flaw was found when using samba as an Active Directory Domain Controller. Due to the way samba handles certain requests as an Active Directory Domain Controller LDAP server, an unauthorized user can cause a stack overflow leading to a denial of ser
29-11-2022 - 01:53 06-05-2020 - 14:15
CVE-2018-10753 7.5
Stack-based buffer overflow in the delayed_output function in music.c in abcm2ps through 8.13.20 allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact.
28-11-2022 - 22:10 05-05-2018 - 02:29
CVE-2018-10771 7.5
Stack-based buffer overflow in the get_key function in parse.c in abcm2ps through 8.13.20 allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact.
28-11-2022 - 22:08 07-05-2018 - 02:29
CVE-2018-3846 6.8
In the ffgphd and ffgtkn functions in NASA CFITSIO 3.42, specially crafted images parsed via the library can cause a stack-based buffer overflow overwriting arbitrary data. An attacker can deliver an FIT image to trigger this vulnerability and potent
28-11-2022 - 22:07 16-04-2018 - 16:29
CVE-2020-15115 5.0
etcd before versions 3.3.23 and 3.4.10 does not perform any password length validation, which allows for very short passwords, such as those with a length of one. This may allow an attacker to guess or brute-force users' passwords with little computa
21-11-2022 - 20:36 06-08-2020 - 22:15
CVE-2020-6096 6.8
An exploitable signed comparison vulnerability exists in the ARMv7 memcpy() implementation of GNU glibc 2.30.9000. Calling memcpy() (on ARMv7 targets that utilize the GNU glibc implementation) with a negative value for the 'num' parameter results in
21-11-2022 - 19:39 01-04-2020 - 22:15
CVE-2020-25596 2.1
An issue was discovered in Xen through 4.14.x. x86 PV guest kernels can experience denial of service via SYSENTER. The SYSENTER instruction leaves various state sanitization activities to software. One of Xen's sanitization paths injects a #GP fault,
21-11-2022 - 14:24 23-09-2020 - 22:15
CVE-2020-24332 4.9
An issue was discovered in TrouSerS through 0.3.14. If the tcsd daemon is started with root privileges, the creation of the system.data file is prone to symlink attacks. The tss user can be used to create or corrupt existing files, which could possib
18-11-2022 - 21:19 13-08-2020 - 17:15
CVE-2017-18926 5.8
raptor_xml_writer_start_element_common in raptor_xml_writer.c in Raptor RDF Syntax Library 2.0.15 miscalculates the maximum nspace declarations for the XML writer, leading to heap-based buffer overflows (sometimes seen in raptor_qname_format_as_xml).
16-11-2022 - 16:33 06-11-2020 - 18:15
CVE-2020-24972 6.5
The Kleopatra component before 3.1.12 (and before 20.07.80) for GnuPG allows remote attackers to execute arbitrary code because openpgp4fpr: URLs are supported without safe handling of command-line options. The Qt platformpluginpath command-line opti
16-11-2022 - 15:12 29-08-2020 - 21:15
CVE-2020-14342 4.4
It was found that cifs-utils' mount.cifs was invoking a shell when requesting the Samba password, which could be used to inject arbitrary commands. An attacker able to invoke mount.cifs with special permission, such as via sudo rules, could use this
16-11-2022 - 15:09 09-09-2020 - 12:15
CVE-2020-25211 3.6
In the Linux kernel through 5.8.7, local attackers able to inject conntrack netlink configuration could overflow a local buffer, causing crashes or triggering use of incorrect protocol numbers in ctnetlink_parse_tuple_filter in net/netfilter/nf_connt
16-11-2022 - 15:08 09-09-2020 - 16:15
CVE-2020-15166 5.0
In ZeroMQ before version 4.3.3, there is a denial-of-service vulnerability. Users with TCP transport public endpoints, even with CURVE/ZAP enabled, are impacted. If a raw TCP socket is opened and connected to an endpoint that is fully configured with
16-11-2022 - 14:11 11-09-2020 - 16:15
CVE-2019-15505 10.0
drivers/media/usb/dvb-usb/technisat-usb2.c in the Linux kernel through 5.2.9 has an out-of-bounds read via crafted USB device traffic (which may be remote via usbip or usbredir).
16-11-2022 - 14:09 23-08-2019 - 06:15
CVE-2020-14364 4.4
An out-of-bounds read/write access flaw was found in the USB emulator of the QEMU in versions before 5.2.0. This issue occurs while processing USB packets from a guest when USBDevice 'setup_len' exceeds its 'data_buf[4096]' in the do_token_in, do_tok
16-11-2022 - 14:06 31-08-2020 - 18:15
CVE-2020-10803 3.5
In phpMyAdmin 4.x before 4.9.5 and 5.x before 5.0.2, a SQL injection vulnerability was discovered where malicious code could be used to trigger an XSS attack through retrieving and displaying results (in tbl_get_field.php and libraries/classes/Displa
16-11-2022 - 04:00 22-03-2020 - 05:15
CVE-2020-15917 7.5
common/session.c in Claws Mail before 3.17.6 has a protocol violation because suffix data after STARTTLS is mishandled.
16-11-2022 - 03:52 23-07-2020 - 19:15
CVE-2020-14295 6.5
A SQL injection issue in color.php in Cacti 1.2.12 allows an admin to inject SQL via the filter parameter. This can lead to remote command execution because the product accepts stacked queries.
16-11-2022 - 03:50 17-06-2020 - 14:15
CVE-2020-15395 6.8
In MediaInfoLib in MediaArea MediaInfo 20.03, there is a stack-based buffer over-read in Streams_Fill_PerStream in Multiple/File_MpegPs.cpp (aka an off-by-one during MpegPs parsing).
16-11-2022 - 03:47 30-06-2020 - 11:15
CVE-2020-12867 2.1
A NULL pointer dereference in sanei_epson_net_read in SANE Backends before 1.0.30 allows a malicious device connected to the same local network as the victim to cause a denial of service, aka GHSL-2020-075.
16-11-2022 - 03:45 01-06-2020 - 14:15
CVE-2020-13249 6.8
libmariadb/mariadb_lib.c in MariaDB Connector/C before 3.1.8 does not properly validate the content of an OK packet received from a server. NOTE: although mariadb_lib.c was originally based on code shipped for MySQL, this issue does not affect any My
16-11-2022 - 03:42 20-05-2020 - 19:15
CVE-2020-2026 4.6
A malicious guest compromised before a container creation (e.g. a malicious guest image or a guest running multiple containers) can trick the kata runtime into mounting the untrusted container filesystem on any host path, potentially allowing for cod
16-11-2022 - 03:40 10-06-2020 - 18:15
CVE-2020-8555 3.5
The Kubernetes kube-controller-manager in versions v1.0-1.14, versions prior to v1.15.12, v1.16.9, v1.17.5, and version v1.18.0 are vulnerable to a Server Side Request Forgery (SSRF) that allows certain authorized users to leak up to 500 bytes of arb
16-11-2022 - 03:39 05-06-2020 - 17:15
CVE-2020-10802 6.0
In phpMyAdmin 4.x before 4.9.5 and 5.x before 5.0.2, a SQL injection vulnerability has been discovered where certain parameters are not properly escaped when generating certain queries for search actions in libraries/classes/Controllers/Table/TableSe
16-11-2022 - 03:19 22-03-2020 - 05:15
CVE-2020-12783 5.0
Exim through 4.93 has an out-of-bounds read in the SPA authenticator that could result in SPA/NTLM authentication bypass in auths/spa.c and auths/auth-spa.c.
16-11-2022 - 03:17 11-05-2020 - 14:15
CVE-2020-12137 4.3
GNU Mailman 2.x before 2.1.30 uses the .obj extension for scrubbed application/octet-stream MIME parts. This behavior may contribute to XSS attacks against list-archive visitors, because an HTTP reply from an archive web server may lack a MIME type,
16-11-2022 - 03:14 24-04-2020 - 13:15
CVE-2020-10804 6.0
In phpMyAdmin 4.x before 4.9.5 and 5.x before 5.0.2, a SQL injection vulnerability was found in retrieval of the current username (in libraries/classes/Server/Privileges.php and libraries/classes/UserPassword.php). A malicious user with access to the
16-11-2022 - 03:04 22-03-2020 - 04:15
CVE-2020-12888 4.7
The VFIO PCI driver in the Linux kernel through 5.6.13 mishandles attempts to access disabled memory space.
14-11-2022 - 19:44 15-05-2020 - 18:15
CVE-2020-10029 2.1
The GNU C Library (aka glibc or libc6) before 2.32 could overflow an on-stack buffer during range reduction if an input to an 80-bit long double function contains a non-canonical bit pattern, a seen when passing a 0x5d414141414141410000 value to sinl
10-11-2022 - 03:31 04-03-2020 - 15:15
CVE-2019-18218 6.8
cdf_read_property_info in cdf.c in file through 5.37 does not restrict the number of CDF_VECTOR elements, which allows a heap-based buffer overflow (4-byte out-of-bounds write).
09-11-2022 - 17:55 21-10-2019 - 05:15
CVE-2021-23239 1.9
The sudoedit personality of Sudo before 1.9.5 may allow a local unprivileged user to perform arbitrary directory-existence tests by winning a sudo_edit.c race condition in replacing a user-controlled directory by a symlink to an arbitrary path.
09-11-2022 - 04:12 12-01-2021 - 09:15
CVE-2020-1730 5.0
A flaw was found in libssh versions before 0.8.9 and before 0.9.4 in the way it handled AES-CTR (or DES ciphers if enabled) ciphers. The server or client could crash when the connection hasn't been fully initialized and the system tries to cleanup th
08-11-2022 - 20:09 13-04-2020 - 19:15
CVE-2020-10936 7.2
Sympa before 6.2.56 allows privilege escalation.
08-11-2022 - 03:47 27-05-2020 - 18:15
CVE-2019-19054 4.7
A memory leak in the cx23888_ir_probe() function in drivers/media/pci/cx23885/cx23888-ir.c in the Linux kernel through 5.3.11 allows attackers to cause a denial of service (memory consumption) by triggering kfifo_alloc() failures, aka CID-a7b2df76b42
08-11-2022 - 03:18 18-11-2019 - 06:15
CVE-2019-19126 2.1
On the x86-64 architecture, the GNU C Library (aka glibc) before 2.31 fails to ignore the LD_PREFER_MAP_32BIT_EXEC environment variable during program execution after a security transition, allowing local attackers to restrict the possible mapping ad
08-11-2022 - 03:16 19-11-2019 - 22:15
CVE-2020-10684 3.6
A flaw was found in Ansible Engine, all versions 2.7.x, 2.8.x and 2.9.x prior to 2.7.17, 2.8.9 and 2.9.6 respectively, when using ansible_facts as a subkey of itself and promoting it to a variable when inject is enabled, overwriting the ansible_facts
08-11-2022 - 02:39 24-03-2020 - 14:15
CVE-2020-14370 4.0
An information disclosure vulnerability was found in containers/podman in versions before 2.0.5. When using the deprecated Varlink API or the Docker-compatible REST API, if multiple containers are created in a short duration, the environment variable
07-11-2022 - 20:15 23-09-2020 - 13:15
CVE-2020-25699 5.0
In moodle, insufficient capability checks could lead to users with the ability to course restore adding additional capabilities to roles within that course. Versions affected: 3.9 to 3.9.2, 3.8 to 3.8.5, 3.7 to 3.7.8, 3.5 to 3.5.14 and earlier unsupp
07-11-2022 - 20:08 19-11-2020 - 17:15
CVE-2019-14818 5.0
A flaw was found in all dpdk version 17.x.x before 17.11.8, 16.x.x before 16.11.10, 18.x.x before 18.11.4 and 19.x.x before 19.08.1 where a malicious master, or a container with access to vhost_user socket, can send specially crafted VRING_SET_NUM me
07-11-2022 - 19:45 14-11-2019 - 17:15
CVE-2019-19063 4.9
Two memory leaks in the rtl_usb_probe() function in drivers/net/wireless/realtek/rtlwifi/usb.c in the Linux kernel through 5.3.11 allow attackers to cause a denial of service (memory consumption), aka CID-3f9361695113.
07-11-2022 - 17:20 18-11-2019 - 06:15
CVE-2019-19057 2.1
Two memory leaks in the mwifiex_pcie_init_evt_ring() function in drivers/net/wireless/marvell/mwifiex/pcie.c in the Linux kernel through 5.3.11 allow attackers to cause a denial of service (memory consumption) by triggering mwifiex_map_pci_memory() f
07-11-2022 - 15:14 18-11-2019 - 06:15
CVE-2020-13882 3.7
CISOfy Lynis before 3.0.0 has Incorrect Access Control because of a TOCTOU race condition. The routine to check the log and report file permissions was not working as intended and could be bypassed locally. Because of the race, an unprivileged attack
07-11-2022 - 13:37 18-06-2020 - 18:15
CVE-2019-25013 7.1
The iconv feature in the GNU C Library (aka glibc or libc6) through 2.32, when processing invalid multi-byte input sequences in the EUC-KR encoding, may have a buffer over-read.
03-11-2022 - 19:37 04-01-2021 - 18:15
CVE-2019-9852 6.8
LibreOffice has a feature where documents can specify that pre-installed macros can be executed on various script events such as mouse-over, document-open etc. Access is intended to be restricted to scripts under the share/Scripts/python, user/Script
03-11-2022 - 17:48 15-08-2019 - 22:15
CVE-2019-16746 7.5
An issue was discovered in net/wireless/nl80211.c in the Linux kernel through 5.2.17. It does not check the length of variable elements in a beacon head, leading to a buffer overflow.
03-11-2022 - 02:39 24-09-2019 - 06:15
CVE-2009-2948 1.9
mount.cifs in Samba 3.0 before 3.0.37, 3.2 before 3.2.15, 3.3 before 3.3.8 and 3.4 before 3.4.2, when mount.cifs is installed suid root, does not properly enforce permissions, which allows local users to read part of the credentials file and obtain t
31-10-2022 - 15:03 07-10-2009 - 18:30
CVE-2020-17368 7.5
Firejail through 0.9.62 mishandles shell metacharacters during use of the --output or --output-stderr option, which may lead to command injection.
29-10-2022 - 02:39 11-08-2020 - 16:15
CVE-2020-12100 5.0
In Dovecot before 2.3.11.3, uncontrolled recursion in submission, lmtp, and lda allows remote attackers to cause a denial of service (resource consumption) via a crafted e-mail message with deeply nested MIME parts.
29-10-2022 - 02:39 12-08-2020 - 16:15
CVE-2020-1753 2.1
A security flaw was found in Ansible Engine, all Ansible 2.7.x versions prior to 2.7.17, all Ansible 2.8.x versions prior to 2.8.11 and all Ansible 2.9.x versions prior to 2.9.7, when managing kubernetes using the k8s module. Sensitive parameters suc
29-10-2022 - 02:34 16-03-2020 - 15:15
CVE-2019-10746 7.5
mixin-deep is vulnerable to Prototype Pollution in versions before 1.3.2 and version 2.0.0. The function mixin-deep could be tricked into adding or modifying properties of Object.prototype using a constructor payload.
29-10-2022 - 02:31 23-08-2019 - 17:15
CVE-2020-12666 5.8
macaron before 1.3.7 has an open redirect in the static handler, as demonstrated by the http://127.0.0.1:4000//example.com/ URL.
28-10-2022 - 23:30 05-05-2020 - 22:15
CVE-2020-6469 6.8
Insufficient policy enforcement in developer tools in Google Chrome prior to 83.0.4103.61 allowed an attacker who convinced a user to install a malicious extension to potentially perform a sandbox escape via a crafted Chrome Extension.
28-10-2022 - 23:27 21-05-2020 - 04:15
CVE-2020-6478 4.3
Inappropriate implementation in full screen in Google Chrome prior to 83.0.4103.61 allowed a remote attacker to spoof security UI via a crafted HTML page.
28-10-2022 - 23:10 21-05-2020 - 04:15
CVE-2020-6568 4.3
Insufficient policy enforcement in intent handling in Google Chrome on Android prior to 85.0.4183.83 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page.
28-10-2022 - 23:02 21-09-2020 - 20:15
CVE-2020-6567 4.3
Insufficient validation of untrusted input in command line handling in Google Chrome on Windows prior to 85.0.4183.83 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page.
28-10-2022 - 23:01 21-09-2020 - 20:15
CVE-2020-2757 4.3
Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Serialization). Supported versions that are affected are Java SE: 7u251, 8u241, 11.0.6 and 14; Java SE Embedded: 8u241. Difficult to exploit vulnerability allows una
27-10-2022 - 23:04 15-04-2020 - 14:15
CVE-2020-2756 4.3
Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Serialization). Supported versions that are affected are Java SE: 7u251, 8u241, 11.0.6 and 14; Java SE Embedded: 8u241. Difficult to exploit vulnerability allows una
27-10-2022 - 23:03 15-04-2020 - 14:15
CVE-2020-2755 4.3
Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Scripting). Supported versions that are affected are Java SE: 8u241, 11.0.6 and 14; Java SE Embedded: 8u241. Difficult to exploit vulnerability allows unauthenticate
27-10-2022 - 23:03 15-04-2020 - 14:15
CVE-2020-2800 5.8
Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Lightweight HTTP Server). Supported versions that are affected are Java SE: 7u251, 8u241, 11.0.6 and 14; Java SE Embedded: 8u241. Difficult to exploit vulnerability
27-10-2022 - 23:01 15-04-2020 - 14:15
CVE-2020-2803 5.1
Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Libraries). Supported versions that are affected are Java SE: 7u251, 8u241, 11.0.6 and 14; Java SE Embedded: 8u241. Difficult to exploit vulnerability allows unauthe
27-10-2022 - 23:01 15-04-2020 - 14:15
CVE-2020-2805 5.1
Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Libraries). Supported versions that are affected are Java SE: 7u251, 8u241, 11.0.6 and 14; Java SE Embedded: 8u241. Difficult to exploit vulnerability allows unauthe
27-10-2022 - 23:01 15-04-2020 - 14:15
CVE-2020-14556 5.8
Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Libraries). Supported versions that are affected are Java SE: 8u251, 11.0.7 and 14.0.1; Java SE Embedded: 8u251. Difficult to exploit vulnerability allows unauthenti
27-10-2022 - 23:01 15-07-2020 - 18:15
CVE-2020-14577 4.3
Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: JSSE). Supported versions that are affected are Java SE: 7u261, 8u251, 11.0.7 and 14.0.1; Java SE Embedded: 8u251. Difficult to exploit vulnerability allows unauthen
27-10-2022 - 23:00 15-07-2020 - 18:15
CVE-2020-14573 4.3
Vulnerability in the Java SE product of Oracle Java SE (component: Hotspot). Supported versions that are affected are Java SE: 11.0.7 and 14.0.1. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple prot
27-10-2022 - 23:00 15-07-2020 - 18:15
CVE-2020-14583 5.1
Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Libraries). Supported versions that are affected are Java SE: 7u261, 8u251, 11.0.7 and 14.0.1; Java SE Embedded: 8u251. Difficult to exploit vulnerability allows una
27-10-2022 - 22:59 15-07-2020 - 18:15
CVE-2020-14578 4.3
Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Libraries). Supported versions that are affected are Java SE: 7u261 and 8u251; Java SE Embedded: 8u251. Difficult to exploit vulnerability allows unauthenticated att
27-10-2022 - 22:59 15-07-2020 - 18:15
CVE-2020-14581 4.3
Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: 2D). Supported versions that are affected are Java SE: 8u251, 11.0.7 and 14.0.1; Java SE Embedded: 8u251. Difficult to exploit vulnerability allows unauthenticated a
27-10-2022 - 22:59 15-07-2020 - 18:15
CVE-2020-14579 4.3
Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Libraries). Supported versions that are affected are Java SE: 7u261 and 8u251; Java SE Embedded: 8u251. Difficult to exploit vulnerability allows unauthenticated att
27-10-2022 - 22:59 15-07-2020 - 18:15
CVE-2020-14621 5.0
Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: JAXP). Supported versions that are affected are Java SE: 7u261, 8u251, 11.0.7 and 14.0.1; Java SE Embedded: 8u251. Easily exploitable vulnerability allows unauthenti
27-10-2022 - 22:58 15-07-2020 - 18:15
CVE-2020-14593 4.3
Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: 2D). Supported versions that are affected are Java SE: 7u261, 8u251, 11.0.7 and 14.0.1; Java SE Embedded: 8u251. Easily exploitable vulnerability allows unauthentica
27-10-2022 - 22:58 15-07-2020 - 18:15
CVE-2018-1285 7.5
Apache log4net versions before 2.0.10 do not disable XML external entities when parsing log4net configuration files. This allows for XXE-based attacks in applications that accept attacker-controlled log4net configuration files.
27-10-2022 - 20:05 11-05-2020 - 17:15
CVE-2015-4802 4.0
Unspecified vulnerability in Oracle MySQL Server 5.5.45 and earlier and 5.6.26 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : Partition, a different vulnerability than CVE-2015-4792.
27-10-2022 - 19:13 21-10-2015 - 21:59
CVE-2019-17545 7.5
GDAL through 3.0.1 has a poolDestroy double free in OGRExpatRealloc in ogr/ogr_expat.cpp when the 10MB threshold is exceeded.
27-10-2022 - 17:29 14-10-2019 - 02:15
CVE-2020-15117 4.0
In Synergy before version 1.12.0, a Synergy server can be crashed by receiving a kMsgHelloBack packet with a client name length set to 0xffffffff (4294967295) if the servers memory is less than 4 GB. It was verified that this issue does not cause a c
21-10-2022 - 18:02 15-07-2020 - 18:15
CVE-2020-28941 4.9
An issue was discovered in drivers/accessibility/speakup/spk_ttyio.c in the Linux kernel through 5.9.9. Local attackers on systems with the speakup driver could cause a local denial of service attack, aka CID-d41227544427. This occurs because of an i
19-10-2022 - 14:44 19-11-2020 - 19:15
CVE-2020-8945 5.1
The proglottis Go wrapper before 0.1.1 for the GPGME library has a use-after-free, as demonstrated by use for container image pulls by Docker or CRI-O. This leads to a crash or potential code execution during GPG signature verification.
18-10-2022 - 17:59 12-02-2020 - 18:15
CVE-2019-13723 6.8
Use after free in WebBluetooth in Google Chrome prior to 78.0.3904.108 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page.
14-10-2022 - 16:56 25-11-2019 - 15:15
CVE-2020-29129 4.0
ncsi.c in libslirp through 4.3.1 has a buffer over-read because it tries to read a certain amount of header data even if that exceeds the total packet length.
14-10-2022 - 12:22 26-11-2020 - 20:15
CVE-2019-9851 7.5
LibreOffice is typically bundled with LibreLogo, a programmable turtle vector graphics script, which can execute arbitrary python commands contained with the document it is launched from. Protection was added, to address CVE-2019-9848, to block calli
14-10-2022 - 02:58 15-08-2019 - 22:15
CVE-2019-9850 7.5
LibreOffice is typically bundled with LibreLogo, a programmable turtle vector graphics script, which can execute arbitrary python commands contained with the document it is launched from. LibreOffice also has a feature where documents can specify tha
14-10-2022 - 02:57 15-08-2019 - 22:15
CVE-2020-0198 5.0
In exif_data_load_data_content of exif-data.c, there is a possible UBSAN abort due to an integer overflow. This could lead to remote denial of service with no additional execution privileges needed. User interaction is needed for exploitation.Product
14-10-2022 - 02:43 11-06-2020 - 15:15
CVE-2020-0181 5.0
In exif_data_load_data_thumbnail of exif-data.c, there is a possible denial of service due to an integer overflow. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploita
14-10-2022 - 02:41 11-06-2020 - 15:15
CVE-2019-9433 4.3
In libvpx, there is a possible information disclosure due to improper input validation. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVers
14-10-2022 - 02:09 27-09-2019 - 19:15
CVE-2019-9371 7.1
In libvpx, there is a possible resource exhaustion due to improper input validation. This could lead to remote denial of service with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: An
14-10-2022 - 02:07 27-09-2019 - 19:15
CVE-2019-9325 4.3
In libvpx, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: A
14-10-2022 - 01:53 27-09-2019 - 19:15
CVE-2019-9278 6.8
In libexif, there is a possible out of bounds write due to an integer overflow. This could lead to remote escalation of privilege in the media content provider with no additional execution privileges needed. User interaction is needed for exploitatio
14-10-2022 - 01:47 27-09-2019 - 19:15
CVE-2019-9232 5.0
In libvpx, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Product: AndroidVersion
14-10-2022 - 01:44 27-09-2019 - 19:15
CVE-2020-29651 5.0
A denial of service via regular expression in the py.path.svnwc component of py (aka python-py) through 1.9.0 could be used by attackers to cause a compute-time denial of service attack by supplying malicious input to the blame functionality.
12-10-2022 - 17:08 09-12-2020 - 07:15
CVE-2020-26257 4.0
Matrix is an ecosystem for open federated Instant Messaging and VoIP. Synapse is a reference "homeserver" implementation of Matrix. A malicious or poorly-implemented homeserver can inject malformed events into a room by specifying a different room id
12-10-2022 - 14:01 09-12-2020 - 19:15
CVE-2020-5247 5.0
In Puma (RubyGem) before 4.3.2 and before 3.12.3, if an application using Puma allows untrusted input in a response header, an attacker can use newline characters (i.e. `CR`, `LF` or`/r`, `/n`) to end the header and inject malicious content, such as
12-10-2022 - 13:35 28-02-2020 - 17:15
CVE-2019-5429 6.8
Untrusted search path in FileZilla before 3.41.0-rc1 allows an attacker to gain privileges via a malicious 'fzsftp' binary in the user's home directory.
11-10-2022 - 20:15 29-04-2019 - 15:29
CVE-2019-5817 6.8
Heap buffer overflow in ANGLE in Google Chrome on Windows prior to 74.0.3729.108 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
11-10-2022 - 14:59 27-06-2019 - 17:15
CVE-2019-5818 4.3
Uninitialized data in media in Google Chrome prior to 74.0.3729.108 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted video file.
11-10-2022 - 14:59 27-06-2019 - 17:15
CVE-2019-5816 6.8
Process lifetime issue in Chrome in Google Chrome on Android prior to 74.0.3729.108 allowed a remote attacker to potentially persist an exploited process via a crafted HTML page.
11-10-2022 - 14:53 27-06-2019 - 17:15
CVE-2019-5814 4.3
Insufficient policy enforcement in Blink in Google Chrome prior to 74.0.3729.108 allowed a remote attacker to leak cross-origin data via a crafted HTML page.
11-10-2022 - 14:52 27-06-2019 - 17:15
CVE-2019-5811 6.8
Incorrect handling of CORS in ServiceWorker in Google Chrome prior to 74.0.3729.108 allowed a remote attacker to bypass same origin policy via a crafted HTML page.
11-10-2022 - 14:51 27-06-2019 - 17:15
CVE-2019-5809 6.8
Use after free in file chooser in Google Chrome prior to 74.0.3729.108 allowed a remote attacker who had compromised the renderer process to perform privilege escalation via a crafted HTML page.
11-10-2022 - 14:49 27-06-2019 - 17:15
CVE-2019-5808 6.8
Use after free in Blink in Google Chrome prior to 74.0.3729.108 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
11-10-2022 - 14:49 27-06-2019 - 17:15
CVE-2019-5810 4.3
Information leak in autofill in Google Chrome prior to 74.0.3729.108 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page.
11-10-2022 - 14:49 27-06-2019 - 17:15
CVE-2019-5807 6.8
Object lifetime issue in V8 in Google Chrome prior to 74.0.3729.108 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
11-10-2022 - 14:43 27-06-2019 - 17:15
CVE-2019-5806 6.8
Integer overflow in ANGLE in Google Chrome on Windows prior to 74.0.3729.108 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
11-10-2022 - 14:43 27-06-2019 - 17:15
CVE-2019-5805 4.3
Use-after-free in PDFium in Google Chrome prior to 74.0.3729.108 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file.
11-10-2022 - 14:42 27-06-2019 - 17:15
CVE-2019-5820 6.8
Integer overflow in PDFium in Google Chrome prior to 74.0.3729.108 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file.
11-10-2022 - 14:18 27-06-2019 - 17:15
CVE-2020-9402 6.5
Django 1.11 before 1.11.29, 2.2 before 2.2.11, and 3.0 before 3.0.4 allows SQL Injection if untrusted data is used as a tolerance parameter in GIS functions and aggregates on Oracle. By passing a suitably crafted tolerance to GIS functions and aggreg
08-10-2022 - 03:23 05-03-2020 - 15:15
CVE-2020-8794 10.0
OpenSMTPD before 6.6.4 allows remote code execution because of an out-of-bounds read in mta_io in mta_session.c for multi-line replies. Although this vulnerability affects the client side of OpenSMTPD, it is possible to attack a server because the se
08-10-2022 - 02:48 25-02-2020 - 17:15
CVE-2019-5813 6.8
Use after free in V8 in Google Chrome prior to 74.0.3729.108 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
07-10-2022 - 18:55 27-06-2019 - 17:15
CVE-2019-19451 4.9
When GNOME Dia before 2019-11-27 is launched with a filename argument that is not a valid codepoint in the current encoding, it enters an endless loop, thus endlessly writing text to stdout. If this launch is from a thumbnailer service, this output w
07-10-2022 - 17:52 29-11-2019 - 23:15
CVE-2020-8619 4.0
In ISC BIND9 versions BIND 9.11.14 -> 9.11.19, BIND 9.14.9 -> 9.14.12, BIND 9.16.0 -> 9.16.3, BIND Supported Preview Edition 9.11.14-S1 -> 9.11.19-S1: Unless a nameserver is providing authoritative service for one or more zones and at least one zone
07-10-2022 - 15:26 17-06-2020 - 22:15
CVE-2020-27670 6.9
An issue was discovered in Xen through 4.14.x allowing x86 guest OS users to cause a denial of service (data corruption), cause a data leak, or possibly gain privileges because an AMD IOMMU page-table entry can be half-updated.
07-10-2022 - 15:24 22-10-2020 - 21:15
CVE-2020-25866 5.0
In Wireshark 3.2.0 to 3.2.6 and 3.0.0 to 3.0.13, the BLIP protocol dissector has a NULL pointer dereference because a buffer was sized for compressed (not uncompressed) messages. This was addressed in epan/dissectors/packet-blip.c by allowing reasona
07-10-2022 - 15:19 06-10-2020 - 15:15
CVE-2019-1010315 4.3
WavPack 5.1 and earlier is affected by: CWE 369: Divide by Zero. The impact is: Divide by zero can lead to sudden crash of a software/service that tries to parse a .wav file. The component is: ParseDsdiffHeaderConfig (dsdiff.c:282). The attack vector
07-10-2022 - 15:06 11-07-2019 - 20:15
CVE-2020-6566 4.3
Insufficient policy enforcement in media in Google Chrome prior to 85.0.4183.83 allowed a remote attacker to leak cross-origin data via a crafted HTML page.
07-10-2022 - 15:05 21-09-2020 - 20:15
CVE-2020-6565 4.3
Inappropriate implementation in Omnibox in Google Chrome on iOS prior to 85.0.4183.83 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page.
07-10-2022 - 15:05 21-09-2020 - 20:15
CVE-2019-11135 2.1
TSX Asynchronous Abort condition on some CPUs utilizing speculative execution may allow an authenticated user to potentially enable information disclosure via a side channel with local access.
07-10-2022 - 15:03 14-11-2019 - 19:15
CVE-2020-6425 5.8
Insufficient policy enforcement in extensions in Google Chrome prior to 80.0.3987.149 allowed an attacker who convinced a user to install a malicious extension to bypass site isolation via a crafted Chrome Extension.
07-10-2022 - 13:58 23-03-2020 - 16:15
CVE-2019-11498 4.3
WavpackSetConfiguration64 in pack_utils.c in libwavpack.a in WavPack through 5.1.0 has a "Conditional jump or move depends on uninitialised value" condition, which might allow attackers to cause a denial of service (application crash) via a DFF file
07-10-2022 - 13:44 24-04-2019 - 05:29
CVE-2020-24584 5.0
An issue was discovered in Django 2.2 before 2.2.16, 3.0 before 3.0.10, and 3.1 before 3.1.1 (when Python 3.7+ is used). The intermediate-level directories of the filesystem cache had the system's standard umask rather than 0o077.
07-10-2022 - 13:20 01-09-2020 - 13:15
CVE-2020-24583 5.0
An issue was discovered in Django 2.2 before 2.2.16, 3.0 before 3.0.10, and 3.1 before 3.1.1 (when Python 3.7+ is used). FILE_UPLOAD_DIRECTORY_PERMISSIONS mode was not applied to intermediate-level directories created in the process of uploading file
07-10-2022 - 13:14 01-09-2020 - 13:15
CVE-2020-9490 5.0
Apache HTTP Server versions 2.4.20 to 2.4.43. A specially crafted value for the 'Cache-Digest' header in a HTTP/2 request would result in a crash when the server actually tries to HTTP/2 PUSH a resource afterwards. Configuring the HTTP/2 feature via
07-10-2022 - 12:58 07-08-2020 - 16:15
CVE-2020-9274 5.0
An issue was discovered in Pure-FTPd 1.0.49. An uninitialized pointer vulnerability has been detected in the diraliases linked list. When the *lookup_alias(const char alias) or print_aliases(void) function is called, they fail to correctly detect the
07-10-2022 - 12:44 26-02-2020 - 16:15
CVE-2018-17825 7.5
An issue was discovered in AdPlug 2.3.1. There are several double-free vulnerabilities in the CEmuopl class in emuopl.cpp because of a destructor's two OPLDestroy calls, each of which frees TL_TABLE, SIN_TABLE, AMS_TABLE, and VIB_TABLE.
07-10-2022 - 02:08 01-10-2018 - 08:29
CVE-2020-6456 4.3
Insufficient validation of untrusted input in clipboard in Google Chrome prior to 81.0.4044.92 allowed a local attacker to bypass site isolation via crafted clipboard contents.
07-10-2022 - 01:51 13-04-2020 - 18:15
CVE-2020-6455 6.8
Out of bounds read in WebSQL in Google Chrome prior to 81.0.4044.92 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
07-10-2022 - 01:51 13-04-2020 - 18:15
CVE-2020-6445 4.3
Insufficient policy enforcement in trusted types in Google Chrome prior to 81.0.4044.92 allowed a remote attacker to bypass content security policy via a crafted HTML page.
07-10-2022 - 01:51 13-04-2020 - 18:15
CVE-2020-6452 6.8
Heap buffer overflow in media in Google Chrome prior to 80.0.3987.162 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
07-10-2022 - 01:48 13-04-2020 - 18:15
CVE-2020-6442 4.3
Inappropriate implementation in cache in Google Chrome prior to 81.0.4044.92 allowed a remote attacker to leak cross-origin data via a crafted HTML page.
07-10-2022 - 01:48 13-04-2020 - 18:15
CVE-2020-6443 6.8
Insufficient data validation in developer tools in Google Chrome prior to 81.0.4044.92 allowed a remote attacker who had convinced the user to use devtools to execute arbitrary code via a crafted HTML page.
07-10-2022 - 01:47 13-04-2020 - 18:15
CVE-2020-6446 4.3
Insufficient policy enforcement in trusted types in Google Chrome prior to 81.0.4044.92 allowed a remote attacker to bypass content security policy via a crafted HTML page.
07-10-2022 - 01:46 13-04-2020 - 18:15
CVE-2020-6441 4.3
Insufficient policy enforcement in omnibox in Google Chrome prior to 81.0.4044.92 allowed a remote attacker to bypass security UI via a crafted HTML page.
07-10-2022 - 01:46 13-04-2020 - 18:15
CVE-2019-17052 2.1
ax25_create in net/ax25/af_ax25.c in the AF_AX25 network module in the Linux kernel 3.16 through 5.3.2 does not enforce CAP_NET_RAW, which means that unprivileged users can create a raw socket, aka CID-0614e2b73768.
07-10-2022 - 01:38 01-10-2019 - 14:15
CVE-2013-7488 5.0
perl-Convert-ASN1 (aka the Convert::ASN1 module for Perl) through 0.27 allows remote attackers to cause an infinite loop via unexpected input.
07-10-2022 - 01:06 07-04-2020 - 18:15
CVE-2020-11864 4.3
libEMF (aka ECMA-234 Metafile Library) through 1.0.11 allows denial of service (issue 2 of 2).
07-10-2022 - 00:53 11-05-2020 - 16:15
CVE-2020-11865 6.8
libEMF (aka ECMA-234 Metafile Library) through 1.0.11 allows out-of-bounds memory access.
07-10-2022 - 00:52 11-05-2020 - 16:15
CVE-2020-11866 6.8
libEMF (aka ECMA-234 Metafile Library) through 1.0.11 allows a use-after-free.
07-10-2022 - 00:50 11-05-2020 - 16:15
CVE-2020-11863 4.3
libEMF (aka ECMA-234 Metafile Library) through 1.0.11 allows denial of service (issue 1 of 2).
06-10-2022 - 20:51 11-05-2020 - 16:15
CVE-2020-11100 6.5
In hpack_dht_insert in hpack-tbl.c in the HPACK decoder in HAProxy 1.8 through 2.x before 2.1.4, a remote attacker can write arbitrary bytes around a certain location on the heap via a crafted HTTP/2 request, possibly causing remote code execution.
06-10-2022 - 20:51 02-04-2020 - 15:15
CVE-2020-6816 4.3
In Mozilla Bleach before 3.12, a mutation XSS in bleach.clean when RCDATA and either svg or math tags are whitelisted and the keyword argument strip=False.
06-10-2022 - 20:45 24-03-2020 - 22:15
CVE-2020-6437 4.3
Inappropriate implementation in WebView in Google Chrome prior to 81.0.4044.92 allowed a remote attacker to spoof security UI via a crafted application.
06-10-2022 - 20:44 13-04-2020 - 18:15
CVE-2020-6440 4.3
Inappropriate implementation in extensions in Google Chrome prior to 81.0.4044.92 allowed an attacker who convinced a user to install a malicious extension to obtain potentially sensitive information via a crafted Chrome Extension.
06-10-2022 - 20:44 13-04-2020 - 18:15
CVE-2020-6433 4.3
Insufficient policy enforcement in extensions in Google Chrome prior to 81.0.4044.92 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page.
06-10-2022 - 20:39 13-04-2020 - 18:15
CVE-2020-6439 6.8
Insufficient policy enforcement in navigations in Google Chrome prior to 81.0.4044.92 allowed a remote attacker to bypass security UI via a crafted HTML page.
06-10-2022 - 20:39 13-04-2020 - 18:15
CVE-2020-6435 4.3
Insufficient policy enforcement in extensions in Google Chrome prior to 81.0.4044.92 allowed a remote attacker who had compromised the renderer process to bypass navigation restrictions via a crafted HTML page.
06-10-2022 - 20:39 13-04-2020 - 18:15
CVE-2019-15151 7.5
AdPlug 2.3.1 has a double free in the Cu6mPlayer class in u6m.h.
06-10-2022 - 20:21 18-08-2019 - 21:15
CVE-2019-1020014 2.1
docker-credential-helpers before 0.6.3 has a double free in the List functions.
06-10-2022 - 20:20 29-07-2019 - 13:15
CVE-2020-6802 4.3
In Mozilla Bleach before 3.11, a mutation XSS affects users calling bleach.clean with noscript and a raw tag in the allowed/whitelisted tags option.
06-10-2022 - 20:16 24-03-2020 - 22:15
CVE-2019-14691 6.8
AdPlug 2.3.1 has a heap-based buffer overflow in CdtmLoader::load() in dtm.cpp.
06-10-2022 - 20:12 06-08-2019 - 13:15
CVE-2019-14690 6.8
AdPlug 2.3.1 has a heap-based buffer overflow in CxadbmfPlayer::__bmf_convert_stream() in bmf.cpp.
06-10-2022 - 20:12 06-08-2019 - 13:15
CVE-2020-6431 4.3
Insufficient policy enforcement in full screen in Google Chrome prior to 81.0.4044.92 allowed a remote attacker to spoof security UI via a crafted HTML page.
06-10-2022 - 20:09 13-04-2020 - 18:15
CVE-2020-6432 4.3
Insufficient policy enforcement in navigations in Google Chrome prior to 81.0.4044.92 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page.
06-10-2022 - 19:58 13-04-2020 - 18:15
CVE-2019-14734 6.8
AdPlug 2.3.1 has multiple heap-based buffer overflows in CmtkLoader::load() in mtk.cpp.
06-10-2022 - 19:55 07-08-2019 - 01:15
CVE-2020-27845 4.3
There's a flaw in src/lib/openjp2/pi.c of openjpeg in versions prior to 2.4.0. If an attacker is able to provide untrusted input to openjpeg's conversion/encoding functionality, they could cause an out-of-bounds read. The highest impact of this flaw
06-10-2022 - 19:06 05-01-2021 - 18:15
CVE-2020-27841 4.3
There's a flaw in openjpeg in versions prior to 2.4.0 in src/lib/openjp2/pi.c. When an attacker is able to provide crafted input to be processed by the openjpeg encoder, this could cause an out-of-bounds read. The greatest impact from this flaw is to
06-10-2022 - 19:05 05-01-2021 - 18:15
CVE-2020-35381 7.8
jsonparser 1.0.0 allows attackers to cause a denial of service (panic: runtime error: slice bounds out of range) via a GET call.
06-10-2022 - 18:05 15-12-2020 - 21:15
CVE-2019-1010317 4.3
WavPack 5.1.0 and earlier is affected by: CWE-457: Use of Uninitialized Variable. The impact is: Unexpected control flow, crashes, and segfaults. The component is: ParseCaffHeaderConfig (caff.c:486). The attack vector is: Maliciously crafted .wav fil
06-10-2022 - 18:02 11-07-2019 - 20:15
CVE-2019-18823 7.5
HTCondor up to and including stable series 8.8.6 and development series 8.9.4 has Incorrect Access Control. It is possible to use a different authentication method to submit a job than the administrator has specified. If the administrator has configu
06-10-2022 - 17:49 27-04-2020 - 15:15
CVE-2020-0549 2.1
Cleanup errors in some data cache evictions for some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.
05-10-2022 - 20:46 28-01-2020 - 01:15
CVE-2020-6466 6.8
Use after free in media in Google Chrome prior to 83.0.4103.61 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page.
05-10-2022 - 20:23 21-05-2020 - 04:15
CVE-2020-6465 6.8
Use after free in reader mode in Google Chrome on Android prior to 83.0.4103.61 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page.
05-10-2022 - 20:13 21-05-2020 - 04:15
CVE-2020-6485 4.3
Insufficient data validation in media router in Google Chrome prior to 83.0.4103.61 allowed a remote attacker who had compromised the renderer process to bypass navigation restrictions via a crafted HTML page.
05-10-2022 - 19:29 21-05-2020 - 04:15
CVE-2020-6488 4.3
Insufficient policy enforcement in downloads in Google Chrome prior to 83.0.4103.61 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page.
05-10-2022 - 19:29 21-05-2020 - 04:15
CVE-2020-6484 4.3
Insufficient data validation in ChromeDriver in Google Chrome prior to 83.0.4103.61 allowed a remote attacker to bypass navigation restrictions via a crafted request.
05-10-2022 - 19:29 21-05-2020 - 04:15
CVE-2020-6491 4.3
Insufficient data validation in site information in Google Chrome prior to 83.0.4103.61 allowed a remote attacker to spoof security UI via a crafted domain name.
05-10-2022 - 19:29 21-05-2020 - 04:15
CVE-2020-6479 4.3
Inappropriate implementation in sharing in Google Chrome prior to 83.0.4103.61 allowed a remote attacker to spoof security UI via a crafted HTML page.
05-10-2022 - 18:59 21-05-2020 - 04:15
CVE-2020-6564 4.3
Inappropriate implementation in permissions in Google Chrome prior to 85.0.4183.83 allowed a remote attacker to spoof the contents of a permission dialog via a crafted HTML page.
05-10-2022 - 18:26 21-09-2020 - 20:15
CVE-2020-6563 4.3
Insufficient policy enforcement in intent handling in Google Chrome on Android prior to 85.0.4183.83 allowed a remote attacker to obtain potentially sensitive information from disk via a crafted HTML page.
05-10-2022 - 18:25 21-09-2020 - 20:15
CVE-2020-6560 4.3
Insufficient policy enforcement in autofill in Google Chrome prior to 85.0.4183.83 allowed a remote attacker to leak cross-origin data via a crafted HTML page.
05-10-2022 - 16:38 21-09-2020 - 20:15
CVE-2020-35479 4.3
MediaWiki before 1.35.1 allows XSS via BlockLogFormatter.php. Language::translateBlockExpiry itself does not escape in all code paths. For example, the return of Language::userTimeAndDate is is always unsafe for HTML in a month value. This affects Me
05-10-2022 - 16:09 18-12-2020 - 08:15
CVE-2020-35478 4.3
MediaWiki before 1.35.1 allows XSS via BlockLogFormatter.php. MediaWiki:blanknamespace potentially can be output as raw HTML with SCRIPT tags via LogFormatter::makePageLink(). This affects MediaWiki 1.33.0 and later.
05-10-2022 - 16:02 18-12-2020 - 08:15
CVE-2020-25602 4.6
An issue was discovered in Xen through 4.14.x. An x86 PV guest can trigger a host OS crash when handling guest access to MSR_MISC_ENABLE. When a guest accesses certain Model Specific Registers, Xen first reads the value from hardware to use as the ba
30-09-2022 - 03:44 23-09-2020 - 22:15
CVE-2020-25604 1.9
An issue was discovered in Xen through 4.14.x. There is a race condition when migrating timers between x86 HVM vCPUs. When migrating timers of x86 HVM guests between its vCPUs, the locking model used allows for a second vCPU of the same guest (also o
30-09-2022 - 03:44 23-09-2020 - 22:15
CVE-2015-4836 2.8
Unspecified vulnerability in Oracle MySQL Server 5.5.45 and earlier, and 5.6.26 and earlier, allows remote authenticated users to affect availability via unknown vectors related to Server : SP.
29-09-2022 - 16:44 21-10-2015 - 23:59
CVE-2020-14562 5.0
Vulnerability in the Java SE product of Oracle Java SE (component: ImageIO). Supported versions that are affected are Java SE: 11.0.7 and 14.0.1. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protoc
27-09-2022 - 20:14 15-07-2020 - 18:15
CVE-2020-2781 5.0
Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: JSSE). Supported versions that are affected are Java SE: 7u251, 8u241, 11.0.6 and 14; Java SE Embedded: 8u241. Easily exploitable vulnerability allows unauthenticate
25-09-2022 - 16:15 15-04-2020 - 14:15
CVE-2020-2773 4.3
Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Security). Supported versions that are affected are Java SE: 7u251, 8u241, 11.0.6 and 14; Java SE Embedded: 8u241. Difficult to exploit vulnerability allows unauthen
25-09-2022 - 16:15 15-04-2020 - 14:15
CVE-2019-16789 6.4
In Waitress through version 1.4.0, if a proxy server is used in front of waitress, an invalid request may be sent by an attacker that bypasses the front-end and is parsed differently by waitress leading to a potential for HTTP request smuggling. Spec
23-09-2022 - 18:58 26-12-2019 - 17:15
CVE-2019-16786 5.0
Waitress through version 1.3.1 would parse the Transfer-Encoding header and only look for a single string value, if that value was not chunked it would fall through and use the Content-Length header instead. According to the HTTP standard Transfer-En
23-09-2022 - 18:58 20-12-2019 - 23:15
CVE-2019-16785 5.0
Waitress through version 1.3.1 implemented a "MAY" part of the RFC7230 which states: "Although the line terminator for the start-line and header fields is the sequence CRLF, a recipient MAY recognize a single LF as a line terminator and ignore any pr
23-09-2022 - 18:58 20-12-2019 - 23:15
CVE-2006-5752 4.3
Cross-site scripting (XSS) vulnerability in mod_status.c in the mod_status module in Apache HTTP Server (httpd), when ExtendedStatus is enabled and a public server-status page is used, allows remote attackers to inject arbitrary web script or HTML vi
21-09-2022 - 19:34 27-06-2007 - 17:30
CVE-2007-3304 4.7
Apache httpd 1.3.37, 2.0.59, and 2.2.4 with the Prefork MPM module, allows local users to cause a denial of service by modifying the worker_score and process_score arrays to reference an arbitrary process ID, which is sent a SIGUSR1 signal from the m
21-09-2022 - 19:34 20-06-2007 - 22:30
CVE-2008-0005 4.3
mod_proxy_ftp in Apache 2.2.x before 2.2.7-dev, 2.0.x before 2.0.62-dev, and 1.3.x before 1.3.40-dev does not define a charset, which allows remote attackers to conduct cross-site scripting (XSS) attacks using UTF-7 encoding.
21-09-2022 - 19:10 12-01-2008 - 00:46
CVE-2015-0374 3.5
Unspecified vulnerability in Oracle MySQL Server 5.5.40 and earlier and 5.6.21 and earlier allows remote authenticated users to affect confidentiality via unknown vectors related to Server : Security : Privileges : Foreign Key.
20-09-2022 - 20:44 21-01-2015 - 18:59
CVE-2015-4861 3.5
Unspecified vulnerability in Oracle MySQL Server 5.5.45 and earlier, and 5.6.26 and earlier, allows remote authenticated users to affect availability via unknown vectors related to Server : InnoDB.
20-09-2022 - 20:30 21-10-2015 - 23:59
CVE-2015-4913 3.5
Unspecified vulnerability in Oracle MySQL Server 5.5.45 and earlier and 5.6.26 and earlier allows remote authenticated users to affect availability via vectors related to Server : DML, a different vulnerability than CVE-2015-4858.
20-09-2022 - 20:29 22-10-2015 - 00:00
CVE-2015-4807 3.5
Unspecified vulnerability in Oracle MySQL Server 5.5.45 and earlier and 5.6.26 and earlier, when running on Windows, allows remote authenticated users to affect availability via unknown vectors related to Server : Query Cache.
20-09-2022 - 20:29 21-10-2015 - 21:59
CVE-2015-4895 3.5
Unspecified vulnerability in Oracle MySQL Server 5.6.25 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : InnoDB.
20-09-2022 - 20:26 21-10-2015 - 23:59
CVE-2009-3095 5.0
The mod_proxy_ftp module in the Apache HTTP Server allows remote attackers to bypass intended access restrictions and send arbitrary commands to an FTP server via vectors related to the embedding of these commands in the Authorization HTTP header, as
19-09-2022 - 19:50 08-09-2009 - 18:30
CVE-2009-3094 2.6
The ap_proxy_ftp_handler function in modules/proxy/proxy_ftp.c in the mod_proxy_ftp module in the Apache HTTP Server 2.0.63 and 2.2.13 allows remote FTP servers to cause a denial of service (NULL pointer dereference and child process crash) via a mal
19-09-2022 - 19:49 08-09-2009 - 18:30
CVE-2014-6568 3.5
Unspecified vulnerability in Oracle MySQL Server 5.5.40 and earlier, and 5.6.21 and earlier, allows remote authenticated users to affect availability via vectors related to Server : InnoDB : DML.
16-09-2022 - 19:56 21-01-2015 - 15:28
CVE-2014-3470 4.3
The ssl3_send_client_key_exchange function in s3_clnt.c in OpenSSL before 0.9.8za, 1.0.0 before 1.0.0m, and 1.0.1 before 1.0.1h, when an anonymous ECDH cipher suite is used, allows remote attackers to cause a denial of service (NULL pointer dereferen
16-09-2022 - 19:54 05-06-2014 - 21:55
CVE-2015-4792 1.7
Unspecified vulnerability in Oracle MySQL Server 5.5.45 and earlier and 5.6.26 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : Partition, a different vulnerability than CVE-2015-4802.
15-09-2022 - 21:01 21-10-2015 - 21:59
CVE-2020-9281 4.3
A cross-site scripting (XSS) vulnerability in the HTML Data Processor for CKEditor 4.0 before 4.14 allows remote attackers to inject arbitrary web script through a crafted "protected" comment (with the cke_protected syntax).
12-09-2022 - 13:51 07-03-2020 - 01:15
CVE-2020-16116 4.3
In kerfuffle/jobs.cpp in KDE Ark before 20.08.0, a crafted archive can install files outside the extraction directory via ../ directory traversal.
12-09-2022 - 03:55 03-08-2020 - 20:15
CVE-2020-24654 4.3
In KDE Ark before 20.08.1, a crafted TAR archive with symlinks can install files outside the extraction directory, as demonstrated by a write operation to a user's home directory.
12-09-2022 - 03:54 02-09-2020 - 17:15
CVE-2020-8617 4.3
Using a specially-crafted message, an attacker may potentially cause a BIND server to reach an inconsistent state if the attacker knows (or successfully guesses) the name of a TSIG key used by the server. Since BIND, by default, configures a local se
09-09-2022 - 17:47 19-05-2020 - 14:15
CVE-2015-4826 4.0
Unspecified vulnerability in Oracle MySQL Server 5.5.45 and earlier and 5.6.26 and earlier allows remote authenticated users to affect confidentiality via unknown vectors related to Server : Types.
08-09-2022 - 20:55 21-10-2015 - 21:59
CVE-2015-4816 4.0
Unspecified vulnerability in Oracle MySQL Server 5.5.44 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : InnoDB.
08-09-2022 - 20:55 21-10-2015 - 21:59
CVE-2015-4815 4.0
Unspecified vulnerability in Oracle MySQL Server 5.5.45 and earlier and 5.6.26 and earlier allows remote authenticated users to affect availability via vectors related to Server : DDL.
08-09-2022 - 20:54 21-10-2015 - 21:59
CVE-2015-4870 4.0
Unspecified vulnerability in Oracle MySQL Server 5.5.45 and earlier, and 5.6.26 and earlier, allows remote authenticated users to affect availability via unknown vectors related to Server : Parser.
08-09-2022 - 20:44 21-10-2015 - 23:59
CVE-2015-4830 4.0
Unspecified vulnerability in Oracle MySQL Server 5.5.45 and earlier and 5.6.26 and earlier allows remote authenticated users to affect integrity via unknown vectors related to Server : Security : Privileges.
08-09-2022 - 20:43 21-10-2015 - 21:59
CVE-2015-4858 4.0
Unspecified vulnerability in Oracle MySQL Server 5.5.45 and earlier, and 5.6.26 and earlier, allows remote authenticated users to affect availability via vectors related to DML, a different vulnerability than CVE-2015-4913.
08-09-2022 - 20:43 21-10-2015 - 23:59
CVE-2016-5387 6.8
The Apache HTTP Server through 2.4.23 follows RFC 3875 section 4.1.18 and therefore does not protect applications from the presence of untrusted client data in the HTTP_PROXY environment variable, which might allow remote attackers to redirect an app
07-09-2022 - 17:40 19-07-2016 - 02:00
CVE-2019-0197 4.9
A vulnerability was found in Apache HTTP Server 2.4.34 to 2.4.38. When HTTP/2 was enabled for a http: host or H2Upgrade was enabled for h2 on a https: host, an Upgrade request from http/1.1 to http/2 that was not the first request on a connection cou
07-09-2022 - 17:36 11-06-2019 - 22:29
CVE-2020-25275 5.0
Dovecot before 2.3.13 has Improper Input Validation in lda, lmtp, and imap, leading to an application crash via a crafted email message with certain choices for ten thousand MIME parts.
02-09-2022 - 15:46 04-01-2021 - 17:15
CVE-2020-24386 4.9
An issue was discovered in Dovecot before 2.3.13. By using IMAP IDLE, an authenticated attacker can trigger unhibernation via attacker-controlled parameters, leading to access to other users' email messages (and path disclosure).
02-09-2022 - 15:45 04-01-2021 - 17:15
CVE-2020-35496 4.3
There's a flaw in bfd_pef_scan_start_address() of bfd/pef.c in binutils which could allow an attacker who is able to submit a crafted file to be processed by objdump to cause a NULL pointer dereference. The greatest threat of this flaw is to applicat
02-09-2022 - 15:45 04-01-2021 - 15:15
CVE-2020-15306 2.1
An issue was discovered in OpenEXR before v2.5.2. Invalid chunkCount attributes could cause a heap buffer overflow in getChunkOffsetTableSize() in IlmImf/ImfMisc.cpp.
02-09-2022 - 15:45 26-06-2020 - 01:15
CVE-2020-35493 4.3
A flaw exists in binutils in bfd/pef.c. An attacker who is able to submit a crafted PEF file to be parsed by objdump could cause a heap buffer overflow -> out-of-bounds read that could lead to an impact to application availability. This flaw affects
02-09-2022 - 15:44 04-01-2021 - 15:15
CVE-2020-35494 5.8
There's a flaw in binutils /opcodes/tic4x-dis.c. An attacker who is able to submit a crafted input file to be processed by binutils could cause usage of uninitialized memory. The highest threat is to application availability with a lower threat to da
02-09-2022 - 15:44 04-01-2021 - 15:15
CVE-2020-35495 4.3
There's a flaw in binutils /bfd/pef.c. An attacker who is able to submit a crafted input file to be processed by the objdump program could cause a null pointer dereference. The greatest threat from this flaw is to application availability. This flaw
02-09-2022 - 15:44 04-01-2021 - 15:15
CVE-2020-15305 2.1
An issue was discovered in OpenEXR before 2.5.2. Invalid input could cause a use-after-free in DeepScanLineInputFile::DeepScanLineInputFile() in IlmImf/ImfDeepScanLineInputFile.cpp.
02-09-2022 - 15:43 26-06-2020 - 01:15
CVE-2020-15304 2.1
An issue was discovered in OpenEXR before 2.5.2. An invalid tiled input file could cause invalid memory access in TiledInputFile::TiledInputFile() in IlmImf/ImfTiledInputFile.cpp, as demonstrated by a NULL pointer dereference.
02-09-2022 - 15:43 26-06-2020 - 01:15
CVE-2020-10725 4.0
A flaw was found in DPDK version 19.11 and above that allows a malicious guest to cause a segmentation fault of the vhost-user backend application running on the host, which could result in a loss of connectivity for the other guests running on that
02-09-2022 - 15:36 20-05-2020 - 14:15
CVE-2020-10723 4.6
A memory corruption issue was found in DPDK versions 17.05 and above. This flaw is caused by an integer truncation on the index of a payload. Under certain circumstances, the index (a UInt) is copied and truncated into a uint16, which can lead to out
02-09-2022 - 15:36 19-05-2020 - 19:15
CVE-2020-10722 4.6
A vulnerability was found in DPDK versions 18.05 and above. A missing check for an integer overflow in vhost_user_set_log_base() could result in a smaller memory map than requested, possibly allowing memory corruption.
02-09-2022 - 15:36 19-05-2020 - 19:15
CVE-2020-10726 2.1
A vulnerability was found in DPDK versions 19.11 and above. A malicious container that has direct access to the vhost-user socket can keep sending VHOST_USER_GET_INFLIGHT_FD messages, causing a resource leak (file descriptors and virtual memory), whi
02-09-2022 - 15:34 20-05-2020 - 14:15
CVE-2020-13254 4.3
An issue was discovered in Django 2.2 before 2.2.13 and 3.0 before 3.0.7. In cases where a memcached backend does not perform key validation, passing malformed cache keys could result in a key collision, and potential data leakage.
02-09-2022 - 15:33 03-06-2020 - 14:15
CVE-2020-17498 4.3
In Wireshark 3.2.0 to 3.2.5, the Kafka protocol dissector could crash. This was addressed in epan/dissectors/packet-kafka.c by avoiding a double free during LZ4 decompression.
02-09-2022 - 15:31 13-08-2020 - 16:15
CVE-2020-13596 4.3
An issue was discovered in Django 2.2 before 2.2.13 and 3.0 before 3.0.7. Query parameters generated by the Django admin ForeignKeyRawIdWidget were not properly URL encoded, leading to a possibility of an XSS attack.
02-09-2022 - 15:31 03-06-2020 - 14:15
CVE-2012-6150 3.6
The winbind_name_list_to_sid_string_list function in nsswitch/pam_winbind.c in Samba through 4.1.2 handles invalid require_membership_of group names by accepting authentication by any user, which allows remote authenticated users to bypass intended a
01-09-2022 - 16:34 03-12-2013 - 19:55
CVE-2013-4475 4.0
Samba 3.2.x through 3.6.x before 3.6.20, 4.0.x before 4.0.11, and 4.1.x before 4.1.1, when vfs_streams_depot or vfs_streams_xattr is enabled, allows remote attackers to bypass intended file restrictions by leveraging ACL differences between a file an
01-09-2022 - 16:34 13-11-2013 - 15:55
CVE-2014-0178 3.5
Samba 3.6.6 through 3.6.23, 4.0.x before 4.0.18, and 4.1.x before 4.1.8, when a certain vfs shadow copy configuration is enabled, does not properly initialize the SRV_SNAPSHOT_ARRAY response field, which allows remote authenticated users to obtain po
01-09-2022 - 16:34 28-05-2014 - 04:58
CVE-2015-0382 4.3
Unspecified vulnerability in Oracle MySQL Server 5.5.40 and earlier and 5.6.21 and earlier allows remote attackers to affect availability via unknown vectors related to Server : Replication, a different vulnerability than CVE-2015-0381.
30-08-2022 - 17:36 21-01-2015 - 18:59
CVE-2015-0381 4.3
Unspecified vulnerability in Oracle MySQL Server 5.5.40 and earlier and 5.6.21 and earlier allows remote attackers to affect availability via unknown vectors related to Server : Replication, a different vulnerability than CVE-2015-0382.
30-08-2022 - 17:30 21-01-2015 - 18:59
CVE-2020-2812 4.0
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Stored Procedure). Supported versions that are affected are 5.6.47 and prior, 5.7.29 and prior and 8.0.19 and prior. Easily exploitable vulnerability allows high privileged
29-08-2022 - 21:00 15-04-2020 - 14:15
CVE-2020-2814 4.0
Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions that are affected are 5.6.47 and prior, 5.7.28 and prior and 8.0.18 and prior. Easily exploitable vulnerability allows high privileged attacker with net
29-08-2022 - 21:00 15-04-2020 - 14:15
CVE-2015-0432 4.0
Unspecified vulnerability in Oracle MySQL Server 5.5.40 and earlier allows remote authenticated users to affect availability via vectors related to Server : InnoDB : DDL : Foreign Key.
29-08-2022 - 20:57 21-01-2015 - 19:59
CVE-2010-5298 4.0
Race condition in the ssl3_read_bytes function in s3_pkt.c in OpenSSL through 1.0.1g, when SSL_MODE_RELEASE_BUFFERS is enabled, allows remote attackers to inject data across sessions or cause a denial of service (use-after-free and parsing error) via
29-08-2022 - 20:53 14-04-2014 - 22:38
CVE-2020-2752 3.5
Vulnerability in the MySQL Client product of Oracle MySQL (component: C API). Supported versions that are affected are 5.6.47 and prior, 5.7.27 and prior and 8.0.17 and prior. Difficult to exploit vulnerability allows low privileged attacker with net
29-08-2022 - 20:50 15-04-2020 - 14:15
CVE-2014-0198 4.3
The do_ssl3_write function in s3_pkt.c in OpenSSL 1.x through 1.0.1g, when SSL_MODE_RELEASE_BUFFERS is enabled, does not properly manage a buffer pointer during certain recursive calls, which allows remote attackers to cause a denial of service (NULL
29-08-2022 - 20:50 06-05-2014 - 10:44
CVE-2014-0221 4.3
The dtls1_get_message_fragment function in d1_both.c in OpenSSL before 0.9.8za, 1.0.0 before 1.0.0m, and 1.0.1 before 1.0.1h allows remote attackers to cause a denial of service (recursion and client crash) via a DTLS hello message in an invalid DTLS
29-08-2022 - 20:49 05-06-2014 - 21:55
CVE-2019-2739 3.6
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Security: Privileges). Supported versions that are affected are 5.6.44 and prior, 5.7.26 and prior and 8.0.16 and prior. Easily exploitable vulnerability allows high p
29-08-2022 - 20:48 23-07-2019 - 23:15
CVE-2020-14550 3.5
Vulnerability in the MySQL Client product of Oracle MySQL (component: C API). Supported versions that are affected are 5.6.48 and prior, 5.7.30 and prior and 8.0.20 and prior. Difficult to exploit vulnerability allows low privileged attacker with net
29-08-2022 - 20:48 15-07-2020 - 18:15
CVE-2015-7540 5.0
The LDAP server in the AD domain controller in Samba 4.x before 4.1.22 does not check return values to ensure successful ASN.1 memory allocation, which allows remote attackers to cause a denial of service (memory consumption and daemon crash) via cra
29-08-2022 - 20:44 29-12-2015 - 22:59
CVE-2018-0734 4.3
The OpenSSL DSA signature algorithm has been shown to be vulnerable to a timing side channel attack. An attacker could use variations in the signing algorithm to recover the private key. Fixed in OpenSSL 1.1.1a (Affected 1.1.1). Fixed in OpenSSL 1.1.
29-08-2022 - 20:41 30-10-2018 - 12:29
CVE-2015-5252 5.0
vfs.c in smbd in Samba 3.x and 4.x before 4.1.22, 4.2.x before 4.2.7, and 4.3.x before 4.3.3, when share names with certain substring relationships exist, allows remote attackers to bypass intended file-access restrictions via a symlink that points o
29-08-2022 - 20:26 29-12-2015 - 22:59
CVE-2016-2118 6.8
The MS-SAMR and MS-LSAD protocol implementations in Samba 3.x and 4.x before 4.2.11, 4.3.x before 4.3.8, and 4.4.x before 4.4.2 mishandle DCERPC connections, which allows man-in-the-middle attackers to perform protocol-downgrade attacks and impersona
29-08-2022 - 20:20 12-04-2016 - 23:59
CVE-2008-1105 7.5
Heap-based buffer overflow in the receive_smb_raw function in util/sock.c in Samba 3.0.0 through 3.0.29 allows remote attackers to execute arbitrary code via a crafted SMB response.
29-08-2022 - 20:12 29-05-2008 - 16:32
CVE-2019-11047 6.4
When PHP EXIF extension is parsing EXIF information from an image, e.g. via exif_read_data() function, in PHP versions 7.2.x below 7.2.26, 7.3.x below 7.3.13 and 7.4.0 it is possible to supply it with data what will cause it to read past the allocate
29-08-2022 - 20:10 23-12-2019 - 03:15
CVE-2007-3007 5.0
PHP 5 before 5.2.3 does not enforce the open_basedir or safe_mode restriction in certain cases, which allows context-dependent attackers to determine the existence of arbitrary files by checking if the readfile function returns a string. NOTE: this
29-08-2022 - 20:07 04-06-2007 - 17:30
CVE-2020-10700 2.6
A use-after-free flaw was found in the way samba AD DC LDAP servers, handled 'Paged Results' control is combined with the 'ASQ' control. A malicious user in a samba AD could use this flaw to cause denial of service. This issue affects all samba versi
29-08-2022 - 20:07 04-05-2020 - 21:15
CVE-2015-5296 4.3
Samba 3.x and 4.x before 4.1.22, 4.2.x before 4.2.7, and 4.3.x before 4.3.3 supports connections that are encrypted but unsigned, which allows man-in-the-middle attackers to conduct encrypted-to-unencrypted downgrade attacks by modifying the client-s
29-08-2022 - 20:06 29-12-2015 - 22:59
CVE-2015-3152 4.3
Oracle MySQL before 5.7.3, Oracle MySQL Connector/C (aka libmysqlclient) before 6.1.3, and MariaDB before 5.5.44 use the --ssl option to mean that SSL is optional, which allows man-in-the-middle attackers to spoof servers via a cleartext-downgrade at
29-08-2022 - 20:05 16-05-2016 - 10:59
CVE-2015-5299 5.0
The shadow_copy2_get_shadow_copy_data function in modules/vfs_shadow_copy2.c in Samba 3.x and 4.x before 4.1.22, 4.2.x before 4.2.7, and 4.3.x before 4.3.3 does not verify that the DIRECTORY_LIST access right has been granted, which allows remote att
29-08-2022 - 20:04 29-12-2015 - 22:59
CVE-2013-4496 5.0
Samba 3.x before 3.6.23, 4.0.x before 4.0.16, and 4.1.x before 4.1.6 does not enforce the password-guessing protection mechanism for all interfaces, which makes it easier for remote attackers to obtain access via brute-force ChangePasswordUser2 (1) S
29-08-2022 - 20:04 14-03-2014 - 10:55
CVE-2019-19246 5.0
Oniguruma through 6.9.3, as used in PHP 7.3.x and other products, has a heap-based buffer over-read in str_lower_case_match in regexec.c.
29-08-2022 - 20:03 25-11-2019 - 17:15
CVE-2015-7560 4.0
The SMB1 implementation in smbd in Samba 3.x and 4.x before 4.1.23, 4.2.x before 4.2.9, 4.3.x before 4.3.6, and 4.4.x before 4.4.0rc4 allows remote authenticated users to modify arbitrary ACLs by using a UNIX SMB1 call to create a symlink, and then u
29-08-2022 - 20:03 13-03-2016 - 22:59
CVE-2019-3880 5.5
A flaw was found in the way samba implemented an RPC endpoint emulating the Windows registry service API. An unprivileged attacker could use this flaw to create a new registry hive file anywhere they have unix permissions which could lead to creation
29-08-2022 - 20:02 09-04-2019 - 16:29
CVE-2018-19841 4.3
The function WavpackVerifySingleBlock in open_utils.c in libwavpack.a in WavPack through 5.1.0 allows attackers to cause a denial-of-service (out-of-bounds read and application crash) via a crafted WavPack Lossless Audio file, as demonstrated by wvun
19-08-2022 - 21:44 04-12-2018 - 09:29
CVE-2019-1559 4.3
If an application encounters a fatal protocol error and then calls SSL_shutdown() twice (once to send a close_notify, and once to receive one) then OpenSSL can respond differently to the calling application if a 0 byte record is received with invalid
19-08-2022 - 11:14 27-02-2019 - 23:29
CVE-2010-2089 5.0
The audioop module in Python 2.7 and 3.2 does not verify the relationships between size arguments and byte string lengths, which allows context-dependent attackers to cause a denial of service (memory corruption and application crash) via crafted arg
16-08-2022 - 13:32 27-05-2010 - 19:30
CVE-2012-0831 6.8
PHP before 5.3.10 does not properly perform a temporary change to the magic_quotes_gpc directive during the importing of environment variables, which makes it easier for remote attackers to conduct SQL injection attacks via a crafted request, related
16-08-2022 - 13:31 10-02-2012 - 20:55
CVE-2014-0224 5.8
OpenSSL before 0.9.8za, 1.0.0 before 1.0.0m, and 1.0.1 before 1.0.1h does not properly restrict processing of ChangeCipherSpec messages, which allows man-in-the-middle attackers to trigger use of a zero-length master key in certain OpenSSL-to-OpenSSL
16-08-2022 - 13:30 05-06-2014 - 21:55
CVE-2016-5386 6.8
The net/http package in Go through 1.6 does not attempt to address RFC 3875 section 4.1.18 namespace conflicts and therefore does not protect CGI applications from the presence of untrusted client data in the HTTP_PROXY environment variable, which mi
16-08-2022 - 13:17 19-07-2016 - 02:00
CVE-2019-9947 4.3
An issue was discovered in urllib2 in Python 2.x through 2.7.16 and urllib in Python 3.x through 3.7.3. CRLF injection is possible if the attacker controls a url parameter, as demonstrated by the first argument to urllib.request.urlopen with \r\n (sp
16-08-2022 - 13:00 23-03-2019 - 18:29
CVE-2019-9740 4.3
An issue was discovered in urllib2 in Python 2.x through 2.7.16 and urllib in Python 3.x through 3.7.3. CRLF injection is possible if the attacker controls a url parameter, as demonstrated by the first argument to urllib.request.urlopen with \r\n (sp
16-08-2022 - 13:00 13-03-2019 - 03:29
CVE-2018-0732 5.0
During key agreement in a TLS handshake using a DH(E) based ciphersuite a malicious server can send a very large prime value to the client. This will cause the client to spend an unreasonably long period of time generating a key for this prime result
16-08-2022 - 13:00 12-06-2018 - 13:29
CVE-2019-9511 7.8
Some HTTP/2 implementations are vulnerable to window size manipulation and stream prioritization manipulation, potentially leading to a denial of service. The attacker requests a large amount of data from a specified resource over multiple streams. T
12-08-2022 - 18:43 13-08-2019 - 21:15
CVE-2019-9512 7.8
Some HTTP/2 implementations are vulnerable to ping floods, potentially leading to a denial of service. The attacker sends continual pings to an HTTP/2 peer, causing the peer to build an internal queue of responses. Depending on how efficiently this d
12-08-2022 - 18:41 13-08-2019 - 21:15
CVE-2019-9513 7.8
Some HTTP/2 implementations are vulnerable to resource loops, potentially leading to a denial of service. The attacker creates multiple request streams and continually shuffles the priority of the streams in a way that causes substantial churn to the
12-08-2022 - 18:41 13-08-2019 - 21:15
CVE-2019-9518 7.8
Some HTTP/2 implementations are vulnerable to a flood of empty frames, potentially leading to a denial of service. The attacker sends a stream of frames with an empty payload and without the end-of-stream flag. These frames can be DATA, HEADERS, CONT
12-08-2022 - 18:40 13-08-2019 - 21:15
CVE-2019-9515 7.8
Some HTTP/2 implementations are vulnerable to a settings flood, potentially leading to a denial of service. The attacker sends a stream of SETTINGS frames to the peer. Since the RFC requires that the peer reply with one acknowledgement per SETTINGS f
12-08-2022 - 18:40 13-08-2019 - 21:15
CVE-2020-10531 6.8
An issue was discovered in International Components for Unicode (ICU) for C/C++ through 66.1. An integer overflow, leading to a heap-based buffer overflow, exists in the UnicodeString::doAppend() function in common/unistr.cpp.
12-08-2022 - 18:28 12-03-2020 - 19:15
CVE-2009-1725 9.3
WebKit in Apple Safari before 4.0.2, as used on iPhone OS before 3.1, iPhone OS before 3.1.1 for iPod touch, and other platforms; KHTML in kdelibs in KDE; QtWebKit (aka Qt toolkit); and possibly other products do not properly handle numeric character
09-08-2022 - 13:48 09-07-2009 - 17:30
CVE-2009-1698 9.3
WebKit in Apple Safari before 4.0, iPhone OS 1.0 through 2.2.1, and iPhone OS for iPod touch 1.1 through 2.2.1 does not initialize a pointer during handling of a Cascading Style Sheets (CSS) attr function call with a large numerical argument, which a
09-08-2022 - 13:48 10-06-2009 - 18:00
CVE-2020-35176 5.0
In AWStats through 7.8, cgi-bin/awstats.pl?config= accepts a partial absolute pathname (omitting the initial /etc), even though it was intended to only read a file in the /etc/awstats/awstats.conf format. NOTE: this issue exists because of an incompl
06-08-2022 - 03:52 12-12-2020 - 00:15
CVE-2020-27828 6.8
There's a flaw in jasper's jpc encoder in versions prior to 2.0.23. Crafted input provided to jasper by an attacker could cause an arbitrary out-of-bounds write. This could potentially affect data confidentiality, integrity, or application availabili
06-08-2022 - 03:50 11-12-2020 - 04:15
CVE-2020-13584 6.8
An exploitable use-after-free vulnerability exists in WebKitGTK browser version 2.30.1 x64. A specially crafted HTML web page can cause a use-after-free condition, resulting in a remote code execution. The victim needs to visit a malicious web site t
06-08-2022 - 03:49 03-12-2020 - 17:15
CVE-2020-27783 4.3
A XSS vulnerability was discovered in python-lxml's clean module. The module's parser didn't properly imitate browsers, which caused different behaviors between the sanitizer and the user's page. A remote attacker could exploit this flaw to run arbit
06-08-2022 - 03:49 03-12-2020 - 17:15
CVE-2020-14776 4.0
Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions that are affected are 5.7.31 and prior and 8.0.21 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via mu
05-08-2022 - 17:13 21-10-2020 - 15:15
CVE-2019-2737 4.0
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server : Pluggable Auth). Supported versions that are affected are 5.6.44 and prior, 5.7.26 and prior and 8.0.16 and prior. Easily exploitable vulnerability allows high privil
05-08-2022 - 17:13 23-07-2019 - 23:15
CVE-2020-14789 4.0
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: FTS). Supported versions that are affected are 5.7.31 and prior and 8.0.21 and prior. Easily exploitable vulnerability allows high privileged attacker with network access v
05-08-2022 - 17:01 21-10-2020 - 15:15
CVE-2019-9516 6.8
Some HTTP/2 implementations are vulnerable to a header leak, potentially leading to a denial of service. The attacker sends a stream of headers with a 0-length header name and 0-length header value, optionally Huffman encoded into 1-byte or greater h
05-08-2022 - 14:52 13-08-2019 - 21:15
CVE-2015-4879 4.6
Unspecified vulnerability in Oracle MySQL Server 5.5.44 and earlier, and 5.6.25 and earlier, allows remote authenticated users to affect confidentiality, integrity, and availability via vectors related to DML.
05-08-2022 - 14:25 21-10-2015 - 23:59
CVE-2010-4180 4.3
OpenSSL before 0.9.8q, and 1.0.x before 1.0.0c, when SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG is enabled, does not properly prevent modification of the ciphersuite in the session cache, which allows remote attackers to force the downgrade to an uninte
04-08-2022 - 19:59 06-12-2010 - 21:05
CVE-2014-8964 5.0
Heap-based buffer overflow in PCRE 8.36 and earlier allows remote attackers to cause a denial of service (crash) or have other unspecified impact via a crafted regular expression, related to an assertion that allows zero repeats.
04-08-2022 - 19:58 16-12-2014 - 18:59
CVE-2020-2780 4.0
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: DML). Supported versions that are affected are 5.6.47 and prior, 5.7.29 and prior and 8.0.19 and prior. Easily exploitable vulnerability allows low privileged attacker with
04-08-2022 - 19:43 15-04-2020 - 14:15
CVE-2019-2974 4.0
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 5.6.45 and prior, 5.7.27 and prior and 8.0.17 and prior. Easily exploitable vulnerability allows low privileged attacke
04-08-2022 - 19:42 16-10-2019 - 18:15
CVE-2019-2740 4.0
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: XML). Supported versions that are affected are 5.6.44 and prior, 5.7.26 and prior and 8.0.16 and prior. Easily exploitable vulnerability allows low privileged attacker
04-08-2022 - 19:36 23-07-2019 - 23:15
CVE-2019-16777 5.5
Versions of the npm CLI prior to 6.13.4 are vulnerable to an Arbitrary File Overwrite. It fails to prevent existing globally-installed binaries to be overwritten by other package installations. For example, if a package was installed globally and cre
02-08-2022 - 20:45 13-12-2019 - 01:15
CVE-2019-16776 5.5
Versions of the npm CLI prior to 6.13.3 are vulnerable to an Arbitrary File Write. It fails to prevent access to folders outside of the intended node_modules folder through the bin field. A properly constructed entry in the package.json bin field wou
02-08-2022 - 20:45 13-12-2019 - 01:15
CVE-2020-15095 1.9
Versions of the npm CLI prior to 6.14.6 are vulnerable to an information exposure vulnerability through log files. The CLI supports URLs like "<protocol>://[<user>[:<password>]@]<hostname>[:<port>][:][/]<path>". The password value is not redacted and
02-08-2022 - 20:44 07-07-2020 - 19:15
CVE-2019-15892 7.8
An issue was discovered in Varnish Cache before 6.0.4 LTS, and 6.1.x and 6.2.x before 6.2.1. An HTTP/1 parsing failure allows a remote attacker to trigger an assert by sending crafted HTTP/1 requests. The assert will cause an automatic restart with a
02-08-2022 - 19:00 03-09-2019 - 21:15
CVE-2008-2371 7.5
Heap-based buffer overflow in pcre_compile.c in the Perl-Compatible Regular Expression (PCRE) library 7.7 allows context-dependent attackers to cause a denial of service (crash) or possibly execute arbitrary code via a regular expression that begins
01-08-2022 - 15:54 07-07-2008 - 23:41
CVE-2019-5823 5.8
Insufficient policy enforcement in service workers in Google Chrome prior to 74.0.3729.108 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page.
29-07-2022 - 17:28 27-06-2019 - 17:15
CVE-2019-5824 6.8
Parameter passing error in media in Google Chrome prior to 74.0.3729.131 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
29-07-2022 - 17:28 27-06-2019 - 17:15
CVE-2019-5822 6.8
Inappropriate implementation in Blink in Google Chrome prior to 74.0.3729.108 allowed a remote attacker to bypass same origin policy via a crafted HTML page.
29-07-2022 - 17:27 27-06-2019 - 17:15
CVE-2019-5827 6.8
Integer overflow in SQLite via WebSQL in Google Chrome prior to 74.0.3729.131 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
29-07-2022 - 17:26 27-06-2019 - 17:15
CVE-2019-5828 6.8
Object lifecycle issue in ServiceWorker in Google Chrome prior to 75.0.3770.80 allowed a remote attacker to potentially perform out of bounds memory access via a crafted HTML page.
29-07-2022 - 17:23 27-06-2019 - 17:15
CVE-2019-5829 6.8
Integer overflow in download manager in Google Chrome prior to 75.0.3770.80 allowed a remote attacker to potentially perform out of bounds memory access via a crafted HTML page.
29-07-2022 - 17:21 27-06-2019 - 17:15
CVE-2019-5821 6.8
Integer overflow in PDFium in Google Chrome prior to 74.0.3729.108 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file.
29-07-2022 - 17:21 27-06-2019 - 17:15
CVE-2019-5830 4.3
Insufficient policy enforcement in CORS in Google Chrome prior to 75.0.3770.80 allowed a remote attacker to leak cross-origin data via a crafted HTML page.
29-07-2022 - 17:20 27-06-2019 - 17:15
CVE-2019-5831 6.8
Object lifecycle issue in V8 in Google Chrome prior to 75.0.3770.80 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
29-07-2022 - 17:19 27-06-2019 - 17:15
CVE-2019-5832 4.3
Insufficient policy enforcement in XMLHttpRequest in Google Chrome prior to 75.0.3770.80 allowed a remote attacker to leak cross-origin data via a crafted HTML page.
29-07-2022 - 17:18 27-06-2019 - 17:15
CVE-2019-5833 4.3
Incorrect dialog box scoping in browser in Google Chrome on Android prior to 75.0.3770.80 allowed a remote attacker to display misleading security UI via a crafted HTML page.
29-07-2022 - 17:17 27-06-2019 - 17:15
CVE-2019-5835 4.3
Object lifecycle issue in SwiftShader in Google Chrome prior to 75.0.3770.80 allowed a remote attacker to potentially perform out of bounds memory access via a crafted HTML page.
29-07-2022 - 17:16 27-06-2019 - 17:15
CVE-2019-5836 6.8
Heap buffer overflow in ANGLE in Google Chrome prior to 75.0.3770.80 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
29-07-2022 - 17:14 27-06-2019 - 17:15
CVE-2019-5837 4.3
Resource size information leakage in Blink in Google Chrome prior to 75.0.3770.80 allowed a remote attacker to leak cross-origin data via a crafted HTML page.
29-07-2022 - 17:13 27-06-2019 - 17:15
CVE-2019-5839 4.3
Excessive data validation in URL parser in Google Chrome prior to 75.0.3770.80 allowed a remote attacker who convinced a user to input a URL to bypass website URL validation via a crafted URL.
29-07-2022 - 17:12 27-06-2019 - 17:15
CVE-2019-5840 4.3
Incorrect security UI in popup blocker in Google Chrome on iOS prior to 75.0.3770.80 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page.
29-07-2022 - 17:11 27-06-2019 - 17:15
CVE-2020-14586 4.0
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Security: Privileges). Supported versions that are affected are 8.0.20 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via m
28-07-2022 - 16:56 15-07-2020 - 18:15
CVE-2020-14576 4.0
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: UDF). Supported versions that are affected are 5.7.30 and prior and 8.0.20 and prior. Easily exploitable vulnerability allows low privileged attacker with network access vi
28-07-2022 - 16:54 15-07-2020 - 18:15
CVE-2018-1060 5.0
python before versions 2.7.15, 3.4.9, 3.5.6rc1, 3.6.5rc1 and 3.7.0 is vulnerable to catastrophic backtracking in pop3lib's apop() method. An attacker could use this flaw to cause denial of service.
28-07-2022 - 11:31 18-06-2018 - 14:29
CVE-2019-15903 5.0
In libexpat before 2.2.8, crafted XML input could fool the parser into changing from DTD parsing to document parsing too early; a consecutive call to XML_GetCurrentLineNumber (or XML_GetCurrentColumnNumber) then resulted in a heap-based buffer over-r
28-07-2022 - 11:23 04-09-2019 - 06:15
CVE-2019-9636 5.0
Python 2.7.x through 2.7.16 and 3.x through 3.7.2 is affected by: Improper Handling of Unicode Encoding (with an incorrect netloc) during NFKC normalization. The impact is: Information disclosure (credentials, cookies, etc. that are cached against a
25-07-2022 - 18:15 08-03-2019 - 21:29
CVE-2020-7595 5.0
xmlStringLenDecodeEntities in parser.c in libxml2 2.9.10 has an infinite loop in a certain end-of-file situation.
25-07-2022 - 18:15 21-01-2020 - 23:15
CVE-2020-9484 4.4
When using Apache Tomcat versions 10.0.0-M1 to 10.0.0-M4, 9.0.0.M1 to 9.0.34, 8.5.0 to 8.5.54 and 7.0.0 to 7.0.103 if a) an attacker is able to control the contents and name of a file on the server; and b) the server is configured to use the Persiste
25-07-2022 - 18:15 20-05-2020 - 19:15
CVE-2019-20388 5.0
xmlSchemaPreRun in xmlschemas.c in libxml2 2.9.10 allows an xmlSchemaValidateStream memory leak.
25-07-2022 - 18:15 21-01-2020 - 23:15
CVE-2020-1927 5.8
In Apache HTTP Server 2.4.0 to 2.4.41, redirects configured with mod_rewrite that were intended to be self-referential might be fooled by encoded newlines and redirect instead to an an unexpected URL within the request URL.
25-07-2022 - 18:15 02-04-2020 - 00:15
CVE-2019-10086 7.5
In Apache Commons Beanutils 1.9.2, a special BeanIntrospector class was added which allows suppressing the ability for an attacker to access the classloader via the class property available on all Java objects. We, however were not using this by defa
25-07-2022 - 18:15 20-08-2019 - 21:15
CVE-2020-24977 6.4
GNOME project libxml2 v2.9.10 has a global buffer over-read vulnerability in xmlEncodeEntitiesInternal at libxml2/entities.c. The issue has been fixed in commit 50f06b3e.
25-07-2022 - 18:15 04-09-2020 - 00:15
CVE-2019-0220 5.0
A vulnerability was found in Apache HTTP Server 2.4.0 to 2.4.38. When the path component of a request URL contains multiple consecutive slashes ('/'), directives such as LocationMatch and RewriteRule must account for duplicates in regular expressions
25-07-2022 - 18:15 11-06-2019 - 21:29
CVE-2007-0455 7.5
Buffer overflow in the gdImageStringFTEx function in gdft.c in GD Graphics Library 2.0.33 and earlier allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a crafted string with a JIS encoded
21-07-2022 - 15:17 30-01-2007 - 17:28
CVE-2007-1887 7.5
Buffer overflow in the sqlite_decode_binary function in the bundled sqlite library in PHP 4 before 4.4.5 and PHP 5 before 5.2.1 allows context-dependent attackers to execute arbitrary code via an empty value of the in parameter, as demonstrated by ca
21-07-2022 - 15:12 06-04-2007 - 01:19
CVE-2016-1283 7.5
The pcre_compile2 function in pcre_compile.c in PCRE 8.38 mishandles the /((?:F?+(?:^(?(R)a+\"){99}-))(?J)(?'R'(?'R'<((?'RR'(?'R'\){97)?J)?J)(?'R'(?'R'\){99|(:(?|(?'R')(\k'R')|((?'R')))H'R'R)(H'R))))))/ pattern and related patterns with named subgrou
20-07-2022 - 16:58 03-01-2016 - 00:59
CVE-2016-3074 7.5
Integer signedness error in GD Graphics Library 2.1.1 (aka libgd or libgd2) allows remote attackers to cause a denial of service (crash) or potentially execute arbitrary code via crafted compressed gd2 data, which triggers a heap-based buffer overflo
20-07-2022 - 16:57 26-04-2016 - 14:59
CVE-2016-4544 7.5
The exif_process_TIFF_in_JPEG function in ext/exif/exif.c in PHP before 5.5.35, 5.6.x before 5.6.21, and 7.x before 7.0.6 does not validate TIFF start data, which allows remote attackers to cause a denial of service (out-of-bounds read) or possibly h
20-07-2022 - 16:55 22-05-2016 - 01:59
CVE-2019-13224 7.5
A use-after-free in onig_new_deluxe() in regext.c in Oniguruma 6.9.2 allows attackers to potentially cause information disclosure, denial of service, or possibly code execution by providing a crafted regular expression. The attacker provides a pair o
20-07-2022 - 16:33 10-07-2019 - 14:15
CVE-2020-14812 6.8
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Locking). Supported versions that are affected are 5.6.49 and prior, 5.7.31 and prior and 8.0.21 and prior. Easily exploitable vulnerability allows high privileged attacker
19-07-2022 - 17:00 21-10-2020 - 15:15
CVE-2020-14765 6.8
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: FTS). Supported versions that are affected are 5.6.49 and prior, 5.7.31 and prior and 8.0.21 and prior. Easily exploitable vulnerability allows low privileged attacker with
18-07-2022 - 17:52 21-10-2020 - 15:15
CVE-2019-2758 5.5
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: InnoDB). Supported versions that are affected are 5.7.26 and prior and 8.0.16 and prior. Easily exploitable vulnerability allows high privileged attacker with network access v
13-07-2022 - 14:12 23-07-2019 - 23:15
CVE-2020-2760 5.5
Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions that are affected are 5.7.29 and prior and 8.0.19 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via mu
13-07-2022 - 14:07 15-04-2020 - 14:15
CVE-2020-15566 4.7
An issue was discovered in Xen through 4.13.x, allowing guest OS users to cause a host OS crash because of incorrect error handling in event-channel port allocation. The allocation of an event-channel port may fail for multiple reasons: (1) port is a
12-07-2022 - 17:42 07-07-2020 - 13:15
CVE-2020-15397 7.2
HylaFAX+ through 7.0.2 and HylaFAX Enterprise have scripts that execute binaries from directories writable by unprivileged users (e.g., locations under /var/spool/hylafax that are writable by the uucp account). This allows these users to execute code
12-07-2022 - 17:42 30-06-2020 - 12:15
CVE-2020-12655 2.1
An issue was discovered in xfs_agf_verify in fs/xfs/libxfs/xfs_alloc.c in the Linux kernel through 5.6.10. Attackers may trigger a sync of excessive duration via an XFS v5 image with crafted metadata, aka CID-d0c7feaf8767.
12-07-2022 - 17:42 05-05-2020 - 06:15
CVE-2008-5983 6.9
Untrusted search path vulnerability in the PySys_SetArgv API function in Python 2.6 and earlier, and possibly later versions, prepends an empty string to sys.path when the argv[0] argument does not contain a path separator, which might allow local us
05-07-2022 - 18:57 28-01-2009 - 02:30
CVE-2020-2754 4.3
Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Scripting). Supported versions that are affected are Java SE: 8u241, 11.0.6 and 14; Java SE Embedded: 8u241. Difficult to exploit vulnerability allows unauthenticate
01-07-2022 - 19:50 15-04-2020 - 14:15
CVE-2020-14547 4.0
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 5.7.30 and prior and 8.0.20 and prior. Easily exploitable vulnerability allows high privileged attacker with network ac
01-07-2022 - 15:53 15-07-2020 - 18:15
CVE-2020-14559 4.0
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Information Schema). Supported versions that are affected are 5.6.48 and prior, 5.7.30 and prior and 8.0.20 and prior. Easily exploitable vulnerability allows low privilege
01-07-2022 - 15:53 15-07-2020 - 18:15
CVE-2020-14553 4.0
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Pluggable Auth). Supported versions that are affected are 5.7.30 and prior and 8.0.20 and prior. Easily exploitable vulnerability allows low privileged attacker with networ
01-07-2022 - 15:53 15-07-2020 - 18:15
CVE-2020-14540 4.0
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: DML). Supported versions that are affected are 5.7.30 and prior and 8.0.20 and prior. Easily exploitable vulnerability allows high privileged attacker with network access v
01-07-2022 - 15:51 15-07-2020 - 18:15
CVE-2020-14539 4.0
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 5.6.48 and prior, 5.7.30 and prior and 8.0.20 and prior. Easily exploitable vulnerability allows low privileged attacke
01-07-2022 - 15:43 15-07-2020 - 18:15
CVE-2020-14568 4.0
Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions that are affected are 8.0.20 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to c
01-07-2022 - 15:04 15-07-2020 - 18:15
CVE-2015-0411 7.5
Unspecified vulnerability in Oracle MySQL Server 5.5.40 and earlier, and 5.6.21 and earlier, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Server : Security : Encryption.
01-07-2022 - 14:14 21-01-2015 - 19:59
CVE-2015-4819 7.2
Unspecified vulnerability in Oracle MySQL Server 5.5.44 and earlier, and 5.6.25 and earlier, allows local users to affect confidentiality, integrity, and availability via unknown vectors related to Client programs.
01-07-2022 - 14:13 21-10-2015 - 21:59
CVE-2020-2830 5.0
Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Concurrency). Supported versions that are affected are Java SE: 7u251, 8u241, 11.0.6 and 14; Java SE Embedded: 8u241. Easily exploitable vulnerability allows unauthe
30-06-2022 - 20:07 15-04-2020 - 14:15
CVE-2020-2875 4.0
Vulnerability in the MySQL Connectors product of Oracle MySQL (component: Connector/J). Supported versions that are affected are 8.0.14 and prior and 5.1.48 and prior. Difficult to exploit vulnerability allows unauthenticated attacker with network ac
30-06-2022 - 20:07 15-04-2020 - 14:15
CVE-2020-2933 3.5
Vulnerability in the MySQL Connectors product of Oracle MySQL (component: Connector/J). Supported versions that are affected are 5.1.48 and prior. Difficult to exploit vulnerability allows high privileged attacker with network access via multiple pro
30-06-2022 - 19:53 15-04-2020 - 14:15
CVE-2014-0195 6.8
The dtls1_reassemble_fragment function in d1_both.c in OpenSSL before 0.9.8za, 1.0.0 before 1.0.0m, and 1.0.1 before 1.0.1h does not properly validate fragment lengths in DTLS ClientHello messages, which allows remote attackers to execute arbitrary c
30-06-2022 - 19:49 05-06-2014 - 21:55
CVE-2019-9948 6.4
urllib in Python 2.x through 2.7.16 supports the local_file: scheme, which makes it easier for remote attackers to bypass protection mechanisms that blacklist file: URIs, as demonstrated by triggering a urllib.urlopen('local_file:///etc/passwd') call
30-06-2022 - 17:14 23-03-2019 - 18:29
CVE-2020-6556 9.3
Heap buffer overflow in SwiftShader in Google Chrome prior to 84.0.4147.135 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
29-06-2022 - 19:51 21-09-2020 - 20:15
CVE-2020-28040 4.3
WordPress before 5.5.2 allows CSRF attacks that change a theme's background image.
29-06-2022 - 19:22 02-11-2020 - 21:15
CVE-2020-28039 6.4
is_protected_meta in wp-includes/meta.php in WordPress before 5.5.2 allows arbitrary file deletion because it does not properly determine whether a meta key is considered protected.
29-06-2022 - 19:22 02-11-2020 - 21:15
CVE-2020-28034 4.3
WordPress before 5.5.2 allows XSS associated with global variables.
29-06-2022 - 19:21 02-11-2020 - 21:15
CVE-2020-28038 4.3
WordPress before 5.5.2 allows stored XSS via post slugs.
29-06-2022 - 19:21 02-11-2020 - 21:15
CVE-2020-28032 7.5
WordPress before 5.5.2 mishandles deserialization requests in wp-includes/Requests/Utility/FilteredIterator.php.
29-06-2022 - 18:57 02-11-2020 - 21:15
CVE-2020-28033 5.0
WordPress before 5.5.2 mishandles embeds from disabled sites on a multisite network, as demonstrated by allowing a spam embed.
29-06-2022 - 18:57 02-11-2020 - 21:15
CVE-2019-5094 4.6
An exploitable code execution vulnerability exists in the quota file functionality of E2fsprogs 1.45.3. A specially crafted ext4 partition can cause an out-of-bounds write on the heap, resulting in code execution. An attacker can corrupt a partition
27-06-2022 - 17:23 24-09-2019 - 22:15
CVE-2020-27843 7.1
A flaw was found in OpenJPEG in versions prior to 2.4.0. This flaw allows an attacker to provide specially crafted input to the conversion or encoding functionality, causing an out-of-bounds read. The highest threat from this vulnerability is system
16-06-2022 - 19:31 05-01-2021 - 18:15
CVE-2020-27842 4.3
There's a flaw in openjpeg's t2 encoder in versions prior to 2.4.0. An attacker who is able to provide crafted input to be processed by openjpeg could cause a null pointer dereference. The highest impact of this flaw is to application availability.
14-06-2022 - 14:38 05-01-2021 - 18:15
CVE-2020-6061 7.5
An exploitable heap out-of-bounds read vulnerability exists in the way CoTURN 4.5.1.1 web server parses POST requests. A specially crafted HTTP POST request can lead to information leaks and other misbehavior. An attacker needs to send an HTTPS reque
07-06-2022 - 16:51 19-02-2020 - 19:15
CVE-2020-6062 5.0
An exploitable denial-of-service vulnerability exists in the way CoTURN 4.5.1.1 web server parses POST requests. A specially crafted HTTP POST request can lead to server crash and denial of service. An attacker needs to send an HTTP request to trigge
07-06-2022 - 16:51 19-02-2020 - 19:15
CVE-2020-6070 6.8
An exploitable code execution vulnerability exists in the file system checking functionality of fsck.f2fs 1.12.0. A specially crafted f2fs file can cause a logic flaw and out-of-bounds heap operations, resulting in code execution. An attacker can pro
07-06-2022 - 16:51 10-08-2020 - 14:15
CVE-2020-8139 4.0
A missing access control check in Nextcloud Server < 18.0.1, < 17.0.4, and < 16.0.9 causes hide-download shares to be downloadable when appending /download to the URL.
04-06-2022 - 03:36 20-03-2020 - 21:15
CVE-2010-4176 4.0
plymouth-pretrigger.sh in dracut and udev, when running on Fedora 13 and 14, sets weak permissions for the /dev/systty device file, which allows remote authenticated users to read terminal data from tty0 for local users.
03-06-2022 - 15:09 07-12-2010 - 22:00
CVE-2019-2201 9.3
In generate_jsimd_ycc_rgb_convert_neon of jsimd_arm64_neon.S, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution in an unprivileged process with no additional execution privileges needed. U
02-06-2022 - 14:15 13-11-2019 - 18:15
CVE-2020-8153 5.5
Improper access control in Groupfolders app 4.0.3 allowed to delete hidden directories when when renaming an accessible item to the same name.
24-05-2022 - 18:25 12-05-2020 - 13:15
CVE-2020-8156 6.8
A missing verification of the TLS host in Nextcloud Mail 1.1.3 allowed a man in the middle attack.
24-05-2022 - 18:25 12-05-2020 - 13:15
CVE-2020-9440 4.3
A cross-site scripting (XSS) vulnerability in the WSC plugin through 5.5.7.5 for CKEditor 4 allows remote attackers to run arbitrary web script inside an IFRAME element by injecting a crafted HTML element into the editor.
24-05-2022 - 17:46 10-03-2020 - 17:15
CVE-2020-8201 5.8
Node.js < 12.18.4 and < 14.11 can be exploited to perform HTTP desync attacks and deliver malicious payloads to unsuspecting users. The payloads can be crafted by an attacker to hijack user sessions, poison cookies, perform clickjacking, and a multit
24-05-2022 - 17:24 18-09-2020 - 21:15
CVE-2020-8252 4.6
The implementation of realpath in libuv < 10.22.1, < 12.18.4, and < 14.9.0 used within Node.js incorrectly determined the buffer size which can result in a buffer overflow if the resolved path is longer than 256 bytes.
24-05-2022 - 17:16 18-09-2020 - 21:15
CVE-2020-8251 5.0
Node.js < 14.11.0 is vulnerable to HTTP denial of service (DoS) attacks based on delayed requests submission which can make the server unable to accept new connections.
24-05-2022 - 16:54 18-09-2020 - 21:15
CVE-2020-7106 4.3
Cacti 1.2.8 has stored XSS in data_sources.php, color_templates_item.php, graphs.php, graph_items.php, lib/api_automation.php, user_admin.php, and user_group_admin.php, as demonstrated by the description parameter in data_sources.php (a raw string fr
24-05-2022 - 15:27 16-01-2020 - 04:15
CVE-2020-13230 4.0
In Cacti before 1.2.11, disabling a user account does not immediately invalidate any permissions granted to that account (e.g., permission to view logs).
24-05-2022 - 14:29 20-05-2020 - 14:15
CVE-2015-4142 4.3
Integer underflow in the WMM Action frame parser in hostapd 0.5.5 through 2.4 and wpa_supplicant 0.7.0 through 2.4, when used for AP mode MLME/SME functionality, allows remote attackers to cause a denial of service (crash) via a crafted frame, which
17-05-2022 - 07:15 15-06-2015 - 15:59
CVE-2019-11287 5.0
Pivotal RabbitMQ, versions 3.7.x prior to 3.7.21 and 3.8.x prior to 3.8.1, and RabbitMQ for Pivotal Platform, 1.16.x versions prior to 1.16.7 and 1.17.x versions prior to 1.17.4, contain a web management plugin that is vulnerable to a denial of servi
15-05-2022 - 14:14 23-11-2019 - 00:15
CVE-2020-13871 5.0
SQLite 3.32.2 has a use-after-free in resetAccumulator in select.c because the parse tree rewrite for window functions is too late.
13-05-2022 - 20:57 06-06-2020 - 16:15
CVE-2020-13631 2.1
SQLite before 3.32.0 allows a virtual table to be renamed to the name of one of its shadow tables, related to alter.c and build.c.
13-05-2022 - 20:56 27-05-2020 - 15:15
CVE-2020-13632 2.1
ext/fts3/fts3_snippet.c in SQLite before 3.32.0 has a NULL pointer dereference via a crafted matchinfo() query.
13-05-2022 - 20:56 27-05-2020 - 15:15
CVE-2020-13630 4.4
ext/fts3/fts3.c in SQLite before 3.32.0 has a use-after-free in fts3EvalNextRow, related to the snippet feature.
13-05-2022 - 20:56 27-05-2020 - 15:15
CVE-2020-14779 4.3
Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Serialization). Supported versions that are affected are Java SE: 7u271, 8u261, 11.0.8 and 15; Java SE Embedded: 8u261. Difficult to exploit vulnerability allows una
13-05-2022 - 14:57 21-10-2020 - 15:15
CVE-2015-8126 7.5
Multiple buffer overflows in the (1) png_set_PLTE and (2) png_get_PLTE functions in libpng before 1.0.64, 1.1.x and 1.2.x before 1.2.54, 1.3.x and 1.4.x before 1.4.17, 1.5.x before 1.5.24, and 1.6.x before 1.6.19 allow remote attackers to cause a den
13-05-2022 - 14:57 13-11-2015 - 03:59
CVE-2015-0383 5.4
Unspecified vulnerability in Oracle Java SE 5.0u75, 6u85, 7u72, and 8u25; Java SE Embedded 7u71 and 8u6; and JRockit R27.8.4 and R28.3.4 allows local users to affect integrity and availability via unknown vectors related to Hotspot.
13-05-2022 - 14:57 21-01-2015 - 18:59
CVE-2009-2625 5.0
XMLScanner.java in Apache Xerces2 Java, as used in Sun Java Runtime Environment (JRE) in JDK and JRE 6 before Update 15 and JDK and JRE 5.0 before Update 20, and in other products, allows remote attackers to cause a denial of service (infinite loop a
13-05-2022 - 14:44 06-08-2009 - 15:30
CVE-2019-5188 4.4
A code execution vulnerability exists in the directory rehashing functionality of E2fsprogs e2fsck 1.45.4. A specially crafted ext4 directory can cause an out-of-bounds write on the stack, resulting in code execution. An attacker can corrupt a partit
12-05-2022 - 20:14 08-01-2020 - 16:15
CVE-2020-11810 4.3
An issue was discovered in OpenVPN 2.4.x before 2.4.9. An attacker can inject a data channel v2 (P_DATA_V2) packet using a victim's peer-id. Normally such packets are dropped, but if this packet arrives before the data channel crypto parameters have
12-05-2022 - 20:14 27-04-2020 - 15:15
CVE-2020-16135 4.3
libssh 0.9.4 has a NULL pointer dereference in tftpserver.c if ssh_buffer_new returns NULL.
12-05-2022 - 15:01 29-07-2020 - 21:15
CVE-2020-12723 5.0
regcomp.c in Perl before 5.30.3 allows a buffer overflow via a crafted regular expression because of recursive S_study_chunk calls.
12-05-2022 - 15:00 05-06-2020 - 15:15
CVE-2020-10543 6.4
Perl before 5.30.3 on 32-bit platforms allows a heap-based buffer overflow because nested regular expression quantifiers have an integer overflow.
12-05-2022 - 15:00 05-06-2020 - 14:15
CVE-2020-10878 7.5
Perl before 5.30.3 has an integer overflow related to mishandling of a "PL_regkind[OP(n)] == NOTHING" situation. A crafted regular expression could lead to malformed bytecode with a possibility of instruction injection.
12-05-2022 - 15:00 05-06-2020 - 14:15
CVE-2020-28196 5.0
MIT Kerberos 5 (aka krb5) before 1.17.2 and 1.18.x before 1.18.3 allows unbounded recursion via an ASN.1-encoded Kerberos message because the lib/krb5/asn.1/asn1_encode.c support for BER indefinite lengths lacks a recursion limit.
12-05-2022 - 14:47 06-11-2020 - 08:15
CVE-2020-11979 5.0
As mitigation for CVE-2020-1945 Apache Ant 1.10.8 changed the permissions of temporary files it created so that only the current user was allowed to access them. Unfortunately the fixcrlf task deleted the temporary file and created a new one without
12-05-2022 - 14:43 01-10-2020 - 20:15
CVE-2020-8277 5.0
A Node.js application that allows an attacker to trigger a DNS request for a host of their choice could trigger a Denial of Service in versions < 15.2.1, < 14.15.1, and < 12.19.1 by getting the application to resolve a DNS record with a larger number
10-05-2022 - 15:25 19-11-2020 - 01:15
CVE-2019-10895 5.0
In Wireshark 2.4.0 to 2.4.13, 2.6.0 to 2.6.7, and 3.0.0, the NetScaler file parser could crash. This was addressed in wiretap/netscaler.c by improving data validation.
03-05-2022 - 14:50 09-04-2019 - 04:29
CVE-2019-10899 5.0
In Wireshark 2.4.0 to 2.4.13, 2.6.0 to 2.6.7, and 3.0.0, the SRVLOC dissector could crash. This was addressed in epan/dissectors/packet-srvloc.c by preventing a heap-based buffer under-read.
03-05-2022 - 14:50 09-04-2019 - 04:29
CVE-2019-11412 5.0
An issue was discovered in Artifex MuJS 1.0.5. jscompile.c can cause a denial of service (invalid stack-frame jump) because it lacks an ENDTRY opcode call.
03-05-2022 - 14:50 22-04-2019 - 11:29
CVE-2019-7310 6.8
In Poppler 0.73.0, a heap-based buffer over-read (due to an integer signedness error in the XRef::getEntry function in XRef.cc) allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a c
03-05-2022 - 14:49 03-02-2019 - 03:29
CVE-2019-10740 4.3
In Roundcube Webmail before 1.3.10, an attacker in possession of S/MIME or PGP encrypted emails can wrap them as sub-parts within a crafted multipart email. The encrypted part(s) can further be hidden using HTML/CSS or ASCII newline characters. This
03-05-2022 - 14:49 07-04-2019 - 15:29
CVE-2020-6448 6.8
Use after free in V8 in Google Chrome prior to 81.0.4044.92 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
03-05-2022 - 14:29 13-04-2020 - 18:15
CVE-2019-1010057 6.8
nfdump 1.6.16 and earlier is affected by: Buffer Overflow. The impact is: The impact could range from a denial of service to local code execution. The component is: nfx.c:546, nffile_inline.c:83, minilzo.c (redistributed). The attack vector is: nfdum
03-05-2022 - 14:28 16-07-2019 - 13:15
CVE-2019-19783 3.5
An issue was discovered in Cyrus IMAP before 2.5.15, 3.0.x before 3.0.13, and 3.1.x through 3.1.8. If sieve script uploading is allowed (3.x) or certain non-default sieve options are enabled (2.x), a user with a mail account on the service can use a
03-05-2022 - 14:27 16-12-2019 - 14:15
CVE-2019-11356 7.5
The CalDAV feature in httpd in Cyrus IMAP 2.5.x through 2.5.12 and 3.0.x through 3.0.9 allows remote attackers to execute arbitrary code via a crafted HTTP PUT operation for an event with a long iCalendar property name.
03-05-2022 - 14:27 03-06-2019 - 20:29
CVE-2020-10933 5.0
An issue was discovered in Ruby 2.5.x through 2.5.7, 2.6.x through 2.6.5, and 2.7.0. If a victim calls BasicSocket#read_nonblock(requested_size, buffer, exception: false), the method resizes the buffer to fit the requested size, but no data is copied
03-05-2022 - 14:21 04-05-2020 - 15:15
CVE-2020-0081 7.2
In finalize of AssetManager.java, there is possible memory corruption due to a double free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: Andr
03-05-2022 - 14:21 17-04-2020 - 19:15
CVE-2020-11741 6.9
An issue was discovered in xenoprof in Xen through 4.13.x, allowing guest OS users (with active profiling) to obtain sensitive information about other guests, cause a denial of service, or possibly gain privileges. For guests for which "active" profi
03-05-2022 - 14:06 14-04-2020 - 13:15
CVE-2020-11740 2.1
An issue was discovered in xenoprof in Xen through 4.13.x, allowing guest OS users (without active profiling) to obtain sensitive information about other guests. Unprivileged guests can request to map xenoprof buffers, even if profiling has not been
03-05-2022 - 14:06 14-04-2020 - 13:15
CVE-2020-6454 6.8
Use after free in extensions in Google Chrome prior to 81.0.4044.92 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted Chrome Extension.
03-05-2022 - 14:05 13-04-2020 - 18:15
CVE-2020-11739 6.9
An issue was discovered in Xen through 4.13.x, allowing guest OS users to cause a denial of service or possibly gain privileges because of missing memory barriers in read-write unlock paths. The read-write unlock paths don't contain a memory barrier.
03-05-2022 - 14:05 14-04-2020 - 13:15
CVE-2020-15563 4.7
An issue was discovered in Xen through 4.13.x, allowing x86 HVM guest OS users to cause a hypervisor crash. An inverted conditional in x86 HVM guests' dirty video RAM tracking code allows such guests to make Xen de-reference a pointer guaranteed to p
03-05-2022 - 13:59 07-07-2020 - 13:15
CVE-2020-15564 4.9
An issue was discovered in Xen through 4.13.x, allowing Arm guest OS users to cause a hypervisor crash because of a missing alignment check in VCPUOP_register_vcpu_info. The hypercall VCPUOP_register_vcpu_info is used by a guest to register a shared
03-05-2022 - 13:57 07-07-2020 - 13:15
CVE-2020-15567 4.4
An issue was discovered in Xen through 4.13.x, allowing Intel guest OS users to gain privileges or cause a denial of service because of non-atomic modification of a live EPT PTE. When mapping guest EPT (nested paging) tables, Xen would in some circum
03-05-2022 - 13:57 07-07-2020 - 13:15
CVE-2019-0228 7.5
Apache PDFBox 2.0.14 does not properly initialize the XML parser, which allows context-dependent attackers to conduct XML External Entity (XXE) attacks via a crafted XFDF.
29-04-2022 - 16:12 17-04-2019 - 15:29
CVE-2020-6851 5.0
OpenJPEG through 2.3.1 has a heap-based buffer overflow in opj_t1_clbl_decode_processor in openjp2/t1.c because of lack of opj_j2k_update_image_dimensions validation.
29-04-2022 - 13:24 13-01-2020 - 06:15
CVE-2020-12066 7.8
CServer::SendMsg in engine/server/server.cpp in Teeworlds 0.7.x before 0.7.5 allows remote attackers to shut down the server.
29-04-2022 - 13:24 22-04-2020 - 17:15
CVE-2020-0543 2.1
Incomplete cleanup from specific special register read operations in some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.
28-04-2022 - 19:33 15-06-2020 - 14:15
CVE-2020-13696 3.6
An issue was discovered in LinuxTV xawtv before 3.107. The function dev_open() in v4l-conf.c does not perform sufficient checks to prevent an unprivileged caller of the program from opening unintended filesystem paths. This allows a local attacker wi
28-04-2022 - 19:30 08-06-2020 - 17:15
CVE-2020-24331 7.2
An issue was discovered in TrouSerS through 0.3.14. If the tcsd daemon is started with root privileges, the tss user still has read and write access to the /etc/tcsd.conf file (which contains various settings related to this daemon).
28-04-2022 - 18:58 13-08-2020 - 17:15
CVE-2020-24330 7.2
An issue was discovered in TrouSerS through 0.3.14. If the tcsd daemon is started with root privileges instead of by the tss user, it fails to drop the root gid privilege when no longer needed.
28-04-2022 - 18:58 13-08-2020 - 17:15
CVE-2020-17367 4.6
Firejail through 0.9.62 does not honor the -- end-of-options indicator after the --output option, which may lead to command injection.
28-04-2022 - 18:58 11-08-2020 - 16:15
CVE-2020-14303 5.0
A flaw was found in the AD DC NBT server in all Samba versions before 4.10.17, before 4.11.11 and before 4.12.4. A samba user could send an empty UDP packet to cause the samba server to crash.
28-04-2022 - 18:57 06-07-2020 - 18:15
CVE-2020-14001 7.5
The kramdown gem before 2.3.0 for Ruby processes the template option inside Kramdown documents by default, which allows unintended read access (such as template="/etc/passwd") or unintended embedded Ruby code execution (such as a string that begins w
28-04-2022 - 18:57 17-07-2020 - 16:15
CVE-2020-15396 7.2
In HylaFAX+ through 7.0.2 and HylaFAX Enterprise, the faxsetup utility calls chown on files in user-owned directories. By winning a race, a local attacker could use this to escalate his privileges to root.
28-04-2022 - 18:57 30-06-2020 - 12:15
CVE-2020-14058 5.0
An issue was discovered in Squid before 4.12 and 5.x before 5.0.3. Due to use of a potentially dangerous function, Squid and the default certificate validation helper are vulnerable to a Denial of Service when opening a TLS connection to an attacker-
28-04-2022 - 18:57 30-06-2020 - 19:15
CVE-2019-20919 1.9
An issue was discovered in the DBI module before 1.643 for Perl. The hv_fetch() documentation requires checking for NULL and the code does that. But, shortly thereafter, it calls SvOK(profile), causing a NULL pointer dereference.
28-04-2022 - 18:33 17-09-2020 - 18:15
CVE-2020-25219 5.0
url::recvline in url.cpp in libproxy 0.4.x through 0.4.15 allows a remote HTTP server to trigger uncontrolled recursion via a response composed of an infinite stream that lacks a newline character. This leads to stack exhaustion.
28-04-2022 - 18:32 09-09-2020 - 21:15
CVE-2020-8623 4.3
In BIND 9.10.0 -> 9.11.21, 9.12.0 -> 9.16.5, 9.17.0 -> 9.17.3, also affects 9.10.5-S1 -> 9.11.21-S1 of the BIND 9 Supported Preview Edition, An attacker that can reach a vulnerable system with a specially crafted query packet can trigger a crash. To
28-04-2022 - 18:27 21-08-2020 - 21:15
CVE-2020-24614 6.5
Fossil before 2.10.2, 2.11.x before 2.11.2, and 2.12.x before 2.12.1 allows remote authenticated users to execute arbitrary code. An attacker must have check-in privileges on the repository.
28-04-2022 - 18:27 25-08-2020 - 14:15
CVE-2020-28035 7.5
WordPress before 5.5.2 allows attackers to gain privileges via XML-RPC.
28-04-2022 - 18:24 02-11-2020 - 21:15
CVE-2020-28036 7.5
wp-includes/class-wp-xmlrpc-server.php in WordPress before 5.5.2 allows attackers to gain privileges by using XML-RPC to comment on a post.
28-04-2022 - 18:24 02-11-2020 - 21:15
CVE-2020-28037 7.5
is_blog_installed in wp-includes/functions.php in WordPress before 5.5.2 improperly determines whether WordPress is already installed, which might allow an attacker to perform a new installation, leading to remote code execution (as well as a denial
28-04-2022 - 18:24 02-11-2020 - 21:15
CVE-2020-27638 5.0
receive.c in fastd before v21 allows denial of service (assertion failure) when receiving packets with an invalid type code.
28-04-2022 - 18:23 22-10-2020 - 13:15
CVE-2020-25603 4.6
An issue was discovered in Xen through 4.14.x. There are missing memory barriers when accessing/allocating an event channel. Event channels control structures can be accessed lockless as long as the port is considered to be valid. Such a sequence is
28-04-2022 - 18:19 23-09-2020 - 22:15
CVE-2020-25601 4.9
An issue was discovered in Xen through 4.14.x. There is a lack of preemption in evtchn_reset() / evtchn_destroy(). In particular, the FIFO event channel model allows guests to have a large number of event channels active at a time. Closing all of the
28-04-2022 - 18:19 23-09-2020 - 22:15
CVE-2020-25599 4.4
An issue was discovered in Xen through 4.14.x. There are evtchn_reset() race conditions. Uses of EVTCHNOP_reset (potentially by a guest on itself) or XEN_DOMCTL_soft_reset (by itself covered by XSA-77) can lead to the violation of various internal as
28-04-2022 - 18:19 23-09-2020 - 22:15
CVE-2020-25600 4.9
An issue was discovered in Xen through 4.14.x. Out of bounds event channels are available to 32-bit x86 domains. The so called 2-level event channel model imposes different limits on the number of usable event channels for 32-bit x86 domains vs 64-bi
28-04-2022 - 18:19 23-09-2020 - 22:15
CVE-2020-3810 4.3
Missing input validation in the ar/tar implementations of APT before version 2.1.2 could result in denial of service when processing specially crafted deb files.
27-04-2022 - 14:45 15-05-2020 - 14:15
CVE-2020-6463 6.8
Use after free in ANGLE in Google Chrome prior to 81.0.4044.122 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
26-04-2022 - 20:34 21-05-2020 - 04:15
CVE-2019-12529 4.3
An issue was discovered in Squid 2.x through 2.7.STABLE9, 3.x through 3.5.28, and 4.x through 4.7. When Squid is configured to use Basic Authentication, the Proxy-Authorization header is parsed via uudecode. uudecode determines how many bytes will be
26-04-2022 - 20:22 11-07-2019 - 19:15
CVE-2019-12525 7.5
An issue was discovered in Squid 3.3.9 through 3.5.28 and 4.x through 4.7. When Squid is configured to use Digest authentication, it parses the header Proxy-Authorization. It searches for certain tokens such as domain, uri, and qop. Squid checks if t
26-04-2022 - 20:18 11-07-2019 - 19:15
CVE-2019-1010301 4.3
jhead 3.03 is affected by: Buffer Overflow. The impact is: Denial of service. The component is: gpsinfo.c Line 151 ProcessGpsInfo(). The attack vector is: Open a specially crafted JPEG file.
26-04-2022 - 20:17 15-07-2019 - 18:15
CVE-2019-12526 7.5
An issue was discovered in Squid before 4.9. URN response handling in Squid suffers from a heap-based buffer overflow. When receiving data from a remote server in response to an URN request, Squid fails to ensure that the response can fit within the
26-04-2022 - 20:07 26-11-2019 - 17:15
CVE-2019-12528 5.0
An issue was discovered in Squid before 4.10. It allows a crafted FTP server to trigger disclosure of sensitive information from heap memory, such as information associated with other users' sessions or non-Squid processes.
26-04-2022 - 20:00 04-02-2020 - 21:15
CVE-2020-12244 5.0
An issue has been found in PowerDNS Recursor 4.1.0 through 4.3.0 where records in the answer section of a NXDOMAIN response lacking an SOA were not properly validated in SyncRes::processAnswer, allowing an attacker to bypass DNSSEC validation.
26-04-2022 - 19:40 19-05-2020 - 14:15
CVE-2020-10995 5.0
PowerDNS Recursor from 4.1.0 up to and including 4.3.0 does not sufficiently defend against amplification attacks. An issue in the DNS protocol has been found that allow malicious parties to use recursive DNS services to attack third party authoritat
26-04-2022 - 19:25 19-05-2020 - 17:15
CVE-2020-6477 4.6
Inappropriate implementation in installer in Google Chrome on OS X prior to 83.0.4103.61 allowed a local attacker to perform privilege escalation via a crafted file.
26-04-2022 - 19:23 21-05-2020 - 04:15
CVE-2020-6468 6.8
Type confusion in V8 in Google Chrome prior to 83.0.4103.61 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
26-04-2022 - 19:22 21-05-2020 - 04:15
CVE-2020-12459 2.1
In certain Red Hat packages for Grafana 6.x through 6.3.6, the configuration files /etc/grafana/grafana.ini and /etc/grafana/ldap.toml (which contain a secret_key and a bind_password) are world readable.
26-04-2022 - 17:45 29-04-2020 - 16:15
CVE-2020-12458 2.1
An information-disclosure flaw was found in Grafana through 6.7.3. The database directory /var/lib/grafana and database file /var/lib/grafana/grafana.db are world readable. This can result in exposure of sensitive information (e.g., cleartext or encr
26-04-2022 - 17:44 29-04-2020 - 16:15
CVE-2020-16166 4.3
The Linux kernel through 5.7.11 allows remote attackers to make observations that help to obtain sensitive information about the internal state of the network RNG, aka CID-f227e3ec3b5c. This is related to drivers/char/random.c and kernel/time/timer.c
26-04-2022 - 17:06 30-07-2020 - 21:15
CVE-2020-1934 5.0
In Apache HTTP Server 2.4.0 to 2.4.41, mod_proxy_ftp may use uninitialized memory when proxying to a malicious FTP server.
26-04-2022 - 17:05 01-04-2020 - 20:15
CVE-2020-11612 5.0
The ZlibDecoders in Netty 4.1.x before 4.1.46 allow for unbounded memory allocation while decoding a ZlibEncoded byte stream. An attacker could send a large ZlibEncoded byte stream to the Netty server, forcing the server to allocate all of its free m
26-04-2022 - 17:05 07-04-2020 - 18:15
CVE-2020-28924 5.0
An issue was discovered in Rclone before 1.53.3. Due to the use of a weak random number generator, the password generator has been producing weak passwords with much less entropy than advertised. The suggested passwords depend deterministically on th
26-04-2022 - 16:34 19-11-2020 - 20:15
CVE-2020-8698 2.1
Improper isolation of shared resources in some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.
26-04-2022 - 16:33 12-11-2020 - 18:15
CVE-2020-0452 7.5
In exif_entry_get_value of exif-entry.c, there is a possible out of bounds write due to an integer overflow. This could lead to remote code execution if a third party app used this library to process remote image data with no additional execution pri
26-04-2022 - 16:31 10-11-2020 - 13:15
CVE-2020-27674 4.6
An issue was discovered in Xen through 4.14.x allowing x86 PV guest OS users to gain guest OS privileges by modifying kernel memory contents, because invalidation of TLB entries is mishandled during use of an INVLPG-like attack technique.
26-04-2022 - 16:29 22-10-2020 - 21:15
CVE-2020-27675 4.7
An issue was discovered in the Linux kernel through 5.9.1, as used with Xen through 4.14.x. drivers/xen/events/events_base.c allows event-channel removal during the event-handling loop (a race condition). This can cause a use-after-free or NULL point
26-04-2022 - 16:29 22-10-2020 - 21:15
CVE-2020-27671 6.9
An issue was discovered in Xen through 4.14.x allowing x86 HVM and PVH guest OS users to cause a denial of service (data corruption), cause a data leak, or possibly gain privileges because coalescing of per-page IOMMU TLB flushes is mishandled.
26-04-2022 - 16:23 22-10-2020 - 21:15
CVE-2020-27672 6.9
An issue was discovered in Xen through 4.14.x allowing x86 guest OS users to cause a host OS denial of service, achieve data corruption, or possibly gain privileges by exploiting a race condition that leads to a use-after-free involving 2MiB and 1GiB
26-04-2022 - 16:23 22-10-2020 - 21:15
CVE-2020-29479 7.2
An issue was discovered in Xen through 4.14.x. In the Ocaml xenstored implementation, the internal representation of the tree has special cases for the root node, because this node has no parent. Unfortunately, permissions were not checked for certai
26-04-2022 - 16:12 15-12-2020 - 18:15
CVE-2020-29668 4.3
Sympa before 6.2.59b.2 allows remote attackers to obtain full SOAP API access by sending any arbitrary string (except one from an expired cookie) as the cookie value to authenticateAndRun.
26-04-2022 - 16:12 10-12-2020 - 08:15
CVE-2020-1733 3.7
A race condition flaw was found in Ansible Engine 2.7.17 and prior, 2.8.9 and prior, 2.9.6 and prior when running a playbook with an unprivileged become user. When Ansible needs to run a module with become user, the temporary directory is created in
25-04-2022 - 17:37 11-03-2020 - 19:15
CVE-2019-14532 7.5
An issue was discovered in The Sleuth Kit (TSK) 4.6.6. There is an off-by-one overwrite due to an underflow on tools/hashtools/hfind.cpp while using a bogus hash table.
22-04-2022 - 20:11 02-08-2019 - 15:15
CVE-2019-12098 5.8
In the client side of Heimdal before 7.6.0, failure to verify anonymous PKINIT PA-PKINIT-KX key exchange permits a man-in-the-middle attack. This issue is in krb5_init_creds_step in lib/krb5/init_creds_pw.c.
22-04-2022 - 20:10 15-05-2019 - 23:29
CVE-2019-18934 6.8
Unbound 1.6.4 through 1.9.4 contain a vulnerability in the ipsec module that can cause shell code execution after receiving a specially crafted answer. This issue can only be triggered if unbound was compiled with `--enable-ipsecmod` support, and ips
22-04-2022 - 19:57 19-11-2019 - 18:15
CVE-2019-18849 4.3
In tnef before 1.4.18, an attacker may be able to write to the victim's .ssh/authorized_keys file via an e-mail message with a crafted winmail.dat application/ms-tnef attachment, because of a heap-based buffer over-read involving strdup.
22-04-2022 - 19:57 11-11-2019 - 04:15
CVE-2019-5427 5.0
c3p0 version < 0.9.5.4 may be exploited by a billion laughs attack when loading XML configuration due to missing protections against recursive entity expansion when loading configuration.
22-04-2022 - 19:28 22-04-2019 - 21:29
CVE-2020-10018 7.5
WebKitGTK through 2.26.4 and WPE WebKit through 2.26.4 (which are the versions right before 2.28.0) contains a memory corruption issue (use-after-free) that may lead to arbitrary code execution. This issue has been fixed in 2.28.0 with improved memor
22-04-2022 - 19:02 02-03-2020 - 23:15
CVE-2020-35653 5.8
In Pillow before 8.1.0, PcxDecode has a buffer over-read when decoding a crafted PCX file because the user-supplied stride value is trusted for buffer calculations.
22-04-2022 - 18:54 12-01-2021 - 09:15
CVE-2020-6447 6.8
Inappropriate implementation in developer tools in Google Chrome prior to 81.0.4044.92 allowed a remote attacker who had convinced the user to use devtools to potentially exploit heap corruption via a crafted HTML page.
22-04-2022 - 18:53 13-04-2020 - 18:15
CVE-2020-6444 6.8
Uninitialized use in WebRTC in Google Chrome prior to 81.0.4044.92 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
22-04-2022 - 18:53 13-04-2020 - 18:15
CVE-2020-8927 6.4
A buffer overflow exists in the Brotli library versions prior to 1.0.8 where an attacker controlling the input length of a "one-shot" decompression request to a script can trigger a crash, which happens when copying over chunks of data larger than 2
22-04-2022 - 18:53 15-09-2020 - 10:15
CVE-2020-6434 6.8
Use after free in devtools in Google Chrome prior to 81.0.4044.92 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
22-04-2022 - 18:52 13-04-2020 - 18:15
CVE-2020-6430 6.8
Type Confusion in V8 in Google Chrome prior to 81.0.4044.92 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
22-04-2022 - 18:52 13-04-2020 - 18:15
CVE-2020-6436 6.8
Use after free in window management in Google Chrome prior to 81.0.4044.92 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
22-04-2022 - 18:52 13-04-2020 - 18:15
CVE-2020-6438 4.3
Insufficient policy enforcement in extensions in Google Chrome prior to 81.0.4044.92 allowed an attacker who convinced a user to install a malicious extension to obtain potentially sensitive information from process memory via a crafted Chrome Extens
22-04-2022 - 18:52 13-04-2020 - 18:15
CVE-2020-6423 6.8
Use after free in audio in Google Chrome prior to 81.0.4044.92 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
22-04-2022 - 16:25 13-04-2020 - 18:15
CVE-2019-1551 5.0
There is an overflow bug in the x64_64 Montgomery squaring procedure used in exponentiation with 512-bit moduli. No EC algorithms are affected. Analysis suggests that attacks against 2-prime RSA1024, 3-prime RSA1536, and DSA1024 as a result of this d
19-04-2022 - 15:36 06-12-2019 - 18:15
CVE-2019-3870 3.6
A vulnerability was found in Samba from version (including) 4.9 to versions before 4.9.6 and 4.10.2. During the creation of a new Samba AD DC, files are created in a private subdirectory of the install location. This directory is typically mode 0700,
19-04-2022 - 15:34 09-04-2019 - 16:29
CVE-2019-5838 4.3
Insufficient policy enforcement in extensions API in Google Chrome prior to 75.0.3770.80 allowed an attacker who convinced a user to install a malicious extension to bypass restrictions on file URIs via a crafted Chrome Extension.
18-04-2022 - 17:17 27-06-2019 - 17:15
CVE-2018-20843 7.8
In libexpat in Expat before 2.2.7, XML input including XML names that contain a large number of colons could make the XML parser consume a high amount of RAM and CPU resources while processing (enough to be usable for denial-of-service attacks).
18-04-2022 - 17:17 24-06-2019 - 17:15
CVE-2019-5834 4.3
Insufficient data validation in Blink in Google Chrome prior to 75.0.3770.80 allowed a remote attacker to perform domain spoofing via a crafted HTML page.
18-04-2022 - 17:17 27-06-2019 - 17:15
CVE-2019-5812 4.3
Inadequate security UI in iOS UI in Google Chrome prior to 74.0.3729.108 allowed a remote attacker to perform domain spoofing via a crafted HTML page.
18-04-2022 - 17:17 27-06-2019 - 17:15
CVE-2019-12817 6.9
arch/powerpc/mm/mmu_context_book3s64.c in the Linux kernel before 5.1.15 for powerpc has a bug where unrelated processes may be able to read/write to one another's virtual memory under certain conditions via an mmap above 512 TB. Only a subset of pow
18-04-2022 - 17:17 25-06-2019 - 12:15
CVE-2019-12802 6.8
In radare2 through 3.5.1, the rcc_context function of libr/egg/egg_lang.c mishandles changing context. This allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact (invalid memory access in r
18-04-2022 - 17:16 13-06-2019 - 21:29
CVE-2019-1010228 7.5
OFFIS.de DCMTK 3.6.3 and below is affected by: Buffer Overflow. The impact is: Possible code execution and confirmed Denial of Service. The component is: DcmRLEDecoder::decompress() (file dcrledec.h, line 122). The attack vector is: Many scenarios of
18-04-2022 - 17:02 22-07-2019 - 17:15
CVE-2019-9848 7.5
LibreOffice has a feature where documents can specify that pre-installed scripts can be executed on various document events such as mouse-over, etc. LibreOffice is typically also bundled with LibreLogo, a programmable turtle vector graphics script, w
18-04-2022 - 17:00 17-07-2019 - 12:15
CVE-2019-9849 4.0
LibreOffice has a 'stealth mode' in which only documents from locations deemed 'trusted' are allowed to retrieve remote resources. This mode is not the default mode, but can be enabled by users who want to disable LibreOffice's ability to include rem
18-04-2022 - 17:00 17-07-2019 - 12:15
CVE-2019-13226 6.9
deepin-clone before 1.1.3 uses a predictable path /tmp/.deepin-clone/mount/<block-dev-basename> in the Helper::temporaryMountDevice() function to temporarily mount a file system as root. An unprivileged user can prepare a symlink at this location to
18-04-2022 - 16:56 04-07-2019 - 12:15
CVE-2019-16159 5.0
BIRD Internet Routing Daemon 1.6.x through 1.6.7 and 2.x through 2.0.5 has a stack-based buffer overflow. The BGP daemon's support for RFC 8203 administrative shutdown communication messages included an incorrect logical expression when checking the
18-04-2022 - 16:13 09-09-2019 - 15:15
CVE-2019-13377 4.3
The implementations of SAE and EAP-pwd in hostapd and wpa_supplicant 2.x through 2.8 are vulnerable to side-channel attacks as a result of observable timing differences and cache access patterns when Brainpool curves are used. An attacker may be able
18-04-2022 - 16:10 15-08-2019 - 17:15
CVE-2020-8955 7.5
irc_mode_channel_update in plugins/irc/irc-mode.c in WeeChat through 2.7 allows remote attackers to cause a denial of service (buffer overflow and application crash) or possibly have unspecified other impact via a malformed IRC message 324 (channel m
18-04-2022 - 15:50 12-02-2020 - 22:15
CVE-2020-7044 5.0
In Wireshark 3.2.x before 3.2.1, the WASSP dissector could crash. This was addressed in epan/dissectors/packet-wassp.c by using >= and <= to resolve off-by-one errors.
18-04-2022 - 15:48 16-01-2020 - 04:15
CVE-2019-19797 4.3
read_colordef in read.c in Xfig fig2dev 3.2.7b has an out-of-bounds write.
18-04-2022 - 15:46 15-12-2019 - 20:15
CVE-2019-14287 9.0
In Sudo before 1.8.28, an attacker with access to a Runas ALL sudoer account can bypass certain policy blacklists and session PAM modules, and can cause incorrect logging, by invoking sudo with a crafted user ID. For example, this allows bypass of !r
18-04-2022 - 15:45 17-10-2019 - 18:15
CVE-2020-6582 5.0
Nagios NRPE 3.2.1 has a Heap-Based Buffer Overflow, as demonstrated by interpretation of a small negative number as a large positive number during a bzero call.
18-04-2022 - 15:15 16-03-2020 - 18:15
CVE-2020-9391 2.1
An issue was discovered in the Linux kernel 5.4 and 5.5 through 5.5.6 on the AArch64 architecture. It ignores the top byte in the address passed to the brk system call, potentially moving the memory break downwards when the application expects it to
18-04-2022 - 15:13 25-02-2020 - 18:15
CVE-2019-18808 2.1
A memory leak in the ccp_run_sha_cmd() function in drivers/crypto/ccp/ccp-ops.c in the Linux kernel through 5.3.9 allows attackers to cause a denial of service (memory consumption), aka CID-128c66429247.
18-04-2022 - 14:27 07-11-2019 - 16:15
CVE-2019-8075 5.0
Adobe Flash Player version 32.0.0.192 and earlier versions have a Same Origin Policy Bypass vulnerability. Successful exploitation could lead to Information Disclosure in the context of the current user.
18-04-2022 - 14:24 27-09-2019 - 16:15
CVE-2019-15166 5.0
lmp_print_data_link_subobjs() in print-lmp.c in tcpdump before 4.9.3 lacks certain bounds checks.
13-04-2022 - 14:48 03-10-2019 - 17:15
CVE-2020-9359 6.8
KDE Okular before 1.10.0 allows code execution via an action link in a PDF document.
12-04-2022 - 18:41 24-03-2020 - 14:15
CVE-2019-19906 5.0
cyrus-sasl (aka Cyrus SASL) 2.1.27 has an out-of-bounds write leading to unauthenticated remote denial-of-service in OpenLDAP via a malformed LDAP packet. The OpenLDAP crash is ultimately caused by an off-by-one error in _sasl_add_string in common.c
12-04-2022 - 18:41 19-12-2019 - 18:15
CVE-2019-8379 6.8
An issue was discovered in AdvanceCOMP through 2.1. A NULL pointer dereference exists in the function be_uint32_read() located in endianrw.h. It can be triggered by sending a crafted file to a binary. It allows an attacker to cause a Denial of Servic
12-04-2022 - 18:39 17-02-2019 - 02:29
CVE-2019-8383 6.8
An issue was discovered in AdvanceCOMP through 2.1. An invalid memory address occurs in the function adv_png_unfilter_8 in lib/png.c. It can be triggered by sending a crafted file to a binary. It allows an attacker to cause a Denial of Service (Segme
12-04-2022 - 18:39 17-02-2019 - 02:29
CVE-2019-1010238 7.5
Gnome Pango 1.42 and later is affected by: Buffer Overflow. The impact is: The heap based buffer overflow can be used to get code execution. The component is: function name: pango_log2vis_get_embedding_levels, assignment of nchars and the loop condit
12-04-2022 - 16:51 19-07-2019 - 17:15
CVE-2020-14775 4.0
Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions that are affected are 5.7.31 and prior and 8.0.21 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via mul
12-04-2022 - 16:16 21-10-2020 - 15:15
CVE-2020-14794 4.0
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.21 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple pro
12-04-2022 - 16:14 21-10-2020 - 15:15
CVE-2019-5819 4.4
Insufficient data validation in developer tools in Google Chrome on OS X prior to 74.0.3729.108 allowed a local attacker to execute arbitrary code via a crafted string copied to clipboard.
11-04-2022 - 20:42 27-06-2019 - 17:15
CVE-2020-6381 6.8
Integer overflow in JavaScript in Google Chrome on ChromeOS and Android prior to 80.0.3987.87 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
11-04-2022 - 19:16 11-02-2020 - 15:15
CVE-2020-6382 6.8
Type confusion in JavaScript in Google Chrome prior to 80.0.3987.87 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
11-04-2022 - 19:13 11-02-2020 - 15:15
CVE-2020-6385 6.8
Insufficient policy enforcement in storage in Google Chrome prior to 80.0.3987.87 allowed a remote attacker to bypass site isolation via a crafted HTML page.
11-04-2022 - 19:10 11-02-2020 - 15:15
CVE-2020-6390 6.8
Out of bounds memory access in streams in Google Chrome prior to 80.0.3987.87 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
11-04-2022 - 19:00 11-02-2020 - 15:15
CVE-2020-6391 4.3
Insufficient validation of untrusted input in Blink in Google Chrome prior to 80.0.3987.87 allowed a local attacker to bypass content security policy via a crafted HTML page.
11-04-2022 - 18:58 11-02-2020 - 15:15
CVE-2020-6396 4.3
Inappropriate implementation in Skia in Google Chrome prior to 80.0.3987.87 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page.
11-04-2022 - 18:57 11-02-2020 - 15:15
CVE-2015-3192 4.3
Pivotal Spring Framework before 3.2.14 and 4.x before 4.1.7 do not properly process inline DTD declarations when DTD is not entirely disabled, which allows remote attackers to cause a denial of service (memory consumption and out-of-memory errors) vi
11-04-2022 - 17:18 12-07-2016 - 19:59
CVE-2020-6377 6.8
Use after free in audio in Google Chrome prior to 79.0.3945.117 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
08-04-2022 - 14:27 10-01-2020 - 22:15
CVE-2020-35480 5.0
An issue was discovered in MediaWiki before 1.35.1. Missing users (accounts that don't exist) and hidden users (accounts that have been explicitly hidden due to being abusive, or similar) that the viewer cannot see are handled differently, exposing s
08-04-2022 - 14:21 18-12-2020 - 08:15
CVE-2020-35477 5.0
MediaWiki before 1.35.1 blocks legitimate attempts to hide log entries in some situations. If one sets MediaWiki:Mainpage to Special:MyLanguage/Main Page, visits a log entry on Special:Log, and toggles the "Change visibility of selected log entries"
08-04-2022 - 14:20 18-12-2020 - 08:15
CVE-2020-35475 5.0
In MediaWiki before 1.35.1, the messages userrights-expiry-current and userrights-expiry-none can contain raw HTML. XSS can happen when a user visits Special:UserRights but does not have rights to change all userrights, and the table on the left side
08-04-2022 - 14:19 18-12-2020 - 08:15
CVE-2019-15165 5.0
sf-pcapng.c in libpcap before 1.9.1 does not properly validate the PHB header length before allocating memory.
08-04-2022 - 13:27 03-10-2019 - 19:15
CVE-2020-24265 5.0
An issue was discovered in tcpreplay tcpprep v4.3.3. There is a heap buffer overflow vulnerability in MemcmpInterceptorCommon() that can make tcpprep crash and cause a denial of service.
08-04-2022 - 10:38 19-10-2020 - 15:15
CVE-2020-24266 5.0
An issue was discovered in tcpreplay tcpprep v4.3.3. There is a heap buffer overflow vulnerability in get_l2len() that can make tcpprep crash and cause a denial of service.
08-04-2022 - 10:38 19-10-2020 - 15:15
CVE-2020-12740 6.4
tcprewrite in Tcpreplay through 4.3.2 has a heap-based buffer over-read during a get_c operation. The issue is being triggered in the function get_ipv6_next() at common/get.c.
08-04-2022 - 10:35 08-05-2020 - 18:15
CVE-2019-8377 6.8
An issue was discovered in Tcpreplay 4.3.1. A NULL pointer dereference occurred in the function get_ipv6_l4proto() located at get.c. This can be triggered by sending a crafted pcap file to the tcpreplay-edit binary. It allows an attacker to cause a D
08-04-2022 - 10:31 17-02-2019 - 02:29
CVE-2019-8381 6.8
An issue was discovered in Tcpreplay 4.3.1. An invalid memory access occurs in do_checksum in checksum.c. It can be triggered by sending a crafted pcap file to the tcpreplay-edit binary. It allows an attacker to cause a Denial of Service (Segmentatio
08-04-2022 - 10:31 17-02-2019 - 02:29
CVE-2019-8376 6.8
An issue was discovered in Tcpreplay 4.3.1. A NULL pointer dereference occurred in the function get_layer4_v6() located at get.c. This can be triggered by sending a crafted pcap file to the tcpreplay-edit binary. It allows an attacker to cause a Deni
08-04-2022 - 10:30 17-02-2019 - 02:29
CVE-2016-7163 6.8
Integer overflow in the opj_pi_create_decode function in pi.c in OpenJPEG allows remote attackers to execute arbitrary code via a crafted JP2 file, which triggers an out-of-bounds read or write.
07-04-2022 - 15:39 21-09-2016 - 14:25
CVE-2019-3500 2.1
aria2c in aria2 1.33.1, when --log is used, can store an HTTP Basic Authentication username and password in a file, which might allow local users to obtain sensitive information by reading this file.
06-04-2022 - 18:33 02-01-2019 - 07:29
CVE-2019-9210 6.8
In AdvanceCOMP 2.1, png_compress in pngex.cc in advpng has an integer overflow upon encountering an invalid PNG size, which results in an attempted memcpy to write into a buffer that is too small. (There is also a heap-based buffer over-read.)
06-04-2022 - 18:27 27-02-2019 - 14:29
CVE-2019-6690 5.0
python-gnupg 0.4.3 allows context-dependent attackers to trick gnupg to decrypt other ciphertext than intended. To perform the attack, the passphrase to gnupg must be controlled by the adversary and the ciphertext should be trusted. Related to a "CWE
06-04-2022 - 18:27 21-03-2019 - 16:01
CVE-2019-12838 7.5
SchedMD Slurm 17.11.x, 18.08.0 through 18.08.7, and 19.05.0 allows SQL Injection.
06-04-2022 - 18:08 11-07-2019 - 13:15
CVE-2020-6393 4.3
Insufficient policy enforcement in Blink in Google Chrome prior to 80.0.3987.87 allowed a remote attacker to leak cross-origin data via a crafted HTML page.
06-04-2022 - 17:55 11-02-2020 - 15:15
CVE-2020-6394 5.8
Insufficient policy enforcement in Blink in Google Chrome prior to 80.0.3987.87 allowed a remote attacker to bypass content security policy via a crafted HTML page.
06-04-2022 - 17:54 11-02-2020 - 15:15
CVE-2020-6450 6.8
Use after free in WebAudio in Google Chrome prior to 80.0.3987.162 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
06-04-2022 - 17:53 13-04-2020 - 18:15
CVE-2020-6392 4.3
Insufficient policy enforcement in extensions in Google Chrome prior to 80.0.3987.87 allowed an attacker who convinced a user to install a malicious extension to bypass navigation restrictions via a crafted Chrome Extension.
06-04-2022 - 17:52 11-02-2020 - 15:15
CVE-2020-6451 6.8
Use after free in WebAudio in Google Chrome prior to 80.0.3987.162 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
06-04-2022 - 17:51 13-04-2020 - 18:15
CVE-2020-8265 6.8
Node.js versions before 10.23.1, 12.20.1, 14.15.4, 15.5.1 are vulnerable to a use-after-free bug in its TLS implementation. When writing to a TLS enabled socket, node::StreamBase::Write calls node::TLSWrap::DoWrite with a freshly allocated WriteWrap
06-04-2022 - 16:26 06-01-2021 - 21:15
CVE-2020-10756 2.1
An out-of-bounds read vulnerability was found in the SLiRP networking implementation of the QEMU emulator. This flaw occurs in the icmp6_send_echoreply() routine while replying to an ICMP echo request, also known as ping. This flaw allows a malicious
05-04-2022 - 15:05 09-07-2020 - 16:15
CVE-2020-1740 1.9
A flaw was found in Ansible Engine when using Ansible Vault for editing encrypted files. When a user executes "ansible-vault edit", another user on the same computer can read the old and new secret, as it is created in a temporary file with mkstemp a
05-04-2022 - 15:01 16-03-2020 - 16:15
CVE-2020-1736 2.1
A flaw was found in Ansible Engine when a file is moved using atomic_move primitive as the file mode cannot be specified. This sets the destination files world-readable if the destination file does not exist and if the file exists, the file could be
05-04-2022 - 15:00 16-03-2020 - 16:15
CVE-2020-1735 3.6
A flaw was found in the Ansible Engine when the fetch module is used. An attacker could intercept the module, inject a new path, and then choose a new destination path on the controller node. All versions in 2.7.x, 2.8.x and 2.9.x branches are believ
05-04-2022 - 14:57 16-03-2020 - 16:15
CVE-2020-12693 5.1
Slurm 19.05.x before 19.05.7 and 20.02.x before 20.02.3, in the rare case where Message Aggregation is enabled, allows Authentication Bypass via an Alternate Path or Channel. A race condition allows a user to launch a process as an arbitrary user.
04-04-2022 - 13:31 21-05-2020 - 23:15
CVE-2020-1945 3.3
Apache Ant 1.1 to 1.9.14 and 1.10.0 to 1.10.7 uses the default temporary directory identified by the Java system property java.io.tmpdir for several tasks and may thus leak sensitive information. The fixcrlf and replaceregexp tasks also copy files fr
04-04-2022 - 13:31 14-05-2020 - 16:15
CVE-2018-18408 7.5
A use-after-free was discovered in the tcpbridge binary of Tcpreplay 4.3.0 beta1. The issue gets triggered in the function post_args() at tcpbridge.c, causing a denial of service or possibly unspecified other impact.
02-04-2022 - 03:30 17-10-2018 - 04:29
CVE-2018-18407 4.3
A heap-based buffer over-read was discovered in the tcpreplay-edit binary of Tcpreplay 4.3.0 beta1, during the incremental checksum operation. The issue gets triggered in the function csum_replace4() in incremental_checksum.h, causing a denial of ser
02-04-2022 - 03:30 17-10-2018 - 04:29
CVE-2020-1739 3.3
A flaw was found in Ansible 2.7.16 and prior, 2.8.8 and prior, and 2.9.5 and prior when a password is set with the argument "password" of svn module, it is used on svn command line, disclosing to other users within the same node. An attacker could ta
01-04-2022 - 20:19 12-03-2020 - 18:15
CVE-2017-18922 7.5
It was discovered that websockets.c in LibVNCServer prior to 0.9.12 did not properly decode certain WebSocket frames. A malicious attacker could exploit this by sending specially crafted WebSocket frames to a server, causing a heap-based buffer overf
01-04-2022 - 18:08 30-06-2020 - 11:15
CVE-2019-19604 9.3
Arbitrary command execution is possible in Git before 2.20.2, 2.21.x before 2.21.1, 2.22.x before 2.22.2, 2.23.x before 2.23.1, and 2.24.x before 2.24.1 because a "git submodule update" operation can run commands found in the .gitmodules file of a ma
01-04-2022 - 15:50 11-12-2019 - 00:15
CVE-2020-10108 7.5
In Twisted Web through 19.10.0, there was an HTTP request splitting vulnerability. When presented with two content-length headers, it ignored the first header. When the second content-length value was set to zero, the request body was interpreted as
01-04-2022 - 14:06 12-03-2020 - 13:15
CVE-2020-10109 7.5
In Twisted Web through 19.10.0, there was an HTTP request splitting vulnerability. When presented with a content-length and a chunked encoding header, the content-length took precedence and the remainder of the request body was interpreted as a pipel
01-04-2022 - 14:03 12-03-2020 - 13:15
CVE-2019-19583 5.0
An issue was discovered in Xen through 4.12.x allowing x86 HVM/PVH guest OS users to cause a denial of service (guest OS crash) because VMX VMEntry checks mishandle a certain case. Please see XSA-260 for background on the MovSS shadow. Please see XSA
31-03-2022 - 18:19 11-12-2019 - 18:16
CVE-2019-17055 2.1
base_sock_create in drivers/isdn/mISDN/socket.c in the AF_ISDN network module in the Linux kernel through 5.3.2 does not enforce CAP_NET_RAW, which means that unprivileged users can create a raw socket, aka CID-b91ee4aa2a21.
31-03-2022 - 18:13 01-10-2019 - 14:15
CVE-2019-11455 5.5
A buffer over-read in Util_urlDecode in util.c in Tildeslash Monit before 5.25.3 allows a remote authenticated attacker to retrieve the contents of adjacent memory via manipulation of GET or POST parameters. The attacker can also cause a denial of se
31-03-2022 - 17:45 22-04-2019 - 16:29
CVE-2019-11454 4.3
Persistent cross-site scripting (XSS) in http/cervlet.c in Tildeslash Monit before 5.25.3 allows a remote unauthenticated attacker to introduce arbitrary JavaScript via manipulation of an unsanitized user field of the Authorization header for HTTP Ba
31-03-2022 - 17:43 22-04-2019 - 16:29
CVE-2019-15531 4.3
GNU Libextractor through 1.9 has a heap-based buffer over-read in the function EXTRACTOR_dvi_extract_method in plugins/dvi_extractor.c.
31-03-2022 - 17:39 23-08-2019 - 17:15
CVE-2019-16738 5.0
In MediaWiki through 1.33.0, Special:Redirect allows information disclosure of suppressed usernames via a User ID Lookup.
31-03-2022 - 17:38 26-09-2019 - 02:15
CVE-2019-13745 4.3
Insufficient policy enforcement in audio in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to leak cross-origin data via a crafted HTML page.
31-03-2022 - 17:28 10-12-2019 - 22:15
CVE-2019-13764 6.8
Type confusion in JavaScript in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
31-03-2022 - 17:26 10-12-2019 - 22:15
CVE-2020-6404 6.8
Inappropriate implementation in Blink in Google Chrome prior to 80.0.3987.87 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
31-03-2022 - 17:25 11-02-2020 - 15:15
CVE-2020-6398 6.8
Use of uninitialized data in PDFium in Google Chrome prior to 80.0.3987.87 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file.
31-03-2022 - 17:21 11-02-2020 - 15:15
CVE-2020-6400 4.3
Inappropriate implementation in CORS in Google Chrome prior to 80.0.3987.87 allowed a remote attacker to leak cross-origin data via a crafted HTML page.
31-03-2022 - 17:20 11-02-2020 - 15:15
CVE-2020-6397 4.3
Inappropriate implementation in sharing in Google Chrome prior to 80.0.3987.87 allowed a remote attacker to spoof security UI via a crafted HTML page.
31-03-2022 - 17:20 11-02-2020 - 15:15
CVE-2020-6416 6.8
Insufficient data validation in streams in Google Chrome prior to 80.0.3987.87 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
31-03-2022 - 17:19 11-02-2020 - 15:15
CVE-2020-6403 4.3
Incorrect implementation in Omnibox in Google Chrome on iOS prior to 80.0.3987.87 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page.
31-03-2022 - 17:18 11-02-2020 - 15:15
CVE-2020-6415 6.8
Inappropriate implementation in JavaScript in Google Chrome prior to 80.0.3987.87 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
31-03-2022 - 17:17 11-02-2020 - 15:15
CVE-2020-6408 4.3
Insufficient policy enforcement in CORS in Google Chrome prior to 80.0.3987.87 allowed a local attacker to obtain potentially sensitive information via a crafted HTML page.
31-03-2022 - 17:16 11-02-2020 - 15:15
CVE-2020-6406 6.8
Use after free in audio in Google Chrome prior to 80.0.3987.87 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
31-03-2022 - 17:16 11-02-2020 - 15:15
CVE-2020-6383 6.8
Type confusion in V8 in Google Chrome prior to 80.0.3987.116 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
31-03-2022 - 17:14 27-02-2020 - 23:15
CVE-2020-6386 6.8
Use after free in speech in Google Chrome prior to 80.0.3987.116 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
31-03-2022 - 17:13 27-02-2020 - 23:15
CVE-2020-6384 6.8
Use after free in WebAudio in Google Chrome prior to 80.0.3987.116 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
31-03-2022 - 17:11 27-02-2020 - 23:15
CVE-2020-6429 6.8
Use after free in audio in Google Chrome prior to 80.0.3987.149 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
31-03-2022 - 17:09 23-03-2020 - 16:15
CVE-2020-6428 6.8
Use after free in audio in Google Chrome prior to 80.0.3987.149 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
31-03-2022 - 17:08 23-03-2020 - 16:15
CVE-2020-6427 6.8
Use after free in audio in Google Chrome prior to 80.0.3987.149 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
31-03-2022 - 17:08 23-03-2020 - 16:15
CVE-2020-6422 6.8
Use after free in WebGL in Google Chrome prior to 80.0.3987.149 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
31-03-2022 - 17:07 23-03-2020 - 16:15
CVE-2020-6424 6.8
Use after free in media in Google Chrome prior to 80.0.3987.149 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
31-03-2022 - 17:06 23-03-2020 - 16:15
CVE-2020-6426 4.3
Inappropriate implementation in V8 in Google Chrome prior to 80.0.3987.149 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
31-03-2022 - 17:04 23-03-2020 - 16:15
CVE-2019-12221 4.3
An issue was discovered in libSDL2.a in Simple DirectMedia Layer (SDL) 2.0.9 when used in conjunction with libSDL2_image.a in SDL2_image 2.0.4. There is a SEGV in the SDL function SDL_free_REAL at stdlib/SDL_malloc.c.
30-03-2022 - 18:57 20-05-2019 - 17:29
CVE-2020-28948 6.8
Archive_Tar through 1.4.10 allows an unserialization attack because phar: is blocked but PHAR: is not blocked.
30-03-2022 - 14:32 19-11-2020 - 19:15
CVE-2020-14793 4.0
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 5.6.49 and prior, 5.7.31 and prior and 8.0.21 and prior. Easily exploitable vulnerability allows high privileged attack
29-03-2022 - 19:43 21-10-2020 - 15:15
CVE-2020-14791 3.5
Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions that are affected are 8.0.21 and prior. Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols to
29-03-2022 - 19:42 21-10-2020 - 15:15
CVE-2020-14786 4.0
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: PS). Supported versions that are affected are 8.0.21 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols
29-03-2022 - 19:42 21-10-2020 - 15:15
CVE-2020-14790 4.0
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: PS). Supported versions that are affected are 5.7.31 and prior and 8.0.21 and prior. Easily exploitable vulnerability allows high privileged attacker with network access vi
29-03-2022 - 19:42 21-10-2020 - 15:15
CVE-2020-14777 4.0
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.21 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple pro
29-03-2022 - 19:41 21-10-2020 - 15:15
CVE-2020-14769 4.0
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 5.6.49 and prior, 5.7.31 and prior and 8.0.21 and prior. Easily exploitable vulnerability allows low privileged attacke
29-03-2022 - 19:40 21-10-2020 - 15:15
CVE-2020-14773 4.0
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.21 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple pro
29-03-2022 - 19:40 21-10-2020 - 15:15
CVE-2020-14672 6.8
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Stored Procedure). Supported versions that are affected are 5.6.49 and prior, 5.7.31 and prior and 8.0.21 and prior. Easily exploitable vulnerability allows high privileged
29-03-2022 - 19:39 21-10-2020 - 15:15
CVE-2019-18804 5.0
DjVuLibre 3.5.27 has a NULL pointer dereference in the function DJVU::filter_fv at IW44EncodeCodec.cpp.
29-03-2022 - 19:37 07-11-2019 - 06:15
CVE-2019-13734 6.8
Out of bounds write in SQLite in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
29-03-2022 - 19:37 10-12-2019 - 22:15
CVE-2019-15145 4.3
DjVuLibre 3.5.27 allows attackers to cause a denial-of-service attack (application crash via an out-of-bounds read) by crafting a corrupted JB2 image file that is mishandled in JB2Dict::JB2Codec::get_direct_context in libdjvu/JB2Image.h because of a
29-03-2022 - 19:16 18-08-2019 - 19:15
CVE-2019-15144 4.3
In DjVuLibre 3.5.27, the sorting functionality (aka GArrayTemplate<TYPE>::sort) allows attackers to cause a denial-of-service (application crash due to an Uncontrolled Recursion) by crafting a PBM image file that is mishandled in libdjvu/GContainer.h
29-03-2022 - 19:16 18-08-2019 - 19:15
CVE-2019-15142 4.3
In DjVuLibre 3.5.27, DjVmDir.cpp in the DJVU reader component allows attackers to cause a denial-of-service (application crash in GStringRep::strdup in libdjvu/GString.cpp caused by a heap-based buffer over-read) by crafting a DJVU file.
29-03-2022 - 19:16 18-08-2019 - 19:15
CVE-2019-15143 4.3
In DjVuLibre 3.5.27, the bitmap reader component allows attackers to cause a denial-of-service error (resource exhaustion caused by a GBitmap::read_rle_raw infinite loop) by crafting a corrupted image file, related to libdjvu/DjVmDir.cpp and libdjvu/
29-03-2022 - 19:16 18-08-2019 - 19:15
CVE-2020-2934 5.1
Vulnerability in the MySQL Connectors product of Oracle MySQL (component: Connector/J). Supported versions that are affected are 8.0.19 and prior and 5.1.48 and prior. Difficult to exploit vulnerability allows unauthenticated attacker with network ac
29-03-2022 - 16:40 15-04-2020 - 14:15
CVE-2016-1572 4.6
mount.ecryptfs_private.c in eCryptfs-utils does not validate mount destination filesystem types, which allows local users to gain privileges by mounting over a nonstandard filesystem, as demonstrated by /proc/$pid.
23-03-2022 - 17:19 22-01-2016 - 15:59
CVE-2018-21247 5.0
An issue was discovered in LibVNCServer before 0.9.13. There is an information leak (of uninitialized memory contents) in the libvncclient/rfbproto.c ConnectToRFBRepeater function.
10-03-2022 - 15:29 17-06-2020 - 16:15
CVE-2019-20839 5.0
libvncclient/sockets.c in LibVNCServer before 0.9.13 has a buffer overflow via a long socket filename.
10-03-2022 - 15:23 17-06-2020 - 16:15
CVE-2019-20840 5.0
An issue was discovered in LibVNCServer before 0.9.13. libvncserver/ws_decode.c can lead to a crash because of unaligned accesses in hybiReadAndDecode.
10-03-2022 - 15:23 17-06-2020 - 16:15
CVE-2007-6283 4.9
Red Hat Enterprise Linux 5 and Fedora install the Bind /etc/rndc.key file with world-readable permissions, which allows local users to perform unauthorized named commands, such as causing a denial of service by stopping named.
25-02-2022 - 19:06 18-12-2007 - 01:46
CVE-2020-24661 2.6
GNOME Geary before 3.36.3 mishandles pinned TLS certificate verification for IMAP and SMTP services using invalid TLS certificates (e.g., self-signed certificates) when the client system is not configured to use a system-provided PKCS#11 store. This
22-02-2022 - 10:04 26-08-2020 - 16:15
CVE-2019-15718 3.6
In systemd 240, bus_open_system_watch_bind_with_description in shared/bus-util.c (as used by systemd-resolved to connect to the system D-Bus instance), calls sd_bus_set_trusted, which disables access controls for incoming D-Bus messages. An unprivile
20-02-2022 - 06:15 04-09-2019 - 12:15
CVE-2019-6454 4.9
An issue was discovered in sd-bus in systemd 239. bus_process_object() in libsystemd/sd-bus/bus-objects.c allocates a variable-length stack buffer for temporarily storing the object path of incoming D-Bus messages. An unprivileged local user can expl
20-02-2022 - 06:08 21-03-2019 - 16:01
CVE-2020-25686 4.3
A flaw was found in dnsmasq before version 2.83. When receiving a query, dnsmasq does not check for an existing pending request for the same name and forwards a new request. By default, a maximum of 150 pending queries can be sent to upstream servers
14-02-2022 - 15:29 20-01-2021 - 17:15
CVE-2020-25684 4.3
A flaw was found in dnsmasq before version 2.83. When getting a reply from a forwarded query, dnsmasq checks in the forward.c:reply_query() if the reply destination address/port is used by the pending forwarded queries. However, it does not use the a
14-02-2022 - 14:56 20-01-2021 - 16:15
CVE-2007-6061 5.0
Audacity 1.3.2 creates a temporary directory with a predictable name without checking for previous existence of that directory, which allows local users to cause a denial of service (recording deadlock) by creating the directory before Audacity is ru
07-02-2022 - 19:43 20-11-2007 - 23:46
CVE-2011-2896 5.1
The LZW decompressor in the LWZReadByte function in giftoppm.c in the David Koblas GIF decoder in PBMPLUS, as used in the gif_read_lzw function in filter/image-gif.c in CUPS before 1.4.7, the LZWReadByte function in plug-ins/common/file-gif-load.c in
07-02-2022 - 18:44 19-08-2011 - 17:55
CVE-2009-0733 9.3
Multiple stack-based buffer overflows in the ReadSetOfCurves function in LittleCMS (aka lcms or liblcms) before 1.18beta2, as used in Firefox 3.1beta, OpenJDK, and GIMP, allow context-dependent attackers to execute arbitrary code via a crafted image
07-02-2022 - 18:28 23-03-2009 - 14:19
CVE-2009-0723 9.3
Multiple integer overflows in LittleCMS (aka lcms or liblcms) before 1.18beta2, as used in Firefox 3.1beta, OpenJDK, and GIMP, allow context-dependent attackers to execute arbitrary code via a crafted image file that triggers a heap-based buffer over
07-02-2022 - 18:18 23-03-2009 - 14:19
CVE-2007-2834 9.3
Integer overflow in the TIFF parser in OpenOffice.org (OOo) before 2.3; and Sun StarOffice 6, 7, and 8 Office Suite (StarSuite); allows remote attackers to execute arbitrary code via a TIFF file with crafted values of unspecified length fields, which
07-02-2022 - 17:16 18-09-2007 - 21:17
CVE-2010-0395 9.3
OpenOffice.org 2.x and 3.0 before 3.2.1 allows user-assisted remote attackers to bypass Python macro security restrictions and execute arbitrary Python code via a crafted OpenDocument Text (ODT) file that triggers code execution when the macro direct
07-02-2022 - 17:03 10-06-2010 - 00:30
CVE-2014-3575 4.3
The OLE preview generation in Apache OpenOffice before 4.1.1 and OpenOffice.org (OOo) might allow remote attackers to embed arbitrary data into documents via crafted OLE objects.
07-02-2022 - 16:32 27-08-2014 - 00:55
CVE-2015-1774 6.8
The HWP filter in LibreOffice before 4.3.7 and 4.4.x before 4.4.2 and Apache OpenOffice before 4.1.2 allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted HWP document, which triggers an out-of-
07-02-2022 - 16:32 28-04-2015 - 14:59
CVE-2011-4339 3.6
ipmievd (aka the IPMI event daemon) in OpenIPMI, as used in the ipmitool package 1.8.11 in Red Hat Enterprise Linux (RHEL) 6, Debian GNU/Linux, Fedora 16, and other products uses 0666 permissions for its ipmievd.pid PID file, which allows local users
03-02-2022 - 19:59 15-12-2011 - 03:57
CVE-2008-0892 9.0
The replication monitor CGI script (repl-monitor-cgi.pl) in Red Hat Administration Server, as used by Red Hat Directory Server 8.0 EL4 and EL5, allows remote attackers to execute arbitrary commands.
03-02-2022 - 19:56 16-04-2008 - 18:05
CVE-2008-1672 4.3
OpenSSL 0.9.8f and 0.9.8g allows remote attackers to cause a denial of service (crash) via a TLS handshake that omits the Server Key Exchange message and uses "particular cipher suites," which triggers a NULL pointer dereference.
02-02-2022 - 15:03 29-05-2008 - 16:32
CVE-2015-7977 4.3
ntpd in NTP before 4.2.8p6 and 4.3.x before 4.3.90 allows remote attackers to cause a denial of service (NULL pointer dereference) via a ntpdc reslist command.
01-02-2022 - 18:13 30-01-2017 - 21:59
CVE-2019-3843 4.6
It was discovered that a systemd service that uses DynamicUser property can create a SUID/SGID binary that would be allowed to run as the transient service UID/GID even after the service is terminated. A local attacker may use this flaw to access res
31-01-2022 - 18:53 26-04-2019 - 21:29
CVE-2019-3842 4.4
In systemd before v242-rc4, it was discovered that pam_systemd does not properly sanitize the environment before using the XDG_SEAT variable. It is possible for an attacker, in some particular configurations, to set a XDG_SEAT environment variable wh
31-01-2022 - 18:51 09-04-2019 - 21:29
CVE-2020-13776 6.2
systemd through v245 mishandles numerical usernames such as ones composed of decimal digits or 0x followed by hex digits, as demonstrated by use of root privileges when privileges of the 0x0 user account were intended. NOTE: this issue exists because
31-01-2022 - 18:40 03-06-2020 - 03:15
CVE-2019-20386 2.1
An issue was discovered in button_open in login/logind-button.c in systemd before 243. When executing the udevadm trigger command, a memory leak may occur.
28-01-2022 - 21:27 21-01-2020 - 06:15
CVE-2020-28241 4.3
libmaxminddb before 1.4.3 has a heap-based buffer over-read in dump_entry_data_list in maxminddb.c.
06-01-2022 - 14:18 06-11-2020 - 05:15
CVE-2020-26519 4.3
Artifex MuPDF before 1.18.0 has a heap based buffer over-write when parsing JBIG2 files allowing attackers to cause a denial of service.
06-01-2022 - 14:18 02-10-2020 - 06:15
CVE-2020-26121 5.0
An issue was discovered in the FileImporter extension for MediaWiki before 1.34.4. An attacker can import a file even when the target page is protected against "page creation" and the attacker should not be able to create it. This occurs because of a
06-01-2022 - 14:18 27-09-2020 - 21:15
CVE-2020-25869 5.0
An information leak was discovered in MediaWiki before 1.31.10 and 1.32.x through 1.34.x before 1.34.4. Handling of actor ID does not necessarily use the correct database or correct wiki.
06-01-2022 - 14:18 27-09-2020 - 21:15
CVE-2020-26120 4.3
XSS exists in the MobileFrontend extension for MediaWiki before 1.34.4 because section.line is mishandled during regex section line replacement from PageGateway. Using crafted HTML, an attacker can elicit an XSS attack via jQuery's parseHTML method,
06-01-2022 - 14:18 27-09-2020 - 21:15
CVE-2020-2928 4.0
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.19 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple pro
04-01-2022 - 17:52 15-04-2020 - 14:15
CVE-2020-2921 3.5
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Group Replication Plugin). Supported versions that are affected are 8.0.19 and prior. Difficult to exploit vulnerability allows high privileged attacker with network access
04-01-2022 - 17:52 15-04-2020 - 14:15
CVE-2020-2926 3.5
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Group Replication GCS). Supported versions that are affected are 8.0.19 and prior. Difficult to exploit vulnerability allows high privileged attacker with network access vi
04-01-2022 - 17:52 15-04-2020 - 14:15
CVE-2020-12402 1.2
During RSA key generation, bignum implementations used a variation of the Binary Extended Euclidean Algorithm which entailed significantly input-dependent flow. This allowed an attacker able to perform electromagnetic-based side channel attacks to re
04-01-2022 - 16:38 09-07-2020 - 15:15
CVE-2020-15121 6.8
In radare2 before version 4.5.0, malformed PDB file names in the PDB server path cause shell injection. To trigger the problem it's required to open the executable in radare2 and run idpd to trigger the download. The shell code will execute, and will
04-01-2022 - 16:33 20-07-2020 - 18:15
CVE-2020-16094 5.0
In imap_scan_tree_recursive in Claws Mail through 3.17.6, a malicious IMAP server can trigger stack consumption because of unlimited recursion into subdirectories during a rebuild of the folder tree.
04-01-2022 - 16:32 28-07-2020 - 19:15
CVE-2019-14664 4.3
In Enigmail below 2.1, an attacker in possession of PGP encrypted emails can wrap them as sub-parts within a crafted multipart email. The encrypted part(s) can further be hidden using HTML/CSS or ASCII newline characters. This modified multipart emai
01-01-2022 - 20:18 05-08-2019 - 20:15
CVE-2019-12957 6.8
In Xpdf 4.01.01, a buffer over-read could be triggered in FoFiType1C::convertToType1 in fofi/FoFiType1C.cc when the index number is larger than the charset array bounds. It can, for example, be triggered by sending a crafted PDF document to the pdfto
01-01-2022 - 20:17 25-06-2019 - 00:15
CVE-2019-17592 5.0
The csv-parse module before 4.4.6 for Node.js is vulnerable to Regular Expression Denial of Service. The __isInt() function contains a malformed regular expression that processes large crafted input very slowly. This is triggered when using the cast
01-01-2022 - 20:11 14-10-2019 - 20:15
CVE-2019-19647 6.8
radare2 through 4.0.0 lacks validation of the content variable in the function r_asm_pseudo_incbin at libr/asm/asm.c, ultimately leading to an arbitrary write. This allows remote attackers to cause a denial of service (application crash) or possibly
01-01-2022 - 20:07 09-12-2019 - 01:15
CVE-2019-13730 6.8
Type confusion in JavaScript in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
01-01-2022 - 20:07 10-12-2019 - 22:15
CVE-2019-18609 7.5
An issue was discovered in amqp_handle_input in amqp_connection.c in rabbitmq-c 0.9.0. There is an integer overflow that leads to heap memory corruption in the handling of CONNECTION_STATE_HEADER. A rogue server could return a malicious frame header
01-01-2022 - 20:06 01-12-2019 - 22:15
CVE-2020-6750 4.3
GSocketClient in GNOME GLib through 2.62.4 may occasionally connect directly to a target address instead of connecting via a proxy server when configured to do so, because the proxy_addr field is mishandled. This bug is timing-dependent and may occur
01-01-2022 - 20:02 09-01-2020 - 20:15
CVE-2020-6379 6.8
Use after free in V8 in Google Chrome prior to 79.0.3945.130 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
01-01-2022 - 19:58 11-02-2020 - 15:15
CVE-2020-6380 6.8
Insufficient policy enforcement in extensions in Google Chrome prior to 79.0.3945.130 allowed a remote attacker who had compromised the renderer process to bypass site isolation via a crafted Chrome Extension.
01-01-2022 - 19:58 11-02-2020 - 15:15
CVE-2020-8518 7.5
Horde Groupware Webmail Edition 5.2.22 allows injection of arbitrary PHP code via CSV data, leading to remote code execution.
01-01-2022 - 19:54 17-02-2020 - 15:15
CVE-2020-7957 5.0
The IMAP and LMTP components in Dovecot 2.3.9 before 2.3.9.3 mishandle snippet generation when many characters must be read to compute the snippet and a trailing > character exists. This causes a denial of service in which the recipient cannot read a
01-01-2022 - 19:51 12-02-2020 - 17:15
CVE-2019-18183 6.8
pacman before 5.2 is vulnerable to arbitrary command injection in lib/libalpm/sync.c in the apply_deltas() function. This can be exploited when unsigned databases are used. To exploit the vulnerability, the user must enable the non-default delta feat
01-01-2022 - 19:45 24-02-2020 - 15:15
CVE-2020-9308 6.8
archive_read_support_format_rar5.c in libarchive before 3.4.2 attempts to unpack a RAR5 file with an invalid or corrupted header (such as a header size of zero), leading to a SIGSEGV or possibly unspecified other impact.
01-01-2022 - 19:39 20-02-2020 - 07:15
CVE-2019-20477 7.5
PyYAML 5.1 through 5.1.2 has insufficient restrictions on the load and load_all functions because of a class deserialization issue, e.g., Popen is a class in the subprocess module. NOTE: this issue exists because of an incomplete fix for CVE-2017-183
01-01-2022 - 19:38 19-02-2020 - 04:15
CVE-2020-10174 6.9
init_tmp in TeeJee.FileSystem.vala in Timeshift before 20.03 unsafely reuses a preexisting temporary directory in the predictable location /tmp/timeshift. It follows symlinks in this location or uses directories owned by unprivileged users. Because T
01-01-2022 - 19:36 05-03-2020 - 16:15
CVE-2020-8793 4.7
OpenSMTPD before 6.6.4 allows local users to read arbitrary files (e.g., on some Linux distributions) because of a combination of an untrusted search path in makemap.c and race conditions in the offline functionality in smtpd.c.
01-01-2022 - 19:30 25-02-2020 - 17:15
CVE-2020-9369 5.0
Sympa 6.2.38 through 6.2.52 allows remote attackers to cause a denial of service (disk consumption from temporary files, and a flood of notifications to listmasters) via a series of requests with malformed parameters.
01-01-2022 - 19:28 24-02-2020 - 18:15
CVE-2020-6420 6.8
Insufficient policy enforcement in media in Google Chrome prior to 80.0.3987.132 allowed a remote attacker to bypass same origin policy via a crafted HTML page.
01-01-2022 - 18:45 23-03-2020 - 16:15
CVE-2020-25828 4.3
An issue was discovered in MediaWiki before 1.31.10 and 1.32.x through 1.34.x before 1.34.4. The non-jqueryMsg version of mw.message().parse() doesn't escape HTML. This affects both message contents (which are generally safe) and the parameters (whic
01-01-2022 - 18:40 27-09-2020 - 21:15
CVE-2020-14382 6.8
A vulnerability was found in upstream release cryptsetup-2.2.0 where, there's a bug in LUKS2 format validation code, that is effectively invoked on every device/image presenting itself as LUKS2 container. The bug is in segments validation code in fil
01-01-2022 - 18:39 16-09-2020 - 15:15
CVE-2020-25815 4.3
An issue was discovered in MediaWiki 1.32.x through 1.34.x before 1.34.4. LogEventList::getFiltersDesc is insecurely using message text to build options names for an HTML multi-select field. The relevant code should use escaped() instead of text().
01-01-2022 - 18:39 27-09-2020 - 21:15
CVE-2020-25814 4.3
In MediaWiki before 1.31.10 and 1.32.x through 1.34.x before 1.34.4, XSS related to jQuery can occur. The attacker creates a message with [javascript:payload xss] and turns it into a jQuery object with mw.message().parse(). The expected result is tha
01-01-2022 - 18:39 27-09-2020 - 21:15
CVE-2020-25813 5.0
In MediaWiki before 1.31.10 and 1.32.x through 1.34.x before 1.34.4, Special:UserRights exposes the existence of hidden users.
01-01-2022 - 18:39 27-09-2020 - 21:15
CVE-2020-25812 4.3
An issue was discovered in MediaWiki 1.34.x before 1.34.4. On Special:Contributions, the NS filter uses unescaped messages as keys in the option key for an HTMLForm specifier. This is vulnerable to a mild XSS if one of those messages is changed to in
01-01-2022 - 18:39 27-09-2020 - 21:15
CVE-2020-25827 5.0
An issue was discovered in the OATHAuth extension in MediaWiki before 1.31.10 and 1.32.x through 1.34.x before 1.34.4. For Wikis using OATHAuth on a farm/cluster (such as via CentralAuth), rate limiting of OATH tokens is only done on a single site le
01-01-2022 - 18:39 27-09-2020 - 21:15
CVE-2020-28368 2.1
Xen through 4.14.x allows guest OS administrators to obtain sensitive information (such as AES keys from outside the guest) via a side-channel attack on a power/energy monitoring interface, aka a "Platypus" attack. NOTE: there is only one logically i
01-01-2022 - 18:18 10-11-2020 - 19:15
CVE-2020-26892 7.5
The JWT library in NATS nats-server before 2.1.9 has Incorrect Access Control because of how expired credentials are handled.
01-01-2022 - 18:18 06-11-2020 - 08:15
CVE-2020-26521 5.0
The JWT library in NATS nats-server before 2.1.9 allows a denial of service (a nil dereference in Go code).
01-01-2022 - 18:18 06-11-2020 - 08:15
CVE-2020-8223 3.5
A logic error in Nextcloud Server 19.0.0 caused a privilege escalation allowing malicious users to reshare with higher permissions than they got assigned themselves.
01-01-2022 - 18:16 05-10-2020 - 14:15
CVE-2020-26262 6.4
Coturn is free open source implementation of TURN and STUN Server. Coturn before version 4.5.2 by default does not allow peers to connect and relay packets to loopback addresses in the range of `127.x.x.x`. However, it was observed that when sending
01-01-2022 - 18:12 13-01-2021 - 19:15
CVE-2020-15257 3.6
containerd is an industry-standard container runtime and is available as a daemon for Linux and Windows. In containerd before versions 1.3.9 and 1.4.3, the containerd-shim API is improperly exposed to host network containers. Access controls for the
01-01-2022 - 18:11 01-12-2020 - 03:15
CVE-2020-20740 6.8
PDFResurrect before 0.20 lack of header validation checks causes heap-buffer-overflow in pdf_get_version().
01-01-2022 - 18:10 20-11-2020 - 19:15
CVE-2020-1695 5.0
A flaw was found in all resteasy 3.x.x versions prior to 3.12.0.Final and all resteasy 4.x.x versions prior to 4.6.0.Final, where an improper input validation results in returning an illegal header that integrates into the server's response. This fla
01-01-2022 - 17:33 19-05-2020 - 15:15
CVE-2020-2930 3.5
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Parser). Supported versions that are affected are 8.0.19 and prior. Difficult to exploit vulnerability allows high privileged attacker with network access via multiple prot
30-12-2021 - 22:15 15-04-2020 - 14:15
CVE-2020-2924 4.0
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.19 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple pro
30-12-2021 - 22:14 15-04-2020 - 14:15
CVE-2020-2925 4.0
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: PS). Supported versions that are affected are 8.0.19 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols
30-12-2021 - 22:13 15-04-2020 - 14:15
CVE-2020-2923 4.0
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.19 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple pro
30-12-2021 - 22:12 15-04-2020 - 14:15
CVE-2020-2904 4.0
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.19 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple pro
30-12-2021 - 22:05 15-04-2020 - 14:15
CVE-2018-14553 4.3
gdImageClone in gd.c in libgd 2.1.0-rc2 through 2.2.5 has a NULL pointer dereference allowing attackers to crash an application via a specific function call sequence. Only affects PHP when linked with an external libgd (not bundled).
30-12-2021 - 22:04 11-02-2020 - 13:15
CVE-2020-2901 4.0
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.19 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple pro
30-12-2021 - 22:02 15-04-2020 - 14:15
CVE-2020-2903 4.0
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Connection Handling). Supported versions that are affected are 8.0.19 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via mu
30-12-2021 - 22:00 15-04-2020 - 14:15
CVE-2020-2897 4.0
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.19 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple pro
30-12-2021 - 21:57 15-04-2020 - 14:15
CVE-2020-2895 4.0
Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions that are affected are 8.0.19 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to c
30-12-2021 - 21:31 15-04-2020 - 14:15
CVE-2020-2896 4.0
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Information Schema). Supported versions that are affected are 8.0.19 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via mul
30-12-2021 - 21:26 15-04-2020 - 14:15
CVE-2020-2898 4.0
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Charsets). The supported version that is affected is 8.0.19. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to
30-12-2021 - 21:24 15-04-2020 - 14:15
CVE-2020-5208 6.5
It's been found that multiple functions in ipmitool before 1.8.19 neglect proper checking of the data received from a remote LAN party, which may lead to buffer overflows and potentially to remote code execution on the ipmitool side. This is especial
30-12-2021 - 21:13 05-02-2020 - 14:15
CVE-2020-2893 4.0
Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions that are affected are 8.0.19 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to c
30-12-2021 - 21:04 15-04-2020 - 14:15
CVE-2020-2892 4.0
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.19 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple pro
30-12-2021 - 20:33 15-04-2020 - 14:15
CVE-2020-2853 4.0
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Security: Privileges). Supported versions that are affected are 8.0.18 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via m
30-12-2021 - 20:30 15-04-2020 - 14:15
CVE-2020-2779 4.0
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Security: Privileges). Supported versions that are affected are 8.0.18 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via m
30-12-2021 - 20:27 15-04-2020 - 14:15
CVE-2019-18182 6.8
pacman before 5.2 is vulnerable to arbitrary command injection in conf.c in the download_with_xfercommand() function. This can be exploited when unsigned databases are used. To exploit the vulnerability, the user must enable a non-default XferCommand
30-12-2021 - 19:53 24-02-2020 - 15:15
CVE-2020-7046 7.8
lib-smtp in submission-login and lmtp in Dovecot 2.3.9 before 2.3.9.3 mishandles truncated UTF-8 data in command parameters, as demonstrated by the unauthenticated triggering of a submission-login infinite loop.
30-12-2021 - 19:51 12-02-2020 - 17:15
CVE-2020-6378 6.8
Use after free in speech in Google Chrome prior to 79.0.3945.130 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
30-12-2021 - 19:44 11-02-2020 - 15:15
CVE-2020-2804 4.3
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Memcached). Supported versions that are affected are 5.6.47 and prior, 5.7.29 and prior and 8.0.19 and prior. Difficult to exploit vulnerability allows unauthenticated atta
30-12-2021 - 17:11 15-04-2020 - 14:15
CVE-2020-2774 4.0
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Security: Privileges). Supported versions that are affected are 8.0.18 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via m
30-12-2021 - 16:54 15-04-2020 - 14:15
CVE-2020-2770 4.0
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Logging). Supported versions that are affected are 8.0.18 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple proto
30-12-2021 - 16:51 15-04-2020 - 14:15
CVE-2020-2765 4.0
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 5.7.29 and prior and 8.0.19 and prior. Easily exploitable vulnerability allows high privileged attacker with network ac
30-12-2021 - 16:41 15-04-2020 - 14:15
CVE-2020-2763 4.0
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Replication). Supported versions that are affected are 5.6.47 and prior, 5.7.29 and prior and 8.0.19 and prior. Easily exploitable vulnerability allows high privileged atta
30-12-2021 - 16:39 15-04-2020 - 14:15
CVE-2020-2762 4.0
Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions that are affected are 8.0.19 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to c
30-12-2021 - 16:36 15-04-2020 - 14:15
CVE-2020-2761 4.0
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Security: Privileges). Supported versions that are affected are 8.0.18 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via m
30-12-2021 - 16:17 15-04-2020 - 14:15
CVE-2020-2759 4.0
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Replication). Supported versions that are affected are 8.0.19 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple p
30-12-2021 - 16:10 15-04-2020 - 14:15
CVE-2015-6855 5.0
hw/ide/core.c in QEMU does not properly restrict the commands accepted by an ATAPI device, which allows guest users to cause a denial of service or possibly have unspecified other impact via certain IDE commands, as demonstrated by a WIN_READ_NATIVE_
15-12-2021 - 17:05 06-11-2015 - 21:59
CVE-2015-7513 4.9
arch/x86/kvm/x86.c in the Linux kernel before 4.4 does not reset the PIT counter values during state restoration, which allows guest OS users to cause a denial of service (divide-by-zero error and host OS crash) via a zero value, related to the kvm_v
10-12-2021 - 20:04 08-02-2016 - 03:59
CVE-2020-1967 5.0
Server or client applications that call the SSL_check_chain() function during or after a TLS 1.3 handshake may crash due to a NULL pointer dereference as a result of incorrect handling of the "signature_algorithms_cert" TLS extension. The crash occur
10-12-2021 - 17:11 21-04-2020 - 14:15
CVE-2020-29570 4.9
An issue was discovered in Xen through 4.14.x. Recording of the per-vCPU control block mapping maintained by Xen and that of pointers into the control block is reversed. The consumer assumes, seeing the former initialized, that the latter are also re
10-12-2021 - 02:04 15-12-2020 - 17:15
CVE-2020-29566 4.9
An issue was discovered in Xen through 4.14.x. When they require assistance from the device model, x86 HVM guests must be temporarily de-scheduled. The device model will signal Xen when it has completed its operation, via an event channel, so that th
10-12-2021 - 02:00 15-12-2020 - 17:15
CVE-2020-29571 4.9
An issue was discovered in Xen through 4.14.x. A bounds check common to most operation time functions specific to FIFO event channels depends on the CPU observing consistent state. While the producer side uses appropriately ordered writes, the consum
10-12-2021 - 01:57 15-12-2020 - 17:15
CVE-2020-29567 4.9
An issue was discovered in Xen 4.14.x. When moving IRQs between CPUs to distribute the load of IRQ handling, IRQ vectors are dynamically allocated and de-allocated on the relevant CPUs. De-allocation has to happen when certain constraints are met. If
10-12-2021 - 01:54 15-12-2020 - 17:15
CVE-2020-29486 4.9
An issue was discovered in Xen through 4.14.x. Nodes in xenstore have an ownership. In oxenstored, a owner could give a node away. However, node ownership has quota implications. Any guest can run another guest out of quota, or create an unbounded nu
10-12-2021 - 01:49 15-12-2020 - 18:15
CVE-2019-17041 7.5
An issue was discovered in Rsyslog v8.1908.0. contrib/pmaixforwardedfrom/pmaixforwardedfrom.c has a heap overflow in the parser for AIX log messages. The parser tries to locate a log message delimiter (in this case, a space or a colon) but fails to a
06-12-2021 - 18:19 07-10-2019 - 16:15
CVE-2019-17042 7.5
An issue was discovered in Rsyslog v8.1908.0. contrib/pmcisconames/pmcisconames.c has a heap overflow in the parser for Cisco log messages. The parser tries to locate a log message delimiter (in this case, a space or a colon), but fails to account fo
06-12-2021 - 18:12 07-10-2019 - 16:15
CVE-2020-8622 4.0
In BIND 9.0.0 -> 9.11.21, 9.12.0 -> 9.16.5, 9.17.0 -> 9.17.3, also affects 9.9.3-S1 -> 9.11.21-S1 of the BIND 9 Supported Preview Edition, An attacker on the network path for a TSIG-signed request, or operating the server receiving the TSIG-signed re
02-12-2021 - 22:19 21-08-2020 - 21:15
CVE-2020-7070 5.0
In PHP versions 7.2.x below 7.2.34, 7.3.x below 7.3.23 and 7.4.x below 7.4.11, when PHP is processing incoming HTTP cookie values, the cookie names are url-decoded. This may lead to cookies with prefixes like __Host confused with cookies that decode
02-12-2021 - 21:12 02-10-2020 - 15:15
CVE-2020-7069 6.4
In PHP versions 7.2.x below 7.2.34, 7.3.x below 7.3.23 and 7.4.x below 7.4.11, when AES-CCM mode is used with openssl_encrypt() function with 12 bytes IV, only first 7 bytes of the IV is actually used. This can lead to both decreased security and inc
02-12-2021 - 21:10 02-10-2020 - 15:15
CVE-2020-12108 4.3
/options/mailman in GNU Mailman before 2.1.31 allows Arbitrary Content Injection.
02-12-2021 - 19:30 06-05-2020 - 15:15
CVE-2020-29660 2.1
A locking inconsistency issue was discovered in the tty subsystem of the Linux kernel through 5.9.13. drivers/tty/tty_io.c and drivers/tty/tty_jobctrl.c may allow a read-after-free attack against TIOCGSID, aka CID-c8bcd9c5be24.
30-11-2021 - 22:21 09-12-2020 - 17:15
CVE-2019-15945 4.4
OpenSC before 0.20.0-rc1 has an out-of-bounds access of an ASN.1 Bitstring in decode_bit_string in libopensc/asn1.c.
30-11-2021 - 22:14 05-09-2019 - 17:15
CVE-2019-15946 4.4
OpenSC before 0.20.0-rc1 has an out-of-bounds access of an ASN.1 Octet string in asn1_decode_entry in libopensc/asn1.c.
30-11-2021 - 22:14 05-09-2019 - 17:15
CVE-2020-28362 5.0
Go before 1.14.12 and 1.15.x before 1.15.4 allows Denial of Service.
30-11-2021 - 22:07 18-11-2020 - 17:15
CVE-2019-19479 2.1
An issue was discovered in OpenSC through 0.19.0 and 0.20.x through 0.20.0-rc3. libopensc/card-setcos.c has an incorrect read operation during parsing of a SETCOS file attribute.
30-11-2021 - 21:59 01-12-2019 - 23:15
CVE-2013-0289 4.3
Isync 0.4 before 1.0.6, does not verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate, which allows man-in-the-middle attackers to spoof SSL servers via an arbitrary
30-11-2021 - 21:30 23-05-2014 - 14:55
CVE-2019-7637 6.8
SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x through 2.0.9 has a heap-based buffer overflow in SDL_FillRect in video/SDL_surface.c.
30-11-2021 - 19:53 08-02-2019 - 11:29
CVE-2019-9704 2.1
Vixie Cron before the 3.0pl1-133 Debian package allows local users to cause a denial of service (daemon crash) via a large crontab file because the calloc return value is not checked.
30-11-2021 - 19:53 12-03-2019 - 01:29
CVE-2020-26571 2.1
The gemsafe GPK smart card software driver in OpenSC before 0.21.0-rc1 has a stack-based buffer overflow in sc_pkcs15emu_gemsafeGPK_init.
30-11-2021 - 19:43 06-10-2020 - 02:15
CVE-2020-26572 2.1
The TCOS smart card software driver in OpenSC before 0.21.0-rc1 has a stack-based buffer overflow in tcos_decipher.
30-11-2021 - 19:43 06-10-2020 - 02:15
CVE-2019-17596 5.0
Go before 1.12.11 and 1.3.x before 1.13.2 can panic upon an attempt to process network traffic containing an invalid DSA public key. There are several attack scenarios, such as traffic from a client to a server that verifies client certificates.
30-11-2021 - 19:42 24-10-2019 - 22:15
CVE-2019-17455 7.5
Libntlm through 1.5 relies on a fixed buffer size for tSmbNtlmAuthRequest, tSmbNtlmAuthChallenge, and tSmbNtlmAuthResponse read and write operations, as demonstrated by a stack-based buffer over-read in buildSmbNtlmAuthRequest in smbutil.c for a craf
30-11-2021 - 19:42 10-10-2019 - 18:15
CVE-2019-9705 2.1
Vixie Cron before the 3.0pl1-133 Debian package allows local users to cause a denial of service (memory consumption) via a large crontab file because an unlimited number of lines is accepted.
30-11-2021 - 18:50 12-03-2019 - 01:29
CVE-2019-1010305 4.3
libmspack 0.9.1alpha is affected by: Buffer Overflow. The impact is: Information Disclosure. The component is: function chmd_read_headers() in libmspack(file libmspack/mspack/chmd.c). The attack vector is: the victim must open a specially crafted chm
30-11-2021 - 18:50 15-07-2019 - 15:15
CVE-2020-26570 2.1
The Oberthur smart card software driver in OpenSC before 0.21.0-rc1 has a heap-based buffer overflow in sc_oberthur_read_file.
29-11-2021 - 17:30 06-10-2020 - 02:15
CVE-2019-14462 6.4
An issue was discovered in libmodbus before 3.0.7 and 3.1.x before 3.1.5. There is an out-of-bounds read for the MODBUS_FC_WRITE_MULTIPLE_COILS case, aka VD-1302.
23-11-2021 - 22:24 31-07-2019 - 23:15
CVE-2019-14463 6.4
An issue was discovered in libmodbus before 3.0.7 and 3.1.x before 3.1.5. There is an out-of-bounds read for the MODBUS_FC_WRITE_MULTIPLE_REGISTERS case, aka VD-1301.
23-11-2021 - 22:24 31-07-2019 - 23:15
CVE-2020-15136 5.8
In ectd before versions 3.4.10 and 3.3.23, gateway TLS authentication is only applied to endpoints detected in DNS SRV records. When starting a gateway, TLS authentication will only be attempted on endpoints identified in DNS SRV records for a given
18-11-2021 - 18:31 06-08-2020 - 23:15
CVE-2020-15114 4.0
In etcd before versions 3.3.23 and 3.4.10, the etcd gateway is a simple TCP proxy to allow for basic service discovery and access. However, it is possible to include the gateway address as an endpoint. This results in a denial of service, since the e
18-11-2021 - 18:31 06-08-2020 - 23:15
CVE-2020-15106 4.0
In etcd before versions 3.3.23 and 3.4.10, a large slice causes panic in decodeRecord method. The size of a record is stored in the length field of a WAL file and no additional validation is done on this data. Therefore, it is possible to forge an ex
18-11-2021 - 18:30 05-08-2020 - 19:15
CVE-2020-15112 4.0
In etcd before versions 3.3.23 and 3.4.10, it is possible to have an entry index greater then the number of entries in the ReadAll method in wal/wal.go. This could cause issues when WAL entries are being read during consensus as an arbitrary etcd con
18-11-2021 - 18:30 05-08-2020 - 20:15
CVE-2020-15238 6.9
Blueman is a GTK+ Bluetooth Manager. In Blueman before 2.1.4, the DhcpClient method of the D-Bus interface to blueman-mechanism is prone to an argument injection vulnerability. The impact highly depends on the system configuration. If Polkit-1 is dis
18-11-2021 - 16:25 27-10-2020 - 19:15
CVE-2015-8138 5.0
NTP before 4.2.8p6 and 4.3.x before 4.3.90 allows remote attackers to bypass the origin timestamp validation via a packet with an origin timestamp set to zero.
17-11-2021 - 22:15 30-01-2017 - 21:59
CVE-2015-3456 7.7
The Floppy Disk Controller (FDC) in QEMU, as used in Xen 4.5.x and earlier and KVM, allows local guest users to cause a denial of service (out-of-bounds write and guest crash) or possibly execute arbitrary code via the (1) FD_CMD_READ_ID, (2) FD_CMD_
17-11-2021 - 22:15 13-05-2015 - 18:59
CVE-2013-2070 5.8
http/modules/ngx_http_proxy_module.c in nginx 1.1.4 through 1.2.8 and 1.3.0 through 1.4.0, when proxy_pass is used with untrusted HTTP servers, allows remote attackers to cause a denial of service (crash) and obtain sensitive information from worker
10-11-2021 - 15:59 20-07-2013 - 03:37
CVE-2013-2028 7.5
The ngx_http_parse_chunked function in http/ngx_http_parse.c in nginx 1.3.9 through 1.4.0 allows remote attackers to cause a denial of service (crash) and execute arbitrary code via a chunked Transfer-Encoding request with a large chunk size, which t
10-11-2021 - 15:59 20-07-2013 - 03:37
CVE-2012-1180 5.0
Use-after-free vulnerability in nginx before 1.0.14 and 1.1.x before 1.1.17 allows remote HTTP servers to obtain sensitive information from process memory via a crafted backend response, in conjunction with a client request.
10-11-2021 - 15:57 17-04-2012 - 21:55
CVE-2012-2089 6.8
Buffer overflow in ngx_http_mp4_module.c in the ngx_http_mp4_module module in nginx 1.0.7 through 1.0.14 and 1.1.3 through 1.1.18, when the mp4 directive is used, allows remote attackers to cause a denial of service (memory overwrite) or possibly exe
10-11-2021 - 15:57 17-04-2012 - 21:55
CVE-2011-4315 6.8
Heap-based buffer overflow in compression-pointer processing in core/ngx_resolver.c in nginx before 1.0.10 allows remote resolvers to cause a denial of service (daemon crash) or possibly have unspecified other impact via a long response.
10-11-2021 - 15:54 08-12-2011 - 20:55
CVE-2009-3896 5.0
src/http/ngx_http_parse.c in nginx (aka Engine X) 0.1.0 through 0.4.14, 0.5.x before 0.5.38, 0.6.x before 0.6.39, 0.7.x before 0.7.62, and 0.8.x before 0.8.14 allows remote attackers to cause a denial of service (NULL pointer dereference and worker p
10-11-2021 - 15:52 24-11-2009 - 17:30
CVE-2009-2629 7.5
Buffer underflow in src/http/ngx_http_parse.c in nginx 0.1.0 through 0.5.37, 0.6.x before 0.6.39, 0.7.x before 0.7.62, and 0.8.x before 0.8.15 allows remote attackers to execute arbitrary code via crafted HTTP requests.
10-11-2021 - 15:52 15-09-2009 - 22:30
CVE-2009-2816 6.8
The implementation of Cross-Origin Resource Sharing (CORS) in WebKit, as used in Apple Safari before 4.0.4 and Google Chrome before 3.0.195.33, includes certain custom HTTP headers in the OPTIONS request during cross-origin operations with preflight,
08-11-2021 - 21:43 13-11-2009 - 15:30
CVE-2004-0081 5.0
OpenSSL 0.9.6 before 0.9.6d does not properly handle unknown message types, which allows remote attackers to cause a denial of service (infinite loop), as demonstrated using the Codenomicon TLS Test Tool.
08-11-2021 - 15:48 23-11-2004 - 05:00
CVE-2020-14363 4.6
An integer overflow vulnerability leading to a double-free was found in libX11. This flaw allows a local privileged attacker to cause an application compiled with libX11 to crash, or in some cases, result in arbitrary code execution. The highest thre
04-11-2021 - 16:10 11-09-2020 - 18:15
CVE-2019-9495 4.3
The implementations of EAP-PWD in hostapd and wpa_supplicant are vulnerable to side-channel attacks as a result of cache access patterns. All versions of hostapd and wpa_supplicant with EAP-PWD support are vulnerable. The ability to install and execu
03-11-2021 - 19:53 17-04-2019 - 14:29
CVE-2019-9494 4.3
The implementations of SAE in hostapd and wpa_supplicant are vulnerable to side channel attacks as a result of observable timing differences and cache access patterns. An attacker may be able to gain leaked information from a side channel attack that
03-11-2021 - 19:50 17-04-2019 - 14:29
CVE-2019-9133 4.3
When processing subtitles format media file, KMPlayer version 2018.12.24.14 or lower doesn't check object size correctly, which leads to integer underflow then to memory out-of-bound read/write. An attacker can exploit this issue by enticing an unsus
03-11-2021 - 19:49 09-04-2019 - 18:29
CVE-2019-5482 7.5
Heap buffer overflow in the TFTP protocol handler in cURL 7.19.4 to 7.65.3.
03-11-2021 - 19:34 16-09-2019 - 19:15
CVE-2019-5420 7.5
A remote code execution vulnerability in development mode Rails <5.2.2.1, <6.0.0.beta3 can allow an attacker to guess the automatically generated development mode secret token. This secret token can be used in combination with other Rails internals t
03-11-2021 - 18:19 27-03-2019 - 14:29
CVE-2019-14905 4.6
A vulnerability was found in Ansible Engine versions 2.9.x before 2.9.3, 2.8.x before 2.8.8, 2.7.x before 2.7.16 and earlier, where in Ansible's nxos_file_copy module can be used to copy files to a flash or bootflash on NXOS devices. Malicious code c
02-11-2021 - 18:09 31-03-2020 - 17:15
CVE-2019-16782 4.3
There's a possible information leak / session hijack vulnerability in Rack (RubyGem rack). This vulnerability is patched in versions 1.6.12 and 2.0.8. Attackers may be able to find and hijack sessions by using timing attacks targeting the session id.
02-11-2021 - 18:04 18-12-2019 - 20:15
CVE-2011-1943 2.1
The destroy_one_secret function in nm-setting-vpn.c in libnm-util in the NetworkManager package 0.8.999-3.git20110526 in Fedora 15 creates a log entry containing a certificate password, which allows local users to obtain sensitive information by read
02-11-2021 - 17:16 14-06-2011 - 17:55
CVE-2020-10754 4.0
It was found that nmcli, a command line interface to NetworkManager did not honour 802-1x.ca-path and 802-1x.phase2-ca-path settings, when creating a new profile. When a user connects to a network using this profile, the authentication does not happe
02-11-2021 - 17:12 08-06-2020 - 18:15
CVE-2019-11779 4.0
In Eclipse Mosquitto 1.5.0 to 1.6.5 inclusive, if a malicious MQTT client sends a SUBSCRIBE packet containing a topic that consists of approximately 65400 or more '/' characters, i.e. the topic hierarchy separator, then a stack overflow will occur.
28-10-2021 - 15:12 19-09-2019 - 14:15
CVE-2020-11035 6.4
In GLPI after version 0.83.3 and before version 9.4.6, the CSRF tokens are generated using an insecure algorithm. The implementation uses rand and uniqid and MD5 which does not provide secure values. This is fixed in version 9.4.6.
26-10-2021 - 20:01 05-05-2020 - 22:15
CVE-2020-8185 4.0
A denial of service vulnerability exists in Rails <6.0.3.2 that allowed an untrusted user to run any pending migrations on a Rails app running in production.
21-10-2021 - 14:36 02-07-2020 - 19:15
CVE-2020-10724 2.1
A vulnerability was found in DPDK versions 18.11 and above. The vhost-crypto library code is missing validations for user-supplied values, potentially allowing an information leak through an out-of-bounds memory read.
19-10-2021 - 14:17 19-05-2020 - 19:15
CVE-2020-14392 2.1
An untrusted pointer dereference flaw was found in Perl-DBI < 1.643. A local attacker who is able to manipulate calls to dbd_db_login6_sv() could cause memory corruption, affecting the service's availability.
19-10-2021 - 13:44 16-09-2020 - 13:15
CVE-2020-25703 5.0
The participants table download in Moodle always included user emails, but should have only done so when users' emails are not hidden. Versions affected: 3.9 to 3.9.2, 3.8 to 3.8.5 and 3.7 to 3.7.8. This is fixed in moodle 3.9.3, 3.8.6, 3.7.9, and 3.
19-10-2021 - 12:07 19-11-2020 - 17:15
CVE-2018-20217 3.5
A Reachable Assertion issue was discovered in the KDC in MIT Kerberos 5 (aka krb5) before 1.17. If an attacker can obtain a krbtgt ticket using an older encryption type (single-DES, triple-DES, or RC4), the attacker can crash the KDC by making an S4U
18-10-2021 - 12:03 26-12-2018 - 21:29
CVE-2020-8151 5.0
There is a possible information disclosure issue in Active Resource <v5.1.1 that could allow an attacker to create specially crafted requests to access data in an unexpected way and possibly leak information.
07-10-2021 - 17:19 12-05-2020 - 13:15
CVE-2019-11831 7.5
The PharStreamWrapper (aka phar-stream-wrapper) package 2.x before 2.1.1 and 3.x before 3.1.1 for TYPO3 does not prevent directory traversal, which allows attackers to bypass a deserialization protection mechanism, as demonstrated by a phar:///path/b
01-10-2021 - 15:31 09-05-2019 - 04:29
CVE-2005-2410 7.5
Format string vulnerability in the nm_info_handler function in Network Manager may allow remote attackers to execute arbitrary code via format string specifiers in a Wireless Access Point identifier, which is not properly handled in a syslog call.
27-09-2021 - 17:13 01-08-2005 - 04:00
CVE-2015-0886 5.0
Integer overflow in the crypt_raw method in the key-stretching implementation in jBCrypt before 0.4 makes it easier for remote attackers to determine cleartext values of password hashes via a brute-force attack against hashes associated with the maxi
24-09-2021 - 13:15 28-02-2015 - 02:59
CVE-2020-3327 5.0
A vulnerability in the ARJ archive parsing module in Clam AntiVirus (ClamAV) Software versions 0.102.2 could allow an unauthenticated, remote attacker to cause a denial of service condition on an affected device. The vulnerability is due to a heap bu
22-09-2021 - 19:57 13-05-2020 - 03:15
CVE-2016-6185 4.6
The XSLoader::load method in XSLoader in Perl does not properly locate .so files when called in a string eval, which might allow local users to execute arbitrary code via a Trojan horse library under the current working directory.
17-09-2021 - 12:14 02-08-2016 - 14:59
CVE-2020-24553 4.3
Go before 1.14.8 and 1.15.x before 1.15.1 allows XSS because text/html is the default for CGI/FCGI handlers that lack a Content-Type header.
16-09-2021 - 13:19 02-09-2020 - 17:15
CVE-2020-6402 6.8
Insufficient policy enforcement in downloads in Google Chrome on OS X prior to 80.0.3987.87 allowed an attacker who convinced a user to install a malicious extension to execute arbitrary code via a crafted Chrome Extension.
16-09-2021 - 13:16 11-02-2020 - 15:15
CVE-2020-11033 6.0
In GLPI from version 9.1 and before version 9.4.6, any API user with READ right on User itemtype will have access to full list of users when querying apirest.php/User. The response contains: - All api_tokens which can be used to do privileges escalat
14-09-2021 - 14:09 05-05-2020 - 22:15
CVE-2019-20444 6.4
HttpObjectDecoder.java in Netty before 4.1.44 allows an HTTP header that lacks a colon, which might be interpreted as a separate header with an incorrect syntax, or might be interpreted as an "invalid fold."
14-09-2021 - 12:45 29-01-2020 - 21:15
CVE-2019-20445 6.4
HttpObjectDecoder.java in Netty before 4.1.44 allows a Content-Length header to be accompanied by a second Content-Length header, or by a Transfer-Encoding header.
14-09-2021 - 12:45 29-01-2020 - 21:15
CVE-2020-9273 9.0
In ProFTPD 1.3.7, it is possible to corrupt the memory pool by interrupting the data transfer channel. This triggers a use-after-free in alloc_pool in pool.c, and possible remote code execution.
14-09-2021 - 12:43 20-02-2020 - 16:15
CVE-2021-23240 4.4
selinux_edit_copy_tfiles in sudoedit in Sudo before 1.9.5 allows a local unprivileged user to gain file ownership and escalate privileges by replacing a temporary file with a symlink to an arbitrary file target. This affects SELinux RBAC support in p
13-09-2021 - 19:48 12-01-2021 - 09:15
CVE-2011-4612 5.0
icecast before 2.3.3 allows remote attackers to inject control characters such as newlines into the error loc (error.log) via a crafted URL.
09-09-2021 - 12:51 20-11-2012 - 00:55
CVE-2019-10092 4.3
In Apache HTTP Server 2.4.0-2.4.39, a limited cross-site scripting issue was reported affecting the mod_proxy error page. An attacker could cause the link on the error page to be malformed and instead point to a page of their choice. This would only
09-09-2021 - 01:05 26-09-2019 - 16:15
CVE-2019-5759 6.8
Incorrect lifetime handling in HTML select elements in Google Chrome on Android and Mac prior to 72.0.3626.81 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page.
08-09-2021 - 17:21 19-02-2019 - 17:29
CVE-2019-5780 4.6
Insufficient restrictions on what can be done with Apple Events in Google Chrome on macOS prior to 72.0.3626.81 allowed a local attacker to execute JavaScript via Apple Events.
08-09-2021 - 17:21 19-02-2019 - 17:29
CVE-2016-1234 5.0
Stack-based buffer overflow in the glob implementation in GNU C Library (aka glibc) before 2.24, when GLOB_ALTDIRFUNC is used, allows context-dependent attackers to cause a denial of service (crash) via a long name.
01-09-2021 - 18:15 01-06-2016 - 20:59
CVE-2020-13962 5.0
Qt 5.12.2 through 5.14.2, as used in unofficial builds of Mumble 1.3.0 and other products, mishandles OpenSSL's error queue, which can cause a denial of service to QSslSocket users. Because errors leak in unrelated TLS sessions, an unrelated session
11-08-2021 - 14:29 09-06-2020 - 00:15
CVE-2011-0411 6.8
The STARTTLS implementation in Postfix 2.4.x before 2.4.16, 2.5.x before 2.5.12, 2.6.x before 2.6.9, and 2.7.x before 2.7.3 does not properly restrict I/O buffering, which allows man-in-the-middle attackers to insert commands into encrypted SMTP sess
10-08-2021 - 12:15 16-03-2011 - 22:55
CVE-2008-2711 4.3
fetchmail 6.3.8 and earlier, when running in -v -v (aka verbose) mode, allows remote attackers to cause a denial of service (crash and persistent mail failure) via a malformed mail message with long headers, which triggers an erroneous dereference wh
09-08-2021 - 21:15 16-06-2008 - 21:41
CVE-2020-3341 5.0
A vulnerability in the PDF archive parsing module in Clam AntiVirus (ClamAV) Software versions 0.101 - 0.102.2 could allow an unauthenticated, remote attacker to cause a denial of service condition on an affected device. The vulnerability is due to a
06-08-2021 - 18:51 13-05-2020 - 03:15
CVE-2020-1759 5.8
A vulnerability was found in Red Hat Ceph Storage 4 and Red Hat Openshift Container Storage 4.2 where, A nonce reuse vulnerability was discovered in the secure mode of the messenger v2 protocol, which can allow an attacker to forge auth tags and pote
04-08-2021 - 17:15 13-04-2020 - 13:15
CVE-2019-8457 7.5
SQLite3 from 3.6.0 to and including 3.27.2 is vulnerable to heap out-of-bound read in the rtreenode() function when handling invalid rtree tables.
31-07-2021 - 08:15 30-05-2019 - 16:29
CVE-2018-20346 6.8
SQLite before 3.25.3, when the FTS3 extension is enabled, encounters an integer overflow (and resultant buffer overflow) for FTS3 queries that occur after crafted changes to FTS3 shadow tables, allowing remote attackers to execute arbitrary code by l
31-07-2021 - 08:15 21-12-2018 - 21:29
CVE-2019-1543 5.8
ChaCha20-Poly1305 is an AEAD cipher, and requires a unique nonce input for every encryption operation. RFC 7539 specifies that the nonce value (IV) should be 96 bits (12 bytes). OpenSSL allows a variable nonce length and front pads the nonce with 0 b
31-07-2021 - 08:15 06-03-2019 - 21:29
CVE-2019-1563 4.3
In situations where an attacker receives automated notification of the success or failure of a decryption attempt an attacker, after sending a very large number of messages to be decrypted, can recover a CMS/PKCS7 transported encryption key or decryp
31-07-2021 - 08:15 10-09-2019 - 17:15
CVE-2009-2472 4.3
Mozilla Firefox before 3.0.12 does not always use XPCCrossOriginWrapper when required during object construction, which allows remote attackers to bypass the Same Origin Policy and conduct cross-site scripting (XSS) attacks via a crafted document, re
29-07-2021 - 13:46 22-07-2009 - 18:30
CVE-2008-7220 7.5
Unspecified vulnerability in Prototype JavaScript framework (prototypejs) before 1.6.0.2 allows attackers to make "cross-site ajax requests" via unknown vectors.
27-07-2021 - 17:31 13-09-2009 - 22:30
CVE-2008-0460 4.3
Cross-site scripting (XSS) vulnerability in api.php in (1) MediaWiki 1.11 through 1.11.0rc1, 1.10 through 1.10.2, 1.9 through 1.9.4, and 1.8; and (2) the BotQuery extension for MediaWiki 1.7 and earlier; when Internet Explorer is used, allows remote
23-07-2021 - 15:12 25-01-2008 - 16:00
CVE-2007-2292 4.3
CRLF injection vulnerability in the Digest Authentication support for Mozilla Firefox before 2.0.0.8 and SeaMonkey before 1.1.5 allows remote attackers to conduct HTTP request splitting attacks via LF (%0a) bytes in the username attribute.
23-07-2021 - 15:05 26-04-2007 - 20:19
CVE-2011-1578 4.3
Cross-site scripting (XSS) vulnerability in MediaWiki before 1.16.3, when Internet Explorer 6 or earlier is used, allows remote attackers to inject arbitrary web script or HTML via an uploaded file accessed with a dangerous extension such as .html at
23-07-2021 - 12:16 27-04-2011 - 00:55
CVE-2019-11048 5.0
In PHP versions 7.2.x below 7.2.31, 7.3.x below 7.3.18 and 7.4.x below 7.4.6, when HTTP file uploads are allowed, supplying overly long filenames or field names could lead PHP engine to try to allocate oversized memory storage, hit the memory limit a
22-07-2021 - 18:15 20-05-2020 - 08:15
CVE-2020-35738 5.8
WavPack 5.3.0 has an out-of-bounds write in WavpackPackSamples in pack_utils.c because of an integer overflow in a malloc argument. NOTE: some third-parties claim that there are later "unofficial" releases through 5.3.2, which are also affected.
21-07-2021 - 11:39 28-12-2020 - 04:15
CVE-2020-29480 2.1
An issue was discovered in Xen through 4.14.x. Neither xenstore implementation does any permission checks when reporting a xenstore watch event. A guest administrator can watch the root xenstored node, which will cause notifications for every created
21-07-2021 - 11:39 15-12-2020 - 18:15
CVE-2020-29481 4.6
An issue was discovered in Xen through 4.14.x. Access rights of Xenstore nodes are per domid. Unfortunately, existing granted access rights are not removed when a domain is being destroyed. This means that a new domain created with the same domid wil
21-07-2021 - 11:39 15-12-2020 - 18:15
CVE-2020-26890 5.0
Matrix Synapse before 1.20.0 erroneously permits non-standard NaN, Infinity, and -Infinity JSON values in fields of m.room.member events, allowing remote attackers to execute a denial of service attack against the federation and common Matrix clients
21-07-2021 - 11:39 24-11-2020 - 03:15
CVE-2020-8695 2.1
Observable discrepancy in the RAPL interface for some Intel(R) Processors may allow a privileged user to potentially enable information disclosure via local access.
21-07-2021 - 11:39 12-11-2020 - 18:15
CVE-2020-25592 7.5
In SaltStack Salt through 3002, salt-netapi improperly validates eauth credentials and tokens. A user can bypass authentication and invoke Salt SSH.
21-07-2021 - 11:39 06-11-2020 - 08:15
CVE-2020-16004 6.8
Use after free in user interface in Google Chrome prior to 86.0.4240.183 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
21-07-2021 - 11:39 03-11-2020 - 03:15
CVE-2020-15986 4.3
Integer overflow in media in Google Chrome prior to 86.0.4240.75 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
21-07-2021 - 11:39 03-11-2020 - 03:15
CVE-2020-15975 6.8
Integer overflow in SwiftShader in Google Chrome prior to 86.0.4240.75 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
21-07-2021 - 11:39 03-11-2020 - 03:15
CVE-2020-15969 6.8
Use after free in WebRTC in Google Chrome prior to 86.0.4240.75 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
21-07-2021 - 11:39 03-11-2020 - 03:15
CVE-2020-15979 6.8
Inappropriate implementation in V8 in Google Chrome prior to 86.0.4240.75 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
21-07-2021 - 11:39 03-11-2020 - 03:15
CVE-2020-15976 6.8
Use after free in WebXR in Google Chrome on Android prior to 86.0.4240.75 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
21-07-2021 - 11:39 03-11-2020 - 03:15
CVE-2020-16005 6.8
Insufficient policy enforcement in ANGLE in Google Chrome prior to 86.0.4240.183 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
21-07-2021 - 11:39 03-11-2020 - 03:15
CVE-2020-16001 6.8
Use after free in media in Google Chrome prior to 86.0.4240.111 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
21-07-2021 - 11:39 03-11-2020 - 03:15
CVE-2020-16002 6.8
Use after free in PDFium in Google Chrome prior to 86.0.4240.111 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file.
21-07-2021 - 11:39 03-11-2020 - 03:15
CVE-2020-16003 6.8
Use after free in printing in Google Chrome prior to 86.0.4240.111 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
21-07-2021 - 11:39 03-11-2020 - 03:15
CVE-2020-15989 4.3
Uninitialized data in PDFium in Google Chrome prior to 86.0.4240.75 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted PDF file.
21-07-2021 - 11:39 03-11-2020 - 03:15
CVE-2020-28030 5.0
In Wireshark 3.2.0 to 3.2.7, the GQUIC dissector could crash. This was addressed in epan/dissectors/packet-gquic.c by correcting the implementation of offset advancement.
21-07-2021 - 11:39 02-11-2020 - 21:15
CVE-2020-24387 5.0
An issue was discovered in the yh_create_session() function of yubihsm-shell through 2.0.2. The function does not explicitly check the returned session id from the device. An invalid session id would lead to out-of-bounds read and write operations in
21-07-2021 - 11:39 19-10-2020 - 20:15
CVE-2020-24388 5.0
An issue was discovered in the _send_secure_msg() function of yubihsm-shell through 2.0.2. The function does not validate the embedded length field of a message received from the device. This could lead to an oversized memcpy() call that will crash t
21-07-2021 - 11:39 19-10-2020 - 20:15
CVE-2020-6515 9.3
Use after free in tab strip in Google Chrome prior to 84.0.4147.89 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
21-07-2021 - 11:39 22-07-2020 - 17:15
CVE-2020-6518 9.3
Use after free in developer tools in Google Chrome prior to 84.0.4147.89 allowed a remote attacker who had convinced the user to use developer tools to potentially exploit heap corruption via a crafted HTML page.
21-07-2021 - 11:39 22-07-2020 - 17:15
CVE-2019-5777 4.3
Incorrect handling of a confusable character in Omnibox in Google Chrome prior to 72.0.3626.81 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted domain name.
21-07-2021 - 11:39 19-02-2019 - 17:29
CVE-2020-6523 9.3
Out of bounds write in Skia in Google Chrome prior to 84.0.4147.89 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
21-07-2021 - 11:39 22-07-2020 - 17:15
CVE-2020-6520 9.3
Buffer overflow in Skia in Google Chrome prior to 84.0.4147.89 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
21-07-2021 - 11:39 22-07-2020 - 17:15
CVE-2020-6581 3.7
Nagios NRPE 3.2.1 has Insufficient Filtering because, for example, nasty_metachars interprets \n as the character \ and the character n (not as the \n newline sequence). This can cause command injection.
21-07-2021 - 11:39 16-03-2020 - 18:15
CVE-2020-6521 4.3
Side-channel information leakage in autofill in Google Chrome prior to 84.0.4147.89 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page.
21-07-2021 - 11:39 22-07-2020 - 17:15
CVE-2020-6512 9.3
Type Confusion in V8 in Google Chrome prior to 84.0.4147.89 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
21-07-2021 - 11:39 22-07-2020 - 17:15
CVE-2020-6467 6.8
Use after free in WebRTC in Google Chrome prior to 83.0.4103.61 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
21-07-2021 - 11:39 21-05-2020 - 04:15
CVE-2019-5773 4.3
Insufficient origin validation in IndexedDB in Google Chrome prior to 72.0.3626.81 allowed a remote attacker who had compromised the renderer process to bypass same origin policy via a crafted HTML page.
21-07-2021 - 11:39 19-02-2019 - 17:29
CVE-2019-18888 5.0
An issue was discovered in Symfony 2.8.0 through 2.8.50, 3.4.0 through 3.4.34, 4.2.0 through 4.2.11, and 4.3.0 through 4.3.7. If an application passes unvalidated user input as the file for which MIME type validation should occur, then arbitrary argu
21-07-2021 - 11:39 21-11-2019 - 23:15
CVE-2020-9431 5.0
In Wireshark 3.2.0 to 3.2.1, 3.0.0 to 3.0.8, and 2.6.0 to 2.6.14, the LTE RRC dissector could leak memory. This was addressed in epan/dissectors/packet-lte-rrc.c by adjusting certain append operations.
21-07-2021 - 11:39 27-02-2020 - 23:15
CVE-2020-6514 4.3
Inappropriate implementation in WebRTC in Google Chrome prior to 84.0.4147.89 allowed an attacker in a privileged network position to potentially exploit heap corruption via a crafted SCTP stream.
21-07-2021 - 11:39 22-07-2020 - 17:15
CVE-2019-5781 4.3
Incorrect handling of a confusable character in Omnibox in Google Chrome prior to 72.0.3626.81 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted domain name.
21-07-2021 - 11:39 19-02-2019 - 17:29
CVE-2019-9898 7.5
Potential recycling of random numbers used in cryptography exists within PuTTY before 0.71.
21-07-2021 - 11:39 21-03-2019 - 16:01
CVE-2020-6528 4.3
Incorrect security UI in basic auth in Google Chrome on iOS prior to 84.0.4147.89 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page.
21-07-2021 - 11:39 22-07-2020 - 17:15
CVE-2020-9498 6.2
Apache Guacamole 1.1.0 and older may mishandle pointers involved inprocessing data received via RDP static virtual channels. If a userconnects to a malicious or compromised RDP server, a series ofspecially-crafted PDUs could result in memory corrupti
21-07-2021 - 11:39 02-07-2020 - 13:15
CVE-2019-5775 4.3
Incorrect handling of a confusable character in Omnibox in Google Chrome prior to 72.0.3626.81 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted domain name.
21-07-2021 - 11:39 19-02-2019 - 17:29
CVE-2019-19956 5.0
xmlParseBalancedChunkMemoryRecover in parser.c in libxml2 before 2.9.10 has a memory leak related to newDoc->oldNs.
21-07-2021 - 11:39 24-12-2019 - 16:15
CVE-2020-6530 6.8
Out of bounds memory access in developer tools in Google Chrome prior to 84.0.4147.89 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted Chrome Extension.
21-07-2021 - 11:39 22-07-2020 - 17:15
CVE-2019-3463 7.5
Insufficient sanitization of arguments passed to rsync can bypass the restrictions imposed by rssh, a restricted shell that should restrict users to perform only rsync operations, resulting in the execution of arbitrary shell commands.
21-07-2021 - 11:39 06-02-2019 - 19:29
CVE-2020-8450 7.5
An issue was discovered in Squid before 4.10. Due to incorrect buffer management, a remote client can cause a buffer overflow in a Squid instance acting as a reverse proxy.
21-07-2021 - 11:39 04-02-2020 - 20:15
CVE-2019-3464 7.5
Insufficient sanitization of environment variables passed to rsync can bypass the restrictions imposed by rssh, a restricted shell that should restrict users to perform only rsync operations, resulting in the execution of arbitrary shell commands.
21-07-2021 - 11:39 06-02-2019 - 19:29
CVE-2020-6533 6.8
Type Confusion in V8 in Google Chrome prior to 84.0.4147.89 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
21-07-2021 - 11:39 22-07-2020 - 17:15
CVE-2020-6474 6.8
Use after free in Blink in Google Chrome prior to 83.0.4103.61 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
21-07-2021 - 11:39 21-05-2020 - 04:15
CVE-2019-5774 6.8
Omission of the .desktop filetype from the Safe Browsing checklist in SafeBrowsing in Google Chrome on Linux prior to 72.0.3626.81 allowed an attacker who convinced a user to download a .desktop file to execute arbitrary code via a downloaded .deskto
21-07-2021 - 11:39 19-02-2019 - 17:29
CVE-2020-9497 1.2
Apache Guacamole 1.1.0 and older do not properly validate datareceived from RDP servers via static virtual channels. If a userconnects to a malicious or compromised RDP server, specially-craftedPDUs could result in disclosure of information within th
21-07-2021 - 11:39 02-07-2020 - 13:15
CVE-2020-6511 4.3
Information leak in content security policy in Google Chrome prior to 84.0.4147.89 allowed a remote attacker to leak cross-origin data via a crafted HTML page.
21-07-2021 - 11:39 22-07-2020 - 17:15
CVE-2019-5776 4.3
Incorrect handling of a confusable character in Omnibox in Google Chrome prior to 72.0.3626.81 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted domain name.
21-07-2021 - 11:39 19-02-2019 - 17:29
CVE-2020-6529 4.3
Inappropriate implementation in WebRTC in Google Chrome prior to 84.0.4147.89 allowed an attacker in a privileged network position to leak cross-origin data via a crafted HTML page.
21-07-2021 - 11:39 22-07-2020 - 17:15
CVE-2019-5782 6.8
Incorrect optimization assumptions in V8 in Google Chrome prior to 72.0.3626.81 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page.
21-07-2021 - 11:39 19-02-2019 - 17:29
CVE-2020-6535 4.3
Insufficient data validation in WebUI in Google Chrome prior to 84.0.4147.89 allowed a remote attacker who had compromised the renderer process to inject scripts or HTML into a privileged page via a crafted HTML page.
21-07-2021 - 11:39 22-07-2020 - 17:15
CVE-2020-6473 4.3
Insufficient policy enforcement in Blink in Google Chrome prior to 83.0.4103.61 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page.
21-07-2021 - 11:39 21-05-2020 - 04:15
CVE-2019-9897 5.0
Multiple denial-of-service attacks that can be triggered by writing to the terminal exist in PuTTY versions before 0.71.
21-07-2021 - 11:39 21-03-2019 - 16:01
CVE-2019-5754 4.3
Implementation error in QUIC Networking in Google Chrome prior to 72.0.3626.81 allowed an attacker running or able to cause use of a proxy server to obtain cleartext of transport encryption via malicious network proxy.
21-07-2021 - 11:39 19-02-2019 - 17:29
CVE-2019-3498 4.3
In Django 1.11.x before 1.11.18, 2.0.x before 2.0.10, and 2.1.x before 2.1.5, an Improper Neutralization of Special Elements in Output Used by a Downstream Component issue exists in django.views.defaults.page_not_found(), leading to content spoofing
21-07-2021 - 11:39 09-01-2019 - 23:29
CVE-2020-9428 5.0
In Wireshark 3.2.0 to 3.2.1, 3.0.0 to 3.0.8, and 2.6.0 to 2.6.14, the EAP dissector could crash. This was addressed in epan/dissectors/packet-eap.c by using more careful sscanf parsing.
21-07-2021 - 11:39 27-02-2020 - 23:15
CVE-2020-6472 4.3
Insufficient policy enforcement in developer tools in Google Chrome prior to 83.0.4103.61 allowed an attacker who convinced a user to install a malicious extension to obtain potentially sensitive information from process memory or disk via a crafted
21-07-2021 - 11:39 21-05-2020 - 04:15
CVE-2020-13164 5.0
In Wireshark 3.2.0 to 3.2.3, 3.0.0 to 3.0.10, and 2.6.0 to 2.6.16, the NFS dissector could crash. This was addressed in epan/dissectors/packet-nfs.c by preventing excessive recursion, such as for a cycle in the directory graph on a filesystem.
21-07-2021 - 11:39 19-05-2020 - 22:15
CVE-2020-12662 5.0
Unbound before 1.10.1 has Insufficient Control of Network Message Volume, aka an "NXNSAttack" issue. This is triggered by random subdomains in the NSDNAME in NS records.
21-07-2021 - 11:39 19-05-2020 - 14:15
CVE-2020-6552 9.3
Use after free in Blink in Google Chrome prior to 84.0.4147.125 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
21-07-2021 - 11:39 21-09-2020 - 20:15
CVE-2020-6545 6.8
Use after free in audio in Google Chrome prior to 84.0.4147.125 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
21-07-2021 - 11:39 21-09-2020 - 20:15
CVE-2020-6546 4.6
Inappropriate implementation in installer in Google Chrome prior to 84.0.4147.125 allowed a local attacker to potentially elevate privilege via a crafted filesystem.
21-07-2021 - 11:39 21-09-2020 - 20:15
CVE-2020-6532 6.8
Use after free in SCTP in Google Chrome prior to 84.0.4147.105 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
21-07-2021 - 11:39 21-09-2020 - 20:15
CVE-2020-6576 6.8
Use after free in offscreen canvas in Google Chrome prior to 85.0.4183.102 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
21-07-2021 - 11:39 21-09-2020 - 20:15
CVE-2020-6539 6.8
Use after free in CSS in Google Chrome prior to 84.0.4147.105 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
21-07-2021 - 11:39 21-09-2020 - 20:15
CVE-2020-6569 6.8
Integer overflow in WebUSB in Google Chrome prior to 85.0.4183.83 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page.
21-07-2021 - 11:39 21-09-2020 - 20:15
CVE-2020-6553 9.3
Use after free in offline mode in Google Chrome on iOS prior to 84.0.4147.125 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
21-07-2021 - 11:39 21-09-2020 - 20:15
CVE-2020-7042 5.0
An issue was discovered in openfortivpn 1.11.0 when used with OpenSSL 1.0.2 or later. tunnel.c mishandles certificate validation because the hostname check operates on uninitialized memory. The outcome is that a valid certificate is never accepted (o
21-07-2021 - 11:39 27-02-2020 - 18:15
CVE-2020-11501 5.8
GnuTLS 3.6.x before 3.6.13 uses incorrect cryptography for DTLS. The earliest affected version is 3.6.3 (2018-07-16) because of an error in a 2017-10-06 commit. The DTLS client always uses 32 '\0' bytes instead of a random value, and thus contributes
21-07-2021 - 11:39 03-04-2020 - 13:15
CVE-2020-6549 9.3
Use after free in media in Google Chrome prior to 84.0.4147.125 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
21-07-2021 - 11:39 21-09-2020 - 20:15
CVE-2020-6541 6.8
Use after free in WebUSB in Google Chrome prior to 84.0.4147.105 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
21-07-2021 - 11:39 21-09-2020 - 20:15
CVE-2020-6562 4.3
Insufficient policy enforcement in Blink in Google Chrome prior to 85.0.4183.83 allowed a remote attacker to leak cross-origin data via a crafted HTML page.
21-07-2021 - 11:39 21-09-2020 - 20:15
CVE-2020-6550 9.3
Use after free in IndexedDB in Google Chrome prior to 84.0.4147.125 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
21-07-2021 - 11:39 21-09-2020 - 20:15
CVE-2020-6543 6.8
Use after free in task scheduling in Google Chrome prior to 84.0.4147.125 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
21-07-2021 - 11:39 21-09-2020 - 20:15
CVE-2020-24606 7.1
Squid before 4.13 and 5.x before 5.0.4 allows a trusted peer to perform Denial of Service by consuming all available CPU cycles during handling of a crafted Cache Digest response message. This only occurs when cache_peer is used with the cache digest
21-07-2021 - 11:39 24-08-2020 - 18:15
CVE-2020-6559 9.3
Use after free in presentation API in Google Chrome prior to 85.0.4183.83 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
21-07-2021 - 11:39 21-09-2020 - 20:15
CVE-2020-6542 6.8
Use after free in ANGLE in Google Chrome prior to 84.0.4147.125 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
21-07-2021 - 11:39 21-09-2020 - 20:15
CVE-2020-6551 9.3
Use after free in WebXR in Google Chrome prior to 84.0.4147.125 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
21-07-2021 - 11:39 21-09-2020 - 20:15
CVE-2020-15964 6.8
Insufficient data validation in media in Google Chrome prior to 85.0.4183.121 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
21-07-2021 - 11:39 21-09-2020 - 20:15
CVE-2020-15005 2.6
In MediaWiki before 1.31.8, 1.32.x and 1.33.x before 1.33.4, and 1.34.x before 1.34.2, private wikis behind a caching server using the img_auth.php image authorization security feature may have had their files cached publicly, so any unauthorized use
21-07-2021 - 11:39 24-06-2020 - 23:15
CVE-2020-6547 4.3
Incorrect security UI in media in Google Chrome prior to 84.0.4147.125 allowed a remote attacker to potentially obtain sensitive information via a crafted HTML page.
21-07-2021 - 11:39 21-09-2020 - 20:15
CVE-2020-6544 6.8
Use after free in media in Google Chrome prior to 84.0.4147.125 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
21-07-2021 - 11:39 21-09-2020 - 20:15
CVE-2020-0548 2.1
Cleanup errors in some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.
21-07-2021 - 11:39 28-01-2020 - 01:15
CVE-2018-0737 4.3
The OpenSSL RSA Key generation algorithm has been shown to be vulnerable to a cache timing side channel attack. An attacker with sufficient access to mount cache timing attacks during the RSA key generation process could recover the private key. Fixe
20-07-2021 - 23:15 16-04-2018 - 18:29
CVE-2011-0064 6.8
The hb_buffer_ensure function in hb-buffer.c in HarfBuzz, as used in Pango 1.28.3, Firefox, and other products, does not verify that memory reallocations succeed, which allows remote attackers to cause a denial of service (NULL pointer dereference an
14-07-2021 - 15:41 07-03-2011 - 21:00
CVE-2018-11784 4.3
When the default servlet in Apache Tomcat versions 9.0.0.M1 to 9.0.11, 8.5.0 to 8.5.33 and 7.0.23 to 7.0.90 returned a redirect to a directory (e.g. redirecting to '/foo/' when the user requested '/foo') a specially crafted URL could be used to cause
13-07-2021 - 17:15 04-10-2018 - 13:29
CVE-2019-0221 4.3
The SSI printenv command in Apache Tomcat 9.0.0.M1 to 9.0.0.17, 8.5.0 to 8.5.39 and 7.0.0 to 7.0.93 echoes user provided data without escaping and is, therefore, vulnerable to XSS. SSI is disabled by default. The printenv command is intended for debu
13-07-2021 - 17:15 28-05-2019 - 22:29
CVE-2015-7236 5.0
Use-after-free vulnerability in xprt_set_caller in rpcb_svc_com.c in rpcbind 0.2.1 and earlier allows remote attackers to cause a denial of service (daemon crash) via crafted packets, involving a PMAP_CALLIT code.
07-07-2021 - 14:04 01-10-2015 - 20:59
CVE-2018-17189 5.0
In Apache HTTP server versions 2.4.37 and prior, by sending request bodies in a slow loris way to plain resources, the h2 stream for that request unnecessarily occupied a server thread cleaning up that incoming data. This affects only HTTP/2 (mod_htt
06-07-2021 - 16:39 30-01-2019 - 22:29
CVE-2020-8696 2.1
Improper removal of sensitive information before storage or transfer in some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.
02-07-2021 - 15:52 12-11-2020 - 18:15
CVE-2019-13050 5.0
Interaction between the sks-keyserver code through 1.2.0 of the SKS keyserver network, and GnuPG through 2.2.16, makes it risky to have a GnuPG keyserver configuration line referring to a host on the SKS keyserver network. Retrieving data from this n
29-06-2021 - 15:15 29-06-2019 - 17:15
CVE-2015-8540 9.3
Integer underflow in the png_check_keyword function in pngwutil.c in libpng 0.90 through 0.99, 1.0.x before 1.0.66, 1.1.x and 1.2.x before 1.2.56, 1.3.x and 1.4.x before 1.4.19, and 1.5.x before 1.5.26 allows remote attackers to have unspecified impa
29-06-2021 - 15:15 14-04-2016 - 14:59
CVE-2014-9114 7.2
Blkid in util-linux before 2.26rc-1 allows local users to execute arbitrary code.
29-06-2021 - 15:15 31-03-2017 - 16:59
CVE-2009-2265 7.5
Multiple directory traversal vulnerabilities in FCKeditor before 2.6.4.1 allow remote attackers to create executable files in arbitrary directories via directory traversal sequences in the input to unspecified connector modules, as exploited in the w
24-06-2021 - 20:15 05-07-2009 - 16:30
CVE-2017-18189 5.0
In the startread function in xa.c in Sound eXchange (SoX) through 14.4.2, a corrupt header specifying zero channels triggers an infinite loop with a resultant NULL pointer dereference, which may allow a remote attacker to cause a denial-of-service.
24-06-2021 - 15:16 15-02-2018 - 10:29
CVE-2019-19050 7.8
A memory leak in the crypto_reportstat() function in crypto/crypto_user_stat.c in the Linux kernel through 5.3.11 allows attackers to cause a denial of service (memory consumption) by triggering crypto_reportstat_alg() failures, aka CID-c03b04dcdba1.
22-06-2021 - 14:47 18-11-2019 - 06:15
CVE-2020-13645 6.4
In GNOME glib-networking through 2.64.2, the implementation of GTlsClientConnection skips hostname verification of the server's TLS certificate if the application fails to specify the expected server identity. This is in contrast to its intended docu
22-06-2021 - 14:47 28-05-2020 - 12:15
CVE-2014-0190 4.3
The GIF decoder in QtGui in Qt before 5.3 allows remote attackers to cause a denial of service (NULL pointer dereference) via invalid width and height values in a GIF image.
16-06-2021 - 13:39 08-05-2014 - 14:29
CVE-2015-1858 6.8
Multiple buffer overflows in gui/image/qbmphandler.cpp in the QtBase module in Qt before 4.8.7 and 5.x before 5.4.2 allow remote attackers to cause a denial of service (segmentation fault and crash) and possibly execute arbitrary code via a crafted B
16-06-2021 - 12:43 12-05-2015 - 19:59
CVE-2018-20060 5.0
urllib3 before version 1.23 does not remove the Authorization HTTP header when following a cross-origin redirect (i.e., a redirect that differs in host, port, or scheme). This can allow for credentials in the Authorization header to be exposed to uni
15-06-2021 - 21:15 11-12-2018 - 17:29
CVE-2020-7919 7.8
Go before 1.12.16 and 1.13.x before 1.13.7 (and the crypto/cryptobyte package before 0.0.0-20200124225646-8b5121be2f68 for Go) allows attacks on clients (resulting in a panic) via a malformed X.509 certificate.
14-06-2021 - 18:15 16-03-2020 - 21:15
CVE-2019-19066 4.7
A memory leak in the bfad_im_get_stats() function in drivers/scsi/bfa/bfad_attr.c in the Linux kernel through 5.3.11 allows attackers to cause a denial of service (memory consumption) by triggering bfa_port_get_stats() failures, aka CID-0e62395da2bd.
14-06-2021 - 18:15 18-11-2019 - 06:15
CVE-2019-17632 4.3
In Eclipse Jetty versions 9.4.21.v20190926, 9.4.22.v20191022, and 9.4.23.v20191118, the generation of default unhandled Error response content (in text/html and text/json Content-Type) does not escape Exception messages in stacktraces included in err
14-06-2021 - 18:15 25-11-2019 - 22:15
CVE-2020-13435 2.1
SQLite through 3.32.0 has a segmentation fault in sqlite3ExprCodeTarget in expr.c.
14-06-2021 - 18:15 24-05-2020 - 22:15
CVE-2019-19073 2.1
Memory leaks in drivers/net/wireless/ath/ath9k/htc_hst.c in the Linux kernel through 5.3.11 allow attackers to cause a denial of service (memory consumption) by triggering wait_for_completion_timeout() failures. This affects the htc_config_pipe_credi
14-06-2021 - 18:15 18-11-2019 - 06:15
CVE-2019-17638 7.5
In Eclipse Jetty, versions 9.4.27.v20200227 to 9.4.29.v20200521, in case of too large response headers, Jetty throws an exception to produce an HTTP 431 error. When this happens, the ByteBuffer containing the HTTP response headers is released back to
14-06-2021 - 18:15 09-07-2020 - 18:15
CVE-2017-1000061 5.8
xmlsec 1.2.23 and before is vulnerable to XML External Entity Expansion when parsing crafted input documents, resulting in possible information disclosure or denial of service
14-06-2021 - 18:15 17-07-2017 - 13:18
CVE-2015-5258 6.8
Cross-site request forgery (CSRF) vulnerability in springframework-social before 1.1.3.
09-06-2021 - 16:20 22-08-2017 - 18:29
CVE-2009-0839 10.0
Stack-based buffer overflow in mapserv.c in mapserv in MapServer 4.x before 4.10.4 and 5.x before 5.2.2, when the server has a map with a long IMAGEPATH or NAME attribute, allows remote attackers to execute arbitrary code via a crafted id parameter i
07-06-2021 - 15:56 31-03-2009 - 18:24
CVE-2012-4558 4.3
Multiple cross-site scripting (XSS) vulnerabilities in the balancer_handler function in the manager interface in mod_proxy_balancer.c in the mod_proxy_balancer module in the Apache HTTP Server 2.2.x before 2.2.24-dev and 2.4.x before 2.4.4 allow remo
06-06-2021 - 11:15 26-02-2013 - 16:55
CVE-2020-11984 7.5
Apache HTTP server 2.4.32 to 2.4.44 mod_proxy_uwsgi info disclosure and possible RCE
06-06-2021 - 11:15 07-08-2020 - 16:15
CVE-2007-6421 3.5
Cross-site scripting (XSS) vulnerability in balancer-manager in mod_proxy_balancer in the Apache HTTP Server 2.2.0 through 2.2.6 allows remote attackers to inject arbitrary web script or HTML via the (1) ss, (2) wr, or (3) rr parameters, or (4) the U
06-06-2021 - 11:15 08-01-2008 - 19:46
CVE-2012-3499 4.3
Multiple cross-site scripting (XSS) vulnerabilities in the Apache HTTP Server 2.2.x before 2.2.24-dev and 2.4.x before 2.4.4 allow remote attackers to inject arbitrary web script or HTML via vectors involving hostnames and URIs in the (1) mod_imagema
06-06-2021 - 11:15 26-02-2013 - 16:55
CVE-2020-11993 4.3
Apache HTTP Server versions 2.4.20 to 2.4.43 When trace/debug was enabled for the HTTP/2 module and on certain traffic edge patterns, logging statements were made on the wrong connection, causing concurrent use of memory pools. Configuring the LogLev
06-06-2021 - 11:15 07-08-2020 - 16:15
CVE-2007-6422 4.0
The balancer_handler function in mod_proxy_balancer in the Apache HTTP Server 2.2.0 through 2.2.6, when a threaded Multi-Processing Module is used, allows remote authenticated users to cause a denial of service (child process crash) via an invalid bb
06-06-2021 - 11:15 08-01-2008 - 18:46
CVE-2020-11985 4.3
IP address spoofing when proxying using mod_remoteip and mod_rewrite For configurations using proxying with mod_remoteip and certain mod_rewrite rules, an attacker could spoof their IP address for logging and PHP scripts. Note this issue was fixed in
06-06-2021 - 11:15 07-08-2020 - 16:15
CVE-2007-1862 5.0
The recall_headers function in mod_mem_cache in Apache 2.2.4 does not properly copy all levels of header data, which can cause Apache to return HTTP headers containing previously used data, which could be used by remote attackers to obtain potentiall
06-06-2021 - 11:15 04-06-2007 - 23:30
CVE-2019-0196 5.0
A vulnerability was found in Apache HTTP Server 2.4.17 to 2.4.38. Using fuzzed network input, the http/2 request handling could be made to access freed memory in string comparison when determining the method of a request and thus process the request
06-06-2021 - 11:15 11-06-2019 - 22:29
CVE-2019-0217 6.0
In Apache HTTP Server 2.4 release 2.4.38 and prior, a race condition in mod_auth_digest when running in a threaded server could allow a user with valid credentials to authenticate using another username, bypassing configured access control restrictio
06-06-2021 - 11:15 08-04-2019 - 21:29
CVE-2004-0811 7.5
Unknown vulnerability in Apache 2.0.51 prevents "the merging of the Satisfy directive," which could allow attackers to obtain access to restricted resources contrary to the specified authentication configuration.
06-06-2021 - 11:15 31-12-2004 - 05:00
CVE-2019-0215 6.0
In Apache HTTP Server 2.4 releases 2.4.37 and 2.4.38, a bug in mod_ssl when using per-location client certificate verification with TLSv1.3 allowed a client to bypass configured access control restrictions.
06-06-2021 - 11:15 08-04-2019 - 20:29
CVE-2019-15538 7.8
An issue was discovered in xfs_setattr_nonsize in fs/xfs/xfs_iops.c in the Linux kernel through 5.2.9. XFS partially wedges when a chgrp fails on account of being out of disk quota. xfs_setattr_nonsize is failing to unlock the ILOCK after the xfs_qm_
02-06-2021 - 15:22 25-08-2019 - 16:15
CVE-2020-14785 4.0
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.21 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple pro
02-06-2021 - 13:25 21-10-2020 - 15:15
CVE-2009-0841 10.0
Directory traversal vulnerability in mapserv.c in mapserv in MapServer 4.x before 4.10.4 and 5.x before 5.2.2, when running on Windows with Cygwin, allows remote attackers to create arbitrary files via a .. (dot dot) in the id parameter.
01-06-2021 - 13:57 31-03-2009 - 18:24
CVE-2009-0843 7.8
The msLoadQuery function in mapserv in MapServer 4.x before 4.10.4 and 5.x before 5.2.2 allows remote attackers to determine the existence of arbitrary files via a full pathname in the queryfile parameter, which triggers different error messages depe
01-06-2021 - 13:57 31-03-2009 - 18:24
CVE-2009-0842 4.3
mapserv in MapServer 4.x before 4.10.4 and 5.x before 5.2.2 allows remote attackers to read arbitrary invalid .map files via a full pathname in the map parameter, which triggers the display of partial file contents within an error message, as demonst
01-06-2021 - 13:57 31-03-2009 - 18:24
CVE-2009-1176 10.0
mapserv.c in mapserv in MapServer 4.x before 4.10.4 and 5.x before 5.2.2 does not ensure that the string holding the id parameter ends in a '\0' character, which allows remote attackers to conduct buffer-overflow attacks or have unspecified other imp
01-06-2021 - 13:57 31-03-2009 - 18:24
CVE-2009-0840 10.0
Heap-based buffer underflow in the readPostBody function in cgiutil.c in mapserv in MapServer 4.x before 4.10.4 and 5.x before 5.2.2 allows remote attackers to have an unknown impact via a negative value in the Content-Length HTTP header.
01-06-2021 - 13:57 31-03-2009 - 18:24
CVE-2009-1177 10.0
Multiple stack-based buffer overflows in maptemplate.c in mapserv in MapServer 4.x before 4.10.4 and 5.x before 5.2.2 have unknown impact and remote attack vectors.
01-06-2021 - 13:57 31-03-2009 - 18:24
CVE-2019-1000018 4.6
rssh version 2.3.4 contains a CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection') vulnerability in allowscp permission that can result in Local command execution. This attack appear to be exploitable via An aut
28-05-2021 - 19:57 04-02-2019 - 21:29
CVE-2020-25660 5.8
A flaw was found in the Cephx authentication protocol in versions before 15.2.6 and before 14.2.14, where it does not verify Ceph clients correctly and is then vulnerable to replay attacks in Nautilus. This flaw allows an attacker with access to the
28-05-2021 - 19:43 23-11-2020 - 22:15
CVE-2020-7238 5.0
Netty 4.1.43.Final allows HTTP Request Smuggling because it mishandles Transfer-Encoding whitespace (such as a [space]Transfer-Encoding:chunked line) and a later Content-Length header. This issue exists because of an incomplete fix for CVE-2019-16869
27-05-2021 - 16:21 27-01-2020 - 17:15
CVE-2015-3306 10.0
The mod_copy module in ProFTPD 1.3.5 allows remote attackers to read and write to arbitrary files via the site cpfr and site cpto commands.
26-05-2021 - 20:15 18-05-2015 - 15:59
CVE-2012-2677 5.0
Integer overflow in the ordered_malloc function in boost/pool/pool.hpp in Boost Pool before 3.9 makes it easier for context-dependent attackers to perform memory-related attacks such as buffer overflows via a large memory chunk size value, which caus
26-05-2021 - 10:15 25-07-2012 - 19:55
CVE-2018-11797 4.3
In Apache PDFBox 1.8.0 to 1.8.15 and 2.0.0RC1 to 2.0.11, a carefully crafted PDF file can trigger an extremely long running computation when parsing the page tree.
21-05-2021 - 16:16 05-10-2018 - 20:29
CVE-2018-10811 5.0
strongSwan 5.6.0 and older allows Remote Denial of Service because of Missing Initialization of a Variable.
18-05-2021 - 14:28 19-06-2018 - 21:29
CVE-2007-4476 7.5
Buffer overflow in the safer_name_suffix function in GNU tar has unspecified attack vectors and impact, resulting in a "crashing stack."
17-05-2021 - 19:55 05-09-2007 - 01:17
CVE-2008-4539 7.2
Heap-based buffer overflow in the Cirrus VGA implementation in (1) KVM before kvm-82 and (2) QEMU on Debian GNU/Linux and Ubuntu might allow local users to gain privileges by using the VNC console for a connection, aka the LGD-54XX "bitblt" heap over
14-05-2021 - 18:37 29-12-2008 - 15:24
CVE-2018-10196 4.3
NULL pointer dereference vulnerability in the rebuild_vlists function in lib/dotgen/conc.c in the dotgen library in Graphviz 2.40.1 allows remote attackers to cause a denial of service (application crash) via a crafted file.
13-05-2021 - 11:15 30-05-2018 - 21:29
CVE-2020-15216 4.3
In goxmldsig (XML Digital Signatures implemented in pure Go) before version 1.1.0, with a carefully crafted XML file, an attacker can completely bypass signature validation and pass off an altered file as a signed one. A patch is available, all users
05-05-2021 - 13:18 29-09-2020 - 16:15
CVE-2020-8037 5.0
The ppp decapsulator in tcpdump 4.9.3 can be convinced to allocate a large amount of memory.
05-05-2021 - 13:12 04-11-2020 - 18:15
CVE-2019-0161 2.1
Stack overflow in XHCI for EDK II may allow an unauthenticated user to potentially enable denial of service via local access.
29-04-2021 - 22:15 27-03-2019 - 20:29
CVE-2008-3218 4.3
Multiple cross-site scripting (XSS) vulnerabilities in Drupal 6.x before 6.3 allow remote attackers to inject arbitrary web script or HTML via vectors related to (1) free tagging taxonomy terms, which are not properly handled on node preview pages, a
19-04-2021 - 21:03 18-07-2008 - 16:41
CVE-2007-5593 6.8
install.php in Drupal 5.x before 5.3, when the configured database server is not reachable, allows remote attackers to execute arbitrary code via vectors that cause settings.php to be modified.
19-04-2021 - 20:59 19-10-2007 - 23:17
CVE-2007-5594 4.3
Drupal 5.x before 5.3 does not apply its Drupal Forms API protection against the user deletion form, which allows remote attackers to delete users via a cross-site request forgery (CSRF) attack.
19-04-2021 - 20:59 19-10-2007 - 23:17
CVE-2015-7979 5.0
NTP before 4.2.8p6 and 4.3.x before 4.3.90 allows remote attackers to cause a denial of service (client-server association tear down) by sending broadcast packets with invalid authentication to a broadcast client.
15-04-2021 - 21:15 30-01-2017 - 21:59
CVE-2008-3222 5.8
Session fixation vulnerability in Drupal 5.x before 5.9 and 6.x before 6.3, when contributed modules "terminate the current request during a login event," allows remote attackers to hijack web sessions via unknown vectors.
15-04-2021 - 13:49 18-07-2008 - 16:41
CVE-2008-3223 7.5
SQL injection vulnerability in the Schema API in Drupal 6.x before 6.3 allows remote attackers to execute arbitrary SQL commands via vectors related to "an inappropriate placeholder for 'numeric' fields."
15-04-2021 - 13:49 18-07-2008 - 16:41
CVE-2008-3219 4.3
The Drupal filter_xss_admin function in 5.x before 5.8 and 6.x before 6.3 does not "prevent use of the object HTML tag in administrator input," which has unknown impact and attack vectors, probably related to an insufficient cross-site scripting (XSS
15-04-2021 - 13:49 18-07-2008 - 16:41
CVE-2008-3221 4.3
Cross-site request forgery (CSRF) vulnerability in Drupal 6.x before 6.3 allows remote attackers to perform administrative actions via vectors involving deletion of OpenID identities.
15-04-2021 - 13:47 18-07-2008 - 16:41
CVE-2008-3220 4.3
Cross-site request forgery (CSRF) vulnerability in Drupal 5.x before 5.8 and 6.x before 6.3 allows remote attackers to perform administrative actions via vectors involving deletion of "translated strings."
15-04-2021 - 13:46 18-07-2008 - 16:41
CVE-2020-8112 6.8
opj_t1_clbl_decode_processor in openjp2/t1.c in OpenJPEG 2.3.1 through 2020-01-28 has a heap-based buffer overflow in the qmfbid==1 case, a different issue than CVE-2020-6851.
02-04-2021 - 12:15 28-01-2020 - 18:15
CVE-2020-27846 10.0
A signature verification vulnerability exists in crewjam/saml. This flaw allows an attacker to bypass SAML Authentication. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability.
31-03-2021 - 15:17 21-12-2020 - 16:15
CVE-2020-17490 2.1
The TLS module within SaltStack Salt through 3002 creates certificates with weak file permissions.
30-03-2021 - 13:44 06-11-2020 - 08:15
CVE-2020-25687 7.1
A flaw was found in dnsmasq before version 2.83. A heap-based buffer overflow was discovered in dnsmasq when DNSSEC is enabled and before it validates the received DNS entries. This flaw allows a remote attacker, who can create valid DNS replies, to
26-03-2021 - 18:40 20-01-2021 - 17:15
CVE-2020-25683 7.1
A flaw was found in dnsmasq before version 2.83. A heap-based buffer overflow was discovered in dnsmasq when DNSSEC is enabled and before it validates the received DNS entries. A remote attacker, who can create valid DNS replies, could use this flaw
26-03-2021 - 18:36 20-01-2021 - 16:15
CVE-2020-25682 8.3
A flaw was found in dnsmasq before 2.83. A buffer overflow vulnerability was discovered in the way dnsmasq extract names from DNS packets before validating them with DNSSEC data. An attacker on the network, who can create valid DNS replies, could use
26-03-2021 - 18:23 20-01-2021 - 17:15
CVE-2020-25681 8.3
A flaw was found in dnsmasq before version 2.83. A heap-based buffer overflow was discovered in the way RRSets are sorted before validating with DNSSEC data. An attacker on the network, who can forge DNS replies such as that they are accepted as vali
26-03-2021 - 18:22 20-01-2021 - 17:15
CVE-2020-35654 6.8
In Pillow before 8.1.0, TiffDecode has a heap-based buffer overflow when decoding crafted YCbCr files because of certain interpretation conflicts with LibTIFF in RGBA mode.
22-03-2021 - 15:48 12-01-2021 - 09:15
CVE-2019-16276 5.0
Go before 1.12.10 and 1.13.x before 1.13.1 allow HTTP Request Smuggling.
22-03-2021 - 13:19 30-09-2019 - 19:15
CVE-2019-9741 4.3
An issue was discovered in net/http in Go 1.11.5. CRLF injection is possible if the attacker controls a url parameter, as demonstrated by the second argument to http.NewRequest with \r\n followed by an HTTP header or a Redis command.
22-03-2021 - 13:05 13-03-2019 - 08:29
CVE-2020-29562 2.1
The iconv function in the GNU C Library (aka glibc or libc6) 2.30 to 2.32, when converting UCS4 text containing an irreversible character, fails an assertion in the code path and aborts the program, potentially resulting in a denial of service.
19-03-2021 - 18:41 04-12-2020 - 07:15
CVE-2020-5260 5.0
Affected versions of Git have a vulnerability whereby Git can be tricked into sending private credentials to a host controlled by an attacker. Git uses external "credential helper" programs to store and retrieve passwords or other credentials from se
19-03-2021 - 18:21 14-04-2020 - 23:15
CVE-2015-2296 6.8
The resolve_redirects function in sessions.py in requests 2.1.0 through 2.5.3 allows remote attackers to conduct session fixation attacks via a cookie without a host value in a redirect. <a href="http://cwe.mitre.org/data/definitions/384.html">CWE-38
18-03-2021 - 13:19 18-03-2015 - 16:59
CVE-2014-1520 6.9
maintenservice_installer.exe in the Maintenance Service Installer in Mozilla Firefox before 29.0 and Firefox ESR 24.x before 24.5 on Windows allows local users to gain privileges by placing a Trojan horse DLL file into a temporary directory at an uns
17-03-2021 - 17:35 30-04-2014 - 10:49
CVE-2020-15810 3.5
An issue was discovered in Squid before 4.13 and 5.x before 5.0.4. Due to incorrect data validation, HTTP Request Smuggling attacks may succeed against HTTP and HTTPS traffic. This leads to cache poisoning. This allows any client, including browser s
17-03-2021 - 15:21 02-09-2020 - 17:15
CVE-2020-15991 6.8
Use after free in password manager in Google Chrome prior to 86.0.4240.75 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page.
17-03-2021 - 14:17 03-11-2020 - 03:15
CVE-2020-16000 6.8
Inappropriate implementation in Blink in Google Chrome prior to 86.0.4240.111 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
17-03-2021 - 13:04 03-11-2020 - 03:15
CVE-2020-15990 6.8
Use after free in autofill in Google Chrome prior to 86.0.4240.75 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page.
17-03-2021 - 13:01 03-11-2020 - 03:15
CVE-2020-11945 7.5
An issue was discovered in Squid before 5.0.2. A remote attacker can replay a sniffed Digest Authentication nonce to gain access to resources that are otherwise forbidden. This occurs because the attacker can overflow the nonce reference counter (a s
17-03-2021 - 12:40 23-04-2020 - 15:15
CVE-2020-6525 6.8
Heap buffer overflow in Skia in Google Chrome prior to 84.0.4147.89 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
16-03-2021 - 14:32 22-07-2020 - 17:15
CVE-2020-6527 4.3
Insufficient policy enforcement in CSP in Google Chrome prior to 84.0.4147.89 allowed a remote attacker to bypass content security policy via a crafted HTML page.
16-03-2021 - 14:29 22-07-2020 - 17:15
CVE-2020-6536 4.3
Incorrect security UI in PWAs in Google Chrome prior to 84.0.4147.89 allowed a remote attacker who had persuaded the user to install a PWA to spoof the contents of the Omnibox (URL bar) via a crafted PWA.
16-03-2021 - 14:19 22-07-2020 - 17:15
CVE-2020-6537 6.8
Type confusion in V8 in Google Chrome prior to 84.0.4147.105 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page.
16-03-2021 - 14:13 21-09-2020 - 20:15
CVE-2020-29482 4.9
An issue was discovered in Xen through 4.14.x. A guest may access xenstore paths via absolute paths containing a full pathname, or via a relative path, which implicitly includes /local/domain/$DOMID for their own domain id. Management tools must acce
16-03-2021 - 13:03 15-12-2020 - 18:15
CVE-2020-29483 4.9
An issue was discovered in Xen through 4.14.x. Xenstored and guests communicate via a shared memory page using a specific protocol. When a guest violates this protocol, xenstored will drop the connection to that guest. Unfortunately, this is done by
16-03-2021 - 12:58 15-12-2020 - 18:15
CVE-2020-29484 4.9
An issue was discovered in Xen through 4.14.x. When a Xenstore watch fires, the xenstore client that registered the watch will receive a Xenstore message containing the path of the modified Xenstore entry that triggered the watch, and the tag that wa
16-03-2021 - 12:44 15-12-2020 - 18:15
CVE-2020-29485 4.9
An issue was discovered in Xen 4.6 through 4.14.x. When acting upon a guest XS_RESET_WATCHES request, not all tracking information is freed. A guest can cause unbounded memory usage in oxenstored. This can lead to a system-wide DoS. Only systems usin
16-03-2021 - 12:39 15-12-2020 - 18:15
CVE-2020-28374 5.5
In drivers/target/target_core_xcopy.c in the Linux kernel before 5.10.7, insufficient identifier checking in the LIO SCSI target code can be used by remote attackers to read or write files via directory traversal in an XCOPY request, aka CID-2896c938
15-03-2021 - 22:04 13-01-2021 - 04:15
CVE-2013-1888 2.1
pip before 1.3 allows local users to overwrite arbitrary files via a symlink attack on a file in the /tmp/pip-build temporary directory.
15-03-2021 - 16:50 17-08-2013 - 06:54
CVE-2020-6522 6.8
Inappropriate implementation in external protocol handlers in Google Chrome prior to 84.0.4147.89 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page.
12-03-2021 - 21:59 22-07-2020 - 17:15
CVE-2020-6519 4.3
Policy bypass in CSP in Google Chrome prior to 84.0.4147.89 allowed a remote attacker to bypass content security policy via a crafted HTML page.
12-03-2021 - 21:58 22-07-2020 - 17:15
CVE-2020-6516 4.3
Policy bypass in CORS in Google Chrome prior to 84.0.4147.89 allowed a remote attacker to leak cross-origin data via a crafted HTML page.
12-03-2021 - 21:51 22-07-2020 - 17:15
CVE-2020-6517 9.3
Heap buffer overflow in history in Google Chrome prior to 84.0.4147.89 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
12-03-2021 - 16:34 22-07-2020 - 17:15
CVE-2020-15049 6.5
An issue was discovered in http/ContentLengthInterpreter.cc in Squid before 4.12 and 5.x before 5.0.3. A Request Smuggling and Poisoning attack can succeed against the HTTP cache. The client sends an HTTP request with a Content-Length header containi
12-03-2021 - 13:15 30-06-2020 - 18:15
CVE-2020-6538 4.3
Inappropriate implementation in WebView in Google Chrome on Android prior to 84.0.4147.105 allowed a remote attacker to leak cross-origin data via a crafted HTML page.
11-03-2021 - 18:27 21-09-2020 - 20:15
CVE-2020-16006 6.8
Inappropriate implementation in V8 in Google Chrome prior to 86.0.4240.183 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
11-03-2021 - 18:25 03-11-2020 - 03:15
CVE-2020-6554 6.8
Use after free in extensions in Google Chrome prior to 84.0.4147.125 allowed a remote attacker to potentially perform a sandbox escape via a crafted Chrome Extension.
11-03-2021 - 18:25 21-09-2020 - 20:15
CVE-2020-16008 6.8
Stack buffer overflow in WebRTC in Google Chrome prior to 86.0.4240.183 allowed a remote attacker to potentially exploit stack corruption via a crafted WebRTC packet.
11-03-2021 - 18:24 03-11-2020 - 03:15
CVE-2020-15970 6.8
Use after free in NFC in Google Chrome prior to 86.0.4240.75 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page.
11-03-2021 - 18:01 03-11-2020 - 03:15
CVE-2020-15971 6.8
Use after free in printing in Google Chrome prior to 86.0.4240.75 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page.
11-03-2021 - 18:01 03-11-2020 - 03:15
CVE-2020-15967 6.8
Use after free in payments in Google Chrome prior to 86.0.4240.75 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page.
11-03-2021 - 18:01 03-11-2020 - 03:15
CVE-2020-15973 4.3
Insufficient policy enforcement in extensions in Google Chrome prior to 86.0.4240.75 allowed an attacker who convinced a user to install a malicious extension to bypass same origin policy via a crafted Chrome Extension.
11-03-2021 - 17:50 03-11-2020 - 03:15
CVE-2020-15980 4.6
Insufficient policy enforcement in Intents in Google Chrome on Android prior to 86.0.4240.75 allowed a local attacker to bypass navigation restrictions via crafted Intents.
11-03-2021 - 17:47 03-11-2020 - 03:15
CVE-2020-15981 4.3
Out of bounds read in audio in Google Chrome prior to 86.0.4240.75 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page.
11-03-2021 - 17:33 03-11-2020 - 03:15
CVE-2020-15983 4.4
Insufficient data validation in webUI in Google Chrome on ChromeOS prior to 86.0.4240.75 allowed a local attacker to bypass content security policy via a crafted HTML page.
11-03-2021 - 17:30 03-11-2020 - 03:15
CVE-2020-15982 4.3
Inappropriate implementation in cache in Google Chrome prior to 86.0.4240.75 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page.
11-03-2021 - 17:30 03-11-2020 - 03:15
CVE-2020-15984 4.3
Insufficient policy enforcement in Omnibox in Google Chrome on iOS prior to 86.0.4240.75 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted URL.
11-03-2021 - 17:27 03-11-2020 - 03:15
CVE-2020-15988 6.8
Insufficient policy enforcement in downloads in Google Chrome on Windows prior to 86.0.4240.75 allowed a remote attacker who convinced the user to open files to execute arbitrary code via a crafted HTML page.
11-03-2021 - 17:27 03-11-2020 - 03:15
CVE-2020-15978 6.8
Insufficient data validation in navigation in Google Chrome on Android prior to 86.0.4240.75 allowed a remote attacker who had compromised the renderer process to bypass navigation restrictions via a crafted HTML page.
05-03-2021 - 13:54 03-11-2020 - 03:15
CVE-2020-15977 4.3
Insufficient data validation in dialogs in Google Chrome on OS X prior to 86.0.4240.75 allowed a remote attacker to obtain potentially sensitive information from disk via a crafted HTML page.
05-03-2021 - 13:44 03-11-2020 - 03:15
CVE-2020-16043 6.8
Insufficient data validation in networking in Google Chrome prior to 87.0.4280.141 allowed a remote attacker to bypass discretionary access control via malicious network traffic.
05-03-2021 - 13:39 08-01-2021 - 19:15
CVE-2020-15966 4.3
Insufficient policy enforcement in extensions in Google Chrome prior to 85.0.4183.121 allowed an attacker who convinced a user to install a malicious extension to obtain potentially sensitive information via a crafted Chrome Extension.
04-03-2021 - 21:35 21-09-2020 - 20:15
CVE-2020-29600 7.5
In AWStats through 7.7, cgi-bin/awstats.pl?config= accepts an absolute pathname, even though it was intended to only read a file in the /etc/awstats/awstats.conf format. NOTE: this issue exists because of an incomplete fix for CVE-2017-1000501.
04-03-2021 - 20:52 07-12-2020 - 20:15
CVE-2020-8449 5.0
An issue was discovered in Squid before 4.10. Due to incorrect input validation, it can interpret crafted HTTP requests in unexpected ways to access server resources prohibited by earlier security filters.
04-03-2021 - 20:47 04-02-2020 - 20:15
CVE-2011-0762 4.0
The vsf_filename_passes_filter function in ls.c in vsftpd before 2.3.3 allows remote authenticated users to cause a denial of service (CPU consumption and process slot exhaustion) via crafted glob expressions in STAT commands in multiple FTP sessions
04-03-2021 - 20:13 02-03-2011 - 20:00
CVE-2019-14732 6.8
AdPlug 2.3.1 has multiple heap-based buffer overflows in Ca2mLoader::load() in a2m.cpp.
26-02-2021 - 13:09 07-08-2019 - 01:15
CVE-2020-0499 4.3
In FLAC__bitreader_read_rice_signed_block of bitreader.c, there is a possible out of bounds read due to a heap buffer overflow. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is neede
25-02-2021 - 22:14 15-12-2020 - 16:15
CVE-2016-9085 2.1
Multiple integer overflows in libwebp allows attackers to have unspecified impact via unknown vectors.
25-02-2021 - 17:15 03-02-2017 - 15:59
CVE-2020-15987 6.8
Use after free in WebRTC in Google Chrome prior to 86.0.4240.75 allowed a remote attacker to potentially exploit heap corruption via a crafted WebRTC stream.
24-02-2021 - 21:34 03-11-2020 - 03:15
CVE-2020-15985 4.3
Inappropriate implementation in Blink in Google Chrome prior to 86.0.4240.75 allowed a remote attacker to spoof security UI via a crafted HTML page.
24-02-2021 - 21:34 03-11-2020 - 03:15
CVE-2020-15992 6.8
Insufficient policy enforcement in networking in Google Chrome prior to 86.0.4240.75 allowed a remote attacker who had compromised the renderer process to bypass same origin policy via a crafted HTML page.
24-02-2021 - 21:32 03-11-2020 - 03:15
CVE-2020-15995 6.8
Out of bounds write in V8 in Google Chrome prior to 86.0.4240.99 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
24-02-2021 - 21:28 03-11-2020 - 03:15
CVE-2020-13482 5.8
EM-HTTP-Request 1.1.5 uses the library eventmachine in an insecure way that allows an attacker to perform a man-in-the-middle attack against users of the library. The hostname in a TLS server certificate is not verified.
24-02-2021 - 20:36 25-05-2020 - 22:15
CVE-2016-10027 4.3
Race condition in the XMPP library in Smack before 4.1.9, when the SecurityMode.required TLS setting has been set, allows man-in-the-middle attackers to bypass TLS protections and trigger use of cleartext for client authentication by stripping the "s
23-02-2021 - 16:13 12-01-2017 - 23:59
CVE-2019-14733 6.8
AdPlug 2.3.1 has multiple heap-based buffer overflows in CradLoader::load() in rad.cpp.
22-02-2021 - 18:18 07-08-2019 - 01:15
CVE-2019-14692 6.8
AdPlug 2.3.1 has a heap-based buffer overflow in CmkjPlayer::load() in mkj.cpp.
22-02-2021 - 18:16 06-08-2019 - 13:15
CVE-2020-12663 5.0
Unbound before 1.10.1 has an infinite loop via malformed DNS answers received from upstream servers.
17-02-2021 - 20:58 19-05-2020 - 14:15
CVE-2009-1903 4.3
The PDF XSS protection feature in ModSecurity before 2.5.8 allows remote attackers to cause a denial of service (Apache httpd crash) via a request for a PDF file that does not use the GET method.
14-02-2021 - 02:55 03-06-2009 - 17:00
CVE-2012-4528 5.0
The mod_security2 module before 2.7.0 for the Apache HTTP Server allows remote attackers to bypass rules, and deliver arbitrary POST data to a PHP application, via a multipart request in which an invalid part precedes the crafted data.
12-02-2021 - 17:29 28-12-2012 - 11:48
CVE-2013-1915 7.5
ModSecurity before 2.7.3 allows remote attackers to read arbitrary files, send HTTP requests to intranet servers, or cause a denial of service (CPU and memory consumption) via an XML external entity declaration in conjunction with an entity reference
12-02-2021 - 17:27 25-04-2013 - 23:55
CVE-2009-1902 5.0
The multipart processor in ModSecurity before 2.5.9 allows remote attackers to cause a denial of service (crash) via a multipart form datapost request with a missing part header name, which triggers a NULL pointer dereference.
12-02-2021 - 17:21 03-06-2009 - 17:00
CVE-2020-26575 5.0
In Wireshark through 3.2.7, the Facebook Zero Protocol (aka FBZERO) dissector could enter an infinite loop. This was addressed in epan/dissectors/packet-fbzero.c by correcting the implementation of offset advancement.
11-02-2021 - 14:48 06-10-2020 - 15:15
CVE-2019-13619 5.0
In Wireshark 3.0.0 to 3.0.2, 2.6.0 to 2.6.9, and 2.4.0 to 2.4.15, the ASN.1 BER dissector and related dissectors could crash. This was addressed in epan/asn1.c by properly restricting buffer increments.
10-02-2021 - 20:37 17-07-2019 - 20:15
CVE-2020-25863 5.0
In Wireshark 3.2.0 to 3.2.6, 3.0.0 to 3.0.13, and 2.6.0 to 2.6.20, the MIME Multipart dissector could crash. This was addressed in epan/dissectors/packet-multipart.c by correcting the deallocation of invalid MIME parts.
10-02-2021 - 20:22 06-10-2020 - 15:15
CVE-2020-25862 5.0
In Wireshark 3.2.0 to 3.2.6, 3.0.0 to 3.0.13, and 2.6.0 to 2.6.20, the TCP dissector could crash. This was addressed in epan/dissectors/packet-tcp.c by changing the handling of the invalid 0xFFFF checksum.
10-02-2021 - 20:20 06-10-2020 - 15:15
CVE-2020-9430 5.0
In Wireshark 3.2.0 to 3.2.1, 3.0.0 to 3.0.8, and 2.6.0 to 2.6.14, the WiMax DLMAP dissector could crash. This was addressed in plugins/epan/wimax/msg_dlmap.c by validating a length field.
09-02-2021 - 18:47 27-02-2020 - 23:15
CVE-2019-1010319 4.3
WavPack 5.1.0 and earlier is affected by: CWE-457: Use of Uninitialized Variable. The impact is: Unexpected control flow, crashes, and segfaults. The component is: ParseWave64HeaderConfig (wave64.c:211). The attack vector is: Maliciously crafted .wav
09-02-2021 - 17:38 11-07-2019 - 20:15
CVE-2011-4862 10.0
Buffer overflow in libtelnet/encrypt.c in telnetd in FreeBSD 7.3 through 9.0, MIT Kerberos Version 5 Applications (aka krb5-appl) 1.0.2 and earlier, Heimdal 1.5.1 and earlier, GNU inetutils, and possibly other products allows remote attackers to exec
09-02-2021 - 14:48 25-12-2011 - 01:55
CVE-2020-35474 4.3
In MediaWiki before 1.35.1, the combination of Html::rawElement and Message::text leads to XSS because the definition of MediaWiki:recentchanges-legend-watchlistexpiry can be changed onwiki so that the output is raw HTML.
04-02-2021 - 14:30 18-12-2020 - 08:15
CVE-2020-26159 None
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Further investigation showed that it was not a security issue. Notes: none.
02-02-2021 - 21:15 30-09-2020 - 21:15
CVE-2014-4341 5.0
MIT Kerberos 5 (aka krb5) before 1.12.2 allows remote attackers to cause a denial of service (buffer over-read and application crash) by injecting invalid tokens into a GSSAPI application session.
02-02-2021 - 19:00 20-07-2014 - 11:12
CVE-2014-5353 3.5
The krb5_ldap_get_password_policy_from_dn function in plugins/kdb/ldap/libkdb_ldap/ldap_pwd_policy.c in MIT Kerberos 5 (aka krb5) before 1.13.1, when the KDC uses LDAP, allows remote authenticated users to cause a denial of service (daemon crash) via
02-02-2021 - 18:57 16-12-2014 - 23:59
CVE-2010-1321 6.8
The kg_accept_krb5 function in krb5/accept_sec_context.c in the GSS-API library in MIT Kerberos 5 (aka krb5) through 1.7.1 and 1.8 before 1.8.2, as used in kadmind and other applications, does not properly check for invalid GSS-API tokens, which allo
02-02-2021 - 18:53 19-05-2010 - 18:30
CVE-2002-2443 5.0
schpw.c in the kpasswd service in kadmind in MIT Kerberos 5 (aka krb5) before 1.11.3 does not properly validate UDP packets before sending responses, which allows remote attackers to cause a denial of service (CPU and bandwidth consumption) via a for
02-02-2021 - 18:44 29-05-2013 - 14:29
CVE-2013-1416 4.0
The prep_reprocess_req function in do_tgs_req.c in the Key Distribution Center (KDC) in MIT Kerberos 5 (aka krb5) before 1.10.5 does not properly perform service-principal realm referral, which allows remote authenticated users to cause a denial of s
02-02-2021 - 18:40 19-04-2013 - 11:44
CVE-2011-1526 6.5
ftpd.c in the GSS-API FTP daemon in MIT Kerberos Version 5 Applications (aka krb5-appl) 1.0.1 and earlier does not check the krb5_setegid return value, which allows remote authenticated users to bypass intended group access restrictions, and create,
02-02-2021 - 18:36 11-07-2011 - 20:55
CVE-2006-6144 5.0
The "mechglue" abstraction interface of the GSS-API library for Kerberos 5 1.5 through 1.5.1, as used in Kerberos administration daemon (kadmind) and other products that use this library, allows remote attackers to cause a denial of service (crash) v
02-02-2021 - 18:13 31-12-2006 - 05:00
CVE-2020-15965 6.8
Type confusion in V8 in Google Chrome prior to 85.0.4183.121 allowed a remote attacker to potentially perform out of bounds memory access via a crafted HTML page.
30-01-2021 - 02:29 21-09-2020 - 20:15
CVE-2020-15968 6.8
Use after free in Blink in Google Chrome prior to 86.0.4240.75 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
30-01-2021 - 02:28 03-11-2020 - 03:15
CVE-2020-15974 6.8
Integer overflow in Blink in Google Chrome prior to 86.0.4240.75 allowed a remote attacker to bypass site isolation via a crafted HTML page.
30-01-2021 - 02:27 03-11-2020 - 03:15
CVE-2020-15959 4.3
Insufficient policy enforcement in networking in Google Chrome prior to 85.0.4183.102 allowed an attacker who convinced the user to enable logging to obtain potentially sensitive information from process memory via social engineering.
30-01-2021 - 02:20 21-09-2020 - 20:15
CVE-2020-15963 6.8
Insufficient policy enforcement in extensions in Google Chrome prior to 85.0.4183.121 allowed an attacker who convinced a user to install a malicious extension to potentially perform a sandbox escape via a crafted Chrome Extension.
29-01-2021 - 17:42 21-09-2020 - 20:15
CVE-2020-15962 6.8
Insufficient policy validation in serial in Google Chrome prior to 85.0.4183.121 allowed a remote attacker to potentially perform out of bounds memory access via a crafted HTML page.
29-01-2021 - 17:36 21-09-2020 - 20:15
CVE-2020-15960 6.8
Heap buffer overflow in storage in Google Chrome prior to 85.0.4183.121 allowed a remote attacker to potentially perform out of bounds memory access via a crafted HTML page.
29-01-2021 - 17:35 21-09-2020 - 20:15
CVE-2020-15961 6.8
Insufficient policy validation in extensions in Google Chrome prior to 85.0.4183.121 allowed an attacker who convinced a user to install a malicious extension to potentially perform a sandbox escape via a crafted Chrome Extension.
29-01-2021 - 17:16 21-09-2020 - 20:15
CVE-2020-13379 6.4
The avatar feature in Grafana 3.0.1 through 7.0.1 has an SSRF Incorrect Access Control issue. This vulnerability allows any unauthenticated user/client to make Grafana send HTTP requests to any URL and return its result to the user/client. This can b
29-01-2021 - 16:41 03-06-2020 - 19:15
CVE-2020-35655 5.8
In Pillow before 8.1.0, SGIRleDecode has a 4-byte buffer over-read when decoding crafted SGI RLE image files because offsets and length tables are mishandled.
29-01-2021 - 00:46 12-01-2021 - 09:15
CVE-2021-21116 6.8
Heap buffer overflow in audio in Google Chrome prior to 87.0.4280.141 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
28-01-2021 - 22:24 08-01-2021 - 19:15
CVE-2021-21115 6.8
User after free in safe browsing in Google Chrome prior to 87.0.4280.141 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page.
28-01-2021 - 22:24 08-01-2021 - 19:15
CVE-2021-21113 6.8
Heap buffer overflow in Skia in Google Chrome prior to 87.0.4280.141 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
28-01-2021 - 22:23 08-01-2021 - 19:15
CVE-2021-21114 6.8
Use after free in audio in Google Chrome prior to 87.0.4280.141 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
28-01-2021 - 22:23 08-01-2021 - 19:15
CVE-2021-21111 6.8
Insufficient policy enforcement in WebUI in Google Chrome prior to 87.0.4280.141 allowed an attacker who convinced a user to install a malicious extension to potentially perform a sandbox escape via a crafted Chrome Extension.
28-01-2021 - 22:22 08-01-2021 - 19:15
CVE-2021-21110 6.8
Use after free in safe browsing in Google Chrome prior to 87.0.4280.141 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page.
28-01-2021 - 22:21 08-01-2021 - 19:15
CVE-2021-21107 6.8
Use after free in drag and drop in Google Chrome on Linux prior to 87.0.4280.141 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page.
28-01-2021 - 21:48 08-01-2021 - 19:15
CVE-2021-21106 9.3
Use after free in autofill in Google Chrome prior to 87.0.4280.141 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page.
28-01-2021 - 20:49 08-01-2021 - 19:15
CVE-2021-21112 6.8
Use after free in Blink in Google Chrome prior to 87.0.4280.141 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
28-01-2021 - 20:49 08-01-2021 - 19:15
CVE-2021-21109 6.8
Use after free in payments in Google Chrome prior to 87.0.4280.141 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page.
28-01-2021 - 20:11 08-01-2021 - 19:15
CVE-2021-21108 6.8
Use after free in media in Google Chrome prior to 87.0.4280.141 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page.
28-01-2021 - 19:59 08-01-2021 - 19:15
CVE-2020-6470 4.3
Insufficient validation of untrusted input in clipboard in Google Chrome prior to 83.0.4103.61 allowed a local attacker to inject arbitrary scripts or HTML (UXSS) via crafted clipboard contents.
28-01-2021 - 19:08 21-05-2020 - 04:15
CVE-2020-6471 6.8
Insufficient policy enforcement in developer tools in Google Chrome prior to 83.0.4103.61 allowed an attacker who convinced a user to install a malicious extension to potentially perform a sandbox escape via a crafted Chrome Extension.
28-01-2021 - 19:05 21-05-2020 - 04:15
CVE-2020-26934 4.3
phpMyAdmin before 4.9.6 and 5.x before 5.0.3 allows XSS through the transformation feature via a crafted link.
28-01-2021 - 17:55 10-10-2020 - 19:15
CVE-2020-6571 4.3
Insufficient data validation in Omnibox in Google Chrome prior to 85.0.4183.83 allowed a remote attacker to perform domain spoofing via IDN homographs via a crafted domain name.
28-01-2021 - 14:55 21-09-2020 - 20:15
CVE-2020-6570 4.3
Information leakage in WebRTC in Google Chrome prior to 85.0.4183.83 allowed a remote attacker to obtain potentially sensitive information via a crafted WebRTC interaction.
28-01-2021 - 14:54 21-09-2020 - 20:15
CVE-2020-6513 6.8
Heap buffer overflow in PDFium in Google Chrome prior to 84.0.4147.89 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file.
28-01-2021 - 14:53 22-07-2020 - 17:15
CVE-2020-6482 4.3
Insufficient policy enforcement in developer tools in Google Chrome prior to 83.0.4103.61 allowed an attacker who convinced a user to install a malicious extension to bypass navigation restrictions via a crafted Chrome Extension.
28-01-2021 - 14:50 21-05-2020 - 04:15
CVE-2020-6481 4.3
Insufficient policy enforcement in URL formatting in Google Chrome prior to 83.0.4103.61 allowed a remote attacker to perform domain spoofing via a crafted domain name.
28-01-2021 - 14:50 21-05-2020 - 04:15
CVE-2020-6480 4.3
Insufficient policy enforcement in enterprise in Google Chrome prior to 83.0.4103.61 allowed a local attacker to bypass navigation restrictions via UI actions.
28-01-2021 - 14:48 21-05-2020 - 04:15
CVE-2020-6476 4.3
Insufficient policy enforcement in tab strip in Google Chrome prior to 83.0.4103.61 allowed an attacker who convinced a user to install a malicious extension to bypass navigation restrictions via a crafted Chrome Extension.
28-01-2021 - 14:46 21-05-2020 - 04:15
CVE-2020-6475 4.3
Incorrect implementation in full screen in Google Chrome prior to 83.0.4103.61 allowed a remote attacker to spoof security UI via a crafted HTML page.
28-01-2021 - 14:46 21-05-2020 - 04:15
CVE-2020-6510 6.8
Heap buffer overflow in background fetch in Google Chrome prior to 84.0.4147.89 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
27-01-2021 - 21:49 22-07-2020 - 17:15
CVE-2020-6490 4.3
Insufficient data validation in loader in Google Chrome prior to 83.0.4103.61 allowed a remote attacker who had been able to write to disk to leak cross-origin data via a crafted HTML page.
27-01-2021 - 21:46 21-05-2020 - 04:15
CVE-2020-6489 4.3
Inappropriate implementation in developer tools in Google Chrome prior to 83.0.4103.61 allowed a remote attacker who had convinced the user to take certain actions in developer tools to obtain potentially sensitive information from disk via a crafted
27-01-2021 - 21:43 21-05-2020 - 04:15
CVE-2020-6487 4.3
Insufficient policy enforcement in downloads in Google Chrome prior to 83.0.4103.61 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page.
27-01-2021 - 21:42 21-05-2020 - 04:15
CVE-2020-6486 4.3
Insufficient policy enforcement in navigations in Google Chrome prior to 83.0.4103.61 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page.
27-01-2021 - 21:41 21-05-2020 - 04:15
CVE-2020-6483 4.3
Insufficient policy enforcement in payments in Google Chrome prior to 83.0.4103.61 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page.
27-01-2021 - 21:28 21-05-2020 - 04:15
CVE-2020-6557 4.3
Inappropriate implementation in networking in Google Chrome prior to 86.0.4240.75 allowed a remote attacker to perform domain spoofing via a crafted HTML page.
27-01-2021 - 21:26 03-11-2020 - 03:15
CVE-2020-6575 5.1
Race in Mojo in Google Chrome prior to 85.0.4183.102 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page.
27-01-2021 - 21:23 21-09-2020 - 20:15
CVE-2020-6573 6.8
Use after free in video in Google Chrome on Android prior to 85.0.4183.102 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page.
27-01-2021 - 20:51 21-09-2020 - 20:15
CVE-2020-6561 4.3
Inappropriate implementation in Content Security Policy in Google Chrome prior to 85.0.4183.83 allowed a remote attacker to leak cross-origin data via a crafted HTML page.
27-01-2021 - 20:32 21-09-2020 - 20:15
CVE-2020-6555 6.8
Out of bounds read in WebGL in Google Chrome prior to 84.0.4147.125 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page.
27-01-2021 - 20:17 21-09-2020 - 20:15
CVE-2020-6548 9.3
Heap buffer overflow in Skia in Google Chrome prior to 84.0.4147.125 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page.
27-01-2021 - 20:15 21-09-2020 - 20:15
CVE-2020-6540 6.8
Buffer overflow in Skia in Google Chrome prior to 84.0.4147.105 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
27-01-2021 - 20:10 21-09-2020 - 20:15
CVE-2020-6524 9.3
Heap buffer overflow in WebAudio in Google Chrome prior to 84.0.4147.89 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
27-01-2021 - 19:03 22-07-2020 - 17:15
CVE-2020-6526 4.3
Inappropriate implementation in iframe sandbox in Google Chrome prior to 84.0.4147.89 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page.
27-01-2021 - 19:01 22-07-2020 - 17:15
CVE-2020-6531 4.3
Side-channel information leakage in scroll to text in Google Chrome prior to 84.0.4147.89 allowed a remote attacker to leak cross-origin data via a crafted HTML page.
27-01-2021 - 18:00 22-07-2020 - 17:15
CVE-2020-6534 6.8
Heap buffer overflow in WebRTC in Google Chrome prior to 84.0.4147.89 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
27-01-2021 - 17:56 22-07-2020 - 17:15
CVE-2020-24342 6.8
Lua through 5.4.0 allows a stack redzone cross in luaO_pushvfstring because a protection mechanism wrongly calls luaD_callnoyield twice in a row.
26-01-2021 - 15:54 13-08-2020 - 19:15
CVE-2010-3906 4.3
Cross-site scripting (XSS) vulnerability in Gitweb 1.7.3.3 and earlier allows remote attackers to inject arbitrary web script or HTML via the (1) f and (2) fp parameters.
26-01-2021 - 14:55 17-12-2010 - 19:00
CVE-2007-6351 4.3
libexif 0.6.16 and earlier allows context-dependent attackers to cause a denial of service (infinite recursion) via an image file with crafted EXIF tags, possibly involving the exif_loader_write function in exif_loader.c.
26-01-2021 - 13:07 20-12-2007 - 02:46
CVE-2008-1808 7.5
Multiple off-by-one errors in FreeType2 before 2.3.6 allow context-dependent attackers to execute arbitrary code via (1) a crafted table in a Printer Font Binary (PFB) file or (2) a crafted SHC instruction in a TrueType Font (TTF) file, which trigger
26-01-2021 - 12:41 16-06-2008 - 19:41
CVE-2018-19840 4.3
The function WavpackPackInit in pack_utils.c in libwavpack.a in WavPack through 5.1.0 allows attackers to cause a denial-of-service (resource exhaustion caused by an infinite loop) via a crafted wav audio file because WavpackSetConfiguration64 mishan
15-01-2021 - 13:15 04-12-2018 - 09:29
CVE-2020-16592 4.3
A use after free issue exists in the Binary File Descriptor (BFD) library (aka libbfd) in GNU Binutils 2.34 in bfd_hash_lookup, as demonstrated in nm-new, that can cause a denial of service via a crafted file.
15-01-2021 - 11:15 09-12-2020 - 21:15
CVE-2012-5522 5.5
MantisBT before 1.2.12 does not use an expected default value during decisions about whether a user may modify the status of a bug, which allows remote authenticated users to bypass intended access restrictions and make status changes by leveraging a
12-01-2021 - 18:05 16-11-2012 - 00:55
CVE-2012-5523 5.5
core/email_api.php in MantisBT before 1.2.12 does not properly manage the sending of e-mail notifications about restricted bugs, which might allow remote authenticated users to obtain sensitive information by adding a note to a bug before losing perm
12-01-2021 - 18:05 16-11-2012 - 00:55
CVE-2012-2691 7.5
The mc_issue_note_update function in the SOAP API in MantisBT before 1.2.11 does not properly check privileges, which allows remote attackers with bug reporting privileges to edit arbitrary bugnotes via a SOAP request.
12-01-2021 - 18:05 17-06-2012 - 03:41
CVE-2012-2692 3.6
MantisBT before 1.2.11 does not check the delete_attachments_threshold permission when form_security_validation is set to OFF, which allows remote authenticated users with certain privileges to bypass intended access restrictions and delete arbitrary
12-01-2021 - 18:05 17-06-2012 - 03:41
CVE-2012-1121 4.9
MantisBT before 1.2.9 does not properly check permissions, which allows remote authenticated users with manager privileges to (1) modify or (2) delete global categories.
12-01-2021 - 18:05 29-06-2012 - 19:55
CVE-2012-1120 3.6
The SOAP API in MantisBT before 1.2.9 does not properly enforce the bugnote_allow_user_edit_delete and delete_bug_threshold permissions, which allows remote authenticated users with read and write SOAP API privileges to delete arbitrary bug reports a
12-01-2021 - 18:05 29-06-2012 - 19:55
CVE-2012-1123 7.5
The mci_check_login function in api/soap/mc_api.php in the SOAP API in MantisBT before 1.2.9 allows remote attackers to bypass authentication via a null password.
12-01-2021 - 18:05 29-06-2012 - 19:55
CVE-2012-1119 6.4
MantisBT before 1.2.9 does not audit when users copy or clone a bug report, which makes it easier for remote attackers to copy bug reports without detection.
12-01-2021 - 18:05 29-06-2012 - 19:55
CVE-2016-2090 7.5
Off-by-one vulnerability in the fgetwln function in libbsd before 0.8.2 allows attackers to have unspecified impact via unknown vectors, which trigger a heap-based buffer overflow.
05-01-2021 - 21:11 13-01-2017 - 16:59
CVE-2020-35494 None
There's a flaw in binutils /opcodes/tic4x-dis.c. An attacker who is able to submit a crafted input file to be processed by binutils could cause usage of uninitialized memory. The highest threat is to application availability with a lower threat to da
04-01-2021 - 15:22 04-01-2021 - 15:15
CVE-2019-12155 5.0
interface_release_resource in hw/display/qxl.c in QEMU 3.1.x through 4.0.0 has a NULL pointer dereference.
30-12-2020 - 20:15 24-05-2019 - 16:29
CVE-2020-35738 None
WavPack 5.3.0 has an out-of-bounds write in WavpackPackSamples in pack_utils.c because of an integer overflow in a malloc argument.
28-12-2020 - 04:15 28-12-2020 - 04:15
CVE-2020-4049 3.5
In affected versions of WordPress, when uploading themes, the name of the theme folder can be crafted in a way that could lead to JavaScript execution in /wp-admin on the themes page. This does require an admin to upload the theme, and is low severit
23-12-2020 - 18:51 12-06-2020 - 16:15
CVE-2007-4045 5.0
The CUPS service, as used in SUSE Linux before 20070720 and other Linux distributions, allows remote attackers to cause a denial of service via unspecified vectors related to an incomplete fix for CVE-2007-0720 that introduced a different denial of s
23-12-2020 - 15:20 27-07-2007 - 22:30
CVE-2010-3702 7.5
The Gfx::getPos function in the PDF parser in xpdf before 3.02pl5, poppler 0.8.7 and possibly other versions up to 0.15.1, CUPS, kdegraphics, and possibly other products allows context-dependent attackers to cause a denial of service (crash) via unkn
23-12-2020 - 15:01 05-11-2010 - 18:00
CVE-2020-35132 3.5
An XSS issue has been discovered in phpLDAPadmin before 1.2.6.2 that allows users to store malicious values that may be executed by other users at a later time via get_request in lib/function.php.
22-12-2020 - 21:16 11-12-2020 - 05:15
CVE-2019-2708 2.1
Vulnerability in the Data Store component of Oracle Berkeley DB. Supported versions that are affected are Prior to 6.138, prior to 6.2.38 and prior to 18.1.32. Easily exploitable vulnerability allows low privileged attacker having Local Logon privile
16-12-2020 - 04:15 23-04-2019 - 19:32
CVE-2007-1321 7.2
Integer signedness error in the NE2000 emulator in QEMU 0.8.2, as used in Xen and possibly other products, allows local users to trigger a heap-based buffer overflow via certain register values that bypass sanity checks, aka QEMU NE2000 "receive" int
15-12-2020 - 23:52 30-10-2007 - 22:46
CVE-2007-1320 7.2
Multiple heap-based buffer overflows in the cirrus_invalidate_region function in the Cirrus VGA extension in QEMU 0.8.2, as used in Xen and possibly other products, might allow local users to execute arbitrary code via unspecified vectors related to
15-12-2020 - 23:52 02-05-2007 - 17:19
CVE-2007-0720 5.0
The CUPS service on multiple platforms allows remote attackers to cause a denial of service (service hang) via a "partially-negotiated" SSL connection, which prevents other requests from being accepted.
15-12-2020 - 02:02 13-03-2007 - 21:19
CVE-2016-4002 6.8
Buffer overflow in the mipsnet_receive function in hw/net/mipsnet.c in QEMU, when the guest NIC is configured to accept large packets, allows remote attackers to cause a denial of service (memory corruption and QEMU crash) or possibly execute arbitra
14-12-2020 - 19:54 26-04-2016 - 14:59
CVE-2020-15169 4.3
In Action View before versions 5.2.4.4 and 6.0.3.3 there is a potential Cross-Site Scripting (XSS) vulnerability in Action View's translation helpers. Views that allow the user to control the default (not found) value of the `t` and `translate` helpe
08-12-2020 - 18:58 11-09-2020 - 16:15
CVE-2019-0001 7.1
Receipt of a malformed packet on MX Series devices with dynamic vlan configuration can trigger an uncontrolled recursion loop in the Broadband Edge subscriber management daemon (bbe-smgd), and lead to high CPU usage and a crash of the bbe-smgd servic
08-12-2020 - 14:26 15-01-2019 - 21:29
CVE-2020-25700 4.0
In moodle, some database module web services allowed students to add entries within groups they did not belong to. Versions affected: 3.9 to 3.9.2, 3.8 to 3.8.5, 3.7 to 3.7.8, 3.5 to 3.5.14 and earlier unsupported versions. This is fixed in moodle 3.
03-12-2020 - 19:35 19-11-2020 - 17:15
CVE-2020-25702 4.3
In Moodle, it was possible to include JavaScript when re-naming content bank items. Versions affected: 3.9 to 3.9.2. This is fixed in moodle 3.9.3 and 3.10.
03-12-2020 - 18:31 19-11-2020 - 17:15
CVE-2020-25698 5.0
Users' enrollment capabilities were not being sufficiently checked in Moodle when they are restored into an existing course. This could lead to them unenrolling users without having permission to do so. Versions affected: 3.5 to 3.5.14, 3.7 to 3.7.8,
02-12-2020 - 19:53 19-11-2020 - 17:15
CVE-2020-25701 5.0
If the upload course tool in Moodle was used to delete an enrollment method which did not exist or was not already enabled, the tool would erroneously enable that enrollment method. This could lead to unintended users gaining access to the course. Ve
01-12-2020 - 18:49 19-11-2020 - 17:15
CVE-2016-0724 4.0
The (1) core_enrol_get_course_enrolment_methods and (2) enrol_self_get_instance_info web services in Moodle through 2.6.11, 2.7.x before 2.7.12, 2.8.x before 2.8.10, 2.9.x before 2.9.4, and 3.0.x before 3.0.2 do not consider the moodle/course:viewhid
01-12-2020 - 14:54 22-02-2016 - 05:59
CVE-2016-0725 4.3
Cross-site scripting (XSS) vulnerability in the search_pagination function in course/classes/management_renderer.php in Moodle 2.8.x before 2.8.10, 2.9.x before 2.9.4, and 3.0.x before 3.0.2 allows remote attackers to inject arbitrary web script or H
01-12-2020 - 14:54 22-02-2016 - 05:59
CVE-2010-2231 6.8
Cross-site request forgery (CSRF) vulnerability in report/overview/report.php in the quiz module in Moodle before 1.8.13 and 1.9.x before 1.9.9 allows remote attackers to hijack the authentication of arbitrary users for requests that delete quiz atte
01-12-2020 - 14:52 28-06-2010 - 17:30
CVE-2013-1834 4.0
notes/edit.php in Moodle 1.9.x through 1.9.19, 2.x through 2.1.10, 2.2.x before 2.2.8, 2.3.x before 2.3.5, and 2.4.x before 2.4.2 allows remote authenticated users to reassign notes via a modified (1) userid or (2) courseid field.
01-12-2020 - 14:52 25-03-2013 - 21:55
CVE-2010-2229 4.3
Multiple cross-site scripting (XSS) vulnerabilities in blog/index.php in Moodle before 1.8.13 and 1.9.x before 1.9.9 allow remote attackers to inject arbitrary web script or HTML via unspecified parameters.
01-12-2020 - 14:52 28-06-2010 - 17:30
CVE-2013-2080 4.0
The core_grade component in Moodle through 2.2.10, 2.3.x before 2.3.7, and 2.4.x before 2.4.4 does not properly consider the existence of hidden grades, which allows remote authenticated users to obtain sensitive information by leveraging the student
01-12-2020 - 14:52 25-05-2013 - 03:18
CVE-2013-2082 5.0
Moodle through 2.1.10, 2.2.x before 2.2.10, 2.3.x before 2.3.7, and 2.4.x before 2.4.4 does not enforce capability requirements for reading blog comments, which allows remote attackers to obtain sensitive information via a crafted request.
01-12-2020 - 14:52 25-05-2013 - 03:18
CVE-2013-1830 5.0
user/view.php in Moodle through 2.1.10, 2.2.x before 2.2.8, 2.3.x before 2.3.5, and 2.4.x before 2.4.2 does not enforce the forceloginforprofiles setting, which allows remote attackers to obtain sensitive course-profile information by leveraging the
01-12-2020 - 14:52 25-03-2013 - 21:55
CVE-2013-1831 5.0
lib/setuplib.php in Moodle through 2.1.10, 2.2.x before 2.2.8, 2.3.x before 2.3.5, and 2.4.x before 2.4.2 allows remote attackers to obtain sensitive information via an invalid request, which reveals the absolute path in an exception message.
01-12-2020 - 14:52 25-03-2013 - 21:55
CVE-2013-2083 5.0
The MoodleQuickForm class in lib/formslib.php in Moodle through 2.1.10, 2.2.x before 2.2.10, 2.3.x before 2.3.7, and 2.4.x before 2.4.4 does not properly handle a certain array-element syntax, which allows remote attackers to bypass intended form-dat
01-12-2020 - 14:52 25-05-2013 - 03:18
CVE-2013-2081 4.3
Moodle through 2.1.10, 2.2.x before 2.2.10, 2.3.x before 2.3.7, and 2.4.x before 2.4.4 does not consider "don't send" attributes during hub registration, which allows remote hubs to obtain sensitive site information by reading form data.
01-12-2020 - 14:52 25-05-2013 - 03:18
CVE-2010-2228 4.3
Cross-site scripting (XSS) vulnerability in the MNET access-control interface in Moodle before 1.8.13 and 1.9.x before 1.9.9 allows remote attackers to inject arbitrary web script or HTML via vectors involving extended characters in a username.
01-12-2020 - 14:52 28-06-2010 - 17:30
CVE-2010-2230 4.0
The KSES text cleaning filter in lib/weblib.php in Moodle before 1.8.13 and 1.9.x before 1.9.9 does not properly handle vbscript URIs, which allows remote authenticated users to conduct cross-site scripting (XSS) attacks via HTML input.
01-12-2020 - 14:52 28-06-2010 - 17:30
CVE-2013-1835 3.5
Moodle 2.x through 2.1.10, 2.2.x before 2.2.8, 2.3.x before 2.3.5, and 2.4.x before 2.4.2 allows remote authenticated administrators to obtain sensitive information from the external repositories of arbitrary users by leveraging the login_as feature.
01-12-2020 - 14:52 25-03-2013 - 21:55
CVE-2013-1832 4.0
repository/webdav/lib.php in Moodle 2.x through 2.1.10, 2.2.x before 2.2.8, 2.3.x before 2.3.5, and 2.4.x before 2.4.2 includes the WebDAV password in the configuration form, which allows remote authenticated administrators to obtain sensitive inform
01-12-2020 - 14:52 25-03-2013 - 21:55
CVE-2013-2079 4.0
mod/assign/locallib.php in the assignment module in Moodle 2.3.x before 2.3.7 and 2.4.x before 2.4.4 does not consider capability requirements during the processing of ZIP assignment-archive download (aka downloadall) requests, which allows remote au
01-12-2020 - 14:52 25-05-2013 - 03:18
CVE-2013-1836 6.5
Moodle 2.x through 2.1.10, 2.2.x before 2.2.8, 2.3.x before 2.3.5, and 2.4.x before 2.4.2 does not properly manage privileges for WebDAV repositories, which allows remote authenticated users to read, modify, or delete arbitrary site-wide repositories
01-12-2020 - 14:52 25-03-2013 - 21:55
CVE-2013-1833 3.5
Multiple cross-site scripting (XSS) vulnerabilities in the File Picker module in Moodle 2.x through 2.1.10, 2.2.x before 2.2.8, 2.3.x before 2.3.5, and 2.4.x before 2.4.2 allow remote authenticated users to inject arbitrary web script or HTML via a c
01-12-2020 - 14:52 25-03-2013 - 21:55
CVE-2014-0009 5.5
course/loginas.php in Moodle through 2.2.11, 2.3.x before 2.3.11, 2.4.x before 2.4.8, 2.5.x before 2.5.4, and 2.6.x before 2.6.1 does not enforce the moodle/site:accessallgroups capability requirement for outside-group users in a SEPARATEGROUPS confi
01-12-2020 - 14:52 20-01-2014 - 15:14
CVE-2008-1502 4.3
The _bad_protocol_once function in phpgwapi/inc/class.kses.inc.php in KSES, as used in eGroupWare before 1.4.003, Moodle before 1.8.5, and other products, allows remote attackers to bypass HTML filtering and conduct cross-site scripting (XSS) attacks
01-12-2020 - 14:52 25-03-2008 - 19:44
CVE-2014-0010 6.8
Multiple cross-site request forgery (CSRF) vulnerabilities in user/profile/index.php in Moodle through 2.2.11, 2.3.x before 2.3.11, 2.4.x before 2.4.8, 2.5.x before 2.5.4, and 2.6.x before 2.6.1 allow remote attackers to hijack the authentication of
01-12-2020 - 14:52 20-01-2014 - 15:14
CVE-2014-0008 4.0
lib/adminlib.php in Moodle through 2.3.11, 2.4.x before 2.4.8, 2.5.x before 2.5.4, and 2.6.x before 2.6.1 logs cleartext passwords, which allows remote authenticated administrators to obtain sensitive information by reading the Config Changes Report.
01-12-2020 - 14:52 20-01-2014 - 15:14
CVE-2009-4299 5.0
mod/glossary/showentry.php in the Glossary module for Moodle 1.8 before 1.8.11 and 1.9 before 1.9.7 does not properly perform access control, which allows attackers to read unauthorized Glossary entries via unknown vectors.
01-12-2020 - 14:43 16-12-2009 - 01:30
CVE-2009-4302 5.0
login/index_form.html in Moodle 1.8 before 1.8.11 and 1.9 before 1.9.7 links to an index page on the HTTP port even when the page is served from an HTTPS port, which might cause login credentials to be sent in cleartext, even when SSL is intended, an
01-12-2020 - 14:43 16-12-2009 - 01:30
CVE-2009-4298 5.0
The LAMS module (mod/lams) for Moodle 1.8 before 1.8.11 and 1.9 before 1.9.7 stores the (1) username, (2) firstname, and (3) lastname fields within the user table, which allows attackers to obtain user account information via unknown vectors.
01-12-2020 - 14:43 16-12-2009 - 01:30
CVE-2009-4304 7.5
Moodle 1.8 before 1.8.11 and 1.9 before 1.9.7 does not use a random password salt in config.php, which makes it easier for attackers to conduct brute-force password guessing attacks.
01-12-2020 - 14:43 16-12-2009 - 01:30
CVE-2009-4305 6.5
SQL injection vulnerability in the SCORM module in Moodle 1.8 before 1.8.11 and 1.9 before 1.9.7 allows remote authenticated users to execute arbitrary SQL commands via vectors related to an "escaping issue when processing AICC CRS file (Course_Title
01-12-2020 - 14:43 16-12-2009 - 01:30
CVE-2009-4303 5.0
Moodle 1.8 before 1.8.11 and 1.9 before 1.9.7 stores (1) password hashes and (2) unspecified "secrets" in backup files, which might allow attackers to obtain sensitive information.
01-12-2020 - 14:43 16-12-2009 - 01:30
CVE-2009-4301 6.0
mnet/lib.php in Moodle 1.8 before 1.8.11 and 1.9 before 1.9.7, when MNET services are enabled, does not properly check permissions, which allows remote authenticated servers to execute arbitrary MNET functions.
01-12-2020 - 14:43 16-12-2009 - 01:30
CVE-2009-4300 5.0
Multiple unspecified authentication plugins in Moodle 1.8 before 1.8.11 and 1.9 before 1.9.7 store the MD5 hashes for passwords in the user table, even when the cached hashes are not used by the plugin, which might make it easier for attackers to obt
01-12-2020 - 14:43 16-12-2009 - 01:30
CVE-2009-4297 6.8
Multiple cross-site request forgery (CSRF) vulnerabilities in Moodle 1.8 before 1.8.11 and 1.9 before 1.9.7 allow remote attackers to hijack the authentication of unspecified victims via unknown vectors.
01-12-2020 - 14:43 16-12-2009 - 01:30
CVE-2009-1171 4.3
The TeX filter in Moodle 1.6 before 1.6.9+, 1.7 before 1.7.7+, 1.8 before 1.8.9, and 1.9 before 1.9.5 allows user-assisted attackers to read arbitrary files via an input command in a "$$" sequence, which causes LaTeX to include the contents of the fi
01-12-2020 - 14:43 30-03-2009 - 22:30
CVE-2020-10760 4.0
A use-after-free flaw was found in all samba LDAP server versions before 4.10.17, before 4.11.11, before 4.12.4 used in a AC DC configuration. A Samba LDAP user could use this flaw to crash samba.
23-11-2020 - 05:15 06-07-2020 - 19:15
CVE-2016-4608 7.5
libxslt in Apple iOS before 9.3.3, OS X before 10.11.6, iTunes before 12.4.2 on Windows, iCloud before 5.2.1 on Windows, tvOS before 9.2.2, and watchOS before 2.2.2 allows remote attackers to cause a denial of service (memory corruption) or possibly
20-11-2020 - 19:03 22-07-2016 - 02:59
CVE-2007-6427 9.3
The XInput extension in X.Org Xserver before 1.4.1 allows context-dependent attackers to execute arbitrary code via requests related to byte swapping and heap corruption within multiple functions, a different vulnerability than CVE-2007-4990.
20-11-2020 - 16:47 18-01-2008 - 23:00
CVE-2016-4610 7.5
libxslt in Apple iOS before 9.3.3, OS X before 10.11.6, iTunes before 12.4.2 on Windows, iCloud before 5.2.1 on Windows, tvOS before 9.2.2, and watchOS before 2.2.2 allows remote attackers to cause a denial of service (memory corruption) or possibly
20-11-2020 - 15:54 22-07-2016 - 02:59
CVE-2009-0385 9.3
Integer signedness error in the fourxm_read_header function in libavformat/4xm.c in FFmpeg before revision 16846 allows remote attackers to execute arbitrary code via a malformed 4X movie file with a large current_track value, which triggers a NULL p
20-11-2020 - 15:54 02-02-2009 - 19:30
CVE-2020-14040 5.0
The x/text package before 0.3.3 for Go has a vulnerability in encoding/unicode that could lead to the UTF-16 decoder entering an infinite loop, causing the program to crash or run out of memory. An attacker could provide a single byte to a UTF16 deco
18-11-2020 - 14:44 17-06-2020 - 20:15
CVE-2019-18348 4.3
An issue was discovered in urllib2 in Python 2.x through 2.7.17 and urllib in Python 3.x through 3.8.0. CRLF injection is possible if the attacker controls a url parameter, as demonstrated by the first argument to urllib.request.urlopen with \r\n (sp
16-11-2020 - 20:46 23-10-2019 - 17:15
CVE-2020-9365 5.0
An issue was discovered in Pure-FTPd 1.0.49. An out-of-bounds (OOB) read has been detected in the pure_strcmp function in utils.c.
16-11-2020 - 19:32 24-02-2020 - 16:15
CVE-2010-3879 5.8
FUSE, possibly 2.8.5 and earlier, allows local users to create mtab entries with arbitrary pathnames, and consequently unmount any filesystem, via a symlink attack on the parent directory of the mountpoint of a FUSE filesystem, a different vulnerabil
10-11-2020 - 19:00 22-01-2011 - 22:00
CVE-2008-3913 5.0
Multiple memory leaks in freshclam/manager.c in ClamAV before 0.94 might allow attackers to cause a denial of service (memory consumption) via unspecified vectors related to "error handling logic".
10-11-2020 - 18:34 11-09-2008 - 01:13
CVE-2019-11413 5.0
An issue was discovered in Artifex MuJS 1.0.5. It has unlimited recursion because the match function in regexp.c lacks a depth check.
10-11-2020 - 03:15 22-04-2019 - 11:29
CVE-2019-11411 7.5
An issue was discovered in Artifex MuJS 1.0.5. The Number#toFixed() and numtostr implementations in jsnumber.c have a stack-based buffer overflow.
10-11-2020 - 03:15 22-04-2019 - 11:29
CVE-2010-2008 3.5
MySQL before 5.1.48 allows remote authenticated users with alter database privileges to cause a denial of service (server crash and database loss) via an ALTER DATABASE command with a #mysql50# string followed by a . (dot), .. (dot dot), ../ (dot dot
09-11-2020 - 14:33 13-07-2010 - 20:30
CVE-2020-14352 8.5
A flaw was found in librepo in versions before 1.12.1. A directory traversal vulnerability was found where it failed to sanitize paths in remote repository metadata. An attacker controlling a remote repository may be able to copy files outside of the
09-11-2020 - 14:28 30-08-2020 - 15:15
CVE-2008-3912 5.0
libclamav in ClamAV before 0.94 allows attackers to cause a denial of service (NULL pointer dereference and application crash) via vectors related to an out-of-memory condition.
09-11-2020 - 03:20 11-09-2008 - 01:13
CVE-2019-13314 2.1
virt-bootstrap 1.1.0 allows local users to discover a root password by listing a process, because this password may be present in the --root-password option to virt_bootstrap.py.
07-11-2020 - 01:15 05-07-2019 - 14:15
CVE-2008-3914 10.0
Multiple unspecified vulnerabilities in ClamAV before 0.94 have unknown impact and attack vectors related to file descriptor leaks on the "error path" in (1) libclamav/others.c and (2) libclamav/sis.c.
05-11-2020 - 16:05 11-09-2008 - 01:13
CVE-2019-19917 6.8
Lout 3.40 has a buffer overflow in the StringQuotedWord() function in z39.c.
05-11-2020 - 15:33 20-12-2019 - 20:15
CVE-2007-5191 7.2
mount and umount in util-linux and loop-aes-utils call the setuid and setgid functions in the wrong order and do not check the return values, which might allow attackers to gain privileges via helpers such as mount.nfs.
04-11-2020 - 14:59 04-10-2007 - 16:17
CVE-2011-2527 2.1
The change_process_uid function in os-posix.c in Qemu 0.14.0 and earlier does not properly drop group privileges when the -runas option is used, which allows local guest users to access restricted files on the host.
02-11-2020 - 14:39 21-06-2012 - 15:55
CVE-2008-2382 5.0
The protocol_client_msg function in vnc.c in the VNC server in (1) Qemu 0.9.1 and earlier and (2) KVM kvm-79 and earlier allows remote attackers to cause a denial of service (infinite loop) via a certain message.
02-11-2020 - 14:39 24-12-2008 - 18:29
CVE-2008-0928 4.7
Qemu 0.9.1 and earlier does not perform range checks for block device read or write requests, which allows guest host users with root privileges to access arbitrary memory and escape the virtual machine.
02-11-2020 - 14:39 03-03-2008 - 22:44
CVE-2018-20406 5.0
Modules/_pickle.c in Python before 3.7.1 has an integer overflow via a large LONG_BINPUT value that is mishandled during a "resize to twice the size" attempt. This issue might cause memory exhaustion, but is only relevant if the pickle format is used
29-10-2020 - 15:15 23-12-2018 - 23:29
CVE-2018-7728 4.3
An issue was discovered in Exempi through 2.4.4. XMPFiles/source/FileHandlers/TIFF_Handler.cpp mishandles a case of a zero length, leading to a heap-based buffer over-read in the MD5Update() function in third-party/zuid/interfaces/MD5.cpp.
26-10-2020 - 12:17 06-03-2018 - 18:29
CVE-2018-7729 4.3
An issue was discovered in Exempi through 2.4.4. There is a stack-based buffer over-read in the PostScript_MetaHandler::ParsePSFile() function in XMPFiles/source/FileHandlers/PostScript_Handler.cpp.
26-10-2020 - 12:17 06-03-2018 - 18:29
CVE-2018-7730 4.3
An issue was discovered in Exempi through 2.4.4. A certain case of a 0xffffffff length is mishandled in XMPFiles/source/FormatSupport/PSIR_FileWriter.cpp, leading to a heap-based buffer over-read in the PSD_MetaHandler::CacheFileData() function.
26-10-2020 - 12:17 06-03-2018 - 18:29
CVE-2018-7731 4.3
An issue was discovered in Exempi through 2.4.4. XMPFiles/source/FormatSupport/WEBP_Support.cpp does not check whether a bitstream has a NULL value, leading to a NULL pointer dereference in the WEBP::VP8XChunk class.
26-10-2020 - 12:17 06-03-2018 - 18:29
CVE-2018-12545 5.0
In Eclipse Jetty version 9.3.x and 9.4.x, the server is vulnerable to Denial of Service conditions if a remote client sends either large SETTINGs frames container containing many settings, or many small SETTINGs frames. The vulnerability is due to th
23-10-2020 - 18:18 27-03-2019 - 20:29
CVE-2014-6051 7.5
Integer overflow in the MallocFrameBuffer function in vncviewer.c in LibVNCServer 0.9.9 and earlier allows remote VNC servers to cause a denial of service (crash) and possibly execute arbitrary code via an advertisement for a large screen size, which
23-10-2020 - 13:15 30-09-2014 - 16:55
CVE-2014-6055 6.5
Multiple stack-based buffer overflows in the File Transfer feature in rfbserver.c in LibVNCServer 0.9.9 and earlier allow remote authenticated users to cause a denial of service (crash) and possibly execute arbitrary code via a (1) long file or (2) d
23-10-2020 - 13:15 30-09-2014 - 16:55
CVE-2019-11037 7.5
In PHP imagick extension in versions between 3.3.0 and 3.4.4, writing to an array of values in ImagickKernel::fromMatrix() function did not check that the address will be within the allocated array. This could lead to out of bounds write to memory if
23-10-2020 - 01:15 03-05-2019 - 20:29
CVE-2019-9499 6.8
The implementations of EAP-PWD in wpa_supplicant EAP Peer, when built against a crypto library missing explicit validation on imported elements, do not validate the scalar and element values in EAP-pwd-Commit. An attacker may complete authentication,
22-10-2020 - 17:15 17-04-2019 - 14:29
CVE-2019-9498 6.8
The implementations of EAP-PWD in hostapd EAP Server, when built against a crypto library missing explicit validation on imported elements, do not validate the scalar and element values in EAP-pwd-Commit. An attacker may be able to use invalid scalar
22-10-2020 - 17:15 17-04-2019 - 14:29
CVE-2016-9956 5.0
The route manager in FlightGear before 2016.4.4 allows remote attackers to write to arbitrary files via a crafted Nasal script.
22-10-2020 - 16:15 22-02-2017 - 16:59
CVE-2019-5435 4.3
An integer overflow in curl's URL API results in a buffer overflow in libcurl 7.62.0 to and including 7.64.1.
20-10-2020 - 22:15 28-05-2019 - 19:29
CVE-2019-5436 4.6
A heap buffer overflow in the TFTP receiving code allows for DoS or arbitrary code execution in libcurl versions 7.19.4 through 7.64.1.
20-10-2020 - 22:15 28-05-2019 - 19:29
CVE-2019-1549 5.0
OpenSSL 1.1.1 introduced a rewritten random number generator (RNG). This was intended to include protection in the event of a fork() system call in order to ensure that the parent and child processes did not share the same RNG state. However this pro
20-10-2020 - 22:15 10-09-2019 - 17:15
CVE-2016-2167 4.9
The canonicalize_username function in svnserve/cyrus_auth.c in Apache Subversion before 1.8.16 and 1.9.x before 1.9.4, when Cyrus SASL authentication is used, allows remote attackers to authenticate and bypass intended access restrictions via a realm
20-10-2020 - 22:15 05-05-2016 - 18:59
CVE-2016-2168 4.0
The req_check_access function in the mod_authz_svn module in the httpd server in Apache Subversion before 1.8.16 and 1.9.x before 1.9.4 allows remote authenticated users to cause a denial of service (NULL pointer dereference and crash) via a crafted
20-10-2020 - 22:15 05-05-2016 - 18:59
CVE-2020-13790 5.8
libjpeg-turbo 2.0.4, and mozjpeg 4.0.0, has a heap-based buffer over-read in get_rgb_row() in rdppm.c via a malformed PPM input file.
20-10-2020 - 13:15 03-06-2020 - 19:15
CVE-2019-6477 5.0
With pipelining enabled each incoming query on a TCP connection requires a similar resource allocation to a query received via UDP or via TCP without pipelining enabled. A client using a TCP-pipelined connection to a server could consume more resourc
20-10-2020 - 12:15 26-11-2019 - 16:15
CVE-2020-8616 5.0
A malicious actor who intentionally exploits this lack of effective limitation on the number of fetches performed when processing referrals can, through the use of specially crafted referrals, cause a recursing server to issue a very large number of
20-10-2020 - 12:15 19-05-2020 - 14:15
CVE-2020-8154 6.8
An Insecure direct object reference vulnerability in Nextcloud Server 18.0.2 allowed an attacker to remote wipe devices of other users when sending a malicious request directly to the endpoint.
19-10-2020 - 19:15 12-05-2020 - 13:15
CVE-2020-8155 3.5
An outdated 3rd party library in the Files PDF viewer for Nextcloud Server 18.0.2 caused a Cross-site scripting vulnerability when opening a malicious PDF.
19-10-2020 - 19:15 12-05-2020 - 13:15
CVE-2020-14196 4.3
In PowerDNS Recursor versions up to and including 4.3.1, 4.2.2 and 4.1.16, the ACL restricting access to the internal web server is not properly enforced.
17-10-2020 - 21:15 01-07-2020 - 18:15
CVE-2019-5418 5.0
There is a File Content Disclosure vulnerability in Action View <5.2.2.1, <5.1.6.2, <5.0.7.2, <4.2.11.1 and v3 where specially crafted accept headers can cause contents of arbitrary files on the target system's filesystem to be exposed.
16-10-2020 - 19:02 27-03-2019 - 14:29
CVE-2019-5419 7.8
There is a possible denial of service vulnerability in Action View (Rails) <5.2.2.1, <5.1.6.2, <5.0.7.2, <4.2.11.1 where specially crafted accept headers can cause action view to consume 100% cpu and make the server unresponsive.
16-10-2020 - 19:02 27-03-2019 - 14:29
CVE-2019-14811 6.8
A flaw was found in, ghostscript versions prior to 9.50, in the .pdf_hook_DSC_Creator procedure where it did not properly secure its privileged calls, enabling scripts to bypass `-dSAFER` restrictions. A specially crafted PostScript file could disabl
16-10-2020 - 13:21 03-09-2019 - 16:15
CVE-2019-14817 6.8
A flaw was found in, ghostscript versions prior to 9.50, in the .pdfexectoken and other procedures where it did not properly secure its privileged calls, enabling scripts to bypass `-dSAFER` restrictions. A specially crafted PostScript file could dis
16-10-2020 - 13:21 03-09-2019 - 16:15
CVE-2019-14813 7.5
A flaw was found in ghostscript, versions 9.x before 9.50, in the setsystemparams procedure where it did not properly secure its privileged calls, enabling scripts to bypass `-dSAFER` restrictions. A specially crafted PostScript file could disable se
16-10-2020 - 13:20 06-09-2019 - 14:15
CVE-2019-11038 5.0
When using the gdImageCreateFromXbm() function in the GD Graphics Library (aka LibGD) 2.2.5, as used in the PHP GD extension in PHP versions 7.1.x below 7.1.30, 7.2.x below 7.2.19 and 7.3.x below 7.3.6, it is possible to supply data that will cause t
16-10-2020 - 12:58 19-06-2019 - 00:15
CVE-2019-3992 5.0
ELOG 3.1.4-57bea22 and below is affected by an information disclosure vulnerability. A remote unauthenticated attacker can access the server's configuration file by sending an HTTP GET request. Amongst the configuration data, the attacker may gain ac
15-10-2020 - 19:36 17-12-2019 - 22:15
CVE-2019-3993 5.0
ELOG 3.1.4-57bea22 and below is affected by an information disclosure vulnerability. A remote unauthenticated attacker can recover a user's password hash by sending a crafted HTTP POST request.
15-10-2020 - 19:35 17-12-2019 - 22:15
CVE-2019-3839 6.8
It was found that in ghostscript some privileged operators remained accessible from various places after the CVE-2019-6116 fix. A specially crafted PostScript file could use this flaw in order to, for example, have access to the file system outside o
15-10-2020 - 14:31 16-05-2019 - 19:29
CVE-2019-3838 4.3
It was found that the forceput operator could be extracted from the DefineResource method in ghostscript before 9.27. A specially crafted PostScript file could use this flaw in order to, for example, have access to the file system outside of the cons
15-10-2020 - 14:05 25-03-2019 - 19:29
CVE-2019-3835 4.3
It was found that the superexec operator was available in the internal dictionary in ghostscript before 9.27. A specially crafted PostScript file could use this flaw in order to, for example, have access to the file system outside of the constrains i
15-10-2020 - 13:50 25-03-2019 - 19:29
CVE-2019-3856 6.8
An integer overflow flaw, which could lead to an out of bounds write, was discovered in libssh2 before 1.8.1 in the way keyboard prompt requests are parsed. A remote attacker who compromises a SSH server may be able to execute code on the client syst
15-10-2020 - 13:43 25-03-2019 - 19:29
CVE-2019-3857 6.8
An integer overflow flaw which could lead to an out of bounds write was discovered in libssh2 before 1.8.1 in the way SSH_MSG_CHANNEL_REQUEST packets with an exit signal are parsed. A remote attacker who compromises a SSH server may be able to execut
15-10-2020 - 13:43 25-03-2019 - 19:29
CVE-2019-3855 9.3
An integer overflow flaw which could lead to an out of bounds write was discovered in libssh2 before 1.8.1 in the way packets are read from the server. A remote attacker who compromises a SSH server may be able to execute code on the client system wh
15-10-2020 - 13:42 21-03-2019 - 21:29
CVE-2019-7221 4.6
The KVM implementation in the Linux kernel through 4.20.5 has a Use-after-Free.
15-10-2020 - 13:28 21-03-2019 - 16:01
CVE-2016-7969 5.0
The wrap_lines_smart function in ass_render.c in libass before 0.13.4 allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors, related to "0/3 line wrapping equalization."
14-10-2020 - 18:16 03-03-2017 - 16:59
CVE-2009-3767 4.3
libraries/libldap/tls_o.c in OpenLDAP 2.2 and 2.4, and possibly other versions, when OpenSSL is used, does not properly handle a '\0' character in a domain name in the subject's Common Name (CN) field of an X.509 certificate, which allows man-in-the-
14-10-2020 - 17:13 23-10-2009 - 19:30
CVE-2017-18342 7.5
In PyYAML before 5.1, the yaml.load() API could execute arbitrary code if used with untrusted data. The load() function has been deprecated in version 5.1 and the 'UnsafeLoader' has been introduced for backward compatibility with the function.
14-10-2020 - 13:23 27-06-2018 - 12:29
CVE-2020-10967 5.0
In Dovecot before 2.3.10.1, remote unauthenticated attackers can crash the lmtp or submission process by sending mail with an empty localpart.
13-10-2020 - 22:15 18-05-2020 - 15:15
CVE-2004-0179 6.8
Multiple format string vulnerabilities in (1) neon 0.24.4 and earlier, and other products that use neon including (2) Cadaver, (3) Subversion, and (4) OpenOffice, allow remote malicious WebDAV servers to execute arbitrary code.
13-10-2020 - 16:52 01-06-2004 - 04:00
CVE-2016-4609 7.5
libxslt in Apple iOS before 9.3.3, OS X before 10.11.6, iTunes before 12.4.2 on Windows, iCloud before 5.2.1 on Windows, tvOS before 9.2.2, and watchOS before 2.2.2 allows remote attackers to cause a denial of service (memory corruption) or possibly
09-10-2020 - 18:32 22-07-2016 - 02:59
CVE-2016-4607 7.5
libxslt in Apple iOS before 9.3.3, OS X before 10.11.6, iTunes before 12.4.2 on Windows, iCloud before 5.2.1 on Windows, tvOS before 9.2.2, and watchOS before 2.2.2 allows remote attackers to cause a denial of service (memory corruption) or possibly
09-10-2020 - 18:03 22-07-2016 - 02:59
CVE-2004-0398 7.5
Heap-based buffer overflow in the ne_rfc1036_parse date parsing function for the neon library (libneon) 0.24.5 and earlier, as used by cadaver before 0.22, allows remote WebDAV servers to execute arbitrary code on the client.
09-10-2020 - 17:06 07-07-2004 - 04:00
CVE-2020-7041 5.0
An issue was discovered in openfortivpn 1.11.0 when used with OpenSSL 1.0.2 or later. tunnel.c mishandles certificate validation because an X509_check_host negative error code is interpreted as a successful return value.
09-10-2020 - 15:08 27-02-2020 - 18:15
CVE-2020-7043 6.4
An issue was discovered in openfortivpn 1.11.0 when used with OpenSSL before 1.0.2. tunnel.c mishandles certificate validation because hostname comparisons do not consider '\0' characters, as demonstrated by a good.example.com\x00evil.example.com att
09-10-2020 - 14:58 27-02-2020 - 18:15
CVE-2019-14869 6.8
A flaw was found in all versions of ghostscript 9.x before 9.50, where the `.charkeys` procedure, where it did not properly secure its privileged calls, enabling scripts to bypass `-dSAFER` restrictions. An attacker could abuse this flaw by creating
09-10-2020 - 13:12 15-11-2019 - 12:15
CVE-2019-8936 5.0
NTP through 4.2.8p12 has a NULL Pointer Dereference.
07-10-2020 - 16:15 15-05-2019 - 16:29
CVE-2011-1783 4.3
The mod_dav_svn module for the Apache HTTP Server, as distributed in Apache Subversion 1.5.x and 1.6.x before 1.6.17, when the SVNPathAuthz short_circuit option is enabled, allows remote attackers to cause a denial of service (infinite loop and memor
05-10-2020 - 19:05 06-06-2011 - 19:55
CVE-2011-1752 5.0
The mod_dav_svn module for the Apache HTTP Server, as distributed in Apache Subversion before 1.6.17, allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via a request for a baselined WebDAV resource, as e
05-10-2020 - 19:04 06-06-2011 - 19:55
CVE-2019-15043 5.0
In Grafana 2.x through 6.x before 6.3.4, parts of the HTTP API allow unauthenticated use. This makes it possible to run a denial of service attack against the server running Grafana.
04-10-2020 - 18:15 03-09-2019 - 12:15
CVE-2019-10164 9.0
PostgreSQL versions 10.x before 10.9 and versions 11.x before 11.4 are vulnerable to a stack-based buffer overflow. Any authenticated user can overflow a stack-based buffer by changing the user's own password to a purpose-crafted value. This often su
02-10-2020 - 14:34 26-06-2019 - 16:15
CVE-2019-11036 6.4
When processing certain files, PHP EXIF extension in versions 7.1.x below 7.1.29, 7.2.x below 7.2.18 and 7.3.x below 7.3.5 can be caused to read past allocated buffer in exif_process_IFD_TAG function. This may lead to information disclosure or crash.
02-10-2020 - 13:14 03-05-2019 - 20:29
CVE-2020-11979 5.0
As mitigation for CVE-2020-1945 Apache Ant 1.10.8 changed the permissions of temporary files it created so that only the current user was allowed to access them. Unfortunately the fixcrlf task deleted the temporary file and created a new one without
01-10-2020 - 20:15 01-10-2020 - 20:15
CVE-2020-25600 5.0
An issue was discovered in Xen through 4.14.x. Out of bounds event channels are available to 32-bit x86 domains. The so called 2-level event channel model imposes different limits on the number of usable event channels for 32-bit x86 domains vs 64-bi
01-10-2020 - 06:15 23-09-2020 - 22:15
CVE-2020-25596 5.0
An issue was discovered in Xen through 4.14.x. x86 PV guest kernels can experience denial of service via SYSENTER. The SYSENTER instruction leaves various state sanitization activities to software. One of Xen's sanitization paths injects a #GP fault,
01-10-2020 - 06:15 23-09-2020 - 22:15
CVE-2020-25595 5.0
An issue was discovered in Xen through 4.14.x. The PCI passthrough code improperly uses register data. Code paths in Xen's MSI handling have been identified that act on unsanitized values read back from device hardware registers. While devices strict
01-10-2020 - 06:15 23-09-2020 - 21:15
CVE-2020-25604 1.9
An issue was discovered in Xen through 4.14.x. There is a race condition when migrating timers between x86 HVM vCPUs. When migrating timers of x86 HVM guests between its vCPUs, the locking model used allows for a second vCPU of the same guest (also o
01-10-2020 - 06:15 23-09-2020 - 22:15
CVE-2020-25597 5.0
An issue was discovered in Xen through 4.14.x. There is mishandling of the constraint that once-valid event channels may not turn invalid. Logic in the handling of event channel operations in Xen assumes that an event channel, once valid, will not be
01-10-2020 - 06:15 23-09-2020 - 22:15
CVE-2020-25602 5.0
An issue was discovered in Xen through 4.14.x. An x86 PV guest can trigger a host OS crash when handling guest access to MSR_MISC_ENABLE. When a guest accesses certain Model Specific Registers, Xen first reads the value from hardware to use as the ba
01-10-2020 - 06:15 23-09-2020 - 22:15
CVE-2020-25603 5.0
An issue was discovered in Xen through 4.14.x. There are missing memory barriers when accessing/allocating an event channel. Event channels control structures can be accessed lockless as long as the port is considered to be valid. Such a sequence is
01-10-2020 - 06:15 23-09-2020 - 22:15
CVE-2020-25598 5.0
An issue was discovered in Xen 4.14.x. There is a missing unlock in the XENMEM_acquire_resource error path. The RCU (Read, Copy, Update) mechanism is a synchronisation primitive. A buggy error path in the XENMEM_acquire_resource exits without releasi
01-10-2020 - 06:15 23-09-2020 - 22:15
CVE-2020-25599 5.0
An issue was discovered in Xen through 4.14.x. There are evtchn_reset() race conditions. Uses of EVTCHNOP_reset (potentially by a guest on itself) or XEN_DOMCTL_soft_reset (by itself covered by XSA-77) can lead to the violation of various internal as
01-10-2020 - 06:15 23-09-2020 - 22:15
CVE-2020-25601 5.0
An issue was discovered in Xen through 4.14.x. There is a lack of preemption in evtchn_reset() / evtchn_destroy(). In particular, the FIFO event channel model allows guests to have a large number of event channels active at a time. Closing all of the
01-10-2020 - 06:15 23-09-2020 - 22:15
CVE-2019-9658 5.0
Checkstyle before 8.18 loads external DTDs by default.
01-10-2020 - 00:15 11-03-2019 - 05:29
CVE-2020-26159 5.0
In Oniguruma 6.9.5_rev1, an attacker able to supply a regular expression for compilation may be able to overflow a buffer by one byte in concat_opt_exact_str in src/regcomp.c .
01-10-2020 - 00:15 30-09-2020 - 21:15
CVE-2019-12086 5.0
A Polymorphic Typing issue was discovered in FasterXML jackson-databind 2.x before 2.9.9. When Default Typing is enabled (either globally or for a specific property) for an externally exposed JSON endpoint, the service has the mysql-connector-java ja
01-10-2020 - 00:15 17-05-2019 - 17:29
CVE-2020-12066 7.8
CServer::SendMsg in engine/server/server.cpp in Teeworlds 0.7.x before 0.7.5 allows remote attackers to shut down the server.
01-10-2020 - 00:15 22-04-2020 - 17:15
CVE-2020-11023 4.3
In jQuery versions greater than or equal to 1.0.3 and before 3.5.0, passing HTML containing <option> elements from untrusted sources - even after sanitizing it - to one of jQuery's DOM manipulation methods (i.e. .html(), .append(), and others) may ex
01-10-2020 - 00:15 29-04-2020 - 21:15
CVE-2020-26159 5.0
In Oniguruma 6.9.5_rev1, an attacker able to supply a regular expression for compilation may be able to overflow a buffer by one byte in concat_opt_exact_str in src/regcomp.c .
01-10-2020 - 00:15 30-09-2020 - 21:15
CVE-2019-9658 5.0
Checkstyle before 8.18 loads external DTDs by default.
01-10-2020 - 00:15 11-03-2019 - 05:29
CVE-2020-15810 3.5
An issue was discovered in Squid before 4.13 and 5.x before 5.0.4. Due to incorrect data validation, HTTP Request Smuggling attacks may succeed against HTTP and HTTPS traffic. This leads to cache poisoning. This allows any client, including browser s
30-09-2020 - 22:15 02-09-2020 - 17:15
CVE-2020-24606 7.1
Squid before 4.13 and 5.x before 5.0.4 allows a trusted peer to perform Denial of Service by consuming all available CPU cycles during handling of a crafted Cache Digest response message. This only occurs when cache_peer is used with the cache digest
30-09-2020 - 22:15 24-08-2020 - 18:15
CVE-2020-15049 6.5
An issue was discovered in http/ContentLengthInterpreter.cc in Squid before 4.12 and 5.x before 5.0.3. A Request Smuggling and Poisoning attack can succeed against the HTTP cache. The client sends an HTTP request with a Content-Length header containi
30-09-2020 - 22:15 30-06-2020 - 18:15
CVE-2020-15811 4.0
An issue was discovered in Squid before 4.13 and 5.x before 5.0.4. Due to incorrect data validation, HTTP Request Splitting attacks may succeed against HTTP and HTTPS traffic. This leads to cache poisoning. This allows any client, including browser s
30-09-2020 - 22:15 02-09-2020 - 17:15
CVE-2020-1945 3.3
Apache Ant 1.1 to 1.9.14 and 1.10.0 to 1.10.7 uses the default temporary directory identified by the Java system property java.io.tmpdir for several tasks and may thus leak sensitive information. The fixcrlf and replaceregexp tasks also copy files fr
30-09-2020 - 21:15 14-05-2020 - 16:15
CVE-2020-8252 7.5
The implementation of realpath in libuv < 10.22.1, < 12.18.4, and < 14.9.0 used within Node.js incorrectly determined the buffer size which can result in a buffer overflow if the resolved path is longer than 256 bytes.
30-09-2020 - 20:15 18-09-2020 - 21:15
CVE-2020-26154 5.0
url.cpp in libproxy through 0.4.15 is prone to a buffer overflow when PAC is enabled, as demonstrated by a large PAC file that is delivered without a Content-length header.
30-09-2020 - 18:19 30-09-2020 - 18:15
CVE-2020-26154 5.0
url.cpp in libproxy through 0.4.15 is prone to a buffer overflow when PAC is enabled, as demonstrated by a large PAC file that is delivered without a Content-length header.
30-09-2020 - 18:19 30-09-2020 - 18:15
CVE-2020-8927 6.4
A buffer overflow exists in the Brotli library versions prior to 1.0.8 where an attacker controlling the input length of a "one-shot" decompression request to a script can trigger a crash, which happens when copying over chunks of data larger than 2
30-09-2020 - 18:15 15-09-2020 - 10:15
CVE-2020-5238 4.0
The table extension in GitHub Flavored Markdown before version 0.29.0.gfm.1 takes O(n * n) time to parse certain inputs. An attacker could craft a markdown table which would take an unreasonably long time to process, causing a denial of service. This
30-09-2020 - 18:15 01-07-2020 - 23:15
CVE-2020-15965 6.8
Type confusion in V8 in Google Chrome prior to 85.0.4183.121 allowed a remote attacker to potentially perform out of bounds memory access via a crafted HTML page.
30-09-2020 - 18:15 21-09-2020 - 20:15
CVE-2019-17638 7.5
In Eclipse Jetty, versions 9.4.27.v20200227 to 9.4.29.v20200521, in case of too large response headers, Jetty throws an exception to produce an HTTP 431 error. When this happens, the ByteBuffer containing the HTTP response headers is released back to
30-09-2020 - 18:15 09-07-2020 - 18:15
CVE-2020-15961 6.8
Insufficient policy validation in extensions in Google Chrome prior to 85.0.4183.121 allowed an attacker who convinced a user to install a malicious extension to potentially perform a sandbox escape via a crafted Chrome Extension.
30-09-2020 - 18:15 21-09-2020 - 20:15
CVE-2020-15962 6.8
Insufficient policy validation in serial in Google Chrome prior to 85.0.4183.121 allowed a remote attacker to potentially perform out of bounds memory access via a crafted HTML page.
30-09-2020 - 18:15 21-09-2020 - 20:15
CVE-2020-15963 6.8
Insufficient policy enforcement in extensions in Google Chrome prior to 85.0.4183.121 allowed an attacker who convinced a user to install a malicious extension to potentially perform a sandbox escape via a crafted Chrome Extension.
30-09-2020 - 18:15 21-09-2020 - 20:15
CVE-2020-15216 5.0
In goxmldsig (XML Digital Signatures implemented in pure Go) before version 1.1.0, with a carefully crafted XML file, an attacker can completely bypass signature validation and pass off an altered file as a signed one. A patch is available, all users
30-09-2020 - 18:15 29-09-2020 - 16:15
CVE-2020-13962 5.0
Qt 5.12.2 through 5.14.2, as used in unofficial builds of Mumble 1.3.0 and other products, mishandles OpenSSL's error queue, which can cause a denial of service to QSslSocket users. Because errors leak in unrelated TLS sessions, an unrelated session
30-09-2020 - 18:15 09-06-2020 - 00:15
CVE-2020-14364 4.4
An out-of-bounds read/write access flaw was found in the USB emulator of the QEMU in versions before 5.2.0. This issue occurs while processing USB packets from a guest when USBDevice 'setup_len' exceeds its 'data_buf[4096]' in the do_token_in, do_tok
30-09-2020 - 18:15 31-08-2020 - 18:15
CVE-2020-15960 6.8
Heap buffer overflow in storage in Google Chrome prior to 85.0.4183.121 allowed a remote attacker to potentially perform out of bounds memory access via a crafted HTML page.
30-09-2020 - 18:15 21-09-2020 - 20:15
CVE-2020-14342 4.4
It was found that cifs-utils' mount.cifs was invoking a shell when requesting the Samba password, which could be used to inject arbitrary commands. An attacker able to invoke mount.cifs with special permission, such as via sudo rules, could use this
30-09-2020 - 18:15 09-09-2020 - 12:15
CVE-2020-15964 6.8
Insufficient data validation in media in Google Chrome prior to 85.0.4183.121 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
30-09-2020 - 18:15 21-09-2020 - 20:15
CVE-2020-17507 5.0
An issue was discovered in Qt through 5.12.9, and 5.13.x through 5.15.x before 5.15.1. read_xbm_body in gui/image/qxbmhandler.cpp has a buffer over-read.
30-09-2020 - 18:15 12-08-2020 - 18:15
CVE-2020-15966 4.3
Insufficient policy enforcement in extensions in Google Chrome prior to 85.0.4183.121 allowed an attacker who convinced a user to install a malicious extension to obtain potentially sensitive information via a crafted Chrome Extension.
30-09-2020 - 18:15 21-09-2020 - 20:15
CVE-2020-14363 4.6
An integer overflow vulnerability leading to a double-free was found in libX11. This flaw allows a local privileged attacker to cause an application compiled with libX11 to crash, or in some cases, result in arbitrary code execution. The highest thre
30-09-2020 - 18:15 11-09-2020 - 18:15
CVE-2020-12402 1.2
During RSA key generation, bignum implementations used a variation of the Binary Extended Euclidean Algorithm which entailed significantly input-dependent flow. This allowed an attacker able to perform electromagnetic-based side channel attacks to re
30-09-2020 - 18:15 09-07-2020 - 15:15
CVE-2020-15216 5.0
In goxmldsig (XML Digital Signatures implemented in pure Go) before version 1.1.0, with a carefully crafted XML file, an attacker can completely bypass signature validation and pass off an altered file as a signed one. A patch is available, all users
30-09-2020 - 18:15 29-09-2020 - 16:15
CVE-2020-10663 5.0
The JSON gem through 2.2.0 for Ruby, as used in Ruby 2.4 through 2.4.9, 2.5 through 2.5.7, and 2.6 through 2.6.5, has an Unsafe Object Creation Vulnerability. This is quite similar to CVE-2013-0269, but does not rely on poor garbage-collection behavi
30-09-2020 - 18:15 28-04-2020 - 21:15
CVE-2020-6565 4.3
Inappropriate implementation in Omnibox in Google Chrome on iOS prior to 85.0.4183.83 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page.
30-09-2020 - 15:58 21-09-2020 - 20:15
CVE-2019-10143 6.9
** DISPUTED ** It was discovered freeradius up to and including version 3.0.19 does not correctly configure logrotate, allowing a local attacker who already has control of the radiusd user to escalate his privileges to root, by tricking logrotate int
30-09-2020 - 14:22 24-05-2019 - 17:29
CVE-2019-10155 3.5
The Libreswan Project has found a vulnerability in the processing of IKEv1 informational exchange packets which are encrypted and integrity protected using the established IKE SA encryption and integrity keys, but as a receiver, the integrity check v
30-09-2020 - 14:20 12-06-2019 - 14:29
CVE-2019-10155 3.5
The Libreswan Project has found a vulnerability in the processing of IKEv1 informational exchange packets which are encrypted and integrity protected using the established IKE SA encryption and integrity keys, but as a receiver, the integrity check v
30-09-2020 - 14:20 12-06-2019 - 14:29
CVE-2019-1010319 4.3
WavPack 5.1.0 and earlier is affected by: CWE-457: Use of Uninitialized Variable. The impact is: Unexpected control flow, crashes, and segfaults. The component is: ParseWave64HeaderConfig (wave64.c:211). The attack vector is: Maliciously crafted .wav
30-09-2020 - 14:06 11-07-2019 - 20:15
CVE-2019-1010317 4.3
WavPack 5.1.0 and earlier is affected by: CWE-457: Use of Uninitialized Variable. The impact is: Unexpected control flow, crashes, and segfaults. The component is: ParseCaffHeaderConfig (caff.c:486). The attack vector is: Maliciously crafted .wav fil
30-09-2020 - 13:59 11-07-2019 - 20:15
CVE-2020-6569 6.8
Integer overflow in WebUSB in Google Chrome prior to 85.0.4183.83 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page.
29-09-2020 - 20:42 21-09-2020 - 20:15
CVE-2020-25604 1.9
An issue was discovered in Xen through 4.14.x. There is a race condition when migrating timers between x86 HVM vCPUs. When migrating timers of x86 HVM guests between its vCPUs, the locking model used allows for a second vCPU of the same guest (also o
29-09-2020 - 19:00 23-09-2020 - 22:15
CVE-2020-14370 4.0
An information disclosure vulnerability was found in containers/podman in versions before 2.0.5. When using the deprecated Varlink API or the Docker-compatible REST API, if multiple containers are created in a short duration, the environment variable
29-09-2020 - 18:33 23-09-2020 - 13:15
CVE-2020-14370 4.0
An information disclosure vulnerability was found in containers/podman in versions before 2.0.5. When using the deprecated Varlink API or the Docker-compatible REST API, if multiple containers are created in a short duration, the environment variable
29-09-2020 - 18:33 23-09-2020 - 13:15
CVE-2020-8251 5.0
Node.js < 14.11.0 is vulnerable to HTTP denial of service (DoS) attacks based on delayed requests submission which can make the server unable to accept new connections.
29-09-2020 - 18:31 18-09-2020 - 21:15
CVE-2020-8201 6.4
Node.js < 12.18.4 and < 14.11 can be exploited to perform HTTP desync attacks and deliver malicious payloads to unsuspecting users. The payloads can be crafted by an attacker to hijack user sessions, poison cookies, perform clickjacking, and a multit
29-09-2020 - 18:28 18-09-2020 - 21:15
CVE-2018-8786 7.5
FreeRDP prior to version 2.0.0-rc4 contains an Integer Truncation that leads to a Heap-Based Buffer Overflow in function update_read_bitmap_update() and results in a memory corruption and probably even a remote code execution.
29-09-2020 - 02:09 29-11-2018 - 18:29
CVE-2018-8786 7.5
FreeRDP prior to version 2.0.0-rc4 contains an Integer Truncation that leads to a Heap-Based Buffer Overflow in function update_read_bitmap_update() and results in a memory corruption and probably even a remote code execution.
29-09-2020 - 02:09 29-11-2018 - 18:29
CVE-2019-0001 7.1
Receipt of a malformed packet on MX Series devices with dynamic vlan configuration can trigger an uncontrolled recursion loop in the Broadband Edge subscriber management daemon (bbe-smgd), and lead to high CPU usage and a crash of the bbe-smgd servic
29-09-2020 - 01:53 15-01-2019 - 21:29
CVE-2020-6574 4.6
Insufficient policy enforcement in installer in Google Chrome on OS X prior to 85.0.4183.102 allowed a local attacker to potentially achieve privilege escalation via a crafted binary.
28-09-2020 - 18:03 21-09-2020 - 20:15
CVE-2020-6575 5.1
Race in Mojo in Google Chrome prior to 85.0.4183.102 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page.
28-09-2020 - 17:50 21-09-2020 - 20:15
CVE-2020-6576 6.8
Use after free in offscreen canvas in Google Chrome prior to 85.0.4183.102 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
28-09-2020 - 17:43 21-09-2020 - 20:15
CVE-2020-6568 4.3
Insufficient policy enforcement in intent handling in Google Chrome on Android prior to 85.0.4183.83 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page.
28-09-2020 - 17:42 21-09-2020 - 20:15
CVE-2020-6567 4.3
Insufficient validation of untrusted input in command line handling in Google Chrome on Windows prior to 85.0.4183.83 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page.
28-09-2020 - 17:31 21-09-2020 - 20:15
CVE-2020-6566 4.3
Insufficient policy enforcement in media in Google Chrome prior to 85.0.4183.83 allowed a remote attacker to leak cross-origin data via a crafted HTML page.
28-09-2020 - 17:20 21-09-2020 - 20:15
CVE-2020-6564 4.3
Inappropriate implementation in permissions in Google Chrome prior to 85.0.4183.83 allowed a remote attacker to spoof the contents of a permission dialog via a crafted HTML page.
28-09-2020 - 17:17 21-09-2020 - 20:15
CVE-2020-6563 4.3
Insufficient policy enforcement in intent handling in Google Chrome on Android prior to 85.0.4183.83 allowed a remote attacker to obtain potentially sensitive information from disk via a crafted HTML page.
28-09-2020 - 17:02 21-09-2020 - 20:15
CVE-2020-6561 4.3
Inappropriate implementation in Content Security Policy in Google Chrome prior to 85.0.4183.83 allowed a remote attacker to leak cross-origin data via a crafted HTML page.
28-09-2020 - 17:00 21-09-2020 - 20:15
CVE-2020-6560 4.3
Insufficient policy enforcement in autofill in Google Chrome prior to 85.0.4183.83 allowed a remote attacker to leak cross-origin data via a crafted HTML page.
28-09-2020 - 16:49 21-09-2020 - 20:15
CVE-2019-20919 1.9
An issue was discovered in the DBI module before 1.643 for Perl. The hv_fetch() documentation requires checking for NULL and the code does that. But, shortly thereafter, it calls SvOK(profile), causing a NULL pointer dereference.
28-09-2020 - 16:15 17-09-2020 - 18:15
CVE-2020-16166 4.3
The Linux kernel through 5.7.11 allows remote attackers to make observations that help to obtain sensitive information about the internal state of the network RNG, aka CID-f227e3ec3b5c. This is related to drivers/char/random.c and kernel/time/timer.c
28-09-2020 - 16:15 30-07-2020 - 21:15
CVE-2020-14393 3.6
A buffer overflow was found in perl-DBI < 1.643 in DBI.xs. A local attacker who is able to supply a string longer than 300 characters could cause an out-of-bounds write, affecting the availability of the service or integrity of data.
28-09-2020 - 16:15 16-09-2020 - 14:15
CVE-2020-12888 4.7
The VFIO PCI driver in the Linux kernel through 5.6.13 mishandles attempts to access disabled memory space.
28-09-2020 - 16:15 15-05-2020 - 18:15
CVE-2020-14386 7.2
A flaw was found in the Linux kernel before 5.9-rc4. Memory corruption can be exploited to gain root privileges from unprivileged processes. The highest threat from this vulnerability is to data confidentiality and integrity.
28-09-2020 - 16:15 16-09-2020 - 13:15
CVE-2020-14392 2.1
An untrusted pointer dereference flaw was found in Perl-DBI < 1.643. A local attacker who is able to manipulate calls to dbd_db_login6_sv() could cause memory corruption, affecting the service's availability.
28-09-2020 - 16:15 16-09-2020 - 13:15
CVE-2020-6559 9.3
Use after free in presentation API in Google Chrome prior to 85.0.4183.83 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
28-09-2020 - 15:55 21-09-2020 - 20:15
CVE-2019-14973 4.3
_TIFFCheckMalloc and _TIFFCheckRealloc in tif_aux.c in LibTIFF through 4.0.10 mishandle Integer Overflow checks because they rely on compiler behavior that is undefined by the applicable C standards. This can, for example, lead to an application cras
28-09-2020 - 15:15 14-08-2019 - 06:15
CVE-2020-1472 9.3
An elevation of privilege vulnerability exists when an attacker establishes a vulnerable Netlogon secure channel connection to a domain controller, using the Netlogon Remote Protocol (MS-NRPC), aka 'Netlogon Elevation of Privilege Vulnerability'.
28-09-2020 - 13:48 17-08-2020 - 19:15
CVE-2018-19872 4.3
An issue was discovered in Qt 5.11. A malformed PPM image causes a division by zero and a crash in qppmhandler.cpp.
28-09-2020 - 09:15 21-03-2019 - 16:00
CVE-2018-19872 4.3
An issue was discovered in Qt 5.11. A malformed PPM image causes a division by zero and a crash in qppmhandler.cpp.
28-09-2020 - 09:15 21-03-2019 - 16:00
CVE-2020-13696 3.6
An issue was discovered in LinuxTV xawtv before 3.107. The function dev_open() in v4l-conf.c does not perform sufficient checks to prevent an unprivileged caller of the program from opening unintended filesystem paths. This allows a local attacker wi
28-09-2020 - 03:15 08-06-2020 - 17:15
CVE-2020-6070 6.8
An exploitable code execution vulnerability exists in the file system checking functionality of fsck.f2fs 1.12.0. A specially crafted f2fs file can cause a logic flaw and out-of-bounds heap operations, resulting in code execution. An attacker can pro
28-09-2020 - 02:15 10-08-2020 - 14:15
CVE-2020-25827 5.0
An issue was discovered in the OATHAuth extension in MediaWiki before 1.31.10 and 1.32.x through 1.34.x before 1.34.4. For Wikis using OATHAuth on a farm/cluster (such as via CentralAuth), rate limiting of OATH tokens is only done on a single site le
27-09-2020 - 22:01 27-09-2020 - 21:15
CVE-2020-25815 5.0
An issue was discovered in MediaWiki 1.32.x through 1.34.x before 1.34.4. LogEventList::getFiltersDesc is insecurely using message text to build options names for an HTML multi-select field. The relevant code should use escaped() instead of text().
27-09-2020 - 22:01 27-09-2020 - 21:15
CVE-2020-25814 5.0
In MediaWiki before 1.31.10 and 1.32.x through 1.34.x before 1.34.4, XSS related to jQuery can occur. The attacker creates a message with [javascript:payload xss] and turns it into a jQuery object with mw.message().parse(). The expected result is tha
27-09-2020 - 22:01 27-09-2020 - 21:15
CVE-2020-25812 5.0
An issue was discovered in MediaWiki 1.34.x before 1.34.4. On Special:Contributions, the NS filter uses unescaped messages as keys in the option key for an HTMLForm specifier. This is vulnerable to a mild XSS if one of those messages is changed to in
27-09-2020 - 22:01 27-09-2020 - 21:15
CVE-2020-25828 5.0
An issue was discovered in MediaWiki before 1.31.10 and 1.32.x through 1.34.x before 1.34.4. The non-jqueryMsg version of mw.message().parse() doesn't escape HTML. This affects both message contents (which are generally safe) and the parameters (whic
27-09-2020 - 22:01 27-09-2020 - 21:15
CVE-2020-25869 5.0
An information leak was discovered in MediaWiki before 1.31.10 and 1.32.x through 1.34.x before 1.34.4. Handling of actor ID does not necessarily use the correct database or correct wiki.
27-09-2020 - 22:01 27-09-2020 - 21:15
CVE-2020-26120 5.0
XSS exists in the MobileFrontend extension for MediaWiki before 1.34.4 because section.line is mishandled during regex section line replacement from PageGateway. Using crafted HTML, an attacker can elicit an XSS attack via jQuery's parseHTML method,
27-09-2020 - 22:01 27-09-2020 - 21:15
CVE-2020-26116 5.0
http.client in Python 3.x before 3.5.10, 3.6.x before 3.6.12, 3.7.x before 3.7.9, and 3.8.x before 3.8.5 allows CRLF injection if the attacker controls the HTTP request method, as demonstrated by inserting CR and LF control characters in the first ar
27-09-2020 - 22:01 27-09-2020 - 04:15
CVE-2020-26121 5.0
An issue was discovered in the FileImporter extension for MediaWiki before 1.34.4. An attacker can import a file even when the target page is protected against "page creation" and the attacker should not be able to create it. This occurs because of a
27-09-2020 - 22:01 27-09-2020 - 21:15
CVE-2020-25813 5.0
In MediaWiki before 1.31.10 and 1.32.x through 1.34.x before 1.34.4, Special:UserRights exposes the existence of hidden users.
27-09-2020 - 22:01 27-09-2020 - 21:15
CVE-2020-25812 5.0
An issue was discovered in MediaWiki 1.34.x before 1.34.4. On Special:Contributions, the NS filter uses unescaped messages as keys in the option key for an HTMLForm specifier. This is vulnerable to a mild XSS if one of those messages is changed to in
27-09-2020 - 22:01 27-09-2020 - 21:15
CVE-2020-26116 5.0
http.client in Python 3.x before 3.5.10, 3.6.x before 3.6.12, 3.7.x before 3.7.9, and 3.8.x before 3.8.5 allows CRLF injection if the attacker controls the HTTP request method, as demonstrated by inserting CR and LF control characters in the first ar
27-09-2020 - 22:01 27-09-2020 - 04:15
CVE-2020-26121 5.0
An issue was discovered in the FileImporter extension for MediaWiki before 1.34.4. An attacker can import a file even when the target page is protected against "page creation" and the attacker should not be able to create it. This occurs because of a
27-09-2020 - 22:01 27-09-2020 - 21:15
CVE-2020-25827 5.0
An issue was discovered in the OATHAuth extension in MediaWiki before 1.31.10 and 1.32.x through 1.34.x before 1.34.4. For Wikis using OATHAuth on a farm/cluster (such as via CentralAuth), rate limiting of OATH tokens is only done on a single site le
27-09-2020 - 22:01 27-09-2020 - 21:15
CVE-2020-26120 5.0
XSS exists in the MobileFrontend extension for MediaWiki before 1.34.4 because section.line is mishandled during regex section line replacement from PageGateway. Using crafted HTML, an attacker can elicit an XSS attack via jQuery's parseHTML method,
27-09-2020 - 22:01 27-09-2020 - 21:15
CVE-2020-25813 5.0
In MediaWiki before 1.31.10 and 1.32.x through 1.34.x before 1.34.4, Special:UserRights exposes the existence of hidden users.
27-09-2020 - 22:01 27-09-2020 - 21:15
CVE-2020-25869 5.0
An information leak was discovered in MediaWiki before 1.31.10 and 1.32.x through 1.34.x before 1.34.4. Handling of actor ID does not necessarily use the correct database or correct wiki.
27-09-2020 - 22:01 27-09-2020 - 21:15
CVE-2020-25814 5.0
In MediaWiki before 1.31.10 and 1.32.x through 1.34.x before 1.34.4, XSS related to jQuery can occur. The attacker creates a message with [javascript:payload xss] and turns it into a jQuery object with mw.message().parse(). The expected result is tha
27-09-2020 - 22:01 27-09-2020 - 21:15
CVE-2020-25828 5.0
An issue was discovered in MediaWiki before 1.31.10 and 1.32.x through 1.34.x before 1.34.4. The non-jqueryMsg version of mw.message().parse() doesn't escape HTML. This affects both message contents (which are generally safe) and the parameters (whic
27-09-2020 - 22:01 27-09-2020 - 21:15
CVE-2020-25815 5.0
An issue was discovered in MediaWiki 1.32.x through 1.34.x before 1.34.4. LogEventList::getFiltersDesc is insecurely using message text to build options names for an HTML multi-select field. The relevant code should use escaped() instead of text().
27-09-2020 - 22:01 27-09-2020 - 21:15
CVE-2020-25601 5.0
An issue was discovered in Xen through 4.14.x. There is a lack of preemption in evtchn_reset() / evtchn_destroy(). In particular, the FIFO event channel model allows guests to have a large number of event channels active at a time. Closing all of the
27-09-2020 - 02:15 23-09-2020 - 22:15
CVE-2020-25599 5.0
An issue was discovered in Xen through 4.14.x. There are evtchn_reset() race conditions. Uses of EVTCHNOP_reset (potentially by a guest on itself) or XEN_DOMCTL_soft_reset (by itself covered by XSA-77) can lead to the violation of various internal as
27-09-2020 - 02:15 23-09-2020 - 22:15
CVE-2020-25597 5.0
An issue was discovered in Xen through 4.14.x. There is mishandling of the constraint that once-valid event channels may not turn invalid. Logic in the handling of event channel operations in Xen assumes that an event channel, once valid, will not be
27-09-2020 - 02:15 23-09-2020 - 22:15
CVE-2020-25595 5.0
An issue was discovered in Xen through 4.14.x. The PCI passthrough code improperly uses register data. Code paths in Xen's MSI handling have been identified that act on unsanitized values read back from device hardware registers. While devices strict
27-09-2020 - 02:15 23-09-2020 - 21:15
CVE-2020-25600 5.0
An issue was discovered in Xen through 4.14.x. Out of bounds event channels are available to 32-bit x86 domains. The so called 2-level event channel model imposes different limits on the number of usable event channels for 32-bit x86 domains vs 64-bi
27-09-2020 - 02:15 23-09-2020 - 22:15
CVE-2020-25598 5.0
An issue was discovered in Xen 4.14.x. There is a missing unlock in the XENMEM_acquire_resource error path. The RCU (Read, Copy, Update) mechanism is a synchronisation primitive. A buggy error path in the XENMEM_acquire_resource exits without releasi
27-09-2020 - 02:15 23-09-2020 - 22:15
CVE-2020-25596 5.0
An issue was discovered in Xen through 4.14.x. x86 PV guest kernels can experience denial of service via SYSENTER. The SYSENTER instruction leaves various state sanitization activities to software. One of Xen's sanitization paths injects a #GP fault,
27-09-2020 - 02:15 23-09-2020 - 22:15
CVE-2020-25603 5.0
An issue was discovered in Xen through 4.14.x. There are missing memory barriers when accessing/allocating an event channel. Event channels control structures can be accessed lockless as long as the port is considered to be valid. Such a sequence is
27-09-2020 - 02:15 23-09-2020 - 22:15
CVE-2020-25602 5.0
An issue was discovered in Xen through 4.14.x. An x86 PV guest can trigger a host OS crash when handling guest access to MSR_MISC_ENABLE. When a guest accesses certain Model Specific Registers, Xen first reads the value from hardware to use as the ba
27-09-2020 - 02:15 23-09-2020 - 22:15
CVE-2019-14459 5.0
nfdump 1.6.17 and earlier is affected by an integer overflow in the function Process_ipfix_template_withdraw in ipfix.c that can be abused in order to crash the process remotely (denial of service).
26-09-2020 - 18:15 31-07-2019 - 21:15
CVE-2019-1010057 6.8
nfdump 1.6.16 and earlier is affected by: Buffer Overflow. The impact is: The impact could range from a denial of service to local code execution. The component is: nfx.c:546, nffile_inline.c:83, minilzo.c (redistributed). The attack vector is: nfdum
26-09-2020 - 18:15 16-07-2019 - 13:15
CVE-2020-24370 5.0
ldebug.c in Lua 5.4.0 allows a negation overflow and segmentation fault in getlocal and setlocal, as demonstrated by getlocal(3,2^31).
26-09-2020 - 16:15 17-08-2020 - 17:15
CVE-2020-15005 2.6
In MediaWiki before 1.31.8, 1.32.x and 1.33.x before 1.33.4, and 1.34.x before 1.34.2, private wikis behind a caching server using the img_auth.php image authorization security feature may have had their files cached publicly, so any unauthorized use
26-09-2020 - 14:15 24-06-2020 - 23:15
CVE-2020-24890 2.6
libraw 20.0 has a null pointer dereference vulnerability in parse_tiff_ifd in src/metadata/tiff.cpp, which may result in context-dependent arbitrary code execution.
26-09-2020 - 02:15 16-09-2020 - 15:15
CVE-2019-18808 2.1
A memory leak in the ccp_run_sha_cmd() function in drivers/crypto/ccp/ccp-ops.c in the Linux kernel through 5.3.9 allows attackers to cause a denial of service (memory consumption), aka CID-128c66429247.
25-09-2020 - 23:15 07-11-2019 - 16:15
CVE-2019-19054 4.7
A memory leak in the cx23888_ir_probe() function in drivers/media/pci/cx23885/cx23888-ir.c in the Linux kernel through 5.3.11 allows attackers to cause a denial of service (memory consumption) by triggering kfifo_alloc() failures, aka CID-a7b2df76b42
25-09-2020 - 23:15 18-11-2019 - 06:15
CVE-2020-24977 6.4
GNOME project libxml2 v2.9.10 and earlier have a global buffer over-read vulnerability in xmlEncodeEntitiesInternal at libxml2/entities.c. The issue has been fixed in commit 8e7c20a1 (20910-GITv2.9.10-103-g8e7c20a1).
25-09-2020 - 21:15 04-09-2020 - 00:15
CVE-2019-20444 6.4
HttpObjectDecoder.java in Netty before 4.1.44 allows an HTTP header that lacks a colon, which might be interpreted as a separate header with an incorrect syntax, or might be interpreted as an "invalid fold."
25-09-2020 - 20:15 29-01-2020 - 21:15
CVE-2020-7238 5.0
Netty 4.1.43.Final allows HTTP Request Smuggling because it mishandles Transfer-Encoding whitespace (such as a [space]Transfer-Encoding:chunked line) and a later Content-Length header. This issue exists because of an incomplete fix for CVE-2019-16869
25-09-2020 - 20:15 27-01-2020 - 17:15
CVE-2019-20445 6.4
HttpObjectDecoder.java in Netty before 4.1.44 allows a Content-Length header to be accompanied by a second Content-Length header, or by a Transfer-Encoding header.
25-09-2020 - 20:15 29-01-2020 - 21:15
CVE-2020-25219 5.0
url::recvline in url.cpp in libproxy 0.4.x through 0.4.15 allows a remote HTTP server to trigger uncontrolled recursion via a response composed of an infinite stream that lacks a newline character. This leads to stack exhaustion.
25-09-2020 - 20:15 09-09-2020 - 21:15
CVE-2020-24584 5.0
An issue was discovered in Django 2.2 before 2.2.16, 3.0 before 3.0.10, and 3.1 before 3.1.1 (when Python 3.7+ is used). The intermediate-level directories of the filesystem cache had the system's standard umask rather than 0o077.
25-09-2020 - 20:15 01-09-2020 - 13:15
CVE-2020-24659 5.0
An issue was discovered in GnuTLS before 3.6.15. A server can trigger a NULL pointer dereference in a TLS 1.3 client if a no_renegotiation alert is sent with unexpected timing, and then an invalid second handshake occurs. The crash happens in the app
25-09-2020 - 20:15 04-09-2020 - 15:15
CVE-2020-15166 5.0
In ZeroMQ before version 4.3.3, there is a denial-of-service vulnerability. Users with TCP transport public endpoints, even with CURVE/ZAP enabled, are impacted. If a raw TCP socket is opened and connected to an endpoint that is fully configured with
25-09-2020 - 20:15 11-09-2020 - 16:15
CVE-2020-24553 4.3
Go before 1.14.8 and 1.15.x before 1.15.1 allows XSS because text/html is the default for CGI/FCGI handlers that lack a Content-Type header.
25-09-2020 - 20:15 02-09-2020 - 17:15
CVE-2020-24583 5.0
An issue was discovered in Django 2.2 before 2.2.16, 3.0 before 3.0.10, and 3.1 before 3.1.1 (when Python 3.7+ is used). FILE_UPLOAD_DIRECTORY_PERMISSIONS mode was not applied to intermediate-level directories created in the process of uploading file
25-09-2020 - 20:15 01-09-2020 - 13:15
CVE-2020-16150 2.1
A Lucky 13 timing side channel in mbedtls_ssl_decrypt_buf in library/ssl_msg.c in Trusted Firmware Mbed TLS through 2.23.0 allows an attacker to recover secret key information. This affects CBC mode because of a computed time difference based on a pa
25-09-2020 - 20:15 02-09-2020 - 16:15
CVE-2020-14196 4.3
In PowerDNS Recursor versions up to and including 4.3.1, 4.2.2 and 4.1.16, the ACL restricting access to the internal web server is not properly enforced.
25-09-2020 - 20:15 01-07-2020 - 18:15
CVE-2020-14382 6.8
A vulnerability was found in upstream release cryptsetup-2.2.0 where, there's a bug in LUKS2 format validation code, that is effectively invoked on every device/image presenting itself as LUKS2 container. The bug is in segments validation code in fil
25-09-2020 - 20:15 16-09-2020 - 15:15
CVE-2020-16135 4.3
libssh 0.9.4 has a NULL pointer dereference in tftpserver.c if ssh_buffer_new returns NULL.
25-09-2020 - 20:15 29-07-2020 - 21:15
CVE-2020-1597 5.0
A denial of service vulnerability exists when ASP.NET Core improperly handles web requests, aka 'ASP.NET Core Denial of Service Vulnerability'.
25-09-2020 - 20:15 17-08-2020 - 19:15
CVE-2020-11612 7.5
The ZlibDecoders in Netty 4.1.x before 4.1.46 allow for unbounded memory allocation while decoding a ZlibEncoded byte stream. An attacker could send a large ZlibEncoded byte stream to the Netty server, forcing the server to allocate all of its free m
25-09-2020 - 20:15 07-04-2020 - 18:15
CVE-2020-11076 5.0
In Puma (RubyGem) before 4.3.4 and 3.12.5, an attacker could smuggle an HTTP response, by using an invalid transfer-encoding header. The problem has been fixed in Puma 3.12.5 and Puma 4.3.4.
25-09-2020 - 20:15 22-05-2020 - 15:15
CVE-2020-11022 4.3
In jQuery versions greater than or equal to 1.2 and before 3.5.0, passing HTML from untrusted sources - even after sanitizing it - to one of jQuery's DOM manipulation methods (i.e. .html(), .append(), and others) may execute untrusted code. This prob
25-09-2020 - 20:15 29-04-2020 - 22:15
CVE-2020-11077 5.0
In Puma (RubyGem) before 4.3.5 and 3.12.6, a client could smuggle a request through a proxy, causing the proxy to send a response back to another unknown client. If the proxy uses persistent connections and the client adds another request in via HTTP
25-09-2020 - 20:15 22-05-2020 - 15:15
CVE-2020-6548 9.3
Heap buffer overflow in Skia in Google Chrome prior to 84.0.4147.125 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page.
25-09-2020 - 19:15 21-09-2020 - 20:15
CVE-2020-6538 4.3
Inappropriate implementation in WebView in Google Chrome on Android prior to 84.0.4147.105 allowed a remote attacker to leak cross-origin data via a crafted HTML page.
25-09-2020 - 19:15 21-09-2020 - 20:15
CVE-2020-6541 6.8
Use after free in WebUSB in Google Chrome prior to 84.0.4147.105 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
25-09-2020 - 19:15 21-09-2020 - 20:15
CVE-2020-6556 9.3
Heap buffer overflow in SwiftShader in Google Chrome prior to 84.0.4147.135 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
25-09-2020 - 19:15 21-09-2020 - 20:15
CVE-2020-6539 6.8
Use after free in CSS in Google Chrome prior to 84.0.4147.105 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
25-09-2020 - 19:15 21-09-2020 - 20:15
CVE-2020-6540 6.8
Buffer overflow in Skia in Google Chrome prior to 84.0.4147.105 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
25-09-2020 - 19:15 21-09-2020 - 20:15
CVE-2020-6545 6.8
Use after free in audio in Google Chrome prior to 84.0.4147.125 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
25-09-2020 - 19:15 21-09-2020 - 20:15
CVE-2020-6549 9.3
Use after free in media in Google Chrome prior to 84.0.4147.125 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
25-09-2020 - 19:15 21-09-2020 - 20:15
CVE-2020-6547 4.3
Incorrect security UI in media in Google Chrome prior to 84.0.4147.125 allowed a remote attacker to potentially obtain sensitive information via a crafted HTML page.
25-09-2020 - 19:15 21-09-2020 - 20:15
CVE-2020-6562 4.3
Insufficient policy enforcement in Blink in Google Chrome prior to 85.0.4183.83 allowed a remote attacker to leak cross-origin data via a crafted HTML page.
25-09-2020 - 19:15 21-09-2020 - 20:15
CVE-2020-6532 6.8
Use after free in SCTP in Google Chrome prior to 84.0.4147.105 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
25-09-2020 - 19:15 21-09-2020 - 20:15
CVE-2020-8151 5.0
There is a possible information disclosure issue in Active Resource <v5.1.1 that could allow an attacker to create specially crafted requests to access data in an unexpected way and possibly leak information.
25-09-2020 - 19:15 12-05-2020 - 13:15
CVE-2020-6551 9.3
Use after free in WebXR in Google Chrome prior to 84.0.4147.125 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
25-09-2020 - 19:15 21-09-2020 - 20:15
CVE-2020-6553 9.3
Use after free in offline mode in Google Chrome on iOS prior to 84.0.4147.125 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
25-09-2020 - 19:15 21-09-2020 - 20:15
CVE-2020-6552 9.3
Use after free in Blink in Google Chrome prior to 84.0.4147.125 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
25-09-2020 - 19:15 21-09-2020 - 20:15
CVE-2020-6571 4.3
Insufficient data validation in Omnibox in Google Chrome prior to 85.0.4183.83 allowed a remote attacker to perform domain spoofing via IDN homographs via a crafted domain name.
25-09-2020 - 19:15 21-09-2020 - 20:15
CVE-2020-6542 6.8
Use after free in ANGLE in Google Chrome prior to 84.0.4147.125 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
25-09-2020 - 19:15 21-09-2020 - 20:15
CVE-2020-6544 6.8
Use after free in media in Google Chrome prior to 84.0.4147.125 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
25-09-2020 - 19:15 21-09-2020 - 20:15
CVE-2020-6550 9.3
Use after free in IndexedDB in Google Chrome prior to 84.0.4147.125 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
25-09-2020 - 19:15 21-09-2020 - 20:15
CVE-2020-6537 6.8
Type confusion in V8 in Google Chrome prior to 84.0.4147.105 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page.
25-09-2020 - 19:15 21-09-2020 - 20:15
CVE-2020-6543 6.8
Use after free in task scheduling in Google Chrome prior to 84.0.4147.125 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
25-09-2020 - 19:15 21-09-2020 - 20:15
CVE-2020-6554 6.8
Use after free in extensions in Google Chrome prior to 84.0.4147.125 allowed a remote attacker to potentially perform a sandbox escape via a crafted Chrome Extension.
25-09-2020 - 19:15 21-09-2020 - 20:15
CVE-2020-6555 4.3
Out of bounds read in WebGL in Google Chrome prior to 84.0.4147.125 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page.
25-09-2020 - 19:15 21-09-2020 - 20:15
CVE-2020-2875 4.0
Vulnerability in the MySQL Connectors product of Oracle MySQL (component: Connector/J). Supported versions that are affected are 8.0.14 and prior and 5.1.48 and prior. Difficult to exploit vulnerability allows unauthenticated attacker with network ac
25-09-2020 - 19:15 15-04-2020 - 14:15
CVE-2020-6570 4.3
Information leakage in WebRTC in Google Chrome prior to 85.0.4183.83 allowed a remote attacker to obtain potentially sensitive information via a crafted WebRTC interaction.
25-09-2020 - 19:15 21-09-2020 - 20:15
CVE-2020-6546 4.6
Inappropriate implementation in installer in Google Chrome prior to 84.0.4147.125 allowed a local attacker to potentially elevate privilege via a crafted filesystem.
25-09-2020 - 19:15 21-09-2020 - 20:15
CVE-2020-24342 6.8
Lua through 5.4.0 allows a stack redzone cross in luaO_pushvfstring because a protection mechanism wrongly calls luaD_callnoyield twice in a row.
25-09-2020 - 19:15 13-08-2020 - 19:15
CVE-2020-2934 5.1
Vulnerability in the MySQL Connectors product of Oracle MySQL (component: Connector/J). Supported versions that are affected are 8.0.19 and prior and 5.1.48 and prior. Difficult to exploit vulnerability allows unauthenticated attacker with network ac
25-09-2020 - 19:15 15-04-2020 - 14:15
CVE-2020-14344 4.6
An integer overflow leading to a heap-buffer overflow was found in The X Input Method (XIM) client was implemented in libX11 before version 1.6.10. As per upstream this is security relevant when setuid programs call XIM client functions while running
25-09-2020 - 19:15 05-08-2020 - 14:15
CVE-2020-2933 3.5
Vulnerability in the MySQL Connectors product of Oracle MySQL (component: Connector/J). Supported versions that are affected are 5.1.48 and prior. Difficult to exploit vulnerability allows high privileged attacker with network access via multiple pro
25-09-2020 - 19:15 15-04-2020 - 14:15
CVE-2020-24654 4.3
In KDE Ark before 20.08.1, a crafted TAR archive with symlinks can install files outside the extraction directory, as demonstrated by a write operation to a user's home directory.
25-09-2020 - 19:15 02-09-2020 - 17:15
CVE-2020-15094 7.5
In Symfony before versions 4.4.13 and 5.1.5, the CachingHttpClient class from the HttpClient Symfony component relies on the HttpCache class to handle requests. HttpCache uses internal headers like X-Body-Eval and X-Body-File to control the restorati
25-09-2020 - 19:15 02-09-2020 - 18:15
CVE-2020-12674 5.0
In Dovecot before 2.3.11.3, sending a specially formatted RPA request will crash the auth service because a length of zero is mishandled.
25-09-2020 - 19:15 12-08-2020 - 16:15
CVE-2020-12673 5.0
In Dovecot before 2.3.11.3, sending a specially formatted NTLM request will crash the auth service because of an out-of-bounds read.
25-09-2020 - 19:15 12-08-2020 - 16:15
CVE-2020-12100 5.0
In Dovecot before 2.3.11.3, uncontrolled recursion in submission, lmtp, and lda allows remote attackers to cause a denial of service (resource consumption) via a crafted e-mail message with deeply nested MIME parts.
25-09-2020 - 19:15 12-08-2020 - 16:15
CVE-2020-10967 5.0
In Dovecot before 2.3.10.1, remote unauthenticated attackers can crash the lmtp or submission process by sending mail with an empty localpart.
25-09-2020 - 19:15 18-05-2020 - 15:15
CVE-2019-19074 7.8
A memory leak in the ath9k_wmi_cmd() function in drivers/net/wireless/ath/ath9k/wmi.c in the Linux kernel through 5.3.11 allows attackers to cause a denial of service (memory consumption), aka CID-728c1e2a05e4.
25-09-2020 - 18:15 18-11-2019 - 06:15
CVE-2019-19073 2.1
Memory leaks in drivers/net/wireless/ath/ath9k/htc_hst.c in the Linux kernel through 5.3.11 allow attackers to cause a denial of service (memory consumption) by triggering wait_for_completion_timeout() failures. This affects the htc_config_pipe_credi
25-09-2020 - 18:15 18-11-2019 - 06:15
CVE-2020-6573 6.8
Use after free in video in Google Chrome on Android prior to 85.0.4183.102 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page.
25-09-2020 - 14:17 21-09-2020 - 20:15
CVE-2020-15959 4.3
Insufficient policy enforcement in networking in Google Chrome prior to 85.0.4183.102 allowed an attacker who convinced the user to enable logging to obtain potentially sensitive information from process memory via social engineering.
25-09-2020 - 13:27 21-09-2020 - 20:15
CVE-2020-15169 4.3
In Action View before versions 5.2.4.4 and 6.0.3.3 there is a potential Cross-Site Scripting (XSS) vulnerability in Action View's translation helpers. Views that allow the user to control the default (not found) value of the `t` and `translate` helpe
25-09-2020 - 12:15 11-09-2020 - 16:15
CVE-2020-7042 5.0
An issue was discovered in openfortivpn 1.11.0 when used with OpenSSL 1.0.2 or later. tunnel.c mishandles certificate validation because the hostname check operates on uninitialized memory. The outcome is that a valid certificate is never accepted (o
24-09-2020 - 23:15 27-02-2020 - 18:15
CVE-2020-7041 5.0
An issue was discovered in openfortivpn 1.11.0 when used with OpenSSL 1.0.2 or later. tunnel.c mishandles certificate validation because an X509_check_host negative error code is interpreted as a successful return value.
24-09-2020 - 23:15 27-02-2020 - 18:15
CVE-2020-7043 6.4
An issue was discovered in openfortivpn 1.11.0 when used with OpenSSL before 1.0.2. tunnel.c mishandles certificate validation because hostname comparisons do not consider '\0' characters, as demonstrated by a good.example.com\x00evil.example.com att
24-09-2020 - 23:15 27-02-2020 - 18:15
CVE-2020-16145 4.3
Roundcube Webmail before 1.3.15 and 1.4.8 allows stored XSS in HTML messages during message display via a crafted SVG document. This issue has been fixed in 1.4.8 and 1.3.15.
24-09-2020 - 18:15 12-08-2020 - 13:15
CVE-2019-10740 4.3
In Roundcube Webmail before 1.3.10, an attacker in possession of S/MIME or PGP encrypted emails can wrap them as sub-parts within a crafted multipart email. The encrypted part(s) can further be hidden using HTML/CSS or ASCII newline characters. This
24-09-2020 - 18:15 07-04-2019 - 15:29
CVE-2019-12211 5.0
When FreeImage 3.18.0 reads a tiff file, it will be handed to the Load function of the PluginTIFF.cpp file, but a memcpy occurs in which the destination address and the size of the copied data are not considered, resulting in a heap overflow.
24-09-2020 - 17:15 20-05-2019 - 16:29
CVE-2020-1760 4.3
A flaw was found in the Ceph Object Gateway, where it supports request sent by an anonymous user in Amazon S3. This flaw could lead to potential XSS attacks due to the lack of proper neutralization of untrusted input.
24-09-2020 - 17:15 23-04-2020 - 15:15
CVE-2019-12213 4.3
When FreeImage 3.18.0 reads a special TIFF file, the TIFFReadDirectory function in PluginTIFF.cpp always returns 1, leading to stack exhaustion.
24-09-2020 - 17:15 20-05-2019 - 16:29
CVE-2020-10753 4.3
A flaw was found in the Red Hat Ceph Storage RadosGW (Ceph Object Gateway). The vulnerability is related to the injection of HTTP headers via a CORS ExposeHeader tag. The newline character in the ExposeHeader tag in the CORS configuration file genera
24-09-2020 - 17:15 26-06-2020 - 15:15
CVE-2020-16845 5.0
Go before 1.13.15 and 14.x before 1.14.7 can have an infinite read loop in ReadUvarint and ReadVarint in encoding/binary via invalid inputs.
24-09-2020 - 12:15 06-08-2020 - 18:15
CVE-2019-18849 4.3
In tnef before 1.4.18, an attacker may be able to write to the victim's .ssh/authorized_keys file via an e-mail message with a crafted winmail.dat application/ms-tnef attachment, because of a heap-based buffer over-read involving strdup.
23-09-2020 - 16:15 11-11-2019 - 04:15
CVE-2017-18640 5.0
The Alias feature in SnakeYAML 1.18 allows entity expansion during a load operation, a related issue to CVE-2003-1564.
16-09-2020 - 10:15 12-12-2019 - 03:15
CVE-2019-16237 5.0
Dino before 2019-09-10 does not properly check the source of an MAM message in module/xep/0313_message_archive_management.vala.
14-09-2020 - 14:27 11-09-2019 - 19:15
CVE-2019-16236 5.0
Dino before 2019-09-10 does not check roster push authorization in module/roster/module.vala.
14-09-2020 - 14:27 11-09-2019 - 19:15
CVE-2019-16235 5.0
Dino before 2019-09-10 does not properly check the source of a carbons message in module/xep/0280_message_carbons.vala.
14-09-2020 - 14:26 11-09-2019 - 19:15
CVE-2016-4797 4.3
Divide-by-zero vulnerability in the opj_tcd_init_tile function in tcd.c in OpenJPEG before 2.1.1 allows remote attackers to cause a denial of service (application crash) via a crafted jp2 file. NOTE: this issue exists because of an incorrect fix for
09-09-2020 - 19:57 03-02-2017 - 16:59
CVE-2016-4796 4.3
Heap-based buffer overflow in the color_cmyk_to_rgb in common/color.c in OpenJPEG before 2.1.1 allows remote attackers to cause a denial of service (crash) via a crafted .j2k file.
09-09-2020 - 19:57 03-02-2017 - 16:59
CVE-2016-3183 4.3
The sycc422_t_rgb function in common/color.c in OpenJPEG before 2.1.1 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted jpeg2000 file.
09-09-2020 - 19:57 03-02-2017 - 16:59
CVE-2012-1499 9.3
The JPEG 2000 codec (jp2.c) in OpenJPEG before 1.5 allows remote attackers to execute arbitrary code via a crafted palette index in a CMAP record of a JPEG image, which triggers memory corruption, aka "out-of heap-based buffer write."
09-09-2020 - 19:56 11-04-2012 - 10:39
CVE-2015-4106 4.6
QEMU does not properly restrict write access to the PCI config space for certain PCI pass-through devices, which might allow local x86 HVM guests to gain privileges, cause a denial of service (host crash), obtain sensitive information, or possibly ha
09-09-2020 - 15:15 03-06-2015 - 20:59
CVE-2015-7295 5.0
hw/virtio/virtio.c in the Virtual Network Device (virtio-net) support in QEMU, when big or mergeable receive buffers are not supported, allows remote attackers to cause a denial of service (guest network consumption) via a flood of jumbo frames on th
09-09-2020 - 15:14 09-11-2015 - 16:59
CVE-2015-8567 6.8
Memory leak in net/vmxnet3.c in QEMU allows remote attackers to cause a denial of service (memory consumption).
09-09-2020 - 15:12 13-04-2017 - 17:59
CVE-2019-15139 4.3
The XWD image (X Window System window dumping file) parsing component in ImageMagick 7.0.8-41 Q16 allows attackers to cause a denial-of-service (application crash resulting from an out-of-bounds Read) in ReadXWDImage in coders/xwd.c by crafting a cor
08-09-2020 - 00:15 18-08-2019 - 19:15
CVE-2017-12806 5.0
In ImageMagick 7.0.6-6, a memory exhaustion vulnerability was found in the function format8BIM, which allows attackers to cause a denial of service.
08-09-2020 - 00:15 09-05-2019 - 16:29
CVE-2019-13290 6.8
Artifex MuPDF 1.15.0 has a heap-based buffer overflow in fz_append_display_node located at fitz/list-device.c, allowing remote attackers to execute arbitrary code via a crafted PDF file. This occurs with a large BDC property name that overflows the a
30-08-2020 - 00:15 04-07-2019 - 22:15
CVE-2014-2678 4.7
The rds_iw_laddr_check function in net/rds/iw.c in the Linux kernel through 3.14 allows local users to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact via a bind system call for an RDS s
28-08-2020 - 14:37 01-04-2014 - 06:35
CVE-2009-2848 5.9
The execve function in the Linux kernel, possibly 2.6.30-rc6 and earlier, does not properly clear the current->clear_child_tid pointer, which allows local users to cause a denial of service (memory corruption) or possibly gain privileges via a clone
28-08-2020 - 13:10 18-08-2009 - 21:00
CVE-2016-7951 7.5
Multiple integer overflows in X.org libXtst before 1.2.3 allow remote X servers to trigger out-of-bounds memory access operations by leveraging the lack of range checks.
27-08-2020 - 17:08 13-12-2016 - 20:59
CVE-2009-1242 4.9
The vmx_set_msr function in arch/x86/kvm/vmx.c in the VMX implementation in the KVM subsystem in the Linux kernel before 2.6.29.1 on the i386 platform allows guest OS users to cause a denial of service (OOPS) by setting the EFER_LME (aka "Long mode e
27-08-2020 - 16:43 06-04-2009 - 14:30
CVE-2010-2959 7.2
Integer overflow in net/can/bcm.c in the Controller Area Network (CAN) implementation in the Linux kernel before 2.6.27.53, 2.6.32.x before 2.6.32.21, 2.6.34.x before 2.6.34.6, and 2.6.35.x before 2.6.35.4 allows attackers to execute arbitrary code o
27-08-2020 - 14:51 08-09-2010 - 20:00
CVE-2008-1375 6.9
Race condition in the directory notification subsystem (dnotify) in Linux kernel 2.6.x before 2.6.24.6, and 2.6.25 before 2.6.25.1, allows local users to cause a denial of service (OOPS) and possibly gain privileges via unspecified vectors.
26-08-2020 - 12:56 02-05-2008 - 16:05
CVE-2016-2775 4.3
ISC BIND 9.x before 9.9.9-P2, 9.10.x before 9.10.4-P2, and 9.11.x before 9.11.0b2, when lwresd or the named lwres option is enabled, allows remote attackers to cause a denial of service (daemon crash) via a long request that uses the lightweight reso
25-08-2020 - 20:18 19-07-2016 - 22:59
CVE-2019-9824 2.1
tcp_emu in slirp/tcp_subr.c (aka slirp/src/tcp_subr.c) in QEMU 3.0.0 uses uninitialized data in an snprintf call, leading to Information disclosure.
24-08-2020 - 17:37 03-06-2019 - 21:29
CVE-2019-6975 5.0
Django 1.11.x before 1.11.19, 2.0.x before 2.0.11, and 2.1.x before 2.1.6 allows Uncontrolled Memory Consumption via a malicious attacker-supplied value to the django.utils.numberformat.format() function.
24-08-2020 - 17:37 11-02-2019 - 13:29
CVE-2019-5771 6.8
An incorrect JIT of GLSL shaders in SwiftShader in Google Chrome prior to 72.0.3626.81 allowed a remote attacker to execute arbitrary code via a crafted HTML page.
24-08-2020 - 17:37 19-02-2019 - 17:29
CVE-2019-6251 5.8
WebKitGTK and WPE WebKit prior to version 2.24.1 are vulnerable to address bar spoofing upon certain JavaScript redirections. An attacker could cause malicious web content to be displayed as if for a trusted URI. This is similar to the CVE-2018-8383
24-08-2020 - 17:37 14-01-2019 - 08:29
CVE-2019-19590 6.8
In radare2 through 4.0, there is an integer overflow for the variable new_token_size in the function r_asm_massemble at libr/asm/asm.c. This integer overflow will result in a Use-After-Free for the buffer tokens, which can be filled with arbitrary ma
24-08-2020 - 17:37 05-12-2019 - 02:15
CVE-2019-9854 6.8
LibreOffice has a feature where documents can specify that pre-installed macros can be executed on various script events such as mouse-over, document-open etc. Access is intended to be restricted to scripts under the share/Scripts/python, user/Script
24-08-2020 - 17:37 06-09-2019 - 19:15
CVE-2019-5767 4.3
Insufficient protection of permission UI in WebAPKs in Google Chrome on Android prior to 72.0.3626.81 allowed an attacker who convinced the user to install a malicious application to access privacy/security sensitive web APIs via a crafted APK.
24-08-2020 - 17:37 19-02-2019 - 17:29
CVE-2019-9211 4.3
There is a reachable assertion abort in the function write_long_string_missing_values() in data/sys-file-writer.c in libdata.a in GNU PSPP 1.2.0 that will lead to denial of service.
24-08-2020 - 17:37 27-02-2019 - 17:29
CVE-2019-3465 6.5
Rob Richards XmlSecLibs, all versions prior to v3.0.3, as used for example by SimpleSAMLphp, performed incorrect validation of cryptographic signatures in XML messages, allowing an authenticated attacker to impersonate others or elevate privileges by
24-08-2020 - 17:37 07-11-2019 - 20:15
CVE-2019-5779 4.3
Insufficient policy validation in ServiceWorker in Google Chrome prior to 72.0.3626.81 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page.
24-08-2020 - 17:37 19-02-2019 - 17:29
CVE-2019-6977 6.8
gdImageColorMatch in gd_color_match.c in the GD Graphics Library (aka LibGD) 2.2.5, as used in the imagecolormatch function in PHP before 5.6.40, 7.x before 7.1.26, 7.2.x before 7.2.14, and 7.3.x before 7.3.1, has a heap-based buffer overflow. This c
24-08-2020 - 17:37 27-01-2019 - 02:29
CVE-2019-6778 4.6
In QEMU 3.0.0, tcp_emu in slirp/tcp_subr.c has a heap-based buffer overflow.
24-08-2020 - 17:37 21-03-2019 - 16:01
CVE-2019-9687 7.5
PoDoFo 0.9.6 has a heap-based buffer overflow in PdfString::ConvertUTF16toUTF8 in base/PdfString.cpp.
24-08-2020 - 17:37 11-03-2019 - 16:29
CVE-2019-5758 6.8
Incorrect object lifecycle management in Blink in Google Chrome prior to 72.0.3626.81 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
24-08-2020 - 17:37 19-02-2019 - 17:29
CVE-2018-19655 6.8
A stack-based buffer overflow in the find_green() function of dcraw through 9.28, as used in ufraw-batch and many other products, may allow a remote attacker to cause a control-flow hijack, denial-of-service, or unspecified other impact via a malicio
24-08-2020 - 17:37 29-11-2018 - 05:29
CVE-2019-9857 4.9
In the Linux kernel through 5.0.2, the function inotify_update_existing_watch() in fs/notify/inotify/inotify_user.c neglects to call fsnotify_put_mark() with IN_MASK_CREATE after fsnotify_find_mark(), which will cause a memory leak (aka refcount leak
24-08-2020 - 17:37 21-03-2019 - 16:01
CVE-2018-7873 4.3
There is a heap-based buffer overflow in the getString function of util/decompile.c in libming 0.4.8 for INTEGER data. A Crafted input will lead to a denial of service attack.
24-08-2020 - 17:37 08-03-2018 - 18:29
CVE-2019-16866 5.0
Unbound before 1.9.4 accesses uninitialized memory, which allows remote attackers to trigger a crash via a crafted NOTIFY query. The source IP address of the query must match an access-control rule.
24-08-2020 - 17:37 03-10-2019 - 19:15
CVE-2019-18809 4.9
A memory leak in the af9005_identify_state() function in drivers/media/usb/dvb-usb/af9005.c in the Linux kernel through 5.3.9 allows attackers to cause a denial of service (memory consumption), aka CID-2289adbfa559.
24-08-2020 - 17:37 07-11-2019 - 16:15
CVE-2018-19519 4.3
In tcpdump 4.9.2, a stack-based buffer over-read exists in the print_prefix function of print-hncp.c via crafted packet data because of missing initialization.
24-08-2020 - 17:37 25-11-2018 - 20:29
CVE-2019-5765 4.3
An exposed debugging endpoint in the browser in Google Chrome on Android prior to 72.0.3626.81 allowed a local attacker to obtain potentially sensitive information from process memory via a crafted Intent.
24-08-2020 - 17:37 19-02-2019 - 17:29
CVE-2019-19058 4.7
A memory leak in the alloc_sgtable() function in drivers/net/wireless/intel/iwlwifi/fw/dbg.c in the Linux kernel through 5.3.11 allows attackers to cause a denial of service (memory consumption) by triggering alloc_page() failures, aka CID-b4b814fec1
24-08-2020 - 17:37 18-11-2019 - 06:15
CVE-2019-18887 6.8
An issue was discovered in Symfony 2.8.0 through 2.8.50, 3.4.0 through 3.4.34, 4.2.0 through 4.2.11, and 4.3.0 through 4.3.7. The UriSigner was subject to timing attacks. This is related to symfony/http-kernel.
24-08-2020 - 17:37 21-11-2019 - 23:15
CVE-2018-20004 6.8
An issue has been found in Mini-XML (aka mxml) 2.12. It is a stack-based buffer overflow in mxml_write_node in mxml-file.c via vectors involving a double-precision floating point number and the '<order type="real">' substring, as demonstrated by test
24-08-2020 - 17:37 10-12-2018 - 06:29
CVE-2019-9946 5.0
Cloud Native Computing Foundation (CNCF) CNI (Container Networking Interface) 0.7.4 has a network firewall misconfiguration which affects Kubernetes. The CNI 'portmap' plugin, used to setup HostPorts for CNI, inserts rules at the front of the iptable
24-08-2020 - 17:37 02-04-2019 - 18:30
CVE-2019-19059 4.7
Multiple memory leaks in the iwl_pcie_ctxt_info_gen3_init() function in drivers/net/wireless/intel/iwlwifi/pcie/ctxt-info-gen3.c in the Linux kernel through 5.3.11 allow attackers to cause a denial of service (memory consumption) by triggering iwl_pc
24-08-2020 - 17:37 18-11-2019 - 06:15
CVE-2019-5766 4.3
Incorrect handling of origin taint checking in Canvas in Google Chrome prior to 72.0.3626.81 allowed a remote attacker to leak cross-origin data via a crafted HTML page.
24-08-2020 - 17:37 19-02-2019 - 17:29
CVE-2018-20593 4.3
In Mini-XML (aka mxml) v2.12, there is stack-based buffer overflow in the scan_file function in mxmldoc.c.
24-08-2020 - 17:37 30-12-2018 - 18:29
CVE-2019-19578 7.2
An issue was discovered in Xen through 4.12.x allowing x86 PV guest OS users to cause a denial of service via degenerate chains of linear pagetables, because of an incorrect fix for CVE-2017-15595. "Linear pagetables" is a technique which involves ei
24-08-2020 - 17:37 11-12-2019 - 18:16
CVE-2019-19072 4.9
A memory leak in the predicate_parse() function in kernel/trace/trace_events_filter.c in the Linux kernel through 5.3.11 allows attackers to cause a denial of service (memory consumption), aka CID-96c5c6e6a5b6.
24-08-2020 - 17:37 18-11-2019 - 06:15
CVE-2019-19010 7.5
Eval injection in the Math plugin of Limnoria (before 2019.11.09) and Supybot (through 2018-05-09) allows remote unprivileged attackers to disclose information or possibly have unspecified other impact via the calc and icalc IRC commands.
24-08-2020 - 17:37 16-11-2019 - 01:15
CVE-2019-19062 4.7
A memory leak in the crypto_report() function in crypto/crypto_user_base.c in the Linux kernel through 5.3.11 allows attackers to cause a denial of service (memory consumption) by triggering crypto_report_alg() failures, aka CID-ffdde5932042.
24-08-2020 - 17:37 18-11-2019 - 06:15
CVE-2019-17546 6.8
tif_getimage.c in LibTIFF through 4.0.10, as used in GDAL through 3.0.1 and other products, has an integer overflow that potentially causes a heap-based buffer overflow via a crafted RGBA image, related to a "Negative-size-param" condition.
24-08-2020 - 17:37 14-10-2019 - 02:15
CVE-2019-19043 4.9
A memory leak in the i40e_setup_macvlans() function in drivers/net/ethernet/intel/i40e/i40e_main.c in the Linux kernel through 5.3.11 allows attackers to cause a denial of service (memory consumption) by triggering i40e_setup_channel() failures, aka
24-08-2020 - 17:37 18-11-2019 - 06:15
CVE-2019-19012 7.5
An integer overflow in the search_in_range function in regexec.c in Oniguruma 6.x before 6.9.4_rc2 leads to an out-of-bounds read, in which the offset of this read is under the control of an attacker. (This only affects the 32-bit compiled version).
24-08-2020 - 17:37 17-11-2019 - 18:15
CVE-2019-9578 5.0
In devs.c in Yubico libu2f-host before 1.1.8, the response to init is misparsed, leaking uninitialized stack memory back to the device.
24-08-2020 - 17:37 05-03-2019 - 23:29
CVE-2019-18889 7.5
An issue was discovered in Symfony 3.4.0 through 3.4.34, 4.2.0 through 4.2.11, and 4.3.0 through 4.3.7. Serializing certain cache adapter interfaces could result in remote code injection. This is related to symfony/cache.
24-08-2020 - 17:37 21-11-2019 - 23:15
CVE-2019-5760 6.8
Insufficient checks of pointer validity in WebRTC in Google Chrome prior to 72.0.3626.81 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
24-08-2020 - 17:37 19-02-2019 - 17:29
CVE-2019-5764 6.8
Incorrect pointer management in WebRTC in Google Chrome prior to 72.0.3626.81 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
24-08-2020 - 17:37 19-02-2019 - 17:29
CVE-2019-5761 6.8
Incorrect object lifecycle management in SwiftShader in Google Chrome prior to 72.0.3626.81 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
24-08-2020 - 17:37 19-02-2019 - 17:29
CVE-2018-3646 4.7
Systems with microprocessors utilizing speculative execution and address translations may allow unauthorized disclosure of information residing in the L1 data cache to an attacker with local user access with guest OS privilege via a terminal page fau
24-08-2020 - 17:37 14-08-2018 - 19:29
CVE-2019-19068 4.9
A memory leak in the rtl8xxxu_submit_int_urb() function in drivers/net/wireless/realtek/rtl8xxxu/rtl8xxxu_core.c in the Linux kernel through 5.3.11 allows attackers to cause a denial of service (memory consumption) by triggering usb_submit_urb() fail
24-08-2020 - 17:37 18-11-2019 - 06:15
CVE-2019-18811 4.9
A memory leak in the sof_set_get_large_ctrl_data() function in sound/soc/sof/ipc.c in the Linux kernel through 5.3.9 allows attackers to cause a denial of service (memory consumption) by triggering sof_get_ctrl_copy_params() failures, aka CID-45c1380
24-08-2020 - 17:37 07-11-2019 - 16:15
CVE-2018-3620 4.7
Systems with microprocessors utilizing speculative execution and address translations may allow unauthorized disclosure of information residing in the L1 data cache to an attacker with local user access via a terminal page fault and a side-channel an
24-08-2020 - 17:37 14-08-2018 - 19:29
CVE-2019-5772 6.8
Sharing of objects over calls into JavaScript runtime in PDFium in Google Chrome prior to 72.0.3626.81 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file.
24-08-2020 - 17:37 19-02-2019 - 17:29
CVE-2019-5763 6.8
Failure to check error conditions in V8 in Google Chrome prior to 72.0.3626.81 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
24-08-2020 - 17:37 19-02-2019 - 17:29
CVE-2019-19056 4.7
A memory leak in the mwifiex_pcie_alloc_cmdrsp_buf() function in drivers/net/wireless/marvell/mwifiex/pcie.c in the Linux kernel through 5.3.11 allows attackers to cause a denial of service (memory consumption) by triggering mwifiex_map_pci_memory()
24-08-2020 - 17:37 18-11-2019 - 06:15
CVE-2019-5768 4.3
DevTools API not correctly gating on extension capability in DevTools in Google Chrome prior to 72.0.3626.81 allowed an attacker who convinced a user to install a malicious extension to read local files via a crafted Chrome Extension.
24-08-2020 - 17:37 19-02-2019 - 17:29
CVE-2019-19577 7.2
An issue was discovered in Xen through 4.12.x allowing x86 AMD HVM guest OS users to cause a denial of service or possibly gain privileges by triggering data-structure access during pagetable-height updates. When running on AMD systems with an IOMMU,
24-08-2020 - 17:37 11-12-2019 - 18:16
CVE-2018-17942 6.8
The convert_to_decimal function in vasnprintf.c in Gnulib before 2018-09-23 has a heap-based buffer overflow because memory is not allocated for a trailing '\0' character during %f processing.
24-08-2020 - 17:37 03-10-2018 - 08:29
CVE-2018-19974 4.3
In YARA 3.8.1, bytecode in a specially crafted compiled rule can read uninitialized data from VM scratch memory in libyara/exec.c. This can allow attackers to discover addresses in the real stack (not the YARA virtual stack).
24-08-2020 - 17:37 17-12-2018 - 19:29
CVE-2019-15846 10.0
Exim before 4.92.2 allows remote attackers to execute arbitrary code as root via a trailing backslash.
24-08-2020 - 17:37 06-09-2019 - 11:15
CVE-2019-15767 6.8
In GNU Chess 6.2.5, there is a stack-based buffer overflow in the cmd_load function in frontend/cmd.cc via a crafted chess position in an EPD file.
24-08-2020 - 17:37 29-08-2019 - 03:15
CVE-2019-16275 3.3
hostapd before 2.10 and wpa_supplicant before 2.10 allow an incorrect indication of disconnection in certain situations because source address validation is mishandled. This is a denial of service that should have been prevented by PMF (aka managemen
24-08-2020 - 17:37 12-09-2019 - 20:15
CVE-2019-13207 7.5
nsd-checkzone in NLnet Labs NSD 4.2.0 has a Stack-based Buffer Overflow in the dname_concatenate() function in dname.c.
24-08-2020 - 17:37 03-07-2019 - 20:15
CVE-2018-17075 5.0
The html package (aka x/net/html) before 2018-07-13 in Go mishandles "in frameset" insertion mode, leading to a "panic: runtime error" for html.Parse of <template><object>, <template><applet>, or <template><marquee>. This is related to HTMLTreeBuilde
24-08-2020 - 17:37 16-09-2018 - 02:29
CVE-2018-17142 5.0
The html package (aka x/net/html) through 2018-09-17 in Go mishandles <math><template><mo><template>, leading to a "panic: runtime error" in parseCurrentToken in parse.go during an html.Parse call.
24-08-2020 - 17:37 17-09-2018 - 14:29
CVE-2019-14809 7.5
net/url in Go before 1.11.13 and 1.12.x before 1.12.8 mishandles malformed hosts in URLs, leading to an authorization bypass in some applications. This is related to a Host field with a suffix appearing in neither Hostname() nor Port(), and is relate
24-08-2020 - 17:37 13-08-2019 - 21:15
CVE-2019-12781 5.0
An issue was discovered in Django 1.11 before 1.11.22, 2.1 before 2.1.10, and 2.2 before 2.2.3. An HTTP request is not redirected to HTTPS when the SECURE_PROXY_SSL_HEADER and SECURE_SSL_REDIRECT settings are used, and the proxy connects to Django vi
24-08-2020 - 17:37 01-07-2019 - 14:15
CVE-2018-18311 7.5
Perl before 5.26.3 and 5.28.x before 5.28.1 has a buffer overflow via a crafted regular expression that triggers invalid write operations.
24-08-2020 - 17:37 07-12-2018 - 21:29
CVE-2019-12749 3.6
dbus before 1.10.28, 1.12.x before 1.12.16, and 1.13.x before 1.13.12, as used in DBusServer in Canonical Upstart in Ubuntu 14.04 (and in some, less common, uses of dbus-daemon), allows cookie spoofing because of symlink mishandling in the reference
24-08-2020 - 17:37 11-06-2019 - 17:29
CVE-2019-14378 6.5
ip_reass in ip_input.c in libslirp 4.0.0 has a heap-based buffer overflow via a large packet because it mishandles a case involving the first fragment.
24-08-2020 - 17:37 29-07-2019 - 11:15
CVE-2019-12449 3.5
An issue was discovered in GNOME gvfs 1.29.4 through 1.41.2. daemon/gvfsbackendadmin.c mishandles a file's user and group ownership during move (and copy with G_FILE_COPY_ALL_METADATA) operations from admin:// to file:// URIs, because root privileges
24-08-2020 - 17:37 29-05-2019 - 17:29
CVE-2019-12816 6.5
Modules.cpp in ZNC before 1.7.4-rc1 allows remote authenticated non-admin users to escalate privileges and execute arbitrary code by loading a module with a crafted name.
24-08-2020 - 17:37 15-06-2019 - 16:29
CVE-2019-15161 5.0
rpcapd/daemon.c in libpcap before 1.9.1 mishandles certain length values because of reuse of a variable. This may open up an attack vector involving extra data at the end of a request.
24-08-2020 - 17:37 03-10-2019 - 19:15
CVE-2019-12447 4.9
An issue was discovered in GNOME gvfs 1.29.4 through 1.41.2. daemon/gvfsbackendadmin.c mishandles file ownership because setfsuid is not used.
24-08-2020 - 17:37 29-05-2019 - 17:29
CVE-2018-17847 5.0
The html package (aka x/net/html) through 2018-09-25 in Go mishandles <svg><template><desc><t><svg></template>, leading to a "panic: runtime error" (index out of range) in (*nodeStack).pop in node.go, called from (*parser).clearActiveFormattingElemen
24-08-2020 - 17:37 01-10-2018 - 08:29
CVE-2018-17143 5.0
The html package (aka x/net/html) through 2018-09-17 in Go mishandles <template><tBody><isindex/action=0>, leading to a "panic: runtime error" in inBodyIM in parse.go during an html.Parse call.
24-08-2020 - 17:37 17-09-2018 - 14:29
CVE-2019-12589 4.6
In Firejail before 0.9.60, seccomp filters are writable inside the jail, leading to a lack of intended seccomp restrictions for a process that is joined to the jail after a filter has been modified by an attacker.
24-08-2020 - 17:37 03-06-2019 - 03:29
CVE-2019-12594 7.5
DOSBox 0.74-2 has Incorrect Access Control.
24-08-2020 - 17:37 02-07-2019 - 17:15
CVE-2019-13179 5.0
Calamares versions 3.1 through 3.2.10 copies a LUKS encryption keyfile from /crypto_keyfile.bin (mode 0600 owned by root) to /boot within a globally readable initramfs image with insecure permissions, which allows this originally protected file to be
24-08-2020 - 17:37 02-07-2019 - 23:15
CVE-2019-12795 4.6
daemon/gvfsdaemon.c in gvfsd from GNOME gvfs before 1.38.3, 1.40.x before 1.40.2, and 1.41.x before 1.41.3 opened a private D-Bus server socket without configuring an authorization rule. A local attacker could connect to this server socket and issue
24-08-2020 - 17:37 11-06-2019 - 22:29
CVE-2019-12499 9.3
Firejail before 0.9.60 allows truncation (resizing to length 0) of the firejail binary on the host by running exploit code inside a firejail sandbox and having the sandbox terminated. To succeed, certain conditions need to be fulfilled: The jail (wit
24-08-2020 - 17:37 31-05-2019 - 12:29
CVE-2019-14233 5.0
An issue was discovered in Django 1.11.x before 1.11.23, 2.1.x before 2.1.11, and 2.2.x before 2.2.4. Due to the behaviour of the underlying HTMLParser, django.utils.html.strip_tags would be extremely slow to evaluate certain inputs containing large
24-08-2020 - 17:37 02-08-2019 - 15:15
CVE-2019-14235 5.0
An issue was discovered in Django 1.11.x before 1.11.23, 2.1.x before 2.1.11, and 2.2.x before 2.2.4. If passed certain inputs, django.utils.encoding.uri_to_iri could lead to significant memory usage due to a recursion when repercent-encoding invalid
24-08-2020 - 17:37 02-08-2019 - 15:15
CVE-2019-13640 7.5
In qBittorrent before 4.1.7, the function Application::runExternalProgram() located in app/application.cpp allows command injection via shell metacharacters in the torrent name parameter or current tracker parameter, as demonstrated by remote command
24-08-2020 - 17:37 17-07-2019 - 22:15
CVE-2019-12209 5.0
Yubico pam-u2f 1.0.7 attempts parsing of the configured authfile (default $HOME/.config/Yubico/u2f_keys) as root (unless openasuser was enabled), and does not properly verify that the path lacks symlinks pointing to other files on the system owned by
24-08-2020 - 17:37 04-06-2019 - 21:29
CVE-2018-12179 4.6
Improper configuration in system firmware for EDK II may allow unauthenticated user to potentially enable escalation of privilege, information disclosure and/or denial of service via local access.
24-08-2020 - 17:37 27-03-2019 - 20:29
CVE-2019-10898 5.0
In Wireshark 3.0.0, the GSUP dissector could go into an infinite loop. This was addressed in epan/dissectors/packet-gsm_gsup.c by rejecting an invalid Information Element length.
24-08-2020 - 17:37 09-04-2019 - 04:29
CVE-2019-10897 5.0
In Wireshark 3.0.0, the IEEE 802.11 dissector could go into an infinite loop. This was addressed in epan/dissectors/packet-ieee80211.c by detecting cases in which the bit offset does not advance.
24-08-2020 - 17:37 09-04-2019 - 04:29
CVE-2019-10902 5.0
In Wireshark 3.0.0, the TSDNS dissector could crash. This was addressed in epan/dissectors/packet-tsdns.c by splitting strings safely.
24-08-2020 - 17:37 09-04-2019 - 04:29
CVE-2019-11091 4.7
Microarchitectural Data Sampling Uncacheable Memory (MDSUM): Uncacheable memory on some microprocessors utilizing speculative execution may allow an authenticated user to potentially enable information disclosure via a side channel with local access.
24-08-2020 - 17:37 30-05-2019 - 16:29
CVE-2018-12181 3.6
Stack overflow in corrupted bmp for EDK II may allow unprivileged user to potentially enable denial of service or elevation of privilege via local access.
24-08-2020 - 17:37 27-03-2019 - 20:29
CVE-2019-10900 5.0
In Wireshark 3.0.0, the Rbm dissector could go into an infinite loop. This was addressed in epan/dissectors/file-rbm.c by handling unknown object types safely.
24-08-2020 - 17:37 09-04-2019 - 04:29
CVE-2019-10691 5.0
The JSON encoder in Dovecot before 2.3.5.2 allows attackers to repeatedly crash the authentication service by attempting to authenticate with an invalid UTF-8 sequence as the username.
24-08-2020 - 17:37 24-04-2019 - 17:29
CVE-2019-1010189 4.3
mgetty prior to version 1.2.1 is affected by: Infinite Loop. The impact is: DoS, the program does never terminates. The component is: g3/g32pbm.c. The attack vector is: Local, the user should open a specially crafted file. The fixed version is: 1.2.1
24-08-2020 - 17:37 24-07-2019 - 14:15
CVE-2018-1000880 4.3
libarchive version commit 9693801580c0cf7c70e862d305270a16b52826a7 onwards (release v3.2.0 onwards) contains a CWE-20: Improper Input Validation vulnerability in WARC parser - libarchive/archive_read_support_format_warc.c, _warc_read() that can resul
24-08-2020 - 17:37 20-12-2018 - 17:29
CVE-2019-1000021 5.0
slixmpp version before commit 7cd73b594e8122dddf847953fcfc85ab4d316416 contains an incorrect Access Control vulnerability in XEP-0223 plugin (Persistent Storage of Private Data via PubSub) options profile, used for the configuration of default access
24-08-2020 - 17:37 04-02-2019 - 21:29
CVE-2019-1000020 4.3
libarchive version commit 5a98dcf8a86364b3c2c469c85b93647dfb139961 onwards (version v2.8.0 onwards) contains a CWE-835: Loop with Unreachable Exit Condition ('Infinite Loop') vulnerability in ISO9660 parser, archive_read_support_format_iso9660.c, rea
24-08-2020 - 17:37 04-02-2019 - 21:29
CVE-2013-1995 6.8
X.org libXi 1.7.1 and earlier allows X servers to trigger allocation of insufficient memory and a buffer overflow via vectors related to an unexpected sign extension in the XListInputDevices function.
24-08-2020 - 16:35 15-06-2013 - 20:55
CVE-2013-1984 6.8
Multiple integer overflows in X.org libXi 1.7.1 and earlier allow X servers to trigger allocation of insufficient memory and a buffer overflow via vectors related to the (1) XGetDeviceControl, (2) XGetFeedbackControl, (3) XGetDeviceDontPropagateList,
24-08-2020 - 16:35 15-06-2013 - 19:55
CVE-2013-1998 6.8
Multiple buffer overflows in X.org libXi 1.7.1 and earlier allow X servers to cause a denial of service (crash) and possibly execute arbitrary code via crafted length or index values to the (1) XGetDeviceButtonMapping, (2) XIPassiveGrabDevice, and (3
24-08-2020 - 16:35 15-06-2013 - 20:55
CVE-2019-19204 5.0
An issue was discovered in Oniguruma 6.x before 6.9.4_rc2. In the function fetch_interval_quantifier (formerly known as fetch_range_quantifier) in regparse.c, PFETCH is called without checking PEND. This leads to a heap-based buffer over-read.
24-08-2020 - 14:15 21-11-2019 - 21:15
CVE-2019-9937 5.0
In SQLite 3.27.2, interleaving reads and writes in a single transaction with an fts5 virtual table will lead to a NULL Pointer Dereference in fts5ChunkIterate in sqlite3.c. This is related to ext/fts5/fts5_hash.c and ext/fts5/fts5_index.c.
23-08-2020 - 01:15 22-03-2019 - 08:29
CVE-2019-9936 5.0
In SQLite 3.27.2, running fts5 prefix queries inside a transaction could trigger a heap-based buffer over-read in fts5HashEntrySort in sqlite3.c, which may lead to an information leak. This is related to ext/fts5/fts5_hash.c.
23-08-2020 - 01:15 22-03-2019 - 08:29
CVE-2018-20852 5.0
http.cookiejar.DefaultPolicy.domain_return_ok in Lib/http/cookiejar.py in Python before 3.7.3 does not correctly validate the domain: it can be tricked into sending existing cookies to the wrong server. An attacker may abuse this flaw by using a serv
22-08-2020 - 17:15 13-07-2019 - 21:15
CVE-2013-5610 10.0
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 26.0 and SeaMonkey before 2.23 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via u
21-08-2020 - 18:43 11-12-2013 - 15:55
CVE-2013-5612 4.3
Cross-site scripting (XSS) vulnerability in Mozilla Firefox before 26.0 and SeaMonkey before 2.23 makes it easier for remote attackers to inject arbitrary web script or HTML by leveraging a Same Origin Policy violation triggered by lack of a charset
21-08-2020 - 18:42 11-12-2013 - 15:55
CVE-2013-5619 7.5
Multiple integer overflows in the binary-search implementation in SpiderMonkey in Mozilla Firefox before 26.0 and SeaMonkey before 2.23 might allow remote attackers to cause a denial of service (out-of-bounds array access) or possibly have unspecifie
21-08-2020 - 18:41 11-12-2013 - 15:55
CVE-2013-5614 4.3
Mozilla Firefox before 26.0 and SeaMonkey before 2.23 do not properly consider the sandbox attribute of an IFRAME element during processing of a contained OBJECT element, which allows remote attackers to bypass intended sandbox restrictions via a cra
21-08-2020 - 18:41 11-12-2013 - 15:55
CVE-2013-6672 4.3
Mozilla Firefox before 26.0 and SeaMonkey before 2.23 on Linux allow user-assisted remote attackers to read clipboard data by leveraging certain middle-click paste operations. Per: http://www.mozilla.org/security/announce/2013/mfsa2013-112.html "Win
21-08-2020 - 18:40 11-12-2013 - 15:55
CVE-2020-11078 4.3
In httplib2 before version 0.18.0, an attacker controlling unescaped part of uri for `httplib2.Http.request()` could change request headers and body, send additional hidden requests to same server. This vulnerability impacts software that uses httpli
19-08-2020 - 18:56 20-05-2020 - 16:15
CVE-2019-11472 4.3
ReadXWDImage in coders/xwd.c in the XWD image parsing component of ImageMagick 7.0.8-41 Q16 allows attackers to cause a denial-of-service (divide-by-zero error) by crafting an XWD image file in which the header indicates neither LSB first nor MSB fir
19-08-2020 - 02:15 23-04-2019 - 14:29
CVE-2019-11470 7.1
The cineon parsing component in ImageMagick 7.0.8-26 Q16 allows attackers to cause a denial-of-service (uncontrolled resource consumption) by crafting a Cineon image with an incorrect claimed image size. This occurs because ReadCINImage in coders/cin
19-08-2020 - 02:15 23-04-2019 - 14:29
CVE-2017-12805 5.0
In ImageMagick 7.0.6-6, a memory exhaustion vulnerability was found in the function ReadTIFFImage, which allows attackers to cause a denial of service.
19-08-2020 - 02:15 09-05-2019 - 16:29
CVE-2019-10197 6.4
A flaw was found in samba versions 4.9.x up to 4.9.13, samba 4.10.x up to 4.10.8 and samba 4.11.x up to 4.11.0rc3, when certain parameters were set in the samba configuration file. An unauthenticated attacker could use this flaw to escape the shared
18-08-2020 - 15:05 03-09-2019 - 15:15
CVE-2014-1526 6.8
The XrayWrapper implementation in Mozilla Firefox before 29.0 and SeaMonkey before 2.26 allows user-assisted remote attackers to bypass intended access restrictions via a crafted web site that is visited in the debugger, leading to unwrapping operati
14-08-2020 - 17:49 30-04-2014 - 10:49
CVE-2014-1525 9.3
The mozilla::dom::TextTrack::AddCue function in Mozilla Firefox before 29.0 and SeaMonkey before 2.26 does not properly perform garbage collection for Text Track Manager variables, which allows remote attackers to execute arbitrary code or cause a de
14-08-2020 - 17:47 30-04-2014 - 10:49
CVE-2014-1519 9.3
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 29.0 and SeaMonkey before 2.26 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via u
14-08-2020 - 17:46 30-04-2014 - 10:49
CVE-2014-1522 9.3
The mozilla::dom::OscillatorNodeEngine::ComputeCustom function in the Web Audio subsystem in Mozilla Firefox before 29.0 and SeaMonkey before 2.26 allows remote attackers to execute arbitrary code or cause a denial of service (out-of-bounds read, mem
14-08-2020 - 17:46 30-04-2014 - 10:49
CVE-2010-4744 10.0
Multiple unspecified vulnerabilities in abcm2ps before 5.9.13 have unknown impact and attack vectors, a different issue than CVE-2010-3441.
14-08-2020 - 16:57 18-02-2011 - 19:00
CVE-2010-4743 6.8
Heap-based buffer overflow in the getarena function in abc2ps.c in abcm2ps before 5.9.13 might allow remote attackers to execute arbitrary code via a crafted ABC file, a different vulnerability than CVE-2010-3441. NOTE: some of these details are obt
14-08-2020 - 16:57 18-02-2011 - 19:00
CVE-2010-3441 7.5
Multiple buffer overflows in abcm2ps before 5.9.12 might allow remote attackers to execute arbitrary code via (1) a crafted input file, related to the PUT0 and PUT1 output macros; (2) a crafted input file, related to the trim_title function; and poss
14-08-2020 - 16:54 18-02-2011 - 17:00
CVE-2010-1773 6.8
Off-by-one error in the toAlphabetic function in rendering/RenderListMarker.cpp in WebCore in WebKit before r59950, as used in Google Chrome before 5.0.375.70, allows remote attackers to obtain sensitive information, cause a denial of service (memory
14-08-2020 - 16:23 24-09-2010 - 19:00
CVE-2010-1205 7.5
Buffer overflow in pngpread.c in libpng before 1.2.44 and 1.4.x before 1.4.3, as used in progressive applications, might allow remote attackers to execute arbitrary code via a PNG image that triggers an additional data row.
14-08-2020 - 15:50 30-06-2010 - 18:30
CVE-2020-14928 4.3
evolution-data-server (eds) through 3.36.3 has a STARTTLS buffering issue that affects SMTP and POP3. When a server sends a "begin TLS" response, eds reads additional data and evaluates it in a TLS context, aka "response injection."
14-08-2020 - 15:25 17-07-2020 - 16:15
CVE-2010-2963 6.2
drivers/media/video/v4l2-compat-ioctl32.c in the Video4Linux (V4L) implementation in the Linux kernel before 2.6.36 on 64-bit platforms does not validate the destination of a memory copy operation, which allows local users to write to arbitrary kerne
14-08-2020 - 15:10 26-11-2010 - 19:00
CVE-2010-2962 7.2
drivers/gpu/drm/i915/i915_gem.c in the Graphics Execution Manager (GEM) in the Intel i915 driver in the Direct Rendering Manager (DRM) subsystem in the Linux kernel before 2.6.36 does not properly validate pointers to blocks of memory, which allows l
14-08-2020 - 15:09 26-11-2010 - 19:00
CVE-2018-10756 6.8
Use-after-free in libtransmission/variant.c in Transmission before 3.00 allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted torrent file.
14-08-2020 - 14:28 15-05-2020 - 16:15
CVE-2013-6673 4.3
Mozilla Firefox before 26.0, Firefox ESR 24.x before 24.2, Thunderbird before 24.2, and SeaMonkey before 2.23 do not recognize a user's removal of trust from an EV X.509 certificate, which makes it easier for man-in-the-middle attackers to spoof SSL
12-08-2020 - 14:49 11-12-2013 - 15:55
CVE-2013-5615 7.5
The JavaScript implementation in Mozilla Firefox before 26.0, Firefox ESR 24.x before 24.2, Thunderbird before 24.2, and SeaMonkey before 2.23 does not properly enforce certain typeset restrictions on the generation of GetElementIC typed array stubs,
12-08-2020 - 14:49 11-12-2013 - 15:55
CVE-2013-5616 7.5
Use-after-free vulnerability in the nsEventListenerManager::HandleEventSubType function in Mozilla Firefox before 26.0, Firefox ESR 24.x before 24.2, Thunderbird before 24.2, and SeaMonkey before 2.23 allows remote attackers to execute arbitrary code
12-08-2020 - 14:45 11-12-2013 - 15:55
CVE-2013-5613 10.0
Use-after-free vulnerability in the PresShell::DispatchSynthMouseMove function in Mozilla Firefox before 26.0, Firefox ESR 24.x before 24.2, Thunderbird before 24.2, and SeaMonkey before 2.23 allows remote attackers to execute arbitrary code or cause
12-08-2020 - 14:45 11-12-2013 - 15:55
CVE-2013-5609 10.0
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 26.0, Firefox ESR 24.x before 24.2, Thunderbird before 24.2, and SeaMonkey before 2.23 allow remote attackers to cause a denial of service (memory corruption and app
12-08-2020 - 14:42 11-12-2013 - 15:55
CVE-2013-5618 10.0
Use-after-free vulnerability in the nsNodeUtils::LastRelease function in the table-editing user interface in the editor component in Mozilla Firefox before 26.0, Firefox ESR 24.x before 24.2, Thunderbird before 24.2, and SeaMonkey before 2.23 allows
12-08-2020 - 14:40 11-12-2013 - 15:55
CVE-2013-6671 10.0
The nsGfxScrollFrameInner::IsLTR function in Mozilla Firefox before 26.0, Firefox ESR 24.x before 24.2, Thunderbird before 24.2, and SeaMonkey before 2.23 allows remote attackers to execute arbitrary code via crafted use of JavaScript code for ordere
12-08-2020 - 14:39 11-12-2013 - 15:55
CVE-2014-1531 9.3
Use-after-free vulnerability in the nsGenericHTMLElement::GetWidthHeightForImage function in Mozilla Firefox before 29.0, Firefox ESR 24.x before 24.5, Thunderbird before 24.5, and SeaMonkey before 2.26 allows remote attackers to execute arbitrary co
07-08-2020 - 19:26 30-04-2014 - 10:49
CVE-2014-1530 4.3
The docshell implementation in Mozilla Firefox before 29.0, Firefox ESR 24.x before 24.5, Thunderbird before 24.5, and SeaMonkey before 2.26 allows remote attackers to trigger the loading of a URL with a spoofed baseURI property, and conduct cross-si
07-08-2020 - 19:19 30-04-2014 - 10:49
CVE-2014-1523 4.3
Heap-based buffer overflow in the read_u32 function in Mozilla Firefox before 29.0, Firefox ESR 24.x before 24.5, Thunderbird before 24.5, and SeaMonkey before 2.26 allows remote attackers to cause a denial of service (out-of-bounds read and applicat
07-08-2020 - 18:53 30-04-2014 - 10:49
CVE-2014-1518 9.3
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 29.0, Firefox ESR 24.x before 24.5, Thunderbird before 24.5, and SeaMonkey before 2.26 allow remote attackers to cause a denial of service (memory corruption and app
07-08-2020 - 18:52 30-04-2014 - 10:49
CVE-2018-1000852 6.4
FreeRDP FreeRDP 2.0.0-rc3 released version before commit 205c612820dac644d665b5bb1cdf437dc5ca01e3 contains a Other/Unknown vulnerability in channels/drdynvc/client/drdynvc_main.c, drdynvc_process_capability_request that can result in The RDP server c
07-08-2020 - 17:31 20-12-2018 - 15:29
CVE-2010-0205 4.3
The png_decompress_chunk function in pngrutil.c in libpng 1.0.x before 1.0.53, 1.2.x before 1.2.43, and 1.4.x before 1.4.1 does not properly handle compressed ancillary-chunk data that has a disproportionately large uncompressed representation, which
07-08-2020 - 13:26 03-03-2010 - 19:30
CVE-2020-14019 4.6
Open-iSCSI rtslib-fb through 2.1.72 has weak permissions for /etc/target/saveconfig.json because shutil.copyfile (instead of shutil.copy) is used, and thus permissions are not preserved.
07-08-2020 - 12:15 19-06-2020 - 11:15
CVE-2014-1532 7.5
Use-after-free vulnerability in the nsHostResolver::ConditionallyRefreshRecord function in libxul.so in Mozilla Firefox before 29.0, Firefox ESR 24.x before 24.5, Thunderbird before 24.5, and SeaMonkey before 2.26 allows remote attackers to execute a
06-08-2020 - 17:57 30-04-2014 - 10:49
CVE-2014-1529 9.3
The Web Notification API in Mozilla Firefox before 29.0, Firefox ESR 24.x before 24.5, Thunderbird before 24.5, and SeaMonkey before 2.26 allows remote attackers to bypass intended source-component restrictions and execute arbitrary JavaScript code i
06-08-2020 - 17:42 30-04-2014 - 10:49
CVE-2014-1524 7.5
The nsXBLProtoImpl::InstallImplementation function in Mozilla Firefox before 29.0, Firefox ESR 24.x before 24.5, Thunderbird before 24.5, and SeaMonkey before 2.26 does not properly check whether objects are XBL objects, which allows remote attackers
06-08-2020 - 17:35 30-04-2014 - 10:49
CVE-2011-2690 6.8
Buffer overflow in libpng 1.0.x before 1.0.55, 1.2.x before 1.2.45, 1.4.x before 1.4.8, and 1.5.x before 1.5.4, when used by an application that calls the png_rgb_to_gray function but not the png_set_expand function, allows remote attackers to overwr
06-08-2020 - 15:44 17-07-2011 - 20:55
CVE-2011-2501 4.3
The png_format_buffer function in pngerror.c in libpng 1.0.x before 1.0.55, 1.2.x before 1.2.45, 1.4.x before 1.4.8, and 1.5.x before 1.5.4 allows remote attackers to cause a denial of service (application crash) via a crafted PNG image that triggers
06-08-2020 - 15:43 17-07-2011 - 20:55
CVE-2010-0751 5.0
The ip_evictor function in ip_fragment.c in libnids before 1.24, as used in dsniff and possibly other products, allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via crafted fragmented packets.
05-08-2020 - 15:04 06-04-2010 - 16:30
CVE-2017-6314 4.3
The make_available_at_least function in io-tiff.c in gdk-pixbuf allows context-dependent attackers to cause a denial of service (infinite loop) via a large TIFF file.
04-08-2020 - 13:27 10-03-2017 - 02:59
CVE-2017-6313 5.8
Integer underflow in the load_resources function in io-icns.c in gdk-pixbuf allows context-dependent attackers to cause a denial of service (out-of-bounds read and program crash) via a crafted image entry size in an ICO file.
04-08-2020 - 13:27 10-03-2017 - 02:59
CVE-2017-6312 4.3
Integer overflow in io-ico.c in gdk-pixbuf allows context-dependent attackers to cause a denial of service (segmentation fault and application crash) via a crafted image entry offset in an ICO file, which triggers an out-of-bounds read, related to co
04-08-2020 - 13:26 10-03-2017 - 02:59
CVE-2017-6311 5.0
gdk-pixbuf-thumbnailer.c in gdk-pixbuf allows context-dependent attackers to cause a denial of service (NULL pointer dereference and application crash) via vectors related to printing an error message.
04-08-2020 - 13:25 10-03-2017 - 02:59
CVE-2019-12380 2.1
**DISPUTED** An issue was discovered in the efi subsystem in the Linux kernel through 5.1.5. phys_efi_set_virtual_address_map in arch/x86/platform/efi/efi.c and efi_call_phys_prolog in arch/x86/platform/efi/efi_64.c mishandle memory allocation failur
03-08-2020 - 17:15 28-05-2019 - 03:29
CVE-2018-14498 4.3
get_8bit_row in rdbmp.c in libjpeg-turbo through 1.5.90 and MozJPEG through 3.3.1 allows attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted 8-bit BMP in which one or more of the color indices is o
31-07-2020 - 21:15 07-03-2019 - 23:29
CVE-2014-1491 4.3
Mozilla Network Security Services (NSS) before 3.15.4, as used in Mozilla Firefox before 27.0, Firefox ESR 24.x before 24.3, Thunderbird before 24.3, SeaMonkey before 2.24, and other products, does not properly restrict public values in Diffie-Hellma
31-07-2020 - 20:33 06-02-2014 - 05:44
CVE-2010-4494 7.5
Double free vulnerability in libxml2 2.7.8 and other versions, as used in Google Chrome before 8.0.552.215 and other products, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to XPath
31-07-2020 - 18:38 07-12-2010 - 21:00
CVE-2010-4204 7.5
WebKit, as used in Google Chrome before 7.0.517.44, webkitgtk before 1.2.6, and other products, accesses a frame object after this object has been destroyed, which allows remote attackers to cause a denial of service or possibly have unspecified othe
31-07-2020 - 18:25 06-11-2010 - 00:00
CVE-2010-4197 7.5
Use-after-free vulnerability in WebKit, as used in Google Chrome before 7.0.517.44, webkitgtk before 1.2.6, and other products, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving text
31-07-2020 - 17:53 06-11-2010 - 00:00
CVE-2010-4198 6.8
WebKit, as used in Google Chrome before 7.0.517.44, webkitgtk before 1.2.6, and other products, does not properly handle large text areas, which allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified oth
31-07-2020 - 17:53 06-11-2010 - 00:00
CVE-2010-4206 6.8
Array index error in the FEBlend::apply function in WebCore/platform/graphics/filters/FEBlend.cpp in WebKit, as used in Google Chrome before 7.0.517.44, webkitgtk before 1.2.6, and other products, allows remote attackers to cause a denial of service
31-07-2020 - 15:06 06-11-2010 - 00:00
CVE-2018-14647 5.0
Python's elementtree C accelerator failed to initialise Expat's hash salt during initialization. This could make it easy to conduct denial of service attacks against Expat by constructing an XML document that would cause pathological hash collisions
29-07-2020 - 12:15 25-09-2018 - 00:29
CVE-2019-19035 4.3
jhead 3.03 is affected by: heap-based buffer over-read. The impact is: Denial of service. The component is: ReadJpegSections and process_SOFn in jpgfile.c. The attack vector is: Open a specially crafted JPEG file.
28-07-2020 - 03:15 17-11-2019 - 18:15
CVE-2019-9200 6.8
A heap-based buffer underwrite exists in ImageStream::getLine() located at Stream.cc in Poppler 0.74.0 that can (for example) be triggered by sending a crafted PDF file to the pdfimages binary. It allows an attacker to cause Denial of Service (Segmen
23-07-2020 - 12:15 26-02-2019 - 23:29
CVE-2019-9631 7.5
Poppler 0.74.0 has a heap-based buffer over-read in the CairoRescaleBox.cc downsample_row_box_filter function.
23-07-2020 - 12:15 08-03-2019 - 05:29
CVE-2019-12293 6.8
In Poppler through 0.76.1, there is a heap-based buffer over-read in JPXStream::init in JPEG2000Stream.cc via data with inconsistent heights or widths.
23-07-2020 - 12:15 23-05-2019 - 05:29
CVE-2019-10872 6.8
An issue was discovered in Poppler 0.74.0. There is a heap-based buffer over-read in the function Splash::blitTransparent at splash/Splash.cc.
23-07-2020 - 12:15 05-04-2019 - 04:29
CVE-2011-0495 6.0
Stack-based buffer overflow in the ast_uri_encode function in main/utils.c in Asterisk Open Source before 1.4.38.1, 1.4.39.1, 1.6.1.21, 1.6.2.15.1, 1.6.2.16.1, 1.8.1.2, 1.8.2.; and Business Edition before C.3.6.2; when running in pedantic mode allows
15-07-2020 - 13:40 20-01-2011 - 19:00
CVE-2015-8607 7.5
The canonpath function in the File::Spec module in PathTools before 3.62, as used in Perl, does not properly preserve the taint attribute of data, which might allow context-dependent attackers to bypass the taint protection mechanism via a crafted st
15-07-2020 - 03:15 13-01-2016 - 15:59
CVE-2018-18312 7.5
Perl before 5.26.3 and 5.28.0 before 5.28.1 has a buffer overflow via a crafted regular expression that triggers invalid write operations.
15-07-2020 - 03:15 05-12-2018 - 22:29
CVE-2018-18313 6.4
Perl before 5.26.3 has a buffer over-read via a crafted regular expression that triggers disclosure of sensitive information from process memory.
15-07-2020 - 03:15 07-12-2018 - 21:29
CVE-2018-18314 7.5
Perl before 5.26.3 has a buffer overflow via a crafted regular expression that triggers invalid write operations.
15-07-2020 - 03:15 07-12-2018 - 21:29
CVE-2008-3969 5.0
Multiple unspecified vulnerabilities in BitlBee before 1.2.3 allow remote attackers to "overwrite" and "hijack" existing accounts via unknown vectors related to "inconsistent handling of the USTATUS_IDENTIFIED state." NOTE: this issue exists because
14-07-2020 - 20:28 11-09-2008 - 01:13
CVE-2020-11743 2.1
An issue was discovered in Xen through 4.13.x, allowing guest OS users to cause a denial of service because of a bad error path in GNTTABOP_map_grant. Grant table operations are expected to return 0 for success, and a negative number for errors. Some
13-07-2020 - 16:15 14-04-2020 - 13:15
CVE-2020-11742 2.1
An issue was discovered in Xen through 4.13.x, allowing guest OS users to cause a denial of service because of bad continuation handling in GNTTABOP_copy. Grant table operations are expected to return 0 for success, and a negative number for errors.
13-07-2020 - 16:15 14-04-2020 - 13:15
CVE-2018-12983 6.8
A stack-based buffer over-read in the PdfEncryptMD5Base::ComputeEncryptionKey() function in PdfEncrypt.cpp in PoDoFo 0.9.6-rc1 could be leveraged by remote attackers to cause a denial-of-service via a crafted pdf file.
11-07-2020 - 03:15 29-06-2018 - 05:29
CVE-2019-18678 5.0
An issue was discovered in Squid 3.x and 4.x through 4.8. It allows attackers to smuggle HTTP requests through frontend software to a Squid instance that splits the HTTP Request pipeline differently. The resulting Response messages corrupt caches (be
11-07-2020 - 00:15 26-11-2019 - 17:15
CVE-2019-18677 5.8
An issue was discovered in Squid 3.x and 4.x through 4.8 when the append_domain setting is used (because the appended characters do not properly interact with hostname length restrictions). Due to incorrect message processing, it can inappropriately
11-07-2020 - 00:15 26-11-2019 - 17:15
CVE-2019-18679 5.0
An issue was discovered in Squid 2.x, 3.x, and 4.x through 4.8. Due to incorrect data management, it is vulnerable to information disclosure when processing HTTP Digest Authentication. Nonce tokens contain the raw byte value of a pointer that sits wi
11-07-2020 - 00:15 26-11-2019 - 17:15
CVE-2019-13345 4.3
The cachemgr.cgi web module of Squid through 4.7 has XSS via the user_name or auth parameter.
11-07-2020 - 00:15 05-07-2019 - 16:15
CVE-2020-5312 7.5
libImaging/PcxDecode.c in Pillow before 6.2.2 has a PCX P mode buffer overflow.
10-07-2020 - 17:09 03-01-2020 - 01:15
CVE-2020-5311 7.5
libImaging/SgiRleDecode.c in Pillow before 6.2.2 has an SGI buffer overflow.
10-07-2020 - 17:06 03-01-2020 - 01:15
CVE-2018-19591 5.0
In the GNU C Library (aka glibc or libc6) through 2.28, attempting to resolve a crafted hostname via getaddrinfo() leads to the allocation of a socket descriptor that is not closed. This is related to the if_nametoindex() function.
09-07-2020 - 20:15 04-12-2018 - 16:29
CVE-2017-12133 4.3
Use-after-free vulnerability in the clntudp_call function in sunrpc/clnt_udp.c in the GNU C Library (aka glibc or libc6) before 2.26 allows remote attackers to have unspecified impact via vectors related to error path.
09-07-2020 - 20:15 07-09-2017 - 13:29
CVE-2017-5617 5.8
The SVG Salamander (aka svgSalamander) library, when used in a web application, allows remote attackers to conduct server-side request forgery (SSRF) attacks via an xlink:href attribute in an SVG file.
08-07-2020 - 14:38 16-03-2017 - 15:59
CVE-2018-16516 4.3
helpers.py in Flask-Admin 1.5.2 has Reflected XSS via a crafted URL.
08-07-2020 - 03:15 05-09-2018 - 14:29
CVE-2019-12360 5.8
A stack-based buffer over-read exists in FoFiTrueType::dumpString in fofi/FoFiTrueType.cc in Xpdf 4.01.01. It can, for example, be triggered by sending crafted TrueType data in a PDF document to the pdftops tool. It might allow an attacker to cause D
05-07-2020 - 04:15 27-05-2019 - 23:29
CVE-2020-8130 6.9
There is an OS command injection vulnerability in Ruby Rake < 12.3.3 in Rake::FileList when supplying a filename that begins with the pipe character `|`.
30-06-2020 - 14:00 24-02-2020 - 15:15
CVE-2019-11023 6.8
The agroot() function in cgraph\obj.c in libcgraph.a in Graphviz 2.39.20160612.1140 has a NULL pointer dereference, as demonstrated by graphml2gv.
30-06-2020 - 00:15 08-04-2019 - 23:29
CVE-2005-3388 4.3
Cross-site scripting (XSS) vulnerability in the phpinfo function in PHP 4.x up to 4.4.0 and 5.x up to 5.0.5 allows remote attackers to inject arbitrary web script or HTML via a crafted URL with a "stacked array assignment."
23-06-2020 - 03:15 01-11-2005 - 12:47
CVE-2020-7471 7.5
Django 1.11 before 1.11.28, 2.2 before 2.2.10, and 3.0 before 3.0.3 allows SQL Injection if untrusted data is used as a StringAgg delimiter (e.g., in Django applications that offer downloads of data as a series of rows with a user-specified column de
19-06-2020 - 03:15 03-02-2020 - 12:15
CVE-2019-20797 5.0
An issue was discovered in e6y prboom-plus 2.5.1.5. There is a buffer overflow in client and server code responsible for handling received UDP packets, as demonstrated by I_SendPacket or I_SendPacketTo in i_network.c.
16-06-2020 - 16:15 18-05-2020 - 00:15
CVE-2020-12430 4.0
An issue was discovered in qemuDomainGetStatsIOThread in qemu/qemu_driver.c in libvirt 4.10.0 though 6.x before 6.1.0. A memory leak was found in the virDomainListGetStats libvirt API that is responsible for retrieving domain statistics when managing
16-06-2020 - 03:15 28-04-2020 - 20:15
CVE-2020-10703 4.0
A NULL pointer dereference was found in the libvirt API responsible introduced in upstream version 3.10.0, and fixed in libvirt 6.0.0, for fetching a storage pool based on its target path. In more detail, this flaw affects storage pools created witho
16-06-2020 - 03:15 02-06-2020 - 13:15
CVE-2009-0314 6.9
Untrusted search path vulnerability in the Python module in gedit allows local users to execute arbitrary code via a Trojan horse Python file in the current working directory, related to a vulnerability in the PySys_SetArgv function (CVE-2008-5983).
15-06-2020 - 17:38 28-01-2009 - 11:30
CVE-2020-10030 6.5
An issue has been found in PowerDNS Recursor 4.1.0 up to and including 4.3.0. It allows an attacker (with enough privileges to change the system's hostname) to cause disclosure of uninitialized memory content via a stack-based out-of-bounds read. It
14-06-2020 - 19:15 19-05-2020 - 16:15
CVE-2020-1737 4.6
A flaw was found in Ansible 2.7.17 and prior, 2.8.9 and prior, and 2.9.6 and prior when using the Extract-Zip function from the win_unzip module as the extracted file(s) are not checked if they belong to the destination folder. An attacker could take
13-06-2020 - 04:15 09-03-2020 - 16:15
CVE-2020-11793 6.8
A use-after-free issue exists in WebKitGTK before 2.28.1 and WPE WebKit before 2.28.1 via crafted web content that allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash).
13-06-2020 - 04:15 17-04-2020 - 13:15
CVE-2016-9400 7.5
The CClient::ProcessServerPacket method in engine/client/client.cpp in Teeworlds before 0.6.4 allows remote servers to write to arbitrary physical memory locations and possibly execute arbitrary code via vectors involving snap handling.
11-06-2020 - 15:22 22-02-2017 - 16:59
CVE-2018-17848 5.0
The html package (aka x/net/html) through 2018-09-25 in Go mishandles <math><template><mn><b></template>, leading to a "panic: runtime error" (index out of range) in (*insertionModeStack).pop in node.go, called from inHeadIM, during an html.Parse cal
02-06-2020 - 20:45 01-10-2018 - 08:29
CVE-2018-17846 5.0
The html package (aka x/net/html) through 2018-09-25 in Go mishandles <table><math><select><mi><select></table>, leading to an infinite loop during an html.Parse call because inSelectIM and inSelectInTableIM do not comply with a specification.
02-06-2020 - 20:42 01-10-2018 - 08:29
CVE-2013-2014 5.0
OpenStack Identity (Keystone) before 2013.1 allows remote attackers to cause a denial of service (memory consumption and crash) via multiple long requests.
02-06-2020 - 19:50 02-06-2014 - 15:55
CVE-2017-1000427 4.3
marked version 0.3.6 and earlier is vulnerable to an XSS attack in the data: URI parser.
31-05-2020 - 06:15 02-01-2018 - 23:29
CVE-2019-19769 6.5
In the Linux kernel 5.3.10, there is a use-after-free (read) in the perf_trace_lock_acquire function (related to include/trace/events/lock.h).
30-05-2020 - 01:15 12-12-2019 - 20:15
CVE-2016-2173 7.5
org.springframework.core.serializer.DefaultDeserializer in Spring AMQP before 1.5.5 allows remote attackers to execute arbitrary code.
28-05-2020 - 19:17 21-04-2017 - 20:59
CVE-2020-10957 5.0
In Dovecot before 2.3.10.1, unauthenticated sending of malformed parameters to a NOOP command causes a NULL Pointer Dereference and crash in submission-login, submission, or lmtp.
28-05-2020 - 04:15 18-05-2020 - 14:15
CVE-2020-10958 5.0
In Dovecot before 2.3.10.1, a crafted SMTP/LMTP message triggers an unauthenticated use-after-free bug in submission-login, submission, or lmtp, and can lead to a crash under circumstances involving many newlines after a command.
28-05-2020 - 04:15 18-05-2020 - 14:15
CVE-2011-2192 4.3
The Curl_input_negotiate function in http_negotiate.c in libcurl 7.10.6 through 7.21.6, as used in curl and other products, always performs credential delegation during GSSAPI authentication, which allows remote servers to impersonate clients via GSS
27-05-2020 - 20:42 07-07-2011 - 21:55
CVE-2020-12050 6.9
SQLiteODBC 0.9996, as packaged for certain Linux distributions as 0.9996-4, has a race condition leading to root privilege escalation because any user can replace a /tmp/sqliteodbc$$ file with new contents that cause loading of an arbitrary library.
27-05-2020 - 16:15 30-04-2020 - 17:15
CVE-2019-15026 5.0
memcached 1.5.16, when UNIX sockets are used, has a stack-based buffer over-read in conn_to_str in memcached.c.
26-05-2020 - 16:15 30-08-2019 - 15:15
CVE-2019-11596 5.0
In memcached before 1.5.14, a NULL pointer dereference was found in the "lru mode" and "lru temp_ttl" commands. This causes a denial of service when parsing crafted lru command messages in process_lru_command in memcached.c.
26-05-2020 - 16:15 29-04-2019 - 15:29
CVE-2020-11888 4.3
python-markdown2 through 2.3.8 allows XSS because element names are mishandled unless a \w+ match succeeds. For example, an attack might use elementname@ or elementname- with an onclick attribute.
25-05-2020 - 06:15 20-04-2020 - 16:15
CVE-2020-11008 5.0
Affected versions of Git have a vulnerability whereby Git can be tricked into sending private credentials to a host controlled by an attacker. This bug is similar to CVE-2020-5260(GHSA-qm7j-c969-7j4q). The fix for that bug still left the door open fo
22-05-2020 - 19:15 21-04-2020 - 19:15
CVE-2009-2474 5.8
neon before 0.28.6, when OpenSSL or GnuTLS is used, does not properly handle a '\0' character in a domain name in the subject's Common Name (CN) field of an X.509 certificate, which allows man-in-the-middle attackers to spoof arbitrary SSL servers vi
22-05-2020 - 15:32 21-08-2009 - 17:30
CVE-2014-9585 2.1
The vdso_addr function in arch/x86/vdso/vma.c in the Linux kernel through 3.18.2 does not properly choose memory locations for the vDSO area, which makes it easier for local users to bypass the ASLR protection mechanism by guessing a location at the
21-05-2020 - 20:35 09-01-2015 - 21:59
CVE-2007-5201 4.6
The FTP backend for Duplicity before 0.4.9 sends the password as a command line argument when calling ncftp, which might allow local users to read the password by listing the process and its arguments.
19-05-2020 - 20:07 04-10-2007 - 17:17
CVE-2014-8242 5.8
librsync before 1.0.0 uses a truncated MD4 checksum to match blocks, which makes it easier for remote attackers to modify transmitted data via a birthday attack.
19-05-2020 - 19:55 26-10-2015 - 17:59
CVE-2020-10233 6.4
In version 4.8.0 and earlier of The Sleuth Kit (TSK), there is a heap-based buffer over-read in ntfs_dinode_lookup in fs/ntfs.c.
17-05-2020 - 06:15 09-03-2020 - 00:15
CVE-2020-5283 2.1
ViewVC before versions 1.1.28 and 1.2.1 has a XSS vulnerability in CVS show_subdir_lastmod support. The impact of this vulnerability is mitigated by the need for an attacker to have commit privileges to a CVS repository exposed by an otherwise truste
15-05-2020 - 06:15 03-04-2020 - 00:15
CVE-2020-11036 3.5
In GLPI before version 9.4.6 there are multiple related stored XSS vulnerabilities. The package is vulnerable to Stored XSS in the comments of items in the Knowledge base. Adding a comment with content "<script>alert(1)</script>" reproduces the attac
15-05-2020 - 05:15 05-05-2020 - 22:15
CVE-2020-11034 5.8
In GLPI before version 9.4.6, there is a vulnerability that allows bypassing the open redirect protection based which is based on a regexp. This is fixed in version 9.4.6.
15-05-2020 - 05:15 05-05-2020 - 22:15
CVE-2018-16867 4.4
A flaw was found in qemu Media Transfer Protocol (MTP) before version 3.1.0. A path traversal in the in usb_mtp_write_data function in hw/usb/dev-mtp.c due to an improper filename sanitization. When the guest device is mounted in read-write mode, thi
14-05-2020 - 15:24 12-12-2018 - 13:29
CVE-2018-19489 1.9
v9fs_wstat in hw/9pfs/9p.c in QEMU allows guest OS users to cause a denial of service (crash) because of a race condition during file renaming.
12-05-2020 - 18:28 13-12-2018 - 19:29
CVE-2018-19364 2.1
hw/9pfs/cofile.c and hw/9pfs/9p.c in QEMU can modify an fid path while it is being accessed by a second thread, leading to (for example) a use-after-free outcome.
12-05-2020 - 18:27 13-12-2018 - 19:29
CVE-2018-20191 5.0
hw/rdma/vmw/pvrdma_main.c in QEMU does not implement a read operation (such as uar_read by analogy to uar_write), which allows attackers to cause a denial of service (NULL pointer dereference).
12-05-2020 - 18:02 20-12-2018 - 23:29
CVE-2018-20123 2.1
pvrdma_realize in hw/rdma/vmw/pvrdma_main.c in QEMU has a Memory leak after an initialisation error.
12-05-2020 - 17:45 17-12-2018 - 19:29
CVE-2013-2061 2.6
The openvpn_decrypt function in crypto.c in OpenVPN 2.3.0 and earlier, when running in UDP mode, allows remote attackers to obtain sensitive information via a timing attack involving an HMAC comparison function that does not run in constant time and
12-05-2020 - 14:21 18-11-2013 - 02:55
CVE-2016-5421 6.8
Use-after-free vulnerability in libcurl before 7.50.1 allows attackers to control which connection is used or possibly have unspecified other impact via unknown vectors.
08-05-2020 - 17:43 10-08-2016 - 14:59
CVE-2019-16232 4.7
drivers/net/wireless/marvell/libertas/if_sdio.c in the Linux kernel 5.2.14 does not check the alloc_workqueue return value, leading to a NULL pointer dereference.
04-05-2020 - 20:18 11-09-2019 - 16:15
CVE-2019-19118 4.0
Django 2.1 before 2.1.15 and 2.2 before 2.2.8 allows unintended model editing. A Django model admin displaying inline related models, where the user has view-only permissions to a parent model but edit permissions to the inline model, would be presen
01-05-2020 - 02:15 02-12-2019 - 14:15
CVE-2015-9541 5.0
Qt through 5.14 allows an exponential XML entity expansion attack via a crafted SVG document that is mishandled in QXmlStreamReader, a related issue to CVE-2003-1564.
30-04-2020 - 12:57 24-01-2020 - 22:15
CVE-2015-3451 5.0
The _clone function in XML::LibXML before 2.0119 does not properly set the expand_entities option, which allows remote attackers to conduct XML external entity (XXE) attacks via crafted XML data to the (1) new or (2) load_xml function.
29-04-2020 - 13:17 12-05-2015 - 19:59
CVE-2019-20787 7.5
Teeworlds before 0.7.4 has an integer overflow when computing a tilemap size.
29-04-2020 - 12:15 22-04-2020 - 17:15
CVE-2018-20539 4.3
There is a Segmentation fault triggered by illegal address access at liblas::SpatialReference::GetGTIF() (spatialreference.cpp) in libLAS 1.8.1 that will cause a denial of service.
25-04-2020 - 06:15 28-12-2018 - 16:29
CVE-2018-20536 4.3
There is a heap-based buffer over-read at liblas::SpatialReference::GetGTIF() (spatialreference.cpp) in libLAS 1.8.1 that will cause a denial of service.
25-04-2020 - 06:15 28-12-2018 - 16:29
CVE-2018-20540 4.3
There is memory leak at liblas::Open (liblas/liblas.hpp) in libLAS 1.8.1.
25-04-2020 - 06:15 28-12-2018 - 16:29
CVE-2018-20537 4.3
There is a NULL pointer dereference at liblas::SpatialReference::GetGTIF() (spatialreference.cpp) in libLAS 1.8.1 that will cause a denial of service.
25-04-2020 - 06:15 28-12-2018 - 16:29
CVE-2020-11722 7.5
Dungeon Crawl Stone Soup (aka DCSS or crawl) before 0.25 allows remote attackers to execute arbitrary code via Lua bytecode embedded in an uploaded .crawlrc file.
25-04-2020 - 00:15 12-04-2020 - 19:15
CVE-2016-9108 5.0
Integer overflow in the js_regcomp function in regexp.c in Artifex Software, Inc. MuJS before commit b6de34ac6d8bb7dd5461c57940acfbd3ee7fd93e allows attackers to cause a denial of service (application crash) via a crafted regular expression.
22-04-2020 - 13:00 03-02-2017 - 15:59
CVE-2011-3045 6.8
Integer signedness error in the png_inflate function in pngrutil.c in libpng before 1.4.10beta01, as used in Google Chrome before 17.0.963.83 and other products, allows remote attackers to cause a denial of service (application crash) or possibly exe
14-04-2020 - 16:06 22-03-2012 - 16:55
CVE-2020-5255 4.0
In Symfony before versions 4.4.7 and 5.0.7, when a `Response` does not contain a `Content-Type` header, affected versions of Symfony can fallback to the format defined in the `Accept` header of the request, leading to a possible mismatch between the
09-04-2020 - 17:15 30-03-2020 - 20:15
CVE-2020-5249 4.0
In Puma (RubyGem) before 4.3.3 and 3.12.4, if an application using Puma allows untrusted input in an early-hints header, an attacker can use a carriage return character to end the header and inject malicious content, such as additional headers or an
09-04-2020 - 17:15 02-03-2020 - 16:15
CVE-2020-5275 5.5
In symfony/security-http before versions 4.4.7 and 5.0.7, when a `Firewall` checks access control rule, it iterate overs each rule's attributes and stops as soon as the accessDecisionManager decides to grant access on the attribute, preventing the ch
09-04-2020 - 17:15 30-03-2020 - 20:15
CVE-2015-8605 5.7
ISC DHCP 4.x before 4.1-ESV-R12-P1, 4.2.x, and 4.3.x before 4.3.3-P1 allows remote attackers to cause a denial of service (application crash) via an invalid length field in a UDP IPv4 packet.
01-04-2020 - 13:59 14-01-2016 - 22:59
CVE-2011-4539 5.0
dhcpd in ISC DHCP 4.x before 4.2.3-P1 and 4.1-ESV before 4.1-ESV-R4 does not properly handle regular expressions in dhcpd.conf, which allows remote attackers to cause a denial of service (daemon crash) via a crafted request packet.
01-04-2020 - 13:09 08-12-2011 - 11:55
CVE-2011-2749 7.8
The server in ISC DHCP 3.x and 4.x before 4.2.2, 3.1-ESV before 3.1-ESV-R3, and 4.1-ESV before 4.1-ESV-R3 allows remote attackers to cause a denial of service (daemon exit) via a crafted BOOTP packet.
01-04-2020 - 13:08 15-08-2011 - 21:55
CVE-2011-0997 7.5
dhclient in ISC DHCP 3.0.x through 4.2.x before 4.2.1-P1, 3.1-ESV before 3.1-ESV-R1, and 4.1-ESV before 4.1-ESV-R2 allows remote attackers to execute arbitrary commands via shell metacharacters in a hostname obtained from a DHCP message, as demonstra
01-04-2020 - 13:07 08-04-2011 - 15:17
CVE-2011-0413 7.8
The DHCPv6 server in ISC DHCP 4.0.x and 4.1.x before 4.1.2-P1, 4.0-ESV and 4.1-ESV before 4.1-ESV-R1, and 4.2.x before 4.2.1b1 allows remote attackers to cause a denial of service (assertion failure and daemon crash) by sending a message over IPv6 fo
01-04-2020 - 12:55 31-01-2011 - 21:00
CVE-2018-1000222 6.8
Libgd version 2.2.5 contains a Double Free Vulnerability vulnerability in gdImageBmpPtr Function that can result in Remote Code Execution . This attack appear to be exploitable via Specially Crafted Jpeg Image can trigger double free. This vulnerabil
31-03-2020 - 02:15 20-08-2018 - 20:29
CVE-2019-14751 5.0
NLTK Downloader before 3.4.5 is vulnerable to a directory traversal, allowing attackers to write arbitrary files via a ../ (dot dot slash) in an NLTK package (ZIP archive) that is mishandled during extraction.
27-03-2020 - 10:15 22-08-2019 - 16:15
CVE-2008-1447 5.0
The DNS protocol, as implemented in (1) BIND 8 and 9 before 9.5.0-P1, 9.4.2-P1, and 9.3.5-P1; (2) Microsoft DNS in Windows 2000 SP4, XP SP2 and SP3, and Server 2003 SP1 and SP2; and other implementations allow remote attackers to spoof DNS traffic vi
24-03-2020 - 18:19 08-07-2008 - 23:41
CVE-2017-8073 5.0
WeeChat before 1.7.1 allows a remote crash by sending a filename via DCC to the IRC plugin. This occurs in the irc_ctcp_dcc_filename_without_quotes function during quote removal, with a buffer overflow.
16-03-2020 - 17:15 23-04-2017 - 15:59
CVE-2019-19275 5.0
typed_ast 1.3.0 and 1.3.1 has an ast_for_arguments out-of-bounds read. An attacker with the ability to cause a Python interpreter to parse Python source (but not necessarily execute it) may be able to crash the interpreter process. This could be a co
14-03-2020 - 02:15 26-11-2019 - 15:15
CVE-2019-19274 5.0
typed_ast 1.3.0 and 1.3.1 has a handle_keywordonly_args out-of-bounds read. An attacker with the ability to cause a Python interpreter to parse Python source (but not necessarily execute it) may be able to crash the interpreter process. This could be
14-03-2020 - 02:15 26-11-2019 - 15:15
CVE-2020-6407 6.8
Out of bounds memory access in streams in Google Chrome prior to 80.0.3987.122 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
11-03-2020 - 17:15 27-02-2020 - 23:15
CVE-2019-12614 4.7
An issue was discovered in dlpar_parse_cc_property in arch/powerpc/platforms/pseries/dlpar.c in the Linux kernel through 5.1.6. There is an unchecked kstrdup of prop->name, which might allow an attacker to cause a denial of service (NULL pointer dere
25-02-2020 - 19:04 03-06-2019 - 22:29
CVE-2014-3158 7.5
Integer overflow in the getword function in options.c in pppd in Paul's PPP Package (ppp) before 2.4.7 allows attackers to "access privileged options" via a long word in an options file, which triggers a heap-based buffer overflow that "[corrupts] se
24-02-2020 - 15:55 15-11-2014 - 21:59
CVE-2020-7237 9.0
Cacti 1.2.8 allows Remote Code Execution (by privileged users) via shell metacharacters in the Performance Boost Debug Log field of poller_automation.php. OS commands are executed when a new poller cycle begins. The attacker must be authenticated, an
19-02-2020 - 03:15 20-01-2020 - 05:15
CVE-2019-19203 5.0
An issue was discovered in Oniguruma 6.x before 6.9.4_rc2. In the function gb18030_mbc_enc_len in file gb18030.c, a UChar pointer is dereferenced without checking if it passed the end of the matched string. This leads to a heap-based buffer over-read
18-02-2020 - 16:30 21-11-2019 - 21:15
CVE-2019-16865 5.0
An issue was discovered in Pillow before 6.2.0. When reading specially crafted invalid image files, the library can either allocate very large amounts of memory or take an extremely long period of time to process the image.
18-02-2020 - 16:15 04-10-2019 - 22:15
CVE-2020-6412 5.8
Insufficient validation of untrusted input in Omnibox in Google Chrome prior to 80.0.3987.87 allowed a remote attacker to perform domain spoofing via IDN homographs via a crafted domain name.
17-02-2020 - 12:15 11-02-2020 - 15:15
CVE-2020-6414 6.8
Insufficient policy enforcement in Safe Browsing in Google Chrome prior to 80.0.3987.87 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page.
17-02-2020 - 12:15 11-02-2020 - 15:15
CVE-2020-6399 4.3
Insufficient policy enforcement in AppCache in Google Chrome prior to 80.0.3987.87 allowed a remote attacker to leak cross-origin data via a crafted HTML page.
17-02-2020 - 12:15 11-02-2020 - 15:15
CVE-2020-6405 4.3
Out of bounds read in SQLite in Google Chrome prior to 80.0.3987.87 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page.
17-02-2020 - 12:15 11-02-2020 - 15:15
CVE-2020-6417 4.6
Inappropriate implementation in installer in Google Chrome prior to 80.0.3987.87 allowed a local attacker to execute arbitrary code via a crafted registry entry.
17-02-2020 - 12:15 11-02-2020 - 15:15
CVE-2020-6401 4.3
Insufficient validation of untrusted input in Omnibox in Google Chrome prior to 80.0.3987.87 allowed a remote attacker to perform domain spoofing via IDN homographs via a crafted domain name.
17-02-2020 - 12:15 11-02-2020 - 15:15
CVE-2020-6413 6.8
Inappropriate implementation in Blink in Google Chrome prior to 80.0.3987.87 allowed a remote attacker to bypass HTML validators via a crafted HTML page.
17-02-2020 - 12:15 11-02-2020 - 15:15
CVE-2020-6388 6.8
Out of bounds access in WebAudio in Google Chrome prior to 80.0.3987.87 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
12-02-2020 - 13:15 11-02-2020 - 15:15
CVE-2020-6411 5.8
Insufficient validation of untrusted input in Omnibox in Google Chrome prior to 80.0.3987.87 allowed a remote attacker to perform domain spoofing via IDN homographs via a crafted domain name.
12-02-2020 - 13:15 11-02-2020 - 15:15
CVE-2020-6410 6.8
Insufficient policy enforcement in navigation in Google Chrome prior to 80.0.3987.87 allowed a remote attacker to confuse the user via a crafted domain name.
12-02-2020 - 13:15 11-02-2020 - 15:15
CVE-2020-6395 4.3
Out of bounds read in JavaScript in Google Chrome prior to 80.0.3987.87 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page.
12-02-2020 - 13:15 11-02-2020 - 15:15
CVE-2020-6387 6.8
Out of bounds write in WebRTC in Google Chrome prior to 80.0.3987.87 allowed a remote attacker to potentially exploit heap corruption via a crafted video stream.
12-02-2020 - 13:15 11-02-2020 - 15:15
CVE-2020-6409 6.8
Inappropriate implementation in Omnibox in Google Chrome prior to 80.0.3987.87 allowed a remote attacker who convinced the user to enter a URI to bypass navigation restrictions via a crafted domain name.
12-02-2020 - 13:15 11-02-2020 - 15:15
CVE-2020-6389 6.8
Out of bounds write in WebRTC in Google Chrome prior to 80.0.3987.87 allowed a remote attacker to potentially exploit heap corruption via a crafted video stream.
12-02-2020 - 13:15 11-02-2020 - 15:15
CVE-2019-1002101 5.8
The kubectl cp command allows copying files between containers and the user machine. To copy files from a container, Kubernetes creates a tar inside the container, copies it over the network, and kubectl unpacks it on the user’s machine. If the tar b
10-02-2020 - 21:49 01-04-2019 - 14:29
CVE-2019-19601 6.8
OpenDetex 2.8.5 has a Buffer Overflow in TexOpen in detex.l because of an incorrect sprintf.
08-02-2020 - 04:15 05-12-2019 - 13:15
CVE-2020-5227 5.0
Feedgen (python feedgen) before 0.9.0 is susceptible to XML Denial of Service attacks. The *feedgen* library allows supplying XML as content for some of the available fields. This XML will be parsed and integrated into the existing XML tree. During t
08-02-2020 - 04:15 28-01-2020 - 23:15
CVE-2019-10773 6.8
In Yarn before 1.21.1, the package install functionality can be abused to generate arbitrary symlinks on the host filesystem by using specially crafted "bin" keys. Existing files could be overwritten depending on the current user permission set.
08-02-2020 - 04:15 16-12-2019 - 20:15
CVE-2019-18634 4.6
In Sudo before 1.8.26, if pwfeedback is enabled in /etc/sudoers, users can trigger a stack-based buffer overflow in the privileged sudo process. (pwfeedback is a default setting in Linux Mint and elementary OS; however, it is NOT the default for upst
07-02-2020 - 17:15 29-01-2020 - 18:15
CVE-2019-14867 6.8
A flaw was found in IPA, all 4.6.x versions before 4.6.7, all 4.7.x versions before 4.7.4 and all 4.8.x versions before 4.8.3, in the way the internal function ber_scanf() was used in some components of the IPA server, which parsed kerberos key data.
05-02-2020 - 00:15 27-11-2019 - 09:15
CVE-2019-10195 4.0
A flaw was found in IPA, all 4.6.x versions before 4.6.7, all 4.7.x versions before 4.7.4 and all 4.8.x versions before 4.8.3, in the way that FreeIPA's batch processing API logged operations. This included passing user passwords in clear text on Fre
05-02-2020 - 00:15 27-11-2019 - 08:15
CVE-2014-2277 3.6
The make_temporary_filename function in perltidy 20120701-1 and earlier allows local users to obtain sensitive information or write to arbitrary files via a symlink attack, related to use of the tmpnam function.
04-02-2020 - 18:55 17-10-2017 - 15:29
CVE-2018-11243 6.8
PackLinuxElf64::unpack in p_lx_elf.cpp in UPX 3.95 allows remote attackers to cause a denial of service (double free), limit the ability of a malware scanner to operate on the entire original data, or possibly have unspecified other impact via a craf
03-02-2020 - 03:15 18-05-2018 - 17:29
CVE-2017-11124 7.5
libxar.so in xar 1.6.1 has a NULL pointer dereference in the xar_unserialize function in archive.c.
03-02-2020 - 03:15 10-07-2017 - 03:29
CVE-2017-11125 7.5
libxar.so in xar 1.6.1 has a NULL pointer dereference in the xar_get_path function in util.c.
03-02-2020 - 03:15 10-07-2017 - 03:29
CVE-2020-1930 9.3
A command execution issue was found in Apache SpamAssassin prior to 3.4.3. Carefully crafted nefarious rule configuration (.cf) files can be configured to run system commands similar to CVE-2018-11805. With this bug unpatched, exploits can be injecte
02-02-2020 - 04:15 30-01-2020 - 18:15
CVE-2020-1931 9.3
A command execution issue was found in Apache SpamAssassin prior to 3.4.3. Carefully crafted nefarious Configuration (.cf) files can be configured to run system commands similar to CVE-2018-11805. This issue is less stealthy and attempts to exploit t
02-02-2020 - 04:15 30-01-2020 - 18:15
CVE-2019-18660 1.9
The Linux kernel before 5.4.1 on powerpc allows Information Exposure because the Spectre-RSB mitigation is not in place for all applicable CPUs, aka CID-39e72bf96f58. This is related to arch/powerpc/kernel/entry_64.S and arch/powerpc/kernel/security.
28-01-2020 - 19:47 27-11-2019 - 23:15
CVE-2019-19480 2.1
An issue was discovered in OpenSC through 0.19.0 and 0.20.x through 0.20.0-rc3. libopensc/pkcs15-prkey.c has an incorrect free operation in sc_pkcs15_decode_prkdf_entry.
24-01-2020 - 19:15 01-12-2019 - 23:15
CVE-2019-19481 2.1
An issue was discovered in OpenSC through 0.19.0 and 0.20.x through 0.20.0-rc3. libopensc/card-cac1.c mishandles buffer limits for CAC certificates.
24-01-2020 - 19:15 01-12-2019 - 23:15
CVE-2016-3120 4.0
The validate_as_request function in kdc_util.c in the Key Distribution Center (KDC) in MIT Kerberos 5 (aka krb5) before 1.13.6 and 1.4.x before 1.14.3, when restrict_anonymous_to_tgt is enabled, uses an incorrect client data structure, which allows r
21-01-2020 - 15:47 01-08-2016 - 02:59
CVE-2017-11462 7.5
Double free vulnerability in MIT Kerberos 5 (aka krb5) allows attackers to have unspecified impact via vectors involving automatic deletion of security contexts on error.
21-01-2020 - 15:47 13-09-2017 - 16:29
CVE-2017-11368 4.0
In MIT Kerberos 5 (aka krb5) 1.7 and later, an authenticated attacker can cause a KDC assertion failure by sending invalid S4U2Self or S4U2Proxy requests.
21-01-2020 - 15:47 09-08-2017 - 18:29
CVE-2004-0523 10.0
Multiple buffer overflows in krb5_aname_to_localname for MIT Kerberos 5 (krb5) 1.3.3 and earlier allow remote attackers to execute arbitrary code as root.
21-01-2020 - 15:47 18-08-2004 - 04:00
CVE-2014-9423 5.0
The svcauth_gss_accept_sec_context function in lib/rpc/svc_auth_gss.c in MIT Kerberos 5 (aka krb5) 1.11.x through 1.11.5, 1.12.x through 1.12.2, and 1.13.x before 1.13.1 transmits uninitialized interposer data to clients, which allows remote attacker
21-01-2020 - 15:46 19-02-2015 - 11:59
CVE-2014-9422 6.1
The check_rpcsec_auth function in kadmin/server/kadm_rpc_svc.c in kadmind in MIT Kerberos 5 (aka krb5) through 1.11.5, 1.12.x through 1.12.2, and 1.13.x before 1.13.1 allows remote authenticated users to bypass a kadmin/* authorization check and obta
21-01-2020 - 15:46 19-02-2015 - 11:59
CVE-2014-9421 9.0
The auth_gssapi_unwrap_data function in lib/rpc/auth_gssapi_misc.c in MIT Kerberos 5 (aka krb5) through 1.11.5, 1.12.x through 1.12.2, and 1.13.x before 1.13.1 does not properly handle partial XDR deserialization, which allows remote authenticated us
21-01-2020 - 15:46 19-02-2015 - 11:59
CVE-2014-5351 2.1
The kadm5_randkey_principal_3 function in lib/kadm5/srv/svr_principal.c in kadmind in MIT Kerberos 5 (aka krb5) before 1.13 sends old keys in a response to a -randkey -keepold request, which allows remote authenticated users to forge tickets by lever
21-01-2020 - 15:46 10-10-2014 - 01:55
CVE-2014-4343 7.6
Double free vulnerability in the init_ctx_reselect function in the SPNEGO initiator in lib/gssapi/spnego/spnego_mech.c in MIT Kerberos 5 (aka krb5) 1.10.x through 1.12.x before 1.12.2 allows remote attackers to cause a denial of service (memory corru
21-01-2020 - 15:46 14-08-2014 - 05:01
CVE-2014-4344 7.8
The acc_ctx_cont function in the SPNEGO acceptor in lib/gssapi/spnego/spnego_mech.c in MIT Kerberos 5 (aka krb5) 1.5.x through 1.12.x before 1.12.2 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash)
21-01-2020 - 15:46 14-08-2014 - 05:01
CVE-2014-5352 9.0
The krb5_gss_process_context_token function in lib/gssapi/krb5/process_context_token.c in the libgssapi_krb5 library in MIT Kerberos 5 (aka krb5) through 1.11.5, 1.12.x through 1.12.2, and 1.13.x before 1.13.1 does not properly maintain security-cont
21-01-2020 - 15:46 19-02-2015 - 11:59
CVE-2014-4345 8.5
Off-by-one error in the krb5_encode_krbsecretkey function in plugins/kdb/ldap/libkdb_ldap/ldap_principal2.c in the LDAP KDB module in kadmind in MIT Kerberos 5 (aka krb5) 1.6.x through 1.11.x before 1.11.6 and 1.12.x before 1.12.2 allows remote authe
21-01-2020 - 15:46 14-08-2014 - 05:01
CVE-2010-4020 3.5
MIT Kerberos 5 (aka krb5) 1.8.x through 1.8.3 does not reject RC4 key-derivation checksums, which might allow remote authenticated users to forge a (1) AD-SIGNEDPATH or (2) AD-KDC-ISSUED signature, and possibly gain privileges, by leveraging the smal
21-01-2020 - 15:46 02-12-2010 - 16:22
CVE-2010-1323 2.6
MIT Kerberos 5 (aka krb5) 1.3.x, 1.4.x, 1.5.x, 1.6.x, 1.7.x, and 1.8.x through 1.8.3 does not properly determine the acceptability of checksums, which might allow remote attackers to modify user-visible prompt text, modify a response to a Key Distrib
21-01-2020 - 15:46 02-12-2010 - 16:22
CVE-2010-1324 4.3
MIT Kerberos 5 (aka krb5) 1.7.x and 1.8.x through 1.8.3 does not properly determine the acceptability of checksums, which might allow remote attackers to forge GSS tokens, gain privileges, or have unspecified other impact via (1) an unkeyed checksum,
21-01-2020 - 15:46 02-12-2010 - 16:22
CVE-2011-0285 10.0
The process_chpw_request function in schpw.c in the password-changing functionality in kadmind in MIT Kerberos 5 (aka krb5) 1.7 through 1.9 frees an invalid pointer, which allows remote attackers to execute arbitrary code or cause a denial of service
21-01-2020 - 15:46 15-04-2011 - 00:55
CVE-2011-0284 7.6
Double free vulnerability in the prepare_error_as function in do_as_req.c in the Key Distribution Center (KDC) in MIT Kerberos 5 (aka krb5) 1.7 through 1.9, when the PKINIT feature is enabled, allows remote attackers to cause a denial of service (dae
21-01-2020 - 15:46 20-03-2011 - 02:00
CVE-2009-4212 10.0
Multiple integer underflows in the (1) AES and (2) RC4 decryption functionality in the crypto library in MIT Kerberos 5 (aka krb5) 1.3 through 1.6.3, and 1.7 before 1.7.1, allow remote attackers to cause a denial of service (daemon crash) or possibly
21-01-2020 - 15:45 13-01-2010 - 19:30
CVE-2006-3084 7.2
The (1) ftpd and (2) ksu programs in (a) MIT Kerberos 5 (krb5) up to 1.5, and 1.4.x before 1.4.4, and (b) Heimdal 0.7.2 and earlier, do not check return codes for setuid calls, which might allow local users to gain privileges by causing setuid to fai
21-01-2020 - 15:45 09-08-2006 - 10:04
CVE-2007-3999 10.0
Stack-based buffer overflow in the svcauth_gss_validate function in lib/rpc/svc_auth_gss.c in the RPCSEC_GSS RPC library (librpcsecgss) in MIT Kerberos 5 (krb5) 1.4 through 1.6.2, as used by the Kerberos administration daemon (kadmind) and some third
21-01-2020 - 15:45 05-09-2007 - 10:17
CVE-2009-0844 5.8
The get_input_token function in the SPNEGO implementation in MIT Kerberos 5 (aka krb5) 1.5 through 1.6.3 allows remote attackers to cause a denial of service (daemon crash) and possibly obtain sensitive information via a crafted length value that tri
21-01-2020 - 15:45 09-04-2009 - 00:30
CVE-2010-0283 7.8
The Key Distribution Center (KDC) in MIT Kerberos 5 (aka krb5) 1.7 before 1.7.2, and 1.8 alpha, allows remote attackers to cause a denial of service (assertion failure and daemon crash) via an invalid (1) AS-REQ or (2) TGS-REQ request.
21-01-2020 - 15:45 22-02-2010 - 13:00
CVE-2009-0845 5.0
The spnego_gss_accept_sec_context function in lib/gssapi/spnego/spnego_mech.c in MIT Kerberos 5 (aka krb5) 1.5 through 1.6.3, when SPNEGO is used, allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via in
21-01-2020 - 15:45 27-03-2009 - 16:30
CVE-2008-0947 10.0
Buffer overflow in the RPC library used by libgssrpc and kadmind in MIT Kerberos 5 (krb5) 1.4 through 1.6.3 allows remote attackers to execute arbitrary code by triggering a large number of open file descriptors.
21-01-2020 - 15:45 19-03-2008 - 00:44
CVE-2018-14470 5.0
The Babel parser in tcpdump before 4.9.3 has a buffer over-read in print-babel.c:babel_print_v2().
20-01-2020 - 13:15 03-10-2019 - 16:15
CVE-2018-16451 5.0
The SMB parser in tcpdump before 4.9.3 has buffer over-reads in print-smb.c:print_trans() for \MAILSLOT\BROWSE and \PIPE\LANMAN.
20-01-2020 - 13:15 03-10-2019 - 16:15
CVE-2018-16230 5.0
The BGP parser in tcpdump before 4.9.3 has a buffer over-read in print-bgp.c:bgp_attr_print() (MP_REACH_NLRI).
20-01-2020 - 13:15 03-10-2019 - 16:15
CVE-2018-14467 5.0
The BGP parser in tcpdump before 4.9.3 has a buffer over-read in print-bgp.c:bgp_capabilities_print() (BGP_CAPCODE_MP).
20-01-2020 - 13:15 03-10-2019 - 16:15
CVE-2018-16227 5.0
The IEEE 802.11 parser in tcpdump before 4.9.3 has a buffer over-read in print-802_11.c for the Mesh Flags subfield.
20-01-2020 - 13:15 03-10-2019 - 16:15
CVE-2018-14881 5.0
The BGP parser in tcpdump before 4.9.3 has a buffer over-read in print-bgp.c:bgp_capabilities_print() (BGP_CAPCODE_RESTART).
20-01-2020 - 13:15 03-10-2019 - 16:15
CVE-2018-14466 5.0
The Rx parser in tcpdump before 4.9.3 has a buffer over-read in print-rx.c:rx_cache_find() and rx_cache_insert().
20-01-2020 - 13:15 03-10-2019 - 16:15
CVE-2018-16228 5.0
The HNCP parser in tcpdump before 4.9.3 has a buffer over-read in print-hncp.c:print_prefix().
20-01-2020 - 13:15 03-10-2019 - 16:15
CVE-2018-14461 5.0
The LDP parser in tcpdump before 4.9.3 has a buffer over-read in print-ldp.c:ldp_tlv_print().
20-01-2020 - 13:15 03-10-2019 - 16:15
CVE-2018-14464 5.0
The LMP parser in tcpdump before 4.9.3 has a buffer over-read in print-lmp.c:lmp_print_data_link_subobjs().
20-01-2020 - 13:15 03-10-2019 - 16:15
CVE-2010-0055 10.0
xar in Apple Mac OS X 10.5.8 does not properly validate package signatures, which allows attackers to have an unspecified impact via a modified package.
17-01-2020 - 07:15 30-03-2010 - 18:30
CVE-2018-1002102 2.1
Improper validation of URL redirection in the Kubernetes API server in versions prior to v1.14.0 allows an attacker-controlled Kubelet to redirect API server requests from streaming endpoints to arbitrary hosts. Impacted API servers will follow the r
16-01-2020 - 17:16 05-12-2019 - 16:15
CVE-2019-18622 7.5
An issue was discovered in phpMyAdmin before 4.9.2. A crafted database/table name can be used to trigger a SQL injection attack through the designer feature.
14-01-2020 - 22:15 22-11-2019 - 21:15
CVE-2019-19579 7.2
An issue was discovered in Xen through 4.12.x allowing attackers to gain host OS privileges via DMA in a situation where an untrusted domain has access to a physical device (and assignable-add is not used), because of an incomplete fix for CVE-2019-1
14-01-2020 - 01:15 04-12-2019 - 22:15
CVE-2019-19269 4.0
An issue was discovered in tls_verify_crl in ProFTPD through 1.3.6b. A dereference of a NULL pointer may occur. This pointer is returned by the OpenSSL sk_X509_REVOKED_value() function when encountering an empty CRL installed by a system administrato
13-01-2020 - 22:15 30-11-2019 - 23:15
CVE-2019-19270 5.0
An issue was discovered in tls_verify_crl in ProFTPD through 1.3.6b. Failure to check for the appropriate field of a CRL entry (checking twice for subject, rather than once for subject and once for issuer) prevents some valid CRLs from being taken in
13-01-2020 - 22:15 26-11-2019 - 04:15
CVE-2018-9018 4.3
In GraphicsMagick 1.3.28, there is a divide-by-zero in the ReadMNGImage function of coders/png.c. Remote attackers could leverage this vulnerability to cause a crash and denial of service via a crafted mng file.
12-01-2020 - 03:15 25-03-2018 - 21:29
CVE-2016-2774 7.1
ISC DHCP 4.1.x before 4.1-ESV-R13 and 4.2.x and 4.3.x before 4.3.4 does not restrict the number of concurrent TCP sessions, which allows remote attackers to cause a denial of service (INSIST assertion failure or request-processing outage) by establis
08-01-2020 - 17:17 09-03-2016 - 15:59
CVE-2012-3955 7.1
ISC DHCP 4.1.x before 4.1-ESV-R7 and 4.2.x before 4.2.4-P2 allows remote attackers to cause a denial of service (daemon crash) in opportunistic circumstances by establishing an IPv6 lease in an environment where the lease expiration time is later red
08-01-2020 - 17:16 14-09-2012 - 10:33
CVE-2011-2748 7.8
The server in ISC DHCP 3.x and 4.x before 4.2.2, 3.1-ESV before 3.1-ESV-R3, and 4.1-ESV before 4.1-ESV-R3 allows remote attackers to cause a denial of service (daemon exit) via a crafted DHCP packet.
08-01-2020 - 17:13 15-08-2011 - 21:55
CVE-2019-19844 5.0
Django before 1.11.27, 2.x before 2.2.9, and 3.x before 3.0.1 allows account takeover. A suitably crafted email address (that is equal to an existing user's email address after case transformation of Unicode characters) would allow an attacker to be
08-01-2020 - 04:15 18-12-2019 - 19:15
CVE-2019-19581 2.1
An issue was discovered in Xen through 4.12.x allowing 32-bit Arm guest OS users to cause a denial of service (out-of-bounds access) because certain bit iteration is mishandled. In a number of places bitmaps are being used by the hypervisor to track
03-01-2020 - 22:15 11-12-2019 - 18:16
CVE-2019-19580 6.0
An issue was discovered in Xen through 4.12.x allowing x86 PV guest OS users to gain host OS privileges by leveraging race conditions in pagetable promotion and demotion operations, because of an incomplete fix for CVE-2019-18421. XSA-299 addressed s
03-01-2020 - 22:15 11-12-2019 - 18:16
CVE-2019-19582 2.1
An issue was discovered in Xen through 4.12.x allowing x86 guest OS users to cause a denial of service (infinite loop) because certain bit iteration is mishandled. In a number of places bitmaps are being used by the hypervisor to track certain state.
03-01-2020 - 22:15 11-12-2019 - 18:16
CVE-2010-3691 3.3
PGTStorage/pgt-file.php in phpCAS before 1.1.3, when proxy mode is enabled, allows local users to overwrite arbitrary files via a symlink attack on an unspecified file.
30-12-2019 - 12:59 07-10-2010 - 21:00
CVE-2010-3692 6.4
Directory traversal vulnerability in the callback function in client.php in phpCAS before 1.1.3, when proxy mode is enabled, allows remote attackers to create or overwrite arbitrary files via directory traversal sequences in a Proxy Granting Ticket I
30-12-2019 - 12:59 07-10-2010 - 21:00
CVE-2010-3690 4.3
Multiple cross-site scripting (XSS) vulnerabilities in phpCAS before 1.1.3, when proxy mode is enabled, allow remote attackers to inject arbitrary web script or HTML via (1) a crafted Proxy Granting Ticket IOU (PGTiou) parameter to the callback funct
30-12-2019 - 12:59 07-10-2010 - 21:00
CVE-2015-8000 5.0
db.c in named in ISC BIND 9.x before 9.9.8-P2 and 9.10.x before 9.10.3-P2 allows remote attackers to cause a denial of service (REQUIRE assertion failure and daemon exit) via a malformed class attribute.
27-12-2019 - 16:08 16-12-2015 - 15:59
CVE-2015-6246 4.3
The dissect_wa_payload function in epan/dissectors/packet-waveagent.c in the WaveAgent dissector in Wireshark 1.12.x before 1.12.7 mishandles large tag values, which allows remote attackers to cause a denial of service (application crash) via a craft
27-12-2019 - 16:08 24-08-2015 - 23:59
CVE-2015-6248 4.3
The ptvcursor_add function in the ptvcursor implementation in epan/proto.c in Wireshark 1.12.x before 1.12.7 does not check whether the expected amount of data is available, which allows remote attackers to cause a denial of service (application cras
27-12-2019 - 16:08 24-08-2015 - 23:59
CVE-2015-6243 4.3
The dissector-table implementation in epan/packet.c in Wireshark 1.12.x before 1.12.7 mishandles table searches for empty strings, which allows remote attackers to cause a denial of service (application crash) via a crafted packet, related to the (1)
27-12-2019 - 16:08 24-08-2015 - 23:59
CVE-2015-6245 4.3
epan/dissectors/packet-gsm_rlcmac.c in the GSM RLC/MAC dissector in Wireshark 1.12.x before 1.12.7 uses incorrect integer data types, which allows remote attackers to cause a denial of service (infinite loop) via a crafted packet.
27-12-2019 - 16:08 24-08-2015 - 23:59
CVE-2015-6244 4.3
The dissect_zbee_secure function in epan/dissectors/packet-zbee-security.c in the ZigBee dissector in Wireshark 1.12.x before 1.12.7 improperly relies on length fields contained in packet data, which allows remote attackers to cause a denial of servi
27-12-2019 - 16:08 24-08-2015 - 23:59
CVE-2015-3455 2.6
Squid 3.2.x before 3.2.14, 3.3.x before 3.3.14, 3.4.x before 3.4.13, and 3.5.x before 3.5.4, when configured with client-first SSL-bump, do not properly validate the domain or hostname fields of X.509 certificates, which allows man-in-the-middle atta
27-12-2019 - 16:08 18-05-2015 - 15:59
CVE-2015-4024 5.0
Algorithmic complexity vulnerability in the multipart_buffer_headers function in main/rfc1867.c in PHP before 5.4.41, 5.5.x before 5.5.25, and 5.6.x before 5.6.9 allows remote attackers to cause a denial of service (CPU consumption) via crafted form
27-12-2019 - 16:08 09-06-2015 - 18:59
CVE-2015-1819 5.0
The xmlreader in libxml allows remote attackers to cause a denial of service (memory consumption) via crafted XML data, related to an XML Entity Expansion (XEE) attack.
27-12-2019 - 16:08 14-08-2015 - 18:59
CVE-2018-10536 6.8
An issue was discovered in WavPack 5.1.0 and earlier. The WAV parser component contains a vulnerability that allows writing to memory because ParseRiffHeaderConfig in riff.c does not reject multiple format chunks.
20-12-2019 - 10:15 29-04-2018 - 15:29
CVE-2018-10539 4.3
An issue was discovered in WavPack 5.1.0 and earlier for DSDiff input. Out-of-bounds writes can occur because ParseDsdiffHeaderConfig in dsdiff.c does not validate the sizes of unknown chunks before attempting memory allocation, related to a lack of
20-12-2019 - 10:15 29-04-2018 - 15:29
CVE-2018-10540 4.3
An issue was discovered in WavPack 5.1.0 and earlier for W64 input. Out-of-bounds writes can occur because ParseWave64HeaderConfig in wave64.c does not validate the sizes of unknown chunks before attempting memory allocation, related to a lack of int
20-12-2019 - 10:15 29-04-2018 - 15:29
CVE-2018-10537 6.8
An issue was discovered in WavPack 5.1.0 and earlier. The W64 parser component contains a vulnerability that allows writing to memory because ParseWave64HeaderConfig in wave64.c does not reject multiple format chunks.
20-12-2019 - 10:15 29-04-2018 - 15:29
CVE-2018-10538 4.3
An issue was discovered in WavPack 5.1.0 and earlier for WAV input. Out-of-bounds writes can occur because ParseRiffHeaderConfig in riff.c does not validate the sizes of unknown chunks before attempting memory allocation, related to a lack of integer
20-12-2019 - 10:15 29-04-2018 - 15:29
CVE-2019-16723 4.0
In Cacti through 1.2.6, authenticated users may bypass authorization checks (for viewing a graph) via a direct graph_json.php request with a modified local_graph_id parameter.
20-12-2019 - 03:15 23-09-2019 - 15:15
CVE-2019-19334 7.5
In all versions of libyang before 1.0-r5, a stack-based buffer overflow was discovered in the way libyang parses YANG files with a leaf of type "identityref". An application that uses libyang to parse untrusted YANG files may be vulnerable to this fl
18-12-2019 - 18:15 06-12-2019 - 16:15
CVE-2019-19333 7.5
In all versions of libyang before 1.0-r5, a stack-based buffer overflow was discovered in the way libyang parses YANG files with a leaf of type "bits". An application that uses libyang to parse untrusted YANG files may be vulnerable to this flaw, whi
18-12-2019 - 04:15 06-12-2019 - 16:15
CVE-2019-18397 6.8
A buffer overflow in the fribidi_get_par_embedding_levels_ex() function in lib/fribidi-bidi.c of GNU FriBidi through 1.0.7 allows an attacker to cause a denial of service or possibly execute arbitrary code by delivering crafted text content to a user
18-12-2019 - 04:15 13-11-2019 - 14:15
CVE-2009-4019 4.0
mysqld in MySQL 5.0.x before 5.0.88 and 5.1.x before 5.1.41 does not (1) properly handle errors during execution of certain SELECT statements with subqueries, and does not (2) preserve certain null_value flags during execution of statements that use
17-12-2019 - 20:26 30-11-2009 - 17:30
CVE-2007-6303 3.5
MySQL 5.0.x before 5.0.51a, 5.1.x before 5.1.23, and 6.0.x before 6.0.4 does not update the DEFINER value of a view when the view is altered, which allows remote authenticated users to gain privileges via a sequence of statements including a CREATE S
17-12-2019 - 20:16 10-12-2007 - 21:46
CVE-2015-5254 7.5
Apache ActiveMQ 5.x before 5.13.0 does not restrict the classes that can be serialized in the broker, which allows remote attackers to execute arbitrary code via a crafted serialized Java Message Service (JMS) ObjectMessage object.
17-12-2019 - 17:41 08-01-2016 - 19:59
CVE-2014-9636 5.0
unzip 6.0 allows remote attackers to cause a denial of service (out-of-bounds read or write and crash) via an extra field with an uncompressed size smaller than the compressed field size in a zip archive that advertises STORED method compression.
16-12-2019 - 20:24 06-02-2015 - 15:59
CVE-2019-13225 4.3
A NULL Pointer Dereference in match_at() in regexec.c in Oniguruma 6.9.2 allows attackers to potentially cause denial of service by providing a crafted regular expression. Oniguruma issues often affect Ruby, as well as common optional libraries for P
16-12-2019 - 20:23 10-07-2019 - 14:15
CVE-2019-17064 4.3
Catalog.cc in Xpdf 4.02 has a NULL pointer dereference because Catalog.pageLabels is initialized too late in the Catalog constructor.
10-12-2019 - 05:15 01-10-2019 - 16:15
CVE-2012-5630 3.3
libuser 0.56 and 0.57 has a TOCTOU (time-of-check time-of-use) race condition when copying and removing directory trees.
04-12-2019 - 15:43 25-11-2019 - 14:15
CVE-2019-14491 6.4
An issue was discovered in OpenCV before 3.4.7 and 4.x before 4.1.1. There is an out of bounds read in the function cv::predictOrdered<cv::HaarEvaluator> in modules/objdetect/src/cascadedetect.hpp, which leads to denial of service.
02-12-2019 - 03:15 01-08-2019 - 17:15
CVE-2019-13724 6.8
Out of bounds memory access in WebBluetooth in Google Chrome prior to 78.0.3904.108 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page.
30-11-2019 - 03:15 25-11-2019 - 15:15
CVE-2015-2156 4.3
Netty before 3.9.8.Final, 3.10.x before 3.10.3.Final, 4.0.x before 4.0.28.Final, and 4.1.x before 4.1.0.Beta5 and Play Framework 2.x before 2.3.9 might allow remote attackers to bypass the httpOnly flag on cookies and obtain sensitive information by
25-11-2019 - 16:25 18-10-2017 - 15:29
CVE-2019-18874 5.0
psutil (aka python-psutil) through 5.6.5 can have a double free. This occurs because of refcount mishandling within a while or for loop that converts system data into a Python object.
18-11-2019 - 21:15 12-11-2019 - 02:15
CVE-2018-1000879 4.3
libarchive version commit 379867ecb330b3a952fb7bfa7bffb7bbd5547205 onwards (release v3.3.0 onwards) contains a CWE-476: NULL Pointer Dereference vulnerability in ACL parser - libarchive/archive_acl.c, archive_acl_from_text_l() that can result in Cras
06-11-2019 - 15:43 20-12-2018 - 17:29
CVE-2018-1000878 6.8
libarchive version commit 416694915449219d505531b1096384f3237dd6cc onwards (release v3.1.0 onwards) contains a CWE-416: Use After Free vulnerability in RAR decoder - libarchive/archive_read_support_format_rar.c that can result in Crash/DoS - it is un
06-11-2019 - 01:15 20-12-2018 - 17:29
CVE-2018-1000877 6.8
libarchive version commit 416694915449219d505531b1096384f3237dd6cc onwards (release v3.1.0 onwards) contains a CWE-415: Double Free vulnerability in RAR decoder - libarchive/archive_read_support_format_rar.c, parse_codes(), realloc(rar->lzss.window,
06-11-2019 - 01:15 20-12-2018 - 17:29
CVE-2019-1000019 4.3
libarchive version commit bf9aec176c6748f0ee7a678c5f9f9555b9a757c1 onwards (release v3.0.2 onwards) contains a CWE-125: Out-of-bounds Read vulnerability in 7zip decompression, archive_read_support_format_7zip.c, header_bytes() that can result in a cr
06-11-2019 - 01:15 04-02-2019 - 21:29
CVE-2019-18408 5.0
archive_read_format_rar_read_data in archive_read_support_format_rar.c in libarchive before 3.4.0 has a use-after-free in a certain ARCHIVE_FAILED situation, related to Ppmd7_DecodeSymbol.
01-11-2019 - 11:15 24-10-2019 - 14:15
CVE-2019-10747 7.5
set-value is vulnerable to Prototype Pollution in versions lower than 3.0.1. The function mixin-deep could be tricked into adding or modifying properties of Object.prototype using any of the constructor, prototype and _proto_ payloads.
29-10-2019 - 22:15 23-08-2019 - 17:15
CVE-2019-18224 7.5
idn2_to_ascii_4i in lib/lookup.c in GNU libidn2 before 2.1.1 has a heap-based buffer overflow via a long domain string.
29-10-2019 - 19:15 21-10-2019 - 17:15
CVE-2019-12290 5.0
GNU libidn2 before 2.2.0 fails to perform the roundtrip checks specified in RFC3490 Section 4.2 when converting A-labels to U-labels. This makes it possible in some circumstances for one domain to impersonate another. By creating a malicious domain t
29-10-2019 - 19:15 22-10-2019 - 16:15
CVE-2019-18217 5.0
ProFTPD before 1.3.6b and 1.3.7rc before 1.3.7rc2 allows remote unauthenticated denial-of-service due to incorrect handling of overly long commands because main.c in a child process enters an infinite loop.
27-10-2019 - 21:15 21-10-2019 - 04:15
CVE-2019-15164 5.0
rpcapd/daemon.c in libpcap before 1.9.1 allows SSRF because a URL may be provided as a capture source.
27-10-2019 - 03:15 03-10-2019 - 19:15
CVE-2019-15162 5.0
rpcapd/daemon.c in libpcap before 1.9.1 on non-Windows platforms provides details about why authentication failed, which might make it easier for attackers to enumerate valid usernames.
27-10-2019 - 03:15 03-10-2019 - 19:15
CVE-2019-15163 5.0
rpcapd/daemon.c in libpcap before 1.9.1 allows attackers to cause a denial of service (NULL pointer dereference and daemon crash) if a crypt() call fails.
27-10-2019 - 03:15 03-10-2019 - 19:15
CVE-2019-17054 2.1
atalk_create in net/appletalk/ddp.c in the AF_APPLETALK network module in the Linux kernel through 5.3.2 does not enforce CAP_NET_RAW, which means that unprivileged users can create a raw socket, aka CID-6cc03e8aa36c.
25-10-2019 - 20:15 01-10-2019 - 14:15
CVE-2019-17056 2.1
llcp_sock_create in net/nfc/llcp_sock.c in the AF_NFC network module in the Linux kernel through 5.3.2 does not enforce CAP_NET_RAW, which means that unprivileged users can create a raw socket, aka CID-3a359798b176.
25-10-2019 - 20:15 01-10-2019 - 14:15
CVE-2019-17053 2.1
ieee802154_create in net/ieee802154/socket.c in the AF_IEEE802154 network module in the Linux kernel through 5.3.2 does not enforce CAP_NET_RAW, which means that unprivileged users can create a raw socket, aka CID-e69dbd4619e7.
25-10-2019 - 20:15 01-10-2019 - 14:15
CVE-2019-17109 4.0
Koji through 1.18.0 allows remote Directory Traversal, with resultant Privilege Escalation.
25-10-2019 - 19:15 09-10-2019 - 22:15
CVE-2019-12958 4.3
In Xpdf 4.01.01, a heap-based buffer over-read could be triggered in FoFiType1C::convertToType0 in fofi/FoFiType1C.cc when it is trying to access the second privateDicts array element, because the privateDicts array has only one element allocated.
25-10-2019 - 19:15 25-06-2019 - 00:15
CVE-2019-12515 5.8
There is an out-of-bounds read vulnerability in the function FlateStream::getChar() located at Stream.cc in Xpdf 4.01.01. It can, for example, be triggered by sending a crafted PDF document to the pdftoppm tool. It might allow an attacker to cause In
25-10-2019 - 19:15 02-06-2019 - 00:29
CVE-2014-7185 6.4
Integer overflow in bufferobject.c in Python before 2.7.8 allows context-dependent attackers to obtain sensitive information from process memory via a large size and offset in a "buffer" function.
25-10-2019 - 11:53 08-10-2014 - 17:55
CVE-2015-4645 4.3
Integer overflow in the read_fragment_table_4 function in unsquash-4.c in Squashfs and sasquatch allows remote attackers to cause a denial of service (application crash) via a crafted input, which triggers a stack-based buffer overflow.
24-10-2019 - 14:02 17-03-2017 - 14:59
CVE-2018-16886 6.8
etcd versions 3.2.x before 3.2.26 and 3.3.x before 3.3.11 are vulnerable to an improper authentication issue when role-based access control (RBAC) is used and client-cert-auth is enabled. If an etcd client server TLS certificate contains a Common Nam
24-10-2019 - 12:24 14-01-2019 - 19:29
CVE-2018-9132 4.3
libming 0.4.8 has a NULL pointer dereference in the getInt function of the decompile.c file. Remote attackers could leverage this vulnerability to cause a denial of service via a crafted swf file.
12-10-2019 - 03:15 30-03-2018 - 08:29
CVE-2018-7866 4.3
A NULL pointer dereference was discovered in newVar3 in util/decompile.c in libming 0.4.8. The vulnerability causes a segmentation fault and application crash, which leads to denial of service.
12-10-2019 - 03:15 08-03-2018 - 18:29
CVE-2018-7876 4.3
In libming 0.4.8, a memory exhaustion vulnerability was found in the function parseSWF_ACTIONRECORD in util/parser.c, which allows remote attackers to cause a denial of service via a crafted file.
12-10-2019 - 03:15 08-03-2018 - 18:29
CVE-2018-9009 6.8
In libming 0.4.8, there is a use-after-free in the decompileJUMP function of the decompile.c file.
12-10-2019 - 03:15 25-03-2018 - 03:29
CVE-2018-16300 5.0
The BGP parser in tcpdump before 4.9.3 allows stack consumption in print-bgp.c:bgp_attr_print() because of unlimited recursion.
11-10-2019 - 23:15 03-10-2019 - 16:15
CVE-2018-16452 5.0
The SMB parser in tcpdump before 4.9.3 has stack exhaustion in smbutil.c:smb_fdata() via recursion.
11-10-2019 - 23:15 03-10-2019 - 16:15
CVE-2018-10103 7.5
tcpdump before 4.9.3 mishandles the printing of SMB data (issue 1 of 2).
11-10-2019 - 23:15 03-10-2019 - 16:15
CVE-2018-10105 7.5
tcpdump before 4.9.3 mishandles the printing of SMB data (issue 2 of 2).
11-10-2019 - 23:15 03-10-2019 - 16:15
CVE-2016-3720 7.5
XML external entity (XXE) vulnerability in XmlMapper in the Data format extension for Jackson (aka jackson-dataformat-xml) allows attackers to have unspecified impact via unknown vectors.
10-10-2019 - 12:18 10-06-2016 - 15:59
CVE-2011-1910 5.0
Off-by-one error in named in ISC BIND 9.x before 9.7.3-P1, 9.8.x before 9.8.0-P2, 9.4-ESV before 9.4-ESV-R4-P1, and 9.6-ESV before 9.6-ESV-R4-P1 allows remote DNS servers to cause a denial of service (assertion failure and daemon exit) via a negative
09-10-2019 - 23:02 31-05-2011 - 20:55
CVE-2008-2829 5.0
php_imap.c in PHP 5.2.5, 5.2.6, 4.x, and other versions, uses obsolete API calls that allow context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long IMAP request, which triggers an "rfc822.c lega
09-10-2019 - 22:55 23-06-2008 - 20:41
CVE-2007-4772 4.0
The regular expression parser in TCL before 8.4.17, as used in PostgreSQL 8.2 before 8.2.6, 8.1 before 8.1.11, 8.0 before 8.0.15, and 7.4 before 7.4.19, allows context-dependent attackers to cause a denial of service (infinite loop) via a crafted reg
09-10-2019 - 22:53 09-01-2008 - 21:46
CVE-2007-0778 5.4
The page cache feature in Mozilla Firefox before 1.5.0.10 and 2.x before 2.0.0.2, and SeaMonkey before 1.0.8 can generate hash collisions that cause page data to be appended to the wrong page cache, which allows remote attackers to obtain sensitive i
09-10-2019 - 22:52 26-02-2007 - 20:28
CVE-2007-0777 9.3
The JavaScript engine in Mozilla Firefox before 1.5.0.10 and 2.x before 2.0.0.2, Thunderbird before 1.5.0.10, and SeaMonkey before 1.0.8 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via certain vect
09-10-2019 - 22:52 26-02-2007 - 19:28
CVE-2007-0780 6.8
browser.js in Mozilla Firefox 1.5.x before 1.5.0.10 and 2.x before 2.0.0.2, and SeaMonkey before 1.0.8 uses the requesting URI to identify child windows, which allows remote attackers to conduct cross-site scripting (XSS) attacks by opening a blocked
09-10-2019 - 22:52 26-02-2007 - 20:28
CVE-2007-0009 6.8
Stack-based buffer overflow in the SSLv2 support in Mozilla Network Security Services (NSS) before 3.11.5, as used by Firefox before 1.5.0.10 and 2.x before 2.0.0.2, Thunderbird before 1.5.0.10, SeaMonkey before 1.0.8, and certain Sun Java System ser
09-10-2019 - 22:51 26-02-2007 - 20:28
CVE-2019-17040 7.5
contrib/pmdb2diag/pmdb2diag.c in Rsyslog v8.1908.0 allows out-of-bounds access because the level length is mishandled.
07-10-2019 - 16:15 30-09-2019 - 14:15
CVE-2019-9853 6.8
LibreOffice documents can contain macros. The execution of those macros is controlled by the document security settings, typically execution of macros are blocked by default. A URL decoding flaw existed in how the urls to the macros within the docume
06-10-2019 - 14:15 27-09-2019 - 16:15
CVE-2018-19975 7.1
In YARA 3.8.1, bytecode in a specially crafted compiled rule can read data from any arbitrary address in memory, in libyara/exec.c. Specifically, OP_COUNT can read a DWORD.
06-10-2019 - 03:15 17-12-2018 - 19:29
CVE-2018-19976 4.3
In YARA 3.8.1, bytecode in a specially crafted compiled rule is exposed to information about its environment, in libyara/exec.c. This is a consequence of the design of the YARA virtual machine.
06-10-2019 - 03:15 17-12-2018 - 19:29
CVE-2018-3613 4.6
Logic issue in variable service module for EDK II/UDK2018/UDK2017/UDK2015 may allow an authenticated user to potentially enable escalation of privilege, information disclosure and/or denial of service via local access.
03-10-2019 - 00:03 27-03-2019 - 20:29
CVE-2017-9474 4.3
In ytnef 1.9.2, the DecompressRTF function in lib/ytnef.c allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted file.
03-10-2019 - 00:03 07-06-2017 - 05:29
CVE-2018-5711 4.3
gd_gif_in.c in the GD Graphics Library (aka libgd), as used in PHP before 5.6.33, 7.0.x before 7.0.27, 7.1.x before 7.1.13, and 7.2.x before 7.2.1, has an integer signedness error that leads to an infinite loop via a crafted GIF file, as demonstrated
03-10-2019 - 00:03 16-01-2018 - 09:29
CVE-2017-8932 4.3
A bug in the standard library ScalarMult implementation of curve P-256 for amd64 architectures in Go before 1.7.6 and 1.8.x before 1.8.2 causes incorrect results to be generated for specific input points. An adaptive attack can be mounted to progress
03-10-2019 - 00:03 06-07-2017 - 16:29
CVE-2017-9472 4.3
In ytnef 1.9.2, the SwapDWord function in lib/ytnef.c allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted file.
03-10-2019 - 00:03 07-06-2017 - 05:29
CVE-2017-9058 7.5
In libytnef in ytnef through 1.9.2, there is a heap-based buffer over-read due to incorrect boundary checking in the SIZECHECK macro in lib/ytnef.c.
03-10-2019 - 00:03 18-05-2017 - 06:29
CVE-2017-8108 4.6
Unspecified tests in Lynis before 2.5.0 allow local users to write to arbitrary files or possibly gain privileges via a symlink attack on a temporary file.
03-10-2019 - 00:03 08-06-2017 - 16:29
CVE-2018-20096 4.3
There is a heap-based buffer over-read in the Exiv2::tEXtToDataBuf function of pngimage.cpp in Exiv2 0.27-RC3. A crafted input will lead to a remote denial of service attack.
03-10-2019 - 00:03 12-12-2018 - 10:29
CVE-2017-8386 6.5
git-shell in git before 2.4.12, 2.5.x before 2.5.6, 2.6.x before 2.6.7, 2.7.x before 2.7.5, 2.8.x before 2.8.5, 2.9.x before 2.9.4, 2.10.x before 2.10.3, 2.11.x before 2.11.2, and 2.12.x before 2.12.3 might allow remote authenticated users to gain pr
03-10-2019 - 00:03 01-06-2017 - 16:29
CVE-2018-19965 4.7
An issue was discovered in Xen through 4.11.x allowing 64-bit PV guest OS users to cause a denial of service (host OS crash) because #GP[0] can occur after a non-canonical address is passed to the TLB flushing code. NOTE: this issue exists because of
03-10-2019 - 00:03 08-12-2018 - 04:29
CVE-2017-9471 4.3
In ytnef 1.9.2, the SwapWord function in lib/ytnef.c allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted file.
03-10-2019 - 00:03 07-06-2017 - 05:29
CVE-2018-19962 6.9
An issue was discovered in Xen through 4.11.x on AMD x86 platforms, possibly allowing guest OS users to gain host OS privileges because small IOMMU mappings are unsafely combined into larger ones.
03-10-2019 - 00:03 08-12-2018 - 04:29
CVE-2017-6299 4.3
An issue was discovered in ytnef before 1.9.1. This is related to a patch described as "2 of 9. Infinite Loop / DoS in the TNEFFillMapi function in lib/ytnef.c." <a href="http://cwe.mitre.org/data/definitions/835.html" rel="nofollow">CWE-835: Loop wi
03-10-2019 - 00:03 24-02-2017 - 04:59
CVE-2018-8036 4.3
In Apache PDFBox 1.8.0 to 1.8.14 and 2.0.0RC1 to 2.0.10, a carefully crafted (or fuzzed) file can trigger an infinite loop which leads to an out of memory exception in Apache PDFBox's AFMParser.
03-10-2019 - 00:03 03-07-2018 - 20:29
CVE-2018-20098 4.3
There is a heap-based buffer over-read in Exiv2::Jp2Image::encodeJp2Header of jp2image.cpp in Exiv2 0.27-RC3. A crafted input will lead to a remote denial of service attack.
03-10-2019 - 00:03 12-12-2018 - 10:29
CVE-2018-20099 4.3
There is an infinite loop in Exiv2::Jp2Image::encodeJp2Header of jp2image.cpp in Exiv2 0.27-RC3. A crafted input will lead to a remote denial of service attack.
03-10-2019 - 00:03 12-12-2018 - 10:29
CVE-2017-9473 4.3
In ytnef 1.9.2, the TNEFFillMapi function in lib/ytnef.c allows remote attackers to cause a denial of service (memory consumption) via a crafted file.
03-10-2019 - 00:03 07-06-2017 - 05:29
CVE-2018-18443 4.3
OpenEXR 2.3.0 has a memory leak in ThreadPool in IlmBase/IlmThread/IlmThreadPool.cpp, as demonstrated by exrmultiview.
03-10-2019 - 00:03 17-10-2018 - 19:29
CVE-2017-18219 4.3
An issue was discovered in GraphicsMagick 1.3.26. An allocation failure vulnerability was found in the function ReadOnePNGImage in coders/png.c, which allows attackers to cause a denial of service via a crafted file that triggers an attempt at a larg
03-10-2019 - 00:03 05-03-2018 - 22:29
CVE-2018-19966 7.2
An issue was discovered in Xen through 4.11.x allowing x86 PV guest OS users to cause a denial of service (host OS crash) or possibly gain host OS privileges because of an interpretation conflict for a union data structure associated with shadow pagi
03-10-2019 - 00:03 08-12-2018 - 04:29
CVE-2018-19961 6.9
An issue was discovered in Xen through 4.11.x on AMD x86 platforms, possibly allowing guest OS users to gain host OS privileges because TLB flushes do not always occur after IOMMU mapping changes.
03-10-2019 - 00:03 08-12-2018 - 04:29
CVE-2018-16515 6.5
Matrix Synapse before 0.33.3.1 allows remote attackers to spoof events and possibly have unspecified other impacts by leveraging improper transaction and event signature validation.
03-10-2019 - 00:03 18-09-2018 - 21:29
CVE-2017-17459 9.3
http_transport.c in Fossil before 2.4, when the SSH sync protocol is used, allows user-assisted remote attackers to execute arbitrary commands via an ssh URL with an initial dash character in the hostname, a related issue to CVE-2017-9800, CVE-2017-1
03-10-2019 - 00:03 07-12-2017 - 18:29
CVE-2018-17188 6.5
Prior to CouchDB version 2.3.0, CouchDB allowed for runtime-configuration of key components of the database. In some cases, this lead to vulnerabilities where CouchDB admin users could access the underlying operating system as the CouchDB user. Toget
03-10-2019 - 00:03 02-01-2019 - 14:29
CVE-2017-16818 4.0
RADOS Gateway in Ceph 12.1.0 through 12.2.1 allows remote authenticated users to cause a denial of service (assertion failure and application exit) by leveraging "full" (not necessarily admin) privileges to post an invalid profile to the admin API, r
03-10-2019 - 00:03 20-12-2017 - 17:29
CVE-2018-12183 4.6
Stack overflow in DxeCore for EDK II may allow an unauthenticated user to potentially enable escalation of privilege, information disclosure and/or denial of service via local access.
03-10-2019 - 00:03 27-03-2019 - 20:29
CVE-2017-14733 4.3
ReadRLEImage in coders/rle.c in GraphicsMagick 1.3.26 mishandles RLE headers that specify too few colors, which allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted file.
03-10-2019 - 00:03 25-09-2017 - 21:29
CVE-2017-15365 6.5
sql/event_data_objects.cc in MariaDB before 10.1.30 and 10.2.x before 10.2.10 and Percona XtraDB Cluster before 5.6.37-26.21-3 and 5.7.x before 5.7.19-29.22-3 allows remote authenticated users with SQL access to bypass intended access restrictions an
03-10-2019 - 00:03 25-01-2018 - 16:29
CVE-2018-11769 9.0
CouchDB administrative users before 2.2.0 can configure the database server via HTTP(S). Due to insufficient validation of administrator-supplied configuration settings via the HTTP API, it is possible for a CouchDB administrator user to escalate the
03-10-2019 - 00:03 08-08-2018 - 15:29
CVE-2017-13736 4.3
There are lots of memory leaks in the GMCommand function in magick/command.c in GraphicsMagick 1.3.26 that will lead to a remote denial of service attack.
03-10-2019 - 00:03 29-08-2017 - 06:29
CVE-2018-12180 6.8
Buffer overflow in BlockIo service for EDK II may allow an unauthenticated user to potentially enable escalation of privilege, information disclosure and/or denial of service via network access.
03-10-2019 - 00:03 27-03-2019 - 20:29
CVE-2018-10906 4.6
In fuse before versions 2.9.8 and 3.x before 3.2.5, fusermount is vulnerable to a restriction bypass when SELinux is active. This allows non-root users to mount a FUSE file system with the 'allow_other' mount option regardless of whether 'user_allow_
03-10-2019 - 00:03 24-07-2018 - 20:29
CVE-2017-14649 4.3
ReadOneJNGImage in coders/png.c in GraphicsMagick version 1.3.26 does not properly validate JNG data, leading to a denial of service (assertion failure in magick/pixel_cache.c, and application crash).
03-10-2019 - 00:03 21-09-2017 - 17:29
CVE-2017-13775 7.1
GraphicsMagick 1.3.26 has a denial of service issue in ReadJNXImage() in coders/jnx.c whereby large amounts of CPU and memory resources may be consumed although the file itself does not support the requests.
03-10-2019 - 00:03 30-08-2017 - 09:29
CVE-2017-13648 4.3
In GraphicsMagick 1.3.26, a memory leak vulnerability was found in the function ReadMATImage in coders/mat.c.
03-10-2019 - 00:03 23-08-2017 - 21:29
CVE-2018-1061 5.0
python before versions 2.7.15, 3.4.9, 3.5.6rc1, 3.6.5rc1 and 3.7.0 is vulnerable to catastrophic backtracking in the difflib.IS_LINE_JUNK method. An attacker could use this flaw to cause denial of service.
03-10-2019 - 00:03 19-06-2018 - 12:29
CVE-2017-11610 9.0
The XML-RPC server in supervisor before 3.0.1, 3.1.x before 3.1.4, 3.2.x before 3.2.4, and 3.3.x before 3.3.3 allows remote authenticated users to execute arbitrary commands via a crafted XML-RPC request, related to nested supervisord namespace looku
03-10-2019 - 00:03 23-08-2017 - 14:29
CVE-2017-12937 6.8
The ReadSUNImage function in coders/sun.c in GraphicsMagick 1.3.26 has a colormap heap-based buffer over-read.
03-10-2019 - 00:03 18-08-2017 - 12:29
CVE-2017-12144 4.3
In ytnef 1.9.2, an allocation failure was found in the function TNEFFillMapi in ytnef.c, which allows attackers to cause a denial of service via a crafted file.
03-10-2019 - 00:03 02-08-2017 - 05:29
CVE-2017-0553 7.6
An elevation of privilege vulnerability in libnl could enable a local malicious application to execute arbitrary code within the context of the Wi-Fi service. This issue is rated as Moderate because it first requires compromising a privileged process
03-10-2019 - 00:03 07-04-2017 - 22:59
CVE-2017-16808 4.3
tcpdump before 4.9.3 has a heap-based buffer over-read related to aoe_print in print-aoe.c and lookup_emem in addrtoname.c.
02-10-2019 - 16:15 13-11-2017 - 21:29
CVE-2019-12493 5.8
A stack-based buffer over-read exists in PostScriptFunction::transform in Function.cc in Xpdf 4.01.01 because GfxSeparationColorSpace and GfxDeviceNColorSpace mishandle tint transform functions. It can, for example, be triggered by sending a crafted
30-09-2019 - 23:15 31-05-2019 - 02:29
CVE-2009-1690 9.3
Use-after-free vulnerability in WebKit, as used in Apple Safari before 4.0, iPhone OS 1.0 through 2.2.1, iPhone OS for iPod touch 1.1 through 2.2.1, Google Chrome 1.0.154.53, and possibly other products, allows remote attackers to execute arbitrary c
26-09-2019 - 17:05 10-06-2009 - 14:30
CVE-2014-3219 4.3
fish before 2.1.1 allows local users to write to arbitrary files via a symlink attack on (1) /tmp/fishd.log.%s, (2) /tmp/.pac-cache.$USER, (3) /tmp/.yum-cache.$USER, or (4) /tmp/.rpm-cache.$USER.
24-09-2019 - 15:15 09-02-2018 - 22:29
CVE-2018-18444 6.8
makeMultiView.cpp in exrmultiview in OpenEXR 2.3.0 has an out-of-bounds write, leading to an assertion failure or possibly unspecified other impact.
23-09-2019 - 20:15 17-10-2018 - 19:29
CVE-2010-0287 5.0
Directory traversal vulnerability in the ACL Manager plugin (plugins/acl/ajax.php) in DokuWiki before 2009-12-25b allows remote attackers to list the contents of arbitrary directories via a .. (dot dot) in the ns parameter.
23-09-2019 - 18:13 15-02-2010 - 18:30
CVE-2010-0288 7.5
A typo in the administrator permission check in the ACL Manager plugin (plugins/acl/ajax.php) in DokuWiki before 2009-12-25b allows remote attackers to gain privileges and access closed wikis by editing current ACL statements, as demonstrated in the
23-09-2019 - 18:13 15-02-2010 - 18:30
CVE-2010-0289 6.8
Multiple cross-site request forgery (CSRF) vulnerabilities in the ACL Manager plugin (plugins/acl/ajax.php) in DokuWiki before 2009-12-25c allow remote attackers to hijack the authentication of administrators for requests that modify access control r
23-09-2019 - 18:13 15-02-2010 - 18:30
CVE-2019-15717 7.5
Irssi 1.2.x before 1.2.2 has a use-after-free if the IRC server sends a double CAP.
14-09-2019 - 19:15 29-08-2019 - 17:15
CVE-2019-14511 5.0
Sphinx Technologies Sphinx 3.1.1 by default has no authentication and listens on 0.0.0.0, making it exposed to the internet (unless filtered by a firewall or reconfigured to listen to 127.0.0.1 only).
14-09-2019 - 04:15 22-08-2019 - 13:15
CVE-2019-11500 7.5
In Dovecot before 2.2.36.4 and 2.3.x before 2.3.7.2 (and Pigeonhole before 0.5.7.2), protocol processing can fail for quoted strings. This occurs because '\0' characters are mishandled, and can lead to out-of-bounds writes and remote code execution.
06-09-2019 - 15:15 29-08-2019 - 14:15
CVE-2018-7999 6.8
In libgraphite2 in graphite2 1.3.11, a NULL pointer dereference vulnerability was found in Segment.cpp during a dumbRendering operation, which may allow attackers to cause a denial of service or possibly have unspecified other impact via a crafted .t
06-09-2019 - 14:15 09-03-2018 - 19:29
CVE-2019-14234 7.5
An issue was discovered in Django 1.11.x before 1.11.23, 2.1.x before 2.1.11, and 2.2.x before 2.2.4. Due to an error in shallow key transformation, key and index lookups for django.contrib.postgres.fields.JSONField, and key lookups for django.contri
28-08-2019 - 13:15 09-08-2019 - 13:15
CVE-2019-13509 5.0
In Docker CE and EE before 18.09.8 (as well as Docker EE before 17.06.2-ee-23 and 18.x before 18.03.1-ee-10), Docker Engine in debug mode may sometimes add secrets to the debug log. This applies to a scenario where docker stack deploy is run to redep
27-08-2019 - 17:15 18-07-2019 - 16:15
CVE-2019-1010220 4.3
tcpdump.org tcpdump 4.9.2 is affected by: CWE-126: Buffer Over-read. The impact is: May expose Saved Frame Pointer, Return Address etc. on stack. The component is: line 234: "ND_PRINT((ndo, "%s", buf));", in function named "print_prefix", in "print-h
20-08-2019 - 18:15 22-07-2019 - 18:15
CVE-2019-13638 9.3
GNU patch through 2.7.6 is vulnerable to OS shell command injection that can be exploited by opening a crafted patch file that contains an ed style diff payload with shell metacharacters. The ed editor does not need to be present on the vulnerable sy
16-08-2019 - 12:15 26-07-2019 - 13:15
CVE-2018-8741 6.5
A directory traversal flaw in SquirrelMail 1.4.22 allows an authenticated attacker to exfiltrate (or potentially delete) files from the hosting server, related to ../ in the att_local_name field in Deliver.class.php.
15-08-2019 - 20:15 17-03-2018 - 14:29
CVE-2018-14950 4.3
The mail message display page in SquirrelMail through 1.4.22 has XSS via a "<svg><a xlink:href=" attack.
15-08-2019 - 20:15 05-08-2018 - 18:29
CVE-2018-14954 4.3
The mail message display page in SquirrelMail through 1.4.22 has XSS via the formaction attribute.
15-08-2019 - 20:15 05-08-2018 - 18:29
CVE-2018-14952 4.3
The mail message display page in SquirrelMail through 1.4.22 has XSS via a "<math><maction xlink:href=" attack.
15-08-2019 - 20:15 05-08-2018 - 18:29
CVE-2018-14955 4.3
The mail message display page in SquirrelMail through 1.4.22 has XSS via SVG animations (animate to attribute).
15-08-2019 - 20:15 05-08-2018 - 18:29
CVE-2018-14951 4.3
The mail message display page in SquirrelMail through 1.4.22 has XSS via a "<form action='data:text" attack.
15-08-2019 - 20:15 05-08-2018 - 18:29
CVE-2018-14953 4.3
The mail message display page in SquirrelMail through 1.4.22 has XSS via a "<math xlink:href=" attack.
15-08-2019 - 20:15 05-08-2018 - 18:29
CVE-2019-13229 6.6
deepin-clone before 1.1.3 uses a fixed path /tmp/partclone.log in the Helper::getPartitionSizeInfo() function to write a log file as root, and follows symlinks there. An unprivileged user can prepare a symlink attack there to create or overwrite file
14-08-2019 - 11:25 04-07-2019 - 12:15
CVE-2018-20349 4.3
The igraph_i_strdiff function in igraph_trie.c in igraph through 0.7.1 has an NULL pointer dereference that allows attackers to cause a denial of service (application crash) via a crafted object.
14-08-2019 - 03:15 22-12-2018 - 00:29
CVE-2019-12855 5.8
In words.protocols.jabber.xmlstream in Twisted through 19.2.1, XMPP support did not verify certificates when used with TLS, allowing an attacker to MITM connections.
14-08-2019 - 03:15 16-06-2019 - 12:29
CVE-2019-13178 6.8
modules/luksbootkeyfile/main.py in Calamares versions 3.1 through 3.2.10 has a race condition between the time when the LUKS encryption keyfile is created and when secure permissions are set.
13-08-2019 - 03:15 02-07-2019 - 23:15
CVE-2019-14296 6.8
canUnpack in p_vmlinx.cpp in UPX 3.95 allows remote attackers to cause a denial of service (SEGV or buffer overflow, and application crash) or possibly have unspecified other impact via a crafted UPX packed file.
11-08-2019 - 03:15 27-07-2019 - 19:15
CVE-2019-14295 4.3
An Integer overflow in the getElfSections function in p_vmlinx.cpp in UPX 3.95 allows remote attackers to cause a denial of service (crash) via a skewed offset larger than the size of the PE section in a UPX packed executable, which triggers an alloc
11-08-2019 - 03:15 27-07-2019 - 19:15
CVE-2015-7576 4.3
The http_basic_authenticate_with method in actionpack/lib/action_controller/metal/http_authentication.rb in the Basic Authentication implementation in Action Controller in Ruby on Rails before 3.2.22.1, 4.0.x and 4.1.x before 4.1.14.1, 4.2.x before 4
08-08-2019 - 15:43 16-02-2016 - 02:59
CVE-2015-7581 5.0
actionpack/lib/action_dispatch/routing/route_set.rb in Action Pack in Ruby on Rails 4.x before 4.2.5.1 and 5.x before 5.0.0.beta1.1 allows remote attackers to cause a denial of service (superfluous caching and memory consumption) by leveraging an app
08-08-2019 - 15:43 16-02-2016 - 02:59
CVE-2015-7577 5.0
activerecord/lib/active_record/nested_attributes.rb in Active Record in Ruby on Rails 3.1.x and 3.2.x before 3.2.22.1, 4.0.x and 4.1.x before 4.1.14.1, 4.2.x before 4.2.5.1, and 5.x before 5.0.0.beta1.1 does not properly implement a certain destroy o
08-08-2019 - 15:43 16-02-2016 - 02:59
CVE-2016-0751 5.0
actionpack/lib/action_dispatch/http/mime_type.rb in Action Pack in Ruby on Rails before 3.2.22.1, 4.0.x and 4.1.x before 4.1.14.1, 4.2.x before 4.2.5.1, and 5.x before 5.0.0.beta1.1 does not properly restrict use of the MIME type cache, which allows
08-08-2019 - 15:43 16-02-2016 - 02:59
CVE-2011-2929 5.0
The template selection functionality in actionpack/lib/action_view/template/resolver.rb in Ruby on Rails 3.0.x before 3.0.10 and 3.1.x before 3.1.0.rc6 does not properly handle glob characters, which allows remote attackers to render arbitrary views
08-08-2019 - 15:42 29-08-2011 - 18:55
CVE-2011-2930 7.5
Multiple SQL injection vulnerabilities in the quote_table_name method in the ActiveRecord adapters in activerecord/lib/active_record/connection_adapters/ in Ruby on Rails before 2.3.13, 3.0.x before 3.0.10, and 3.1.x before 3.1.0.rc5 allow remote att
08-08-2019 - 15:42 29-08-2011 - 18:55
CVE-2011-2197 4.3
The cross-site scripting (XSS) prevention feature in Ruby on Rails 2.x before 2.3.12, 3.0.x before 3.0.8, and 3.1.x before 3.1.0.rc2 does not properly handle mutation of safe buffers, which makes it easier for remote attackers to conduct XSS attacks
08-08-2019 - 15:42 30-06-2011 - 15:55
CVE-2011-2932 4.3
Cross-site scripting (XSS) vulnerability in activesupport/lib/active_support/core_ext/string/output_safety.rb in Ruby on Rails 2.x before 2.3.13, 3.0.x before 3.0.10, and 3.1.x before 3.1.0.rc5 allows remote attackers to inject arbitrary web script o
08-08-2019 - 15:42 29-08-2011 - 18:55
CVE-2011-2931 4.3
Cross-site scripting (XSS) vulnerability in the strip_tags helper in actionpack/lib/action_controller/vendor/html-scanner/html/node.rb in Ruby on Rails before 2.3.13, 3.0.x before 3.0.10, and 3.1.x before 3.1.0.rc5 allows remote attackers to inject a
08-08-2019 - 15:42 29-08-2011 - 18:55
CVE-2012-1098 4.3
Cross-site scripting (XSS) vulnerability in Ruby on Rails 3.0.x before 3.0.12, 3.1.x before 3.1.4, and 3.2.x before 3.2.2 allows remote attackers to inject arbitrary web script or HTML via vectors involving a SafeBuffer object that is manipulated thr
08-08-2019 - 15:42 13-03-2012 - 10:55
CVE-2012-1099 4.3
Cross-site scripting (XSS) vulnerability in actionpack/lib/action_view/helpers/form_options_helper.rb in the select helper in Ruby on Rails 3.0.x before 3.0.12, 3.1.x before 3.1.4, and 3.2.x before 3.2.2 allows remote attackers to inject arbitrary we
08-08-2019 - 15:42 13-03-2012 - 10:55
CVE-2011-0448 7.5
Ruby on Rails 3.0.x before 3.0.4 does not ensure that arguments to the limit function specify integer values, which makes it easier for remote attackers to conduct SQL injection attacks via a non-numeric argument.
08-08-2019 - 15:41 21-02-2011 - 18:00
CVE-2011-0447 6.8
Ruby on Rails 2.1.x, 2.2.x, and 2.3.x before 2.3.11, and 3.x before 3.0.4, does not properly validate HTTP requests that contain an X-Requested-With header, which makes it easier for remote attackers to conduct cross-site request forgery (CSRF) attac
08-08-2019 - 15:41 14-02-2011 - 21:00
CVE-2011-0449 7.5
actionpack/lib/action_view/template/resolver.rb in Ruby on Rails 3.0.x before 3.0.4, when a case-insensitive filesystem is used, does not properly implement filters associated with the list of available templates, which allows remote attackers to byp
08-08-2019 - 15:41 21-02-2011 - 18:00
CVE-2011-0446 4.3
Multiple cross-site scripting (XSS) vulnerabilities in the mail_to helper in Ruby on Rails before 2.3.11, and 3.x before 3.0.4, when javascript encoding is used, allow remote attackers to inject arbitrary web script or HTML via a crafted (1) name or
08-08-2019 - 15:41 14-02-2011 - 21:00
CVE-2015-7579 4.3
Cross-site scripting (XSS) vulnerability in the rails-html-sanitizer gem 1.0.2 for Ruby on Rails 4.2.x and 5.x allows remote attackers to inject arbitrary web script or HTML via an HTML entity that is mishandled by the Rails::Html::FullSanitizer clas
08-08-2019 - 15:16 16-02-2016 - 02:59
CVE-2015-7578 4.3
Cross-site scripting (XSS) vulnerability in the rails-html-sanitizer gem before 1.0.3 for Ruby on Rails 4.2.x and 5.x allows remote attackers to inject arbitrary web script or HTML via crafted tag attributes.
08-08-2019 - 15:16 16-02-2016 - 02:59
CVE-2011-3186 4.3
CRLF injection vulnerability in actionpack/lib/action_controller/response.rb in Ruby on Rails 2.3.x before 2.3.13 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via the Content-Type header.
08-08-2019 - 14:38 29-08-2011 - 18:55
CVE-2019-6501 2.1
In QEMU 3.1, scsi_handle_inquiry_reply in hw/scsi/scsi-generic.c allows out-of-bounds write and read operations.
06-08-2019 - 17:15 21-03-2019 - 16:01
CVE-2018-14598 5.0
An issue was discovered in XListExtensions in ListExt.c in libX11 through 1.6.5. A malicious server can send a reply in which the first string overflows, causing a variable to be set to NULL that will be freed later on, leading to DoS (segmentation f
06-08-2019 - 17:15 24-08-2018 - 19:29
CVE-2018-14348 5.5
libcgroup up to and including 0.41 creates /var/log/cgred with mode 0666 regardless of the configured umask, leading to disclosure of information.
06-08-2019 - 17:15 14-08-2018 - 18:29
CVE-2008-0122 10.0
Off-by-one error in the inet_network function in libbind in ISC BIND 9.4.2 and earlier, as used in libc in FreeBSD 6.2 through 7.0-PRERELEASE, allows context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code
01-08-2019 - 12:12 16-01-2008 - 02:00
CVE-2019-13648 4.9
In the Linux kernel through 5.2.1 on the powerpc platform, when hardware transactional memory is disabled, a local user can cause a denial of service (TM Bad Thing exception and system crash) via a sigreturn() system call that sends a crafted signal
30-07-2019 - 12:15 19-07-2019 - 13:15
CVE-2019-12865 4.3
In radare2 through 3.5.1, cmd_mount in libr/core/cmd_mount.c has a double free for the ms command.
30-07-2019 - 03:15 17-06-2019 - 23:15
CVE-2009-2185 5.0
The ASN.1 parser (pluto/asn1.c, libstrongswan/asn1/asn1.c, libstrongswan/asn1/asn1_parser.c) in (a) strongSwan 2.8 before 2.8.10, 4.2 before 4.2.16, and 4.3 before 4.3.2; and (b) openSwan 2.6 before 2.6.22 and 2.4 before 2.4.15 allows remote attacker
29-07-2019 - 14:24 25-06-2009 - 02:00
CVE-2005-3671 7.8
The Internet Key Exchange version 1 (IKEv1) implementation in Openswan 2 (openswan-2) before 2.4.4, and freeswan in SUSE LINUX 9.1 before 2.04_1.5.4-1.23, allow remote attackers to cause a denial of service via (1) a crafted packet using 3DES with an
29-07-2019 - 14:24 18-11-2005 - 21:03
CVE-2005-0162 7.2
Stack-based buffer overflow in the get_internal_addresses function in the pluto application for Openswan 1.x before 1.0.9, and Openswan 2.x before 2.3.0, when compiled with XAUTH and PAM enabled, allows remote authenticated attackers to execute arbit
29-07-2019 - 13:23 26-01-2005 - 05:00
CVE-2019-13228 6.6
deepin-clone before 1.1.3 uses a fixed path /tmp/repo.iso in the BootDoctor::fix() function to download an ISO file, and follows symlinks there. An unprivileged user can prepare a symlink attack there to create or overwrite files in arbitrary file sy
28-07-2019 - 03:15 04-07-2019 - 12:15
CVE-2019-13227 6.6
In GUI mode, deepin-clone before 1.1.3 creates a log file at the fixed path /tmp/.deepin-clone.log as root, and follows symlinks there. An unprivileged user can prepare a symlink attack there to create or overwrite files in arbitrary file system loca
28-07-2019 - 03:15 04-07-2019 - 12:15
CVE-2018-19802 5.0
aubio v0.4.0 to v0.4.8 has a new_aubio_onset NULL pointer dereference.
26-07-2019 - 13:15 07-06-2019 - 17:29
CVE-2018-19801 5.0
aubio v0.4.0 to v0.4.8 has a NULL pointer dereference in new_aubio_filterbank via invalid n_filters.
26-07-2019 - 13:15 07-06-2019 - 17:29
CVE-2018-19800 7.5
aubio v0.4.0 to v0.4.8 has a Buffer Overflow in new_aubio_tempo.
26-07-2019 - 13:15 07-06-2019 - 17:29
CVE-2019-13631 4.6
In parse_hid_report_descriptor in drivers/input/tablet/gtco.c in the Linux kernel through 5.2.1, a malicious USB device can send an HID report that triggers an out-of-bounds write during generation of debugging messages.
26-07-2019 - 03:15 17-07-2019 - 19:15
CVE-2019-3859 6.4
An out of bounds read flaw was discovered in libssh2 before 1.8.1 in the _libssh2_packet_require and _libssh2_packet_requirev functions. A remote attacker who compromises a SSH server may be able to cause a Denial of Service or read data in the clien
25-07-2019 - 21:15 21-03-2019 - 16:01
CVE-2019-13636 5.8
In GNU patch through 2.7.6, the following of symlinks is mishandled in certain cases other than input files. This affects inp.c and util.c.
24-07-2019 - 17:15 17-07-2019 - 21:15
CVE-2019-12219 6.8
An issue was discovered in libSDL2.a in Simple DirectMedia Layer (SDL) 2.0.9 when used in conjunction with libSDL2_image.a in SDL2_image 2.0.4. There is an invalid free error in the SDL function SDL_SetError_REAL at SDL_error.c.
22-07-2019 - 22:15 20-05-2019 - 17:29
CVE-2019-12220 4.3
An issue was discovered in libSDL2.a in Simple DirectMedia Layer (SDL) 2.0.9 when used in conjunction with libSDL2_image.a in SDL2_image 2.0.4. There is an out-of-bounds read in the SDL function SDL_FreePalette_REAL at video/SDL_pixels.c.
22-07-2019 - 22:15 20-05-2019 - 17:29
CVE-2019-12218 4.3
An issue was discovered in libSDL2.a in Simple DirectMedia Layer (SDL) 2.0.9 when used in conjunction with libSDL2_image.a in SDL2_image 2.0.4. There is a NULL pointer dereference in the SDL2_image function IMG_LoadPCX_RW at IMG_pcx.c.
22-07-2019 - 22:15 20-05-2019 - 17:29
CVE-2019-12217 4.3
An issue was discovered in libSDL2.a in Simple DirectMedia Layer (SDL) 2.0.9 when used in conjunction with libSDL2_image.a in SDL2_image 2.0.4. There is a NULL pointer dereference in the SDL stdio_read function in file/SDL_rwops.c.
22-07-2019 - 22:15 20-05-2019 - 17:29
CVE-2019-12222 4.3
An issue was discovered in libSDL2.a in Simple DirectMedia Layer (SDL) 2.0.9. There is an out-of-bounds read in the function SDL_InvalidateMap at video/SDL_pixels.c.
22-07-2019 - 22:15 20-05-2019 - 17:29
CVE-2013-0334 5.0
Bundler before 1.7, when multiple top-level source lines are used, allows remote attackers to install arbitrary gems by creating a gem with the same name as another gem in a different source.
16-07-2019 - 12:21 31-10-2014 - 14:55
CVE-2019-12790 6.8
In radare2 through 3.5.1, there is a heap-based buffer over-read in the r_egg_lang_parsechar function of egg_lang.c. This allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact because of mi
16-07-2019 - 05:15 10-06-2019 - 19:29
CVE-2019-11503 5.0
snap-confine as included in snapd before 2.39 did not guard against symlink races when performing the chdir() to the current working directory of the calling user, aka a "cwd restore permission bypass."
13-07-2019 - 03:15 24-04-2019 - 21:29
CVE-2019-10912 6.5
In Symfony before 2.8.50, 3.x before 3.4.26, 4.x before 4.1.12, and 4.2.x before 4.2.7, it is possible to cache objects that may contain bad user input. On serialization or unserialization, this could result in the deletion of files that the current
12-07-2019 - 14:15 16-05-2019 - 22:29
CVE-2012-1986 2.1
Puppet 2.6.x before 2.6.15 and 2.7.x before 2.7.13, and Puppet Enterprise (PE) Users 1.0, 1.1, 1.2.x, 2.0.x, and 2.5.x before 2.5.1 allows remote authenticated users with an authorized SSL key and certain permissions on the puppet master to read arbi
11-07-2019 - 15:09 29-05-2012 - 20:55
CVE-2012-1987 3.5
Unspecified vulnerability in Puppet 2.6.x before 2.6.15 and 2.7.x before 2.7.13, and Puppet Enterprise (PE) Users 1.0, 1.1, 1.2.x, 2.0.x, and 2.5.x before 2.5.1 allows remote authenticated users with agent SSL keys to (1) cause a denial of service (m
11-07-2019 - 15:09 29-05-2012 - 20:55
CVE-2019-7165 7.5
A buffer overflow in DOSBox 0.74-2 allows attackers to execute arbitrary code.
11-07-2019 - 03:15 03-07-2019 - 18:15
CVE-2011-3869 6.3
Puppet 2.7.x before 2.7.5, 2.6.x before 2.6.11, and 0.25.x allows local users to overwrite arbitrary files via a symlink attack on the .k5login file.
10-07-2019 - 14:13 27-10-2011 - 20:55
CVE-2011-3870 6.3
Puppet 2.7.x before 2.7.5, 2.6.x before 2.6.11, and 0.25.x allows local users to modify the permissions of arbitrary files via a symlink attack on the SSH authorized_keys file.
10-07-2019 - 14:13 27-10-2011 - 20:55
CVE-2011-3871 6.2
Puppet 2.7.x before 2.7.5, 2.6.x before 2.6.11, and 0.25.x, when running in --edit mode, uses a predictable file name, which allows local users to run arbitrary Puppet code or trick a user into editing arbitrary files.
10-07-2019 - 14:13 27-10-2011 - 20:55
CVE-2019-12448 6.8
An issue was discovered in GNOME gvfs 1.29.4 through 1.41.2. daemon/gvfsbackendadmin.c has race conditions because the admin backend doesn't implement query_info_on_read/write.
08-07-2019 - 00:15 29-05-2019 - 17:29
CVE-2018-20815 7.5
In QEMU 3.1.0, load_device_tree in device_tree.c calls the deprecated load_image function, which has a buffer overflow risk.
02-07-2019 - 23:15 31-05-2019 - 22:29
CVE-2018-6799 6.8
The AcquireCacheNexus function in magick/pixel_cache.c in GraphicsMagick before 1.3.28 allows remote attackers to cause a denial of service (heap overwrite) or possibly have unspecified other impact via a crafted image file, because a pixel staging a
30-06-2019 - 03:15 07-02-2018 - 05:29
CVE-2017-17503 6.8
ReadGRAYImage in coders/gray.c in GraphicsMagick 1.3.26 has a magick/import.c ImportGrayQuantumType heap-based buffer over-read via a crafted file.
30-06-2019 - 03:15 11-12-2017 - 02:29
CVE-2017-17500 6.8
ReadRGBImage in coders/rgb.c in GraphicsMagick 1.3.26 has a magick/import.c ImportRGBQuantumType heap-based buffer over-read via a crafted file.
30-06-2019 - 03:15 11-12-2017 - 02:29
CVE-2017-17502 6.8
ReadCMYKImage in coders/cmyk.c in GraphicsMagick 1.3.26 has a magick/import.c ImportCMYKQuantumType heap-based buffer over-read via a crafted file.
30-06-2019 - 03:15 11-12-2017 - 02:29
CVE-2017-17501 6.8
WriteOnePNGImage in coders/png.c in GraphicsMagick 1.3.26 has a heap-based buffer over-read via a crafted file.
30-06-2019 - 03:15 11-12-2017 - 02:29
CVE-2017-15238 6.8
ReadOneJNGImage in coders/png.c in GraphicsMagick 1.3.26 has a use-after-free issue when the height or width is zero, related to ReadJNGImage.
30-06-2019 - 03:15 11-10-2017 - 03:29
CVE-2017-14997 7.1
GraphicsMagick 1.3.26 allows remote attackers to cause a denial of service (excessive memory allocation) because of an integer underflow in ReadPICTImage in coders/pict.c.
30-06-2019 - 03:15 04-10-2017 - 01:29
CVE-2017-13737 4.3
There is an invalid free in the MagickFree function in magick/memory.c in GraphicsMagick 1.3.26 that will lead to a remote denial of service attack.
30-06-2019 - 03:15 29-08-2017 - 06:29
CVE-2017-14504 4.3
ReadPNMImage in coders/pnm.c in GraphicsMagick 1.3.26 does not ensure the correct number of colors for the XV 332 format, leading to a NULL Pointer Dereference.
30-06-2019 - 03:15 17-09-2017 - 19:29
CVE-2017-15930 6.8
In ReadOneJNGImage in coders/png.c in GraphicsMagick 1.3.26, a Null Pointer Dereference occurs while transferring JPEG scanlines, related to a PixelPacket pointer.
30-06-2019 - 03:15 27-10-2017 - 18:29
CVE-2017-14994 4.3
ReadDCMImage in coders/dcm.c in GraphicsMagick 1.3.26 allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted DICOM image, related to the ability of DCM_ReadNonNativeImages to yield an image list with zero frames
30-06-2019 - 03:15 04-10-2017 - 01:29
CVE-2017-13065 4.3
GraphicsMagick 1.3.26 has a NULL pointer dereference vulnerability in the function SVGStartElement in coders/svg.c.
30-06-2019 - 03:15 22-08-2017 - 06:29
CVE-2017-13063 4.3
GraphicsMagick 1.3.26 has a heap-based buffer overflow vulnerability in the function GetStyleTokens in coders/svg.c:314:12.
30-06-2019 - 03:15 22-08-2017 - 06:29
CVE-2017-12936 6.8
The ReadWMFImage function in coders/wmf.c in GraphicsMagick 1.3.26 has a use-after-free issue for data associated with exception reporting.
30-06-2019 - 03:15 18-08-2017 - 12:29
CVE-2017-13064 4.3
GraphicsMagick 1.3.26 has a heap-based buffer overflow vulnerability in the function GetStyleTokens in coders/svg.c:311:12.
30-06-2019 - 03:15 22-08-2017 - 06:29
CVE-2017-12935 6.8
The ReadMNGImage function in coders/png.c in GraphicsMagick 1.3.26 mishandles large MNG images, leading to an invalid memory read in the SetImageColorCallBack function in magick/image.c.
30-06-2019 - 03:15 18-08-2017 - 12:29
CVE-2019-12269 5.0
Enigmail before 2.0.11 allows PGP signature spoofing: for an inline PGP message, an attacker can cause the product to display a "correctly signed" message indication, but display different unauthenticated text.
24-06-2019 - 18:15 21-05-2019 - 20:29
CVE-2019-12436 4.0
Samba 4.10.x before 4.10.5 has a NULL pointer dereference, leading to an AD DC LDAP server Denial of Service. This is related to an attacker using the paged search control. The attacker must have directory read access in order to attempt an exploit.
20-06-2019 - 09:15 19-06-2019 - 12:15
CVE-2019-12435 4.0
Samba 4.9.x before 4.9.9 and 4.10.x before 4.10.5 has a NULL pointer dereference, leading to Denial of Service. This is related to the AD DC DNS management server (dnsserver) RPC server process.
19-06-2019 - 15:15 19-06-2019 - 12:15
CVE-2015-8036 6.8
Heap-based buffer overflow in ARM mbed TLS (formerly PolarSSL) 1.3.x before 1.3.14 and 2.x before 2.1.2 allows remote SSL servers to cause a denial of service (client crash) and possibly execute arbitrary code via a long session ticket name to the se
19-06-2019 - 13:59 02-11-2015 - 19:59
CVE-2015-5291 6.8
Heap-based buffer overflow in PolarSSL 1.x before 1.2.17 and ARM mbed TLS (formerly PolarSSL) 1.3.x before 1.3.14 and 2.x before 2.1.2 allows remote SSL servers to cause a denial of service (client crash) and possibly execute arbitrary code via a lon
19-06-2019 - 13:38 02-11-2015 - 19:59
CVE-2016-4738 9.3
libxslt in Apple iOS before 10, OS X before 10.12, tvOS before 10, and watchOS before 3 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site.
18-06-2019 - 20:15 25-09-2016 - 10:59
CVE-2019-10871 4.3
An issue was discovered in Poppler 0.74.0. There is a heap-based buffer over-read in the function PSOutputDev::checkPageSlice at PSOutputDev.cc.
18-06-2019 - 20:15 05-04-2019 - 04:29
CVE-2016-1841 6.8
libxslt, as used in Apple iOS before 9.3.2, OS X before 10.11.5, tvOS before 9.2.1, and watchOS before 2.2.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site.
18-06-2019 - 20:15 20-05-2016 - 10:59
CVE-2019-10873 4.3
An issue was discovered in Poppler 0.74.0. There is a NULL pointer dereference in the function SplashClip::clipAALine at splash/SplashClip.cc.
18-06-2019 - 20:15 05-04-2019 - 04:29
CVE-2015-8807 4.3
Cross-site scripting (XSS) vulnerability in the _renderVarInput_number function in horde/framework/Core/lib/Horde/Core/Ui/VarRenderer/Html.php in Horde Groupware before 5.2.12 and Horde Groupware Webmail Edition before 5.2.12 allows remote attackers
18-06-2019 - 16:29 13-04-2016 - 16:59
CVE-2016-2228 4.3
Cross-site scripting (XSS) vulnerability in horde/templates/topbar/_menubar.html.php in Horde Groupware before 5.2.12 and Horde Groupware Webmail Edition before 5.2.12 allows remote attackers to inject arbitrary web script or HTML via the searchfield
18-06-2019 - 16:29 13-04-2016 - 16:59
CVE-2019-9917 4.0
ZNC before 1.7.3-rc1 allows an existing remote user to cause a Denial of Service (crash) via invalid encoding.
15-06-2019 - 03:29 27-03-2019 - 06:29
CVE-2019-12616 4.3
An issue was discovered in phpMyAdmin before 4.9.0. A vulnerability was found that allows an attacker to trigger a CSRF attack against a phpMyAdmin user. The attacker can trick the user, for instance through a broken <img> tag pointing at the victim'
14-06-2019 - 04:29 05-06-2019 - 05:29
CVE-2019-11768 7.5
An issue was discovered in phpMyAdmin before 4.9.0.1. A vulnerability was reported where a specially crafted database name can be used to trigger an SQL injection attack through the designer feature.
14-06-2019 - 04:29 05-06-2019 - 05:29
CVE-2019-3814 4.9
It was discovered that Dovecot before versions 2.2.36.1 and 2.3.4.1 incorrectly handled client certificates. A remote attacker in possession of a valid certificate with an empty username field could possibly use this issue to impersonate other users.
14-06-2019 - 03:29 27-03-2019 - 13:29
CVE-2019-7524 7.2
In Dovecot before 2.2.36.3 and 2.3.x before 2.3.5.1, a local attacker can cause a buffer overflow in the indexer-worker process, which can be used to elevate to root. This occurs because of missing checks in the fts and pop3-uidl components.
14-06-2019 - 03:29 28-03-2019 - 14:29
CVE-2019-12735 9.3
getchar.c in Vim before 8.1.1365 and Neovim before 0.3.6 allows remote attackers to execute arbitrary OS commands via the :source! command in a modeline, as demonstrated by execute in Vim, and assert_fails or nvim_input in Neovim.
13-06-2019 - 21:29 05-06-2019 - 14:29
CVE-2014-9761 7.5
Multiple stack-based buffer overflows in the GNU C Library (aka glibc or libc6) before 2.23 allow context-dependent attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a long argument to the (1) nan, (2)
13-06-2019 - 21:29 19-04-2016 - 21:59
CVE-2019-12308 4.3
An issue was discovered in Django 1.11 before 1.11.21, 2.1 before 2.1.9, and 2.2 before 2.2.2. The clickable Current URL value displayed by the AdminURLFieldWidget displays the provided value without validating it as a safe URL. Thus, an unvalidated
12-06-2019 - 17:29 03-06-2019 - 17:29
CVE-2017-15010 5.0
A ReDoS (regular expression denial of service) flaw was found in the tough-cookie module before 2.3.3 for Node.js. An attacker that is able to make an HTTP request using a specially crafted cookie may cause the application to consume an excessive amo
12-06-2019 - 17:29 04-10-2017 - 01:29
CVE-2018-12130 4.7
Microarchitectural Fill Buffer Data Sampling (MFBDS): Fill buffers on some microprocessors utilizing speculative execution may allow an authenticated user to potentially enable information disclosure via a side channel with local access. A list of im
11-06-2019 - 16:29 30-05-2019 - 16:29
CVE-2018-12127 4.7
Microarchitectural Load Port Data Sampling (MLPDS): Load ports on some microprocessors utilizing speculative execution may allow an authenticated user to potentially enable information disclosure via a side channel with local access. A list of impact
11-06-2019 - 16:29 30-05-2019 - 16:29
CVE-2018-12126 4.7
Microarchitectural Store Buffer Data Sampling (MSBDS): Store buffers on some microprocessors utilizing speculative execution may allow an authenticated user to potentially enable information disclosure via a side channel with local access. A list of
11-06-2019 - 16:29 30-05-2019 - 16:29
CVE-2019-12300 5.0
Buildbot before 1.8.2 and 2.x before 2.3.1 accepts a user-submitted authorization token from OAuth and uses it to authenticate a user. If an attacker has a token allowing them to read the user details of a victim, they can login as the victim.
07-06-2019 - 18:29 23-05-2019 - 15:30
CVE-2019-11555 4.3
The EAP-pwd implementation in hostapd (EAP server) before 2.8 and wpa_supplicant (EAP peer) before 2.8 does not validate fragmentation reassembly state properly for a case where an unexpected fragment could be received. This could result in process t
07-06-2019 - 03:29 26-04-2019 - 22:29
CVE-2017-9434 5.0
Crypto++ (aka cryptopp) through 5.6.5 contains an out-of-bounds read vulnerability in zinflate.cpp in the Inflator filter.
01-06-2019 - 06:29 05-06-2017 - 14:29
CVE-2016-9939 5.0
Crypto++ (aka cryptopp and libcrypto++) 5.6.4 contained a bug in its ASN.1 BER decoding routine. The library will allocate a memory block based on the length field of the ASN.1 object. If there is not enough content octets in the ASN.1 object, then t
01-06-2019 - 06:29 30-01-2017 - 21:59
CVE-2015-1335 7.2
lxc-start in lxc before 1.0.8 and 1.1.x before 1.1.4 allows local container administrators to escape AppArmor confinement via a symlink attack on a (1) mount target or (2) bind mount source.
31-05-2019 - 21:29 01-10-2015 - 20:59
CVE-2016-1494 5.0
The verify function in the RSA package for Python (Python-RSA) before 3.3 allows attackers to spoof signatures with a small public exponent via crafted signature padding, aka a BERserk attack.
31-05-2019 - 17:27 13-01-2016 - 15:59
CVE-2018-18849 2.1
In Qemu 3.0.0, lsi_do_msgin in hw/scsi/lsi53c895a.c allows out-of-bounds access by triggering an invalid msg_len value.
31-05-2019 - 14:29 21-03-2019 - 16:00
CVE-2019-3829 5.0
A vulnerability was found in gnutls versions from 3.5.8 before 3.6.7. A memory corruption (double free) vulnerability in the certificate verification API. Any client or server application that verifies X.509 certificates with GnuTLS 3.5.8 or later is
30-05-2019 - 16:29 27-03-2019 - 18:29
CVE-2019-3836 5.0
It was discovered in gnutls before version 3.6.7 upstream that there is an uninitialized pointer access in gnutls versions 3.6.3 or later which can be triggered by certain post-handshake messages.
30-05-2019 - 16:29 01-04-2019 - 15:29
CVE-2018-20433 7.5
c3p0 0.9.5.2 allows XXE in extractXmlConfigFromInputStream in com/mchange/v2/c3p0/cfg/C3P0ConfigXmlUtils.java during initialization.
29-05-2019 - 05:29 24-12-2018 - 13:29
CVE-2019-0199 5.0
The HTTP/2 implementation in Apache Tomcat 9.0.0.M1 to 9.0.14 and 8.5.0 to 8.5.37 accepted streams with excessive numbers of SETTINGS frames and also permitted clients to keep streams open without reading/writing request/response data. By keeping str
28-05-2019 - 21:29 10-04-2019 - 15:29
CVE-2019-11460 6.8
An issue was discovered in GNOME gnome-desktop 3.26, 3.28, and 3.30 prior to 3.30.2.2, and 3.32 prior to 3.32.1.1. A compromised thumbnailer may escape the bubblewrap sandbox used to confine thumbnailers by using the TIOCSTI ioctl to push characters
27-05-2019 - 17:29 22-04-2019 - 22:29
CVE-2019-11372 4.3
An out-of-bounds read in MediaInfoLib::File__Tags_Helper::Synched_Test in Tag/File__Tags.cpp in MediaInfoLib in MediaArea MediaInfo 18.12 leads to a crash.
25-05-2019 - 06:29 20-04-2019 - 15:29
CVE-2019-11373 4.3
An out-of-bounds read in File__Analyze::Get_L8 in File__Analyze_Buffer.cpp in MediaInfoLib in MediaArea MediaInfo 18.12 leads to a crash.
25-05-2019 - 06:29 20-04-2019 - 15:29
CVE-2019-11473 4.3
coders/xwd.c in GraphicsMagick 1.3.31 allows attackers to cause a denial of service (out-of-bounds read and application crash) by crafting an XWD image file, a different vulnerability than CVE-2019-11008 and CVE-2019-11009.
23-05-2019 - 00:29 23-04-2019 - 14:29
CVE-2016-9299 7.5
The remoting module in Jenkins before 2.32 and LTS before 2.19.3 allows remote attackers to execute arbitrary code via a crafted serialized Java object, which triggers an LDAP query to a third-party server.
22-05-2019 - 15:06 12-01-2017 - 23:59
CVE-2017-6801 5.0
An issue was discovered in ytnef before 1.9.2. There is a potential out-of-bounds access with fields of Size 0 in TNEFParse() in libytnef.
18-05-2019 - 03:29 10-03-2017 - 10:59
CVE-2017-6802 5.0
An issue was discovered in ytnef before 1.9.2. There is a potential heap-based buffer over-read on incoming Compressed RTF Streams, related to DecompressRTF() in libytnef.
18-05-2019 - 03:29 10-03-2017 - 10:59
CVE-2017-6298 6.8
An issue was discovered in ytnef before 1.9.1. This is related to a patch described as "1 of 9. Null Pointer Deref / calloc return value not checked."
18-05-2019 - 03:29 24-02-2017 - 04:59
CVE-2017-6302 6.8
An issue was discovered in ytnef before 1.9.1. This is related to a patch described as "5 of 9. Integer Overflow."
18-05-2019 - 03:29 24-02-2017 - 04:59
CVE-2017-6300 6.8
An issue was discovered in ytnef before 1.9.1. This is related to a patch described as "3 of 9. Buffer Overflow in version field in lib/tnef-types.h."
18-05-2019 - 03:29 24-02-2017 - 04:59
CVE-2017-9146 6.8
The TNEFFillMapi function in lib/ytnef.c in libytnef in ytnef through 1.9.2 does not ensure a nonzero count value before a certain memory allocation, which allows remote attackers to cause a denial of service (heap-based buffer overflow and applicati
18-05-2019 - 03:29 22-05-2017 - 18:29
CVE-2017-6800 5.0
An issue was discovered in ytnef before 1.9.2. An invalid memory access (heap-based buffer over-read) can occur during handling of LONG data types, related to MAPIPrint() in libytnef.
18-05-2019 - 03:29 10-03-2017 - 10:59
CVE-2017-6306 6.8
An issue was discovered in ytnef before 1.9.1. This is related to a patch described as "9 of 9. Directory Traversal using the filename; SanitizeFilename function in settings.c."
18-05-2019 - 03:29 24-02-2017 - 04:59
CVE-2017-6305 6.8
An issue was discovered in ytnef before 1.9.1. This is related to a patch described as "8 of 9. Out of Bounds read and write."
18-05-2019 - 03:29 24-02-2017 - 04:59
CVE-2017-6301 6.8
An issue was discovered in ytnef before 1.9.1. This is related to a patch described as "4 of 9. Out of Bounds Reads."
18-05-2019 - 03:29 24-02-2017 - 04:59
CVE-2017-6304 6.8
An issue was discovered in ytnef before 1.9.1. This is related to a patch described as "7 of 9. Out of Bounds read."
18-05-2019 - 03:29 24-02-2017 - 04:59
CVE-2017-9470 4.3
In ytnef 1.9.2, the MAPIPrint function in lib/ytnef.c allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted file.
18-05-2019 - 03:29 07-06-2017 - 05:29
CVE-2017-6303 6.8
An issue was discovered in ytnef before 1.9.1. This is related to a patch described as "6 of 9. Invalid Write and Integer Overflow."
18-05-2019 - 03:29 24-02-2017 - 04:59
CVE-2017-12142 4.3
In ytnef 1.9.2, an invalid memory read vulnerability was found in the function SwapDWord in ytnef.c, which allows attackers to cause a denial of service via a crafted file.
18-05-2019 - 03:29 02-08-2017 - 05:29
CVE-2017-12141 4.3
In ytnef 1.9.2, a heap-based buffer overflow vulnerability was found in the function TNEFFillMapi in ytnef.c, which allows attackers to cause a denial of service via a crafted file.
18-05-2019 - 03:29 02-08-2017 - 05:29
CVE-2019-11830 7.5
PharMetaDataInterceptor in the PharStreamWrapper (aka phar-stream-wrapper) package 2.x before 2.1.1 and 3.x before 3.1.1 for TYPO3 mishandles Phar stub parsing, which allows attackers to bypass a deserialization protection mechanism.
17-05-2019 - 05:29 09-05-2019 - 04:29
CVE-2019-6341 3.5
In Drupal 7 versions prior to 7.65; Drupal 8.6 versions prior to 8.6.13;Drupal 8.5 versions prior to 8.5.14. Under certain circumstances the File module/subsystem allows a malicious user to upload a file that can trigger a cross-site scripting (XSS)
16-05-2019 - 02:29 26-03-2019 - 18:29
CVE-2019-9496 5.0
An invalid authentication sequence could result in the hostapd process terminating due to missing state validation steps when processing the SAE confirm message when in hostapd/AP mode. All version of hostapd with SAE support are vulnerable. An attac
15-05-2019 - 22:29 17-04-2019 - 14:29
CVE-2019-9497 6.8
The implementations of EAP-PWD in hostapd EAP Server and wpa_supplicant EAP Peer do not validate the scalar and element values in EAP-pwd-Commit. This vulnerability may allow an attacker to complete EAP-PWD authentication without knowing the password
15-05-2019 - 22:29 17-04-2019 - 14:29
CVE-2016-3320 4.0
Microsoft Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold and 1511 allow attackers to bypass the Secure Boot protection mechanism by leveraging (1) administrative or (2) physical access to install a crafted boot mana
15-05-2019 - 17:37 09-08-2016 - 21:59
CVE-2019-3863 6.8
A flaw was found in libssh2 before 1.8.1. A server could send a multiple keyboard interactive response messages whose total length are greater than unsigned char max characters. This value is used as an index to copy memory causing in an out of bound
14-05-2019 - 21:29 25-03-2019 - 18:29
CVE-2019-5008 5.0
hw/sparc64/sun4u.c in QEMU 3.1.50 is vulnerable to a NULL pointer dereference, which allows the attacker to cause a denial of service via a device driver.
14-05-2019 - 20:29 19-04-2019 - 19:29
CVE-2018-8007 9.0
Apache CouchDB administrative users can configure the database server via HTTP(S). Due to insufficient validation of administrator-supplied configuration settings via the HTTP API, it is possible for a CouchDB administrator user to escalate their pri
13-05-2019 - 19:29 11-07-2018 - 13:29
CVE-2019-11070 5.0
WebKitGTK and WPE WebKit prior to version 2.24.1 failed to properly apply configured HTTP proxy settings when downloading livestream video (HLS, DASH, or Smooth Streaming), an error resulting in deanonymization. This issue was corrected by changing t
13-05-2019 - 18:29 10-04-2019 - 21:29
CVE-2018-18409 4.3
A stack-based buffer over-read exists in setbit() at iptree.h of TCPFLOW 1.5.0, due to received incorrect values causing incorrect computation, leading to denial of service during an address_histogram call or a get_histogram call.
13-05-2019 - 15:46 17-10-2018 - 04:29
CVE-2015-5739 7.5
The net/http library in net/textproto/reader.go in Go before 1.4.3 does not properly parse HTTP header keys, which allows remote attackers to conduct HTTP request smuggling attacks via a space instead of a hyphen, as demonstrated by "Content Length"
10-05-2019 - 16:45 18-10-2017 - 20:29
CVE-2018-19790 5.8
An open redirect was discovered in Symfony 2.7.x before 2.7.50, 2.8.x before 2.8.49, 3.x before 3.4.20, 4.0.x before 4.0.15, 4.1.x before 4.1.9 and 4.2.x before 4.2.1. By using backslashes in the `_failure_path` input field of login forms, an attacke
10-05-2019 - 16:29 18-12-2018 - 22:29
CVE-2018-19789 5.0
An issue was discovered in Symfony 2.7.x before 2.7.50, 2.8.x before 2.8.49, 3.x before 3.4.20, 4.0.x before 4.0.15, 4.1.x before 4.1.9, and 4.2.x before 4.2.1. When using the scalar type hint `string` in a setter method (e.g. `setName(string $name)`
10-05-2019 - 16:29 18-12-2018 - 22:29
CVE-2015-5740 7.5
The net/http library in net/http/transfer.go in Go before 1.4.3 does not properly parse HTTP headers, which allows remote attackers to conduct HTTP request smuggling attacks via a request with two Content-length headers.
09-05-2019 - 20:13 18-10-2017 - 20:29
CVE-2018-12910 7.5
The get_cookies function in soup-cookie-jar.c in libsoup 2.63.2 allows attackers to have unspecified impact via an empty hostname.
08-05-2019 - 18:21 05-07-2018 - 18:29
CVE-2019-10877 7.5
In Teeworlds 0.7.2, there is an integer overflow in CMap::Load() in engine/shared/map.cpp that can lead to a buffer overflow, because multiplication of width and height is mishandled.
07-05-2019 - 19:29 05-04-2019 - 06:29
CVE-2019-10879 7.5
In Teeworlds 0.7.2, there is an integer overflow in CDataFileReader::Open() in engine/shared/datafile.cpp that can lead to a buffer overflow and possibly remote code execution, because size-related multiplications are mishandled.
07-05-2019 - 19:29 05-04-2019 - 05:29
CVE-2019-10878 7.5
In Teeworlds 0.7.2, there is a failed bounds check in CDataFileReader::GetData() and CDataFileReader::ReplaceData() and related functions in engine/shared/datafile.cpp that can lead to an arbitrary free and out-of-bounds pointer write, possibly resul
07-05-2019 - 19:29 05-04-2019 - 05:29
CVE-2019-3878 6.8
A vulnerability was found in mod_auth_mellon before v0.14.2. If Apache is configured as a reverse proxy and mod_auth_mellon is configured to only let through authenticated users (with the require valid-user directive), adding special HTTP headers tha
07-05-2019 - 09:29 26-03-2019 - 18:29
CVE-2018-1099 2.1
DNS rebinding vulnerability found in etcd 3.3.1 and earlier. An attacker can control his DNS records to direct to localhost, and trick the browser into sending requests to localhost (or any other address).
06-05-2019 - 06:29 03-04-2018 - 16:29
CVE-2019-3840 3.5
A NULL pointer dereference flaw was discovered in libvirt before version 5.0.0 in the way it gets interface information through the QEMU agent. An attacker in a guest VM can use this flaw to crash libvirtd and cause a denial of service.
05-05-2019 - 05:29 27-03-2019 - 13:29
CVE-2019-9894 6.4
A remotely triggerable memory overwrite in RSA key exchange in PuTTY before 0.71 can occur before host key verification.
26-04-2019 - 15:43 21-03-2019 - 16:01
CVE-2016-2166 5.8
The (1) proton.reactor.Connector, (2) proton.reactor.Container, and (3) proton.utils.BlockingConnection classes in Apache Qpid Proton before 0.12.1 improperly use an unencrypted connection for an amqps URI scheme when SSL support is unavailable, whic
23-04-2019 - 12:29 12-04-2016 - 14:59
CVE-2014-8119 5.0
The find_ifcfg_path function in netcf before 0.2.7 might allow attackers to cause a denial of service (application crash) via vectors involving augeas path expressions.
22-04-2019 - 17:48 29-12-2017 - 22:29
CVE-2015-3900 5.0
RubyGems 2.0.x before 2.0.16, 2.2.x before 2.2.4, and 2.4.x before 2.4.7 does not validate the hostname when fetching gems or making API requests, which allows remote attackers to redirect requests to arbitrary domains via a crafted DNS SRV record, a
22-04-2019 - 17:48 24-06-2015 - 14:59
CVE-2015-3636 4.9
The ping_unhash function in net/ipv4/ping.c in the Linux kernel before 4.0.3 does not initialize a certain list data structure during an unhash operation, which allows local users to gain privileges or cause a denial of service (use-after-free and sy
22-04-2019 - 17:48 06-08-2015 - 01:59
CVE-2013-4854 7.8
The RFC 5011 implementation in rdata.c in ISC BIND 9.7.x and 9.8.x before 9.8.5-P2, 9.8.6b1, 9.9.x before 9.9.3-P2, and 9.9.4b1, and DNSco BIND 9.9.3-S1 before 9.9.3-S1-P1 and 9.9.4-S1b1, allows remote attackers to cause a denial of service (assertio
22-04-2019 - 17:48 29-07-2013 - 13:59
CVE-2015-4022 7.5
Integer overflow in the ftp_genlist function in ext/ftp/ftp.c in PHP before 5.4.41, 5.5.x before 5.5.25, and 5.6.x before 5.6.9 allows remote FTP servers to execute arbitrary code via a long reply to a LIST command, leading to a heap-based buffer ove
22-04-2019 - 17:48 09-06-2015 - 18:59
CVE-2014-3560 7.9
NetBIOS name services daemon (nmbd) in Samba 4.0.x before 4.0.21 and 4.1.x before 4.1.11 allows remote attackers to execute arbitrary code via unspecified vectors that modify heap memory, involving a sizeof operation on an incorrect variable in the u
22-04-2019 - 17:48 06-08-2014 - 18:55
CVE-2015-4026 7.5
The pcntl_exec implementation in PHP before 5.4.41, 5.5.x before 5.5.25, and 5.6.x before 5.6.9 truncates a pathname upon encountering a \x00 character, which might allow remote attackers to bypass intended extension restrictions and execute files wi
22-04-2019 - 17:48 09-06-2015 - 18:59
CVE-2015-4021 5.0
The phar_parse_tarfile function in ext/phar/tar.c in PHP before 5.4.41, 5.5.x before 5.5.25, and 5.6.x before 5.6.9 does not verify that the first character of a filename is different from the \0 character, which allows remote attackers to cause a de
22-04-2019 - 17:48 09-06-2015 - 18:59
CVE-2015-4025 7.5
PHP before 5.4.41, 5.5.x before 5.5.25, and 5.6.x before 5.6.9 truncates a pathname upon encountering a \x00 character in certain situations, which allows remote attackers to bypass intended extension restrictions and access files or directories with
22-04-2019 - 17:48 09-06-2015 - 18:59
CVE-2014-1859 2.1
(1) core/tests/test_memmap.py, (2) core/tests/test_multiarray.py, (3) f2py/f2py2e.py, and (4) lib/tests/test_io.py in NumPy before 1.8.1 allow local users to write to arbitrary files via a symlink attack on a temporary file.
22-04-2019 - 17:48 08-01-2018 - 19:29
CVE-2019-5769 6.8
Incorrect handling of invalid end character position when front rendering in Blink in Google Chrome prior to 72.0.3626.81 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
18-04-2019 - 16:25 19-02-2019 - 17:29
CVE-2019-5770 6.8
Insufficient input validation in WebGL in Google Chrome prior to 72.0.3626.81 allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page.
18-04-2019 - 15:57 19-02-2019 - 17:29
CVE-2019-5757 6.8
An incorrect object type assumption in SVG in Google Chrome prior to 72.0.3626.81 allowed a remote attacker to potentially exploit object corruption via a crafted HTML page.
18-04-2019 - 15:06 19-02-2019 - 17:29
CVE-2019-5778 4.3
A missing case for handling special schemes in permission request checks in Extensions in Google Chrome prior to 72.0.3626.81 allowed an attacker who convinced a user to install a malicious extension to bypass extension permission checks for privileg
18-04-2019 - 14:58 19-02-2019 - 17:29
CVE-2019-5762 6.8
Inappropriate memory management when caching in PDFium in Google Chrome prior to 72.0.3626.81 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted PDF file.
18-04-2019 - 14:53 19-02-2019 - 17:29
CVE-2019-5756 6.8
Inappropriate memory management when caching in PDFium in Google Chrome prior to 72.0.3626.81 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted PDF file.
17-04-2019 - 17:20 19-02-2019 - 17:29
CVE-2019-5755 5.8
Incorrect handling of negative zero in V8 in Google Chrome prior to 72.0.3626.81 allowed a remote attacker to perform arbitrary read/write via a crafted HTML page.
17-04-2019 - 15:03 19-02-2019 - 17:29
CVE-2019-3877 4.3
A vulnerability was found in mod_auth_mellon before v0.14.2. An open redirect in the logout URL allows requests with backslashes to pass through by assuming that it is a relative URL, while the browsers silently convert backslash characters into forw
16-04-2019 - 18:29 27-03-2019 - 13:29
CVE-2014-0227 6.4
java/org/apache/coyote/http11/filters/ChunkedInputFilter.java in Apache Tomcat 6.x before 6.0.42, 7.x before 7.0.55, and 8.x before 8.0.9 does not properly handle attempts to continue reading data after an error has occurred, which allows remote atta
15-04-2019 - 16:29 16-02-2015 - 00:59
CVE-2014-0099 4.3
Integer overflow in java/org/apache/tomcat/util/buf/Ascii.java in Apache Tomcat before 6.0.40, 7.x before 7.0.53, and 8.x before 8.0.4, when operated behind a reverse proxy, allows remote attackers to conduct HTTP request smuggling attacks via a craf
15-04-2019 - 16:29 31-05-2014 - 11:17
CVE-2014-0096 4.3
java/org/apache/catalina/servlets/DefaultServlet.java in the default servlet in Apache Tomcat before 6.0.40, 7.x before 7.0.53, and 8.x before 8.0.4 does not properly restrict XSLT stylesheets, which allows remote attackers to bypass security-manager
15-04-2019 - 16:29 31-05-2014 - 11:17
CVE-2014-0075 5.0
Integer overflow in the parseChunkHeader function in java/org/apache/coyote/http11/filters/ChunkedInputFilter.java in Apache Tomcat before 6.0.40, 7.x before 7.0.53, and 8.x before 8.0.4 allows remote attackers to cause a denial of service (resource
15-04-2019 - 16:29 31-05-2014 - 11:17
CVE-2019-9844 4.3
simple-markdown.js in Khan Academy simple-markdown before 0.4.4 allows XSS via a data: or vbscript: URI.
15-04-2019 - 12:31 09-04-2019 - 02:29
CVE-2019-3861 6.4
An out of bounds read flaw was discovered in libssh2 before 1.8.1 in the way SSH packets with a padding length value greater than the packet length are parsed. A remote attacker who compromises a SSH server may be able to cause a Denial of Service or
15-04-2019 - 12:31 25-03-2019 - 19:29
CVE-2019-3860 6.4
An out of bounds read flaw was discovered in libssh2 before 1.8.1 in the way SFTP packets with empty payloads are parsed. A remote attacker who compromises a SSH server may be able to cause a Denial of Service or read data in the client memory.
15-04-2019 - 12:31 25-03-2019 - 19:29
CVE-2019-3862 6.4
An out of bounds read flaw was discovered in libssh2 before 1.8.1 in the way SSH_MSG_CHANNEL_REQUEST packets with an exit status message and no payload are parsed. A remote attacker who compromises a SSH server may be able to cause a Denial of Servic
15-04-2019 - 12:31 21-03-2019 - 16:01
CVE-2019-3858 6.4
An out of bounds read flaw was discovered in libssh2 before 1.8.1 when a specially crafted SFTP packet is received from the server. A remote attacker who compromises a SSH server may be able to cause a Denial of Service or read data in the client mem
15-04-2019 - 12:31 21-03-2019 - 21:29
CVE-2019-9644 4.3
An XSSI (cross-site inclusion) vulnerability in Jupyter Notebook before 5.7.6 allows inclusion of resources on malicious pages when visited by users who are authenticated with a Jupyter server. Access to the content of resources has been demonstrated
12-04-2019 - 03:29 12-03-2019 - 09:29
CVE-2019-10255 5.8
An Open Redirect vulnerability for all browsers in Jupyter Notebook before 5.7.7 and some browsers (Chrome, Firefox) in JupyterHub before 0.9.5 allows crafted links to the login page, which will redirect to a malicious site after successful login. Se
12-04-2019 - 03:29 28-03-2019 - 16:29
CVE-2018-12178 6.4
Buffer overflow in network stack for EDK II may allow unprivileged user to potentially enable escalation of privilege and/or denial of service via network.
11-04-2019 - 01:29 27-03-2019 - 20:29
CVE-2018-12182 4.6
Insufficient memory write check in SMM service for EDK II may allow an authenticated user to potentially enable escalation of privilege, information disclosure and/or denial of service via local access.
11-04-2019 - 01:29 27-03-2019 - 20:29
CVE-2018-19210 4.3
In LibTIFF 4.0.9, there is a NULL pointer dereference in the TIFFWriteDirectorySec function in tif_dirwrite.c that will lead to a denial of service attack, as demonstrated by tiffset.
05-04-2019 - 21:29 12-11-2018 - 19:29
CVE-2019-3871 6.5
A vulnerability was found in PowerDNS Authoritative Server before 4.0.7 and before 4.1.7. An insufficient validation of data coming from the user when building a HTTP request from a DNS query in the HTTP Connector of the Remote backend, allowing a re
05-04-2019 - 05:29 21-03-2019 - 21:29
CVE-2019-9895 7.5
In PuTTY versions before 0.71 on Unix, a remotely triggerable buffer overflow exists in any kind of server-to-client forwarding.
05-04-2019 - 05:29 21-03-2019 - 16:01
CVE-2019-6978 7.5
The GD Graphics Library (aka LibGD) 2.2.5 has a double free in the gdImage*Ptr() functions in gd_gif_out.c, gd_jpeg.c, and gd_wbmp.c. NOTE: PHP is unaffected.
05-04-2019 - 00:29 28-01-2019 - 08:29
CVE-2018-20592 4.3
In Mini-XML (aka mxml) v2.12, there is a use-after-free in the mxmlAdd function of the mxml-node.c file. Remote attackers could leverage this vulnerability to cause a denial-of-service via a crafted xml file, as demonstrated by mxmldoc.
03-04-2019 - 13:36 30-12-2018 - 18:29
CVE-2018-20005 4.3
An issue has been found in Mini-XML (aka mxml) 2.12. It is a use-after-free in mxmlWalkNext in mxml-search.c, as demonstrated by mxmldoc.
03-04-2019 - 12:45 10-12-2018 - 06:29
CVE-2018-11406 6.8
An issue was discovered in the Security component in Symfony 2.7.x before 2.7.48, 2.8.x before 2.8.41, 3.3.x before 3.3.17, 3.4.x before 3.4.11, and 4.0.x before 4.0.11. By default, a user's session is invalidated when the user is logged out. This be
29-03-2019 - 16:22 13-06-2018 - 16:29
CVE-2018-11386 4.3
An issue was discovered in the HttpFoundation component in Symfony 2.7.x before 2.7.48, 2.8.x before 2.8.41, 3.3.x before 3.3.17, 3.4.x before 3.4.11, and 4.0.x before 4.0.11. The PDOSessionHandler class allows storing sessions on a PDO connection. U
29-03-2019 - 16:22 13-06-2018 - 16:29
CVE-2015-4047 7.8
racoon/gssapi.c in IPsec-Tools 0.8.2 allows remote attackers to cause a denial of service (NULL pointer dereference and IKE daemon crash) via a series of crafted UDP requests.
27-03-2019 - 18:04 29-05-2015 - 15:59
CVE-2010-2227 6.4
Apache Tomcat 5.5.0 through 5.5.29, 6.0.0 through 6.0.27, and 7.0.0 beta does not properly handle an invalid Transfer-Encoding header, which allows remote attackers to cause a denial of service (application outage) or obtain sensitive information via
25-03-2019 - 11:32 13-07-2010 - 17:30
CVE-2007-6286 4.3
Apache Tomcat 5.5.11 through 5.5.25 and 6.0.0 through 6.0.15, when the native APR connector is used, does not properly handle an empty request to the SSL port, which allows remote attackers to trigger handling of "a duplicate copy of one of the recen
25-03-2019 - 11:29 12-02-2008 - 01:00
CVE-2007-5461 3.5
Absolute path traversal vulnerability in Apache Tomcat 4.0.0 through 4.0.6, 4.1.0, 5.0.0, 5.5.0 through 5.5.25, and 6.0.0 through 6.0.14, under certain configurations, allows remote authenticated users to read arbitrary files via a WebDAV write reque
25-03-2019 - 11:29 15-10-2007 - 18:17
CVE-2007-3385 4.3
Apache Tomcat 6.0.0 to 6.0.13, 5.5.0 to 5.5.24, 5.0.0 to 5.0.30, 4.1.0 to 4.1.36, and 3.3 to 3.3.2 does not properly handle the \" character sequence in a cookie value, which might cause sensitive information such as session IDs to be leaked to remot
25-03-2019 - 11:29 14-08-2007 - 22:17
CVE-2007-3382 4.3
Apache Tomcat 6.0.0 to 6.0.13, 5.5.0 to 5.5.24, 5.0.0 to 5.0.30, 4.1.0 to 4.1.36, and 3.3 to 3.3.2 treats single quotes ("'") as delimiters in cookies, which might cause sensitive information such as session IDs to be leaked and allow remote attacker
25-03-2019 - 11:29 14-08-2007 - 22:17
CVE-2007-2449 4.3
Multiple cross-site scripting (XSS) vulnerabilities in certain JSP files in the examples web application in Apache Tomcat 4.0.0 through 4.0.6, 4.1.0 through 4.1.36, 5.0.0 through 5.0.30, 5.5.0 through 5.5.24, and 6.0.0 through 6.0.13 allow remote att
25-03-2019 - 11:29 14-06-2007 - 23:30
CVE-2007-2450 3.5
Multiple cross-site scripting (XSS) vulnerabilities in the (1) Manager and (2) Host Manager web applications in Apache Tomcat 4.0.0 through 4.0.6, 4.1.0 through 4.1.36, 5.0.0 through 5.0.30, 5.5.0 through 5.5.24, and 6.0.0 through 6.0.13 allow remote
25-03-2019 - 11:29 14-06-2007 - 23:30
CVE-2007-1358 2.6
Cross-site scripting (XSS) vulnerability in certain applications using Apache Tomcat 4.0.0 through 4.0.6 and 4.1.0 through 4.1.34 allows remote attackers to inject arbitrary web script or HTML via crafted "Accept-Language headers that do not conform
25-03-2019 - 11:29 10-05-2007 - 00:19
CVE-2007-1355 4.3
Multiple cross-site scripting (XSS) vulnerabilities in the appdev/sample/web/hello.jsp example application in Tomcat 4.0.0 through 4.0.6, 4.1.0 through 4.1.36, 5.0.0 through 5.0.30, 5.5.0 through 5.5.23, and 6.0.0 through 6.0.10 allow remote attacker
25-03-2019 - 11:29 21-05-2007 - 20:30
CVE-2016-2335 6.8
The CInArchive::ReadFileItem method in Archive/Udf/UdfIn.cpp in 7zip 9.20 and 15.05 beta and p7zip allows remote attackers to cause a denial of service (out-of-bounds read) or execute arbitrary code via the PartitionRef field in the Long Allocation D
21-03-2019 - 20:29 07-06-2016 - 14:06
CVE-2015-2157 2.1
The (1) ssh2_load_userkey and (2) ssh2_save_userkey functions in PuTTY 0.51 through 0.63 do not properly wipe SSH-2 private keys from memory, which allows local users to obtain sensitive information by reading the memory.
21-03-2019 - 17:04 27-03-2015 - 14:59
CVE-2016-0763 6.5
The setGlobalContext method in org/apache/naming/factory/ResourceLinkFactory.java in Apache Tomcat 7.x before 7.0.68, 8.x before 8.0.31, and 9.x before 9.0.0.M3 does not consider whether ResourceLinkFactory.setGlobalContext callers are authorized, wh
21-03-2019 - 15:59 25-02-2016 - 01:59
CVE-2018-11408 5.8
The security handlers in the Security component in Symfony in 2.7.x before 2.7.48, 2.8.x before 2.8.41, 3.3.x before 3.3.17, 3.4.x before 3.4.11, and 4.0.x before 4.0.11 have an Open redirect vulnerability when security.http_utils is inlined by a con
13-03-2019 - 17:53 13-06-2018 - 16:29
CVE-2018-11385 6.8
An issue was discovered in the Security component in Symfony 2.7.x before 2.7.48, 2.8.x before 2.8.41, 3.3.x before 3.3.17, 3.4.x before 3.4.11, and 4.0.x before 4.0.11. A session fixation vulnerability within the "Guard" login feature may allow an a
12-03-2019 - 14:36 13-06-2018 - 16:29
CVE-2015-7942 6.8
The xmlParseConditionalSections function in parser.c in libxml2 does not properly skip intermediary entities when it stops parsing invalid input, which allows context-dependent attackers to cause a denial of service (out-of-bounds read and crash) via
08-03-2019 - 16:06 18-11-2015 - 16:59
CVE-2015-8659 10.0
The idle stream handling in nghttp2 before 1.6.0 allows attackers to have unspecified impact via unknown vectors, aka a heap-use-after-free bug.
08-03-2019 - 16:06 12-01-2016 - 19:59
CVE-2015-8035 2.6
The xz_decomp function in xzlib.c in libxml2 2.9.1 does not properly detect compression errors, which allows context-dependent attackers to cause a denial of service (process hang) via crafted XML data.
08-03-2019 - 16:06 18-11-2015 - 16:59
CVE-2015-2080 5.0
The exception handling code in Eclipse Jetty before 9.2.9.v20150224 allows remote attackers to obtain sensitive information from process memory via illegal characters in an HTTP header, aka JetLeak.
08-03-2019 - 11:29 07-10-2016 - 14:59
CVE-2010-3704 6.8
The FoFiType1::parse function in fofi/FoFiType1.cc in the PDF parser in xpdf before 3.02pl5, poppler 0.8.7 and possibly other versions up to 0.15.1, kdegraphics, and possibly other products allows context-dependent attackers to cause a denial of serv
06-03-2019 - 16:30 05-11-2010 - 18:00
CVE-2009-0147 4.3
Multiple integer overflows in the JBIG2 decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and earlier, and other products allow remote attackers to cause a denial of service (crash) via a crafted PDF file, related to (1) JBIG2Stream::readSymbolDictSeg,
06-03-2019 - 16:30 23-04-2009 - 17:30
CVE-2009-1180 6.8
The JBIG2 decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and earlier, Poppler before 0.10.6, and other products allows remote attackers to execute arbitrary code via a crafted PDF file that triggers a free of invalid data.
06-03-2019 - 16:30 23-04-2009 - 17:30
CVE-2009-0799 4.3
The JBIG2 decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and earlier, Poppler before 0.10.6, and other products allows remote attackers to cause a denial of service (crash) via a crafted PDF file that triggers an out-of-bounds read.
06-03-2019 - 16:30 23-04-2009 - 17:30
CVE-2009-0166 4.3
The JBIG2 decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and earlier, and other products allows remote attackers to cause a denial of service (crash) via a crafted PDF file that triggers a free of uninitialized memory.
06-03-2019 - 16:30 23-04-2009 - 17:30
CVE-2009-1182 7.5
Multiple buffer overflows in the JBIG2 MMR decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and earlier, Poppler before 0.10.6, and other products allow remote attackers to execute arbitrary code via a crafted PDF file.
06-03-2019 - 16:30 23-04-2009 - 17:30
CVE-2009-0146 4.3
Multiple buffer overflows in the JBIG2 decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and earlier, and other products allow remote attackers to cause a denial of service (crash) via a crafted PDF file, related to (1) JBIG2SymbolDict::setBitmap and (
06-03-2019 - 16:30 23-04-2009 - 17:30
CVE-2016-6254 6.4
Heap-based buffer overflow in the parse_packet function in network.c in collectd before 5.4.3 and 5.x before 5.5.2 allows remote attackers to cause a denial of service (daemon crash) or possibly execute arbitrary code via a crafted network packet.
04-03-2019 - 17:42 19-08-2016 - 21:59
CVE-2016-3159 1.7
The fpu_fxrstor function in arch/x86/i387.c in Xen 4.x does not properly handle writes to the hardware FSW.ES bit when running on AMD64 processors, which allows local guest OS users to obtain sensitive register content information from another guest
21-02-2019 - 17:42 13-04-2016 - 16:59
CVE-2015-2172 6.5
DokuWiki before 2014-05-05d and before 2014-09-29c does not properly check permissions for the ACL plugins, which allows remote authenticated users to gain privileges and add or delete ACL rules via a request to the XMLRPC API.
05-02-2019 - 18:24 30-03-2015 - 14:59
CVE-2018-7262 5.0
In Ceph before 12.2.3 and 13.x through 13.0.1, the rgw_civetweb.cc RGWCivetWeb::init_env function in radosgw doesn't handle malformed HTTP headers properly, allowing for denial of service.
04-02-2019 - 17:25 19-03-2018 - 21:29
CVE-2018-19120 5.0
The HTML thumbnailer plugin in KDE Applications before 18.12.0 allows attackers to trigger outbound TCP connections to arbitrary IP addresses, leading to disclosure of the source IP address.
31-01-2019 - 19:30 29-11-2018 - 21:29
CVE-2015-7940 5.0
The Bouncy Castle Java library before 1.51 does not validate a point is withing the elliptic curve, which makes it easier for remote attackers to obtain private keys via a series of crafted elliptic curve Diffie Hellman (ECDH) key exchanges, aka an "
16-01-2019 - 19:29 09-11-2015 - 16:59
CVE-2015-0852 5.0
Multiple integer underflows in PluginPCX.cpp in FreeImage 3.17.0 and earlier allow remote attackers to cause a denial of service (heap memory corruption) via vectors related to the height and width of a window.
16-01-2019 - 19:29 29-09-2015 - 18:59
CVE-2009-0579 4.6
Linux-PAM before 1.0.4 does not enforce the minimum password age (MINDAYS) as specified in /etc/shadow, which allows local users to bypass intended security policy and change their passwords sooner than specified.
03-01-2019 - 15:01 16-04-2009 - 15:12
CVE-2009-0887 6.6
Integer signedness error in the _pam_StrTok function in libpam/pam_misc.c in Linux-PAM (aka pam) 1.0.3 and earlier, when a configuration file contains non-ASCII usernames, might allow remote attackers to cause a denial of service, and might allow rem
03-01-2019 - 15:01 12-03-2009 - 15:20
CVE-2014-2709 7.5
lib/rrd.php in Cacti 0.8.7g, 0.8.8b, and earlier allows remote attackers to execute arbitrary commands via shell metacharacters in unspecified parameters. Per: https://cwe.mitre.org/data/definitions/77.html "CWE-77: Improper Neutralization of Specia
13-12-2018 - 18:22 23-04-2014 - 15:55
CVE-2014-2328 6.5
lib/graph_export.php in Cacti 0.8.7g, 0.8.8b, and earlier allows remote authenticated users to execute arbitrary commands via shell metacharacters in unspecified vectors. Per: https://cwe.mitre.org/data/definitions/77.html "CWE-77: Improper Neutrali
13-12-2018 - 18:22 23-04-2014 - 15:55
CVE-2012-0035 9.3
Untrusted search path vulnerability in EDE in CEDET before 1.0.1, as used in GNU Emacs before 23.4 and other products, allows local users to gain privileges via a crafted Lisp expression in a Project.ede file in the directory, or a parent directory,
07-12-2018 - 11:29 19-01-2012 - 15:55
CVE-2015-1793 6.4
The X509_verify_cert function in crypto/x509/x509_vfy.c in OpenSSL 1.0.1n, 1.0.1o, 1.0.2b, and 1.0.2c does not properly process X.509 Basic Constraints cA values during identification of alternative certificate chains, which allows remote attackers t
30-11-2018 - 21:30 09-07-2015 - 19:17
CVE-2016-8690 4.3
The bmp_getdata function in libjasper/bmp/bmp_dec.c in JasPer before 1.900.5 allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted BMP image in an imginfo command.
22-11-2018 - 11:29 15-02-2017 - 19:59
CVE-2015-5203 4.3
Double free vulnerability in the jasper_image_stop_load function in JasPer 1.900.17 allows remote attackers to cause a denial of service (crash) via a crafted JPEG 2000 image file.
22-11-2018 - 11:29 02-08-2017 - 19:29
CVE-2015-5221 4.3
Use-after-free vulnerability in the mif_process_cmpt function in libjasper/mif/mif_cod.c in the JasPer JPEG-2000 library before 1.900.2 allows remote attackers to cause a denial of service (crash) via a crafted JPEG 2000 image file.
22-11-2018 - 11:29 25-07-2017 - 18:29
CVE-2013-7203 2.1
gitolite before commit fa06a34 might allow local users to read arbitrary files in repositories via vectors related to the user umask when running gitolite setup.
19-11-2018 - 15:08 21-09-2018 - 17:29
CVE-2010-0159 10.0
The browser engine in Mozilla Firefox 3.0.x before 3.0.18 and 3.5.x before 3.5.8, Thunderbird before 3.0.2, and SeaMonkey before 2.0.3 allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute
16-11-2018 - 15:56 22-02-2010 - 13:00
CVE-2009-4538 10.0
drivers/net/e1000e/netdev.c in the e1000e driver in the Linux kernel 2.6.32.3 and earlier does not properly check the size of an Ethernet frame that exceeds the MTU, which allows remote attackers to have an unspecified impact via crafted packets, a r
16-11-2018 - 15:53 12-01-2010 - 17:30
CVE-2009-4537 7.8
drivers/net/r8169.c in the r8169 driver in the Linux kernel 2.6.32.3 and earlier does not properly check the size of an Ethernet frame that exceeds the MTU, which allows remote attackers to (1) cause a denial of service (temporary network outage) via
16-11-2018 - 15:52 12-01-2010 - 17:30
CVE-2009-4536 7.8
drivers/net/e1000/e1000_main.c in the e1000 driver in the Linux kernel 2.6.32.3 and earlier handles Ethernet frames that exceed the MTU by processing certain trailing payload data as if it were a complete frame, which allows remote attackers to bypas
16-11-2018 - 15:51 12-01-2010 - 17:30
CVE-2013-0247 5.0
OpenStack Keystone Essex 2012.1.3 and earlier, Folsom 2012.2.3 and earlier, and Grizzly grizzly-2 and earlier allows remote attackers to cause a denial of service (disk consumption) via many invalid token requests that trigger excessive generation of
15-11-2018 - 17:56 24-02-2013 - 19:55
CVE-2012-1585 4.0
OpenStack Compute (Nova) Essex before 2011.3 allows remote authenticated users to cause a denial of service (Nova-API log file and disk consumption) via a long server name.
14-11-2018 - 18:35 17-08-2012 - 00:55
CVE-2016-5419 5.0
curl and libcurl before 7.50.1 do not prevent TLS session resumption when the client certificate has changed, which allows remote attackers to bypass intended restrictions by resuming a session.
13-11-2018 - 11:29 10-08-2016 - 14:59
CVE-2016-7167 7.5
Multiple integer overflows in the (1) curl_escape, (2) curl_easy_escape, (3) curl_unescape, and (4) curl_easy_unescape functions in libcurl before 7.50.3 allow attackers to have unspecified impact via a string of length 0xffffffff, which triggers a h
13-11-2018 - 11:29 07-10-2016 - 14:59
CVE-2016-5420 5.0
curl and libcurl before 7.50.1 do not check the client certificate when choosing the TLS connection to reuse, which might allow remote attackers to hijack the authentication of the connection by leveraging a previously created connection with a diffe
13-11-2018 - 11:29 10-08-2016 - 14:59
CVE-2009-2336 5.0
The forgotten mail interface in WordPress and WordPress MU before 2.8.1 exhibits different behavior for a password request depending on whether the user account exists, which allows remote attackers to enumerate valid usernames. NOTE: the vendor rep
08-11-2018 - 20:39 10-07-2009 - 21:00
CVE-2009-2335 5.0
WordPress and WordPress MU before 2.8.1 exhibit different behavior for a failed login attempt depending on whether the user account exists, which allows remote attackers to enumerate valid usernames. NOTE: the vendor reportedly disputes the signific
08-11-2018 - 20:38 10-07-2009 - 21:00
CVE-2009-1633 7.1
Multiple buffer overflows in the cifs subsystem in the Linux kernel before 2.6.29.4 allow remote CIFS servers to cause a denial of service (memory corruption) and possibly have unspecified other impact via (1) a malformed Unicode string, related to U
08-11-2018 - 20:29 28-05-2009 - 20:30
CVE-2008-5024 7.5
Mozilla Firefox 3.x before 3.0.4, Firefox 2.x before 2.0.0.18, Thunderbird 2.x before 2.0.0.18, and SeaMonkey 1.x before 1.1.13 do not properly escape quote characters used for XML processing, which allows remote attackers to conduct XML injection at
02-11-2018 - 13:50 13-11-2008 - 11:30
CVE-2008-5022 7.5
The nsXMLHttpRequest::NotifyEventListeners method in Firefox 3.x before 3.0.4, Firefox 2.x before 2.0.0.18, Thunderbird 2.x before 2.0.0.18, and SeaMonkey 1.x before 1.1.13 allows remote attackers to bypass the same-origin policy and execute arbitrar
02-11-2018 - 13:49 13-11-2008 - 11:30
CVE-2008-5023 7.5
Firefox 3.x before 3.0.4, Firefox 2.x before 2.0.0.18, and SeaMonkey 1.x before 1.1.13 allows remote attackers to bypass the protection mechanism for codebase principals and execute arbitrary script via the -moz-binding CSS property in a signed JAR f
02-11-2018 - 13:49 13-11-2008 - 11:30
CVE-2008-5018 10.0
The JavaScript engine in Mozilla Firefox 3.x before 3.0.4, Firefox 2.x before 2.0.0.18, Thunderbird 2.x before 2.0.0.18, and SeaMonkey 1.x before 1.1.13 allows remote attackers to cause a denial of service (crash) via vectors related to "insufficient
02-11-2018 - 13:48 13-11-2008 - 11:30
CVE-2008-5017 10.0
Integer overflow in xpcom/io/nsEscape.cpp in the browser engine in Mozilla Firefox 3.x before 3.0.4, Firefox 2.x before 2.0.0.18, Thunderbird 2.x before 2.0.0.18, and SeaMonkey 1.x before 1.1.13 allows remote attackers to cause a denial of service (c
02-11-2018 - 13:48 13-11-2008 - 11:30
CVE-2008-5014 10.0
jslock.cpp in Mozilla Firefox 3.x before 3.0.2, Firefox 2.x before 2.0.0.18, Thunderbird 2.x before 2.0.0.18, and SeaMonkey 1.x before 1.1.13 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code by modifyin
02-11-2018 - 13:47 13-11-2008 - 11:30
CVE-2008-4062 10.0
Multiple unspecified vulnerabilities in Mozilla Firefox before 2.0.0.17 and 3.x before 3.0.2, Thunderbird before 2.0.0.17, and SeaMonkey before 1.1.12 allow remote attackers to cause a denial of service (memory corruption and application crash) or po
01-11-2018 - 16:23 24-09-2008 - 20:37
CVE-2008-4061 10.0
Integer overflow in the MathML component in Mozilla Firefox before 2.0.0.17 and 3.x before 3.0.2, Thunderbird before 2.0.0.17, and SeaMonkey before 1.1.12 allows remote attackers to cause a denial of service (memory corruption and application crash)
01-11-2018 - 16:23 24-09-2008 - 20:37
CVE-2008-4058 7.5
The XPConnect component in Mozilla Firefox before 2.0.0.17 and 3.x before 3.0.2, Thunderbird before 2.0.0.17, and SeaMonkey before 1.1.12 allows remote attackers to "pollute XPCNativeWrappers" and execute arbitrary code with chrome privileges via vec
01-11-2018 - 16:23 24-09-2008 - 20:37
CVE-2008-4067 4.3
Directory traversal vulnerability in Mozilla Firefox before 2.0.0.17 and 3.x before 3.0.2, Thunderbird before 2.0.0.17, and SeaMonkey before 1.1.12 on Linux allows remote attackers to read arbitrary files via a .. (dot dot) and URL-encoded / (slash)
01-11-2018 - 16:22 24-09-2008 - 20:37
CVE-2008-4065 4.3
Mozilla Firefox before 2.0.0.17 and 3.x before 3.0.2, Thunderbird before 2.0.0.17, and SeaMonkey before 1.1.12 allow remote attackers to bypass cross-site scripting (XSS) protection mechanisms and conduct XSS attacks via byte order mark (BOM) charact
01-11-2018 - 16:22 24-09-2008 - 20:37
CVE-2008-4068 7.8
Directory traversal vulnerability in Mozilla Firefox before 2.0.0.17 and 3.x before 3.0.2, Thunderbird before 2.0.0.17, and SeaMonkey before 1.1.12 allows remote attackers to bypass "restrictions imposed on local HTML files," and obtain sensitive inf
01-11-2018 - 15:15 24-09-2008 - 20:37
CVE-2008-3837 9.3
Mozilla Firefox before 2.0.0.17 and 3.x before 3.0.2, and SeaMonkey before 1.1.12, allow user-assisted remote attackers to move a window during a mouse click, and possibly force a file download or unspecified other drag-and-drop action, via a crafted
01-11-2018 - 15:14 24-09-2008 - 20:37
CVE-2008-2725 7.8
Integer overflow in the (1) rb_ary_splice function in Ruby 1.8.4 and earlier, 1.8.5 before 1.8.5-p231, 1.8.6 before 1.8.6-p230, and 1.8.7 before 1.8.7-p22; and (2) the rb_ary_replace function in 1.6.x allows context-dependent attackers to trigger mem
01-11-2018 - 15:07 24-06-2008 - 19:41
CVE-2008-2726 7.8
Integer overflow in the (1) rb_ary_splice function in Ruby 1.8.4 and earlier, 1.8.5 before 1.8.5-p231, 1.8.6 before 1.8.6-p230, 1.8.7 before 1.8.7-p22, and 1.9.0 before 1.9.0-2; and (2) the rb_ary_replace function in 1.6.x allows context-dependent at
01-11-2018 - 15:07 24-06-2008 - 19:41
CVE-2008-2663 10.0
Multiple integer overflows in the rb_ary_store function in Ruby 1.8.4 and earlier, 1.8.5 before 1.8.5-p231, 1.8.6 before 1.8.6-p230, and 1.8.7 before 1.8.7-p22 allow context-dependent attackers to execute arbitrary code or cause a denial of service v
01-11-2018 - 15:06 24-06-2008 - 19:41
CVE-2008-2664 7.8
The rb_str_format function in Ruby 1.8.4 and earlier, 1.8.5 before 1.8.5-p231, 1.8.6 before 1.8.6-p230, 1.8.7 before 1.8.7-p22, and 1.9.0 before 1.9.0-2 allows context-dependent attackers to trigger memory corruption via unspecified vectors related t
01-11-2018 - 15:06 24-06-2008 - 19:41
CVE-2008-2662 10.0
Multiple integer overflows in the rb_str_buf_append function in Ruby 1.8.4 and earlier, 1.8.5 before 1.8.5-p231, 1.8.6 before 1.8.6-p230, 1.8.7 before 1.8.7-p22, and 1.9.0 before 1.9.0-2 allow context-dependent attackers to execute arbitrary code or
01-11-2018 - 15:02 24-06-2008 - 19:41
CVE-2008-1531 4.3
The connection_state_machine function (connections.c) in lighttpd 1.4.19 and earlier, and 1.5.x before 1.5.0, allows remote attackers to cause a denial of service (active SSL connection loss) by triggering an SSL error, such as disconnecting before a
31-10-2018 - 19:23 27-03-2008 - 23:44
CVE-2008-1515 6.4
The SOAP interface in OTRS 2.1.x before 2.1.8 and 2.2.x before 2.2.6 allows remote attackers to "read and modify objects" via SOAP requests, related to "Missing security checks."
31-10-2018 - 19:19 01-04-2008 - 17:44
CVE-2008-2136 7.8
Memory leak in the ipip6_rcv function in net/ipv6/sit.c in the Linux kernel 2.4 before 2.4.36.5 and 2.6 before 2.6.25.3 allows remote attackers to cause a denial of service (memory consumption) via network traffic to a Simple Internet Transition (SIT
31-10-2018 - 18:55 16-05-2008 - 12:54
CVE-2008-7177 9.3
Buffer overflow in the listing module in Netwide Assembler (NASM) before 2.03.01 has unknown impact and attack vectors, a different vulnerability than CVE-2008-2719.
31-10-2018 - 18:35 08-09-2009 - 10:30
CVE-2013-4421 5.0
The buf_decompress function in packet.c in Dropbear SSH Server before 2013.59 allows remote attackers to cause a denial of service (memory consumption) via a compressed packet that has a large size when it is decompressed.
30-10-2018 - 16:28 25-10-2013 - 23:55
CVE-2015-8778 7.5
Integer overflow in the GNU C Library (aka glibc or libc6) before 2.23 allows context-dependent attackers to cause a denial of service (application crash) or possibly execute arbitrary code via the size argument to the __hcreate_r function, which tri
30-10-2018 - 16:27 19-04-2016 - 21:59
CVE-2014-9675 5.0
bdf/bdflib.c in FreeType before 2.5.4 identifies property names by only verifying that an initial substring is present, which allows remote attackers to discover heap pointer values and bypass the ASLR protection mechanism via a crafted BDF font.
30-10-2018 - 16:27 08-02-2015 - 11:59
CVE-2014-9665 7.5
The Load_SBit_Png function in sfnt/pngshim.c in FreeType before 2.5.4 does not restrict the rows and pitch values of PNG data, which allows remote attackers to cause a denial of service (integer overflow and heap-based buffer overflow) or possibly ha
30-10-2018 - 16:27 08-02-2015 - 11:59
CVE-2014-9657 7.5
The tt_face_load_hdmx function in truetype/ttpload.c in FreeType before 2.5.4 does not establish a minimum record size, which allows remote attackers to cause a denial of service (out-of-bounds read) or possibly have unspecified other impact via a cr
30-10-2018 - 16:27 08-02-2015 - 11:59
CVE-2015-7758 2.1
Gummi 0.6.5 allows local users to write to arbitrary files via a symlink attack on a temporary dot file that uses the name of an existing file and a (1) .aux, (2) .log, (3) .out, (4) .pdf, or (5) .toc extension for the file name, as demonstrated by .
30-10-2018 - 16:27 08-01-2016 - 19:59
CVE-2015-8704 6.8
apl_42.c in ISC BIND 9.x before 9.9.8-P3, 9.9.x, and 9.10.x before 9.10.3-P3 allows remote authenticated users to cause a denial of service (INSIST assertion failure and daemon exit) via a malformed Address Prefix List (APL) record.
30-10-2018 - 16:27 20-01-2016 - 15:59
CVE-2016-6855 5.0
Eye of GNOME (aka eog) 3.16.5, 3.17.x, 3.18.x before 3.18.3, 3.19.x, and 3.20.x before 3.20.4, when used with glib before 2.44.1, allow remote attackers to cause a denial of service (out-of-bounds write and crash) via vectors involving passing invali
30-10-2018 - 16:27 07-09-2016 - 18:59
CVE-2014-9488 10.0
The is_utf8_well_formed function in GNU less before 475 allows remote attackers to have unspecified impact via malformed UTF-8 characters, which triggers an out-of-bounds read.
30-10-2018 - 16:27 14-04-2015 - 18:59
CVE-2015-7217 4.3
The gdk-pixbuf configuration in Mozilla Firefox before 43.0 on Linux GNOME platforms incorrectly enables the TGA decoder, which allows remote attackers to cause a denial of service (heap-based buffer overflow) via a crafted Truevision TGA image.
30-10-2018 - 16:27 16-12-2015 - 11:59
CVE-2015-7208 5.0
Mozilla Firefox before 43.0 stores cookies containing vertical tab characters, which allows remote attackers to obtain sensitive information by reading HTTP Cookie headers.
30-10-2018 - 16:27 16-12-2015 - 11:59
CVE-2014-8132 5.0
Double free vulnerability in the ssh_packet_kexinit function in kex.c in libssh 0.5.x and 0.6.x before 0.6.4 allows remote attackers to cause a denial of service via a crafted kexinit packet. <a href="http://cwe.mitre.org/data/definitions/415.html">C
30-10-2018 - 16:27 29-12-2014 - 00:59
CVE-2014-9663 7.5
The tt_cmap4_validate function in sfnt/ttcmap.c in FreeType before 2.5.4 validates a certain length field before that field's value is completely calculated, which allows remote attackers to cause a denial of service (out-of-bounds read) or possibly
30-10-2018 - 16:27 08-02-2015 - 11:59
CVE-2015-8776 6.4
The strftime function in the GNU C Library (aka glibc or libc6) before 2.23 allows context-dependent attackers to cause a denial of service (application crash) or possibly obtain sensitive information via an out-of-range time value.
30-10-2018 - 16:27 19-04-2016 - 21:59
CVE-2016-8693 6.8
Double free vulnerability in the mem_close function in jas_stream.c in JasPer before 1.900.10 allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted BMP image to the imginfo command.
30-10-2018 - 16:27 15-02-2017 - 19:59
CVE-2015-8461 7.1
Race condition in resolver.c in named in ISC BIND 9.9.8 before 9.9.8-P2 and 9.10.3 before 9.10.3-P2 allows remote attackers to cause a denial of service (INSIST assertion failure and daemon exit) via unspecified vectors.
30-10-2018 - 16:27 16-12-2015 - 15:59
CVE-2016-5178 7.5
Multiple unspecified vulnerabilities in Google Chrome before 53.0.2785.143 allow remote attackers to cause a denial of service or possibly have other impact via unknown vectors.
30-10-2018 - 16:27 23-05-2017 - 04:29
CVE-2016-7972 5.0
The check_allocations function in libass/ass_shaper.c in libass before 0.13.4 allows remote attackers to cause a denial of service (memory allocation failure) via unspecified vectors.
30-10-2018 - 16:27 03-03-2017 - 16:59
CVE-2014-9679 6.8
Integer underflow in the cupsRasterReadPixels function in filter/raster.c in CUPS before 2.0.2 allows remote attackers to have unspecified impact via a malformed compressed raster file, which triggers a buffer overflow.
30-10-2018 - 16:27 19-02-2015 - 15:59
CVE-2014-9662 7.5
cff/cf2ft.c in FreeType before 2.5.4 does not validate the return values of point-allocation functions, which allows remote attackers to cause a denial of service (heap-based buffer overflow) or possibly have unspecified other impact via a crafted OT
30-10-2018 - 16:27 08-02-2015 - 11:59
CVE-2015-7219 5.0
The HTTP/2 implementation in Mozilla Firefox before 43.0 allows remote attackers to cause a denial of service (integer underflow, assertion failure, and application exit) via a malformed PushPromise frame that triggers decompressed-buffer length misc
30-10-2018 - 16:27 16-12-2015 - 11:59
CVE-2015-8618 5.0
The Int.Exp Montgomery code in the math/big library in Go 1.5.x before 1.5.3 mishandles carry propagation and produces incorrect output, which makes it easier for attackers to obtain private RSA keys via unspecified vectors.
30-10-2018 - 16:27 27-01-2016 - 20:59
CVE-2014-9661 7.5
type42/t42parse.c in FreeType before 2.5.4 does not consider that scanning can be incomplete without triggering an error, which allows remote attackers to cause a denial of service (use-after-free) or possibly have unspecified other impact via a craf
30-10-2018 - 16:27 08-02-2015 - 11:59
CVE-2015-7218 5.0
The HTTP/2 implementation in Mozilla Firefox before 43.0 allows remote attackers to cause a denial of service (integer underflow, assertion failure, and application exit) via a single-byte header frame that triggers incorrect memory allocation.
30-10-2018 - 16:27 16-12-2015 - 11:59
CVE-2014-9221 5.0
strongSwan 4.5.x through 5.2.x before 5.2.1 allows remote attackers to cause a denial of service (invalid pointer dereference) via a crafted IKEv2 Key Exchange (KE) message with Diffie-Hellman (DH) group 1025.
30-10-2018 - 16:27 07-01-2015 - 19:59
CVE-2014-9640 5.0
oggenc/oggenc.c in vorbis-tools 1.4.0 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted raw file.
30-10-2018 - 16:27 23-01-2015 - 15:59
CVE-2016-8568 4.3
The git_commit_message function in oid.c in libgit2 before 0.24.3 allows remote attackers to cause a denial of service (out-of-bounds read) via a cat-file command with a crafted object file.
30-10-2018 - 16:27 03-02-2017 - 15:59
CVE-2016-6225 4.3
xbcrypt in Percona XtraBackup before 2.3.6 and 2.4.x before 2.4.5 does not properly set the initialization vector (IV) for encryption, which makes it easier for context-dependent attackers to obtain sensitive information from encrypted backup files v
30-10-2018 - 16:27 23-03-2017 - 16:59
CVE-2014-9220 7.5
SQL injection vulnerability in OpenVAS Manager before 4.0.6 and 5.x before 5.0.7 allows remote attackers to execute arbitrary SQL commands via the timezone parameter in a modify_schedule OMP command.
30-10-2018 - 16:27 03-12-2014 - 01:59
CVE-2015-7207 5.0
Mozilla Firefox before 43.0 does not properly restrict the availability of IFRAME Resource Timing API times, which allows remote attackers to bypass the Same Origin Policy and obtain sensitive information via crafted JavaScript code that leverages hi
30-10-2018 - 16:27 16-12-2015 - 11:59
CVE-2016-9959 6.8
game-music-emu before 0.6.1 allows remote attackers to generate out of bounds 8-bit values.
30-10-2018 - 16:27 12-04-2017 - 20:59
CVE-2015-8547 5.0
The CoreUserInputHandler::doMode function in core/coreuserinputhandler.cpp in Quassel 0.10.0 allows remote attackers to cause a denial of service (application crash) via the "/op *" command in a query.
30-10-2018 - 16:27 08-01-2016 - 19:59
CVE-2014-9659 7.5
cff/cf2intrp.c in the CFF CharString interpreter in FreeType before 2.5.4 proceeds with additional hints after the hint mask has been computed, which allows remote attackers to execute arbitrary code or cause a denial of service (stack-based buffer o
30-10-2018 - 16:27 08-02-2015 - 11:59
CVE-2015-7552 9.3
Heap-based buffer overflow in the gdk_pixbuf_flip function in gdk-pixbuf-scale.c in gdk-pixbuf 2.30.x allows remote attackers to cause a denial of service or possibly execute arbitrary code via a crafted BMP file.
30-10-2018 - 16:27 18-04-2016 - 14:59
CVE-2014-9666 6.8
The tt_sbit_decoder_init function in sfnt/ttsbit.c in FreeType before 2.5.4 proceeds with a count-to-size association without restricting the count value, which allows remote attackers to cause a denial of service (integer overflow and out-of-bounds
30-10-2018 - 16:27 08-02-2015 - 11:59
CVE-2014-9660 7.5
The _bdf_parse_glyphs function in bdf/bdflib.c in FreeType before 2.5.4 does not properly handle a missing ENDCHAR record, which allows remote attackers to cause a denial of service (NULL pointer dereference) or possibly have unspecified other impact
30-10-2018 - 16:27 08-02-2015 - 11:59
CVE-2015-7215 5.0
The importScripts function in the Web Workers API implementation in Mozilla Firefox before 43.0 allows remote attackers to bypass the Same Origin Policy by triggering use of the no-cors mode in the fetch API to attempt resource access that throws an
30-10-2018 - 16:27 16-12-2015 - 11:59
CVE-2014-9670 4.3
Multiple integer signedness errors in the pcf_get_encodings function in pcf/pcfread.c in FreeType before 2.5.4 allow remote attackers to cause a denial of service (integer overflow, NULL pointer dereference, and application crash) via a crafted PCF f
30-10-2018 - 16:27 08-02-2015 - 11:59
CVE-2014-9667 6.8
sfnt/ttload.c in FreeType before 2.5.4 proceeds with offset+length calculations without restricting the values, which allows remote attackers to cause a denial of service (integer overflow and out-of-bounds read) or possibly have unspecified other im
30-10-2018 - 16:27 08-02-2015 - 11:59
CVE-2015-8779 7.5
Stack-based buffer overflow in the catopen function in the GNU C Library (aka glibc or libc6) before 2.23 allows context-dependent attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a long catalog name.
30-10-2018 - 16:27 19-04-2016 - 21:59
CVE-2015-7805 9.3
Heap-based buffer overflow in libsndfile 1.0.25 allows remote attackers to have unspecified impact via the headindex value in the header in an AIFF file.
30-10-2018 - 16:27 17-11-2015 - 15:59
CVE-2014-9658 7.5
The tt_face_load_kern function in sfnt/ttkern.c in FreeType before 2.5.4 enforces an incorrect minimum table length, which allows remote attackers to cause a denial of service (out-of-bounds read) or possibly have unspecified other impact via a craft
30-10-2018 - 16:27 08-02-2015 - 11:59
CVE-2014-9656 7.5
The tt_sbit_decoder_load_image function in sfnt/ttsbit.c in FreeType before 2.5.4 does not properly check for an integer overflow, which allows remote attackers to cause a denial of service (out-of-bounds read) or possibly have unspecified other impa
30-10-2018 - 16:27 08-02-2015 - 11:59
CVE-2016-5157 6.8
Heap-based buffer overflow in the opj_dwt_interleave_v function in dwt.c in OpenJPEG, as used in PDFium in Google Chrome before 53.0.2785.89 on Windows and OS X and before 53.0.2785.92 on Linux, allows remote attackers to execute arbitrary code via c
30-10-2018 - 16:27 11-09-2016 - 10:59
CVE-2016-9957 6.8
Stack-based buffer overflow in game-music-emu before 0.6.1.
30-10-2018 - 16:27 12-04-2017 - 20:59
CVE-2014-9601 5.0
Pillow before 2.7.0 allows remote attackers to cause a denial of service via a compressed text chunk in a PNG image that has a large size when it is decompressed.
30-10-2018 - 16:27 16-01-2015 - 16:59
CVE-2015-8803 7.5
The ecc_256_modp function in ecc-256.c in Nettle before 3.2 does not properly handle carry propagation and produces incorrect output in its implementation of the P-256 NIST elliptic curve, which allows attackers to have unspecified impact via unknown
30-10-2018 - 16:27 23-02-2016 - 19:59
CVE-2015-6938 4.3
Cross-site scripting (XSS) vulnerability in the file browser in notebook/notebookapp.py in IPython Notebook before 3.2.2 and Jupyter Notebook 4.0.x before 4.0.5 allows remote attackers to inject arbitrary web script or HTML via a folder name. NOTE:
30-10-2018 - 16:27 21-09-2015 - 19:59
CVE-2015-8705 6.6
buffer.c in named in ISC BIND 9.10.x before 9.10.3-P3, when debug logging is enabled, allows remote attackers to cause a denial of service (REQUIRE assertion failure and daemon exit, or daemon crash) or possibly have unspecified other impact via (1)
30-10-2018 - 16:27 20-01-2016 - 15:59
CVE-2014-9668 7.5
The woff_open_font function in sfnt/sfobjs.c in FreeType before 2.5.4 proceeds with offset+length calculations without restricting length values, which allows remote attackers to cause a denial of service (integer overflow and heap-based buffer overf
30-10-2018 - 16:27 08-02-2015 - 11:59
CVE-2013-5611 5.8
Mozilla Firefox before 26.0 does not properly remove the Application Installation doorhanger, which makes it easier for remote attackers to spoof a Web App installation site by controlling the timing of page navigation.
30-10-2018 - 16:27 11-12-2013 - 15:55
CVE-2014-9674 7.5
The Mac_Read_POST_Resource function in base/ftobjs.c in FreeType before 2.5.4 proceeds with adding to length values without validating the original values, which allows remote attackers to cause a denial of service (integer overflow and heap-based bu
30-10-2018 - 16:27 08-02-2015 - 11:59
CVE-2014-9664 6.8
FreeType before 2.5.4 does not check for the end of the data during certain parsing actions, which allows remote attackers to cause a denial of service (out-of-bounds read) or possibly have unspecified other impact via a crafted Type42 font, related
30-10-2018 - 16:27 08-02-2015 - 11:59
CVE-2015-7223 4.0
The WebExtension APIs in Mozilla Firefox before 43.0 allow remote attackers to gain privileges, and possibly obtain sensitive information or conduct cross-site scripting (XSS) attacks, via a crafted web site.
30-10-2018 - 16:27 16-12-2015 - 11:59
CVE-2016-5177 6.8
Use-after-free vulnerability in V8 in Google Chrome before 53.0.2785.143 allows remote attackers to cause a denial of service (crash) or possibly have unspecified other impact via unknown vectors.
30-10-2018 - 16:27 23-05-2017 - 04:29
CVE-2016-4538 7.5
The bcpowmod function in ext/bcmath/bcmath.c in PHP before 5.5.35, 5.6.x before 5.6.21, and 7.x before 7.0.6 modifies certain data structures without considering whether they are copies of the _zero_, _one_, or _two_ global variable, which allows rem
30-10-2018 - 16:27 22-05-2016 - 01:59
CVE-2015-8869 6.4
OCaml before 4.03.0 does not properly handle sign extensions, which allows remote attackers to conduct buffer overflow attacks or obtain sensitive information as demonstrated by a long string to the String.copy function.
30-10-2018 - 16:27 13-06-2016 - 19:59
CVE-2014-9638 5.0
oggenc in vorbis-tools 1.4.0 allows remote attackers to cause a denial of service (divide-by-zero error and crash) via a WAV file with the number of channels set to zero. <a href="http://cwe.mitre.org/data/definitions/369.html">CWE-369: Divide By Zer
30-10-2018 - 16:27 23-01-2015 - 15:59
CVE-2015-7220 10.0
Buffer overflow in the XDRBuffer::grow function in js/src/vm/Xdr.cpp in Mozilla Firefox before 43.0 might allow remote attackers to cause a denial of service or possibly have unspecified other impact via crafted JavaScript code.
30-10-2018 - 16:27 16-12-2015 - 11:59
CVE-2016-9958 6.8
game-music-emu before 0.6.1 allows remote attackers to write to arbitrary memory locations.
30-10-2018 - 16:27 12-04-2017 - 20:59
CVE-2015-7203 10.0
Buffer overflow in the DirectWriteFontInfo::LoadFontFamilyData function in gfx/thebes/gfxDWriteFontList.cpp in Mozilla Firefox before 43.0 might allow remote attackers to cause a denial of service or possibly have unspecified other impact via a craft
30-10-2018 - 16:27 16-12-2015 - 11:59
CVE-2016-8569 4.3
The git_oid_nfmt function in commit.c in libgit2 before 0.24.3 allows remote attackers to cause a denial of service (NULL pointer dereference) via a cat-file command with a crafted object file.
30-10-2018 - 16:27 03-02-2017 - 15:59
CVE-2014-9639 5.0
Integer overflow in oggenc in vorbis-tools 1.4.0 allows remote attackers to cause a denial of service (crash) via a crafted number of channels in a WAV file, which triggers an out-of-bounds memory access. <a href="http://cwe.mitre.org/data/definition
30-10-2018 - 16:27 23-01-2015 - 15:59
CVE-2015-7216 6.8
The gdk-pixbuf configuration in Mozilla Firefox before 43.0 on Linux GNOME platforms incorrectly enables the JasPer decoder, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted JPEG 2000
30-10-2018 - 16:27 16-12-2015 - 11:59
CVE-2015-7211 5.0
Mozilla Firefox before 43.0 mishandles the # (number sign) character in a data: URI, which allows remote attackers to spoof web sites via unspecified vectors.
30-10-2018 - 16:27 16-12-2015 - 11:59
CVE-2014-9669 6.8
Multiple integer overflows in sfnt/ttcmap.c in FreeType before 2.5.4 allow remote attackers to cause a denial of service (out-of-bounds read or memory corruption) or possibly have unspecified other impact via a crafted cmap SFNT table.
30-10-2018 - 16:27 08-02-2015 - 11:59
CVE-2015-7204 6.8
Mozilla Firefox before 43.0 does not properly store the properties of unboxed objects, which allows remote attackers to execute arbitrary code via crafted JavaScript variable assignments.
30-10-2018 - 16:27 16-12-2015 - 11:59
CVE-2014-7154 6.1
Race condition in HVMOP_track_dirty_vram in Xen 4.0.0 through 4.4.x does not ensure possession of the guarding lock for dirty video RAM tracking, which allows certain local guest domains to cause a denial of service via unspecified vectors.
30-10-2018 - 16:27 02-10-2014 - 14:55
CVE-2016-4539 7.5
The xml_parse_into_struct function in ext/xml/xml.c in PHP before 5.5.35, 5.6.x before 5.6.21, and 7.x before 7.0.6 allows remote attackers to cause a denial of service (buffer under-read and segmentation fault) or possibly have unspecified other imp
30-10-2018 - 16:27 22-05-2016 - 01:59
CVE-2015-7202 10.0
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 43.0 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.
30-10-2018 - 16:27 16-12-2015 - 11:59
CVE-2016-6323 5.0
The makecontext function in the GNU C Library (aka glibc or libc6) before 2.25 creates execution contexts incompatible with the unwinder on ARM EABI (32-bit) platforms, which might allow context-dependent attackers to cause a denial of service (hang)
30-10-2018 - 16:27 07-10-2016 - 14:59
CVE-2015-7221 10.0
Buffer overflow in the nsDeque::GrowCapacity function in xpcom/glue/nsDeque.cpp in Mozilla Firefox before 43.0 might allow remote attackers to cause a denial of service or possibly have unspecified other impact by triggering a deque size change.
30-10-2018 - 16:27 16-12-2015 - 11:59
CVE-2016-4542 7.5
The exif_process_IFD_TAG function in ext/exif/exif.c in PHP before 5.5.35, 5.6.x before 5.6.21, and 7.x before 7.0.6 does not properly construct spprintf arguments, which allows remote attackers to cause a denial of service (out-of-bounds read) or po
30-10-2018 - 16:27 22-05-2016 - 01:59
CVE-2012-6139 5.0
libxslt before 1.1.28 allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via an (1) empty match attribute in a XSL key to the xsltAddKey function in keys.c or (2) uninitialized variable to the xsltDocumentFuncti
30-10-2018 - 16:27 12-04-2013 - 22:55
CVE-2016-4537 7.5
The bcpowmod function in ext/bcmath/bcmath.c in PHP before 5.5.35, 5.6.x before 5.6.21, and 7.x before 7.0.6 accepts a negative integer for the scale argument, which allows remote attackers to cause a denial of service or possibly have unspecified ot
30-10-2018 - 16:27 22-05-2016 - 01:59
CVE-2016-2039 5.0
libraries/session.inc.php in phpMyAdmin 4.0.x before 4.0.10.13, 4.4.x before 4.4.15.3, and 4.5.x before 4.5.4 does not properly generate CSRF token values, which allows remote attackers to bypass intended access restrictions by predicting a value.
30-10-2018 - 16:27 20-02-2016 - 01:59
CVE-2014-7155 5.8
The x86_emulate function in arch/x86/x86_emulate/x86_emulate.c in Xen 4.4.x and earlier does not properly check supervisor mode permissions, which allows local HVM users to cause a denial of service (guest crash) or gain guest kernel mode privileges
30-10-2018 - 16:27 02-10-2014 - 14:55
CVE-2016-2042 5.0
phpMyAdmin 4.4.x before 4.4.15.3 and 4.5.x before 4.5.4 allows remote attackers to obtain sensitive information via a crafted request to (1) libraries/phpseclib/Crypt/AES.php or (2) libraries/phpseclib/Crypt/Rijndael.php, which reveals the full path
30-10-2018 - 16:27 20-02-2016 - 01:59
CVE-2016-3069 6.8
Mercurial before 3.7.3 allows remote attackers to execute arbitrary code via a crafted name when converting a Git repository.
30-10-2018 - 16:27 13-04-2016 - 16:59
CVE-2016-4541 7.5
The grapheme_strpos function in ext/intl/grapheme/grapheme_string.c in PHP before 5.5.35, 5.6.x before 5.6.21, and 7.x before 7.0.6 allows remote attackers to cause a denial of service (out-of-bounds read) or possibly have unspecified other impact vi
30-10-2018 - 16:27 22-05-2016 - 01:59
CVE-2016-4543 7.5
The exif_process_IFD_in_JPEG function in ext/exif/exif.c in PHP before 5.5.35, 5.6.x before 5.6.21, and 7.x before 7.0.6 does not validate IFD sizes, which allows remote attackers to cause a denial of service (out-of-bounds read) or possibly have uns
30-10-2018 - 16:27 22-05-2016 - 01:59
CVE-2016-4540 7.5
The grapheme_stripos function in ext/intl/grapheme/grapheme_string.c in PHP before 5.5.35, 5.6.x before 5.6.21, and 7.x before 7.0.6 allows remote attackers to cause a denial of service (out-of-bounds read) or possibly have unspecified other impact v
30-10-2018 - 16:27 22-05-2016 - 01:59
CVE-2015-5234 6.8
IcedTea-Web before 1.5.3 and 1.6.x before 1.6.1 does not properly sanitize applet URLs, which allows remote attackers to inject applets into the .appletTrustSettings configuration file and bypass user approval to execute the applet via a crafted web
30-10-2018 - 16:27 09-10-2015 - 14:59
CVE-2015-3622 4.3
The _asn1_extract_der_octet function in lib/decoding.c in GNU Libtasn1 before 4.5 allows remote attackers to cause a denial of service (out-of-bounds heap read) via a crafted certificate.
30-10-2018 - 16:27 12-05-2015 - 19:59
CVE-2016-2040 3.5
Multiple cross-site scripting (XSS) vulnerabilities in phpMyAdmin 4.0.x before 4.0.10.13, 4.4.x before 4.4.15.3, and 4.5.x before 4.5.4 allow remote authenticated users to inject arbitrary web script or HTML via a (1) table name, (2) SET value, (3) s
30-10-2018 - 16:27 20-02-2016 - 01:59
CVE-2016-4414 5.0
The onReadyRead function in core/coreauthhandler.cpp in Quassel before 0.12.4 allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via invalid handshake data. <a href="http://cwe.mitre.org/data/definitions/476.htm
30-10-2018 - 16:27 13-06-2016 - 19:59
CVE-2016-2038 5.0
phpMyAdmin 4.0.x before 4.0.10.13, 4.4.x before 4.4.15.3, and 4.5.x before 4.5.4 allows remote attackers to obtain sensitive information via a crafted request, which reveals the full path in an error message.
30-10-2018 - 16:27 20-02-2016 - 01:59
CVE-2014-3967 5.5
The HVMOP_inject_msi function in Xen 4.2.x, 4.3.x, and 4.4.x does not properly check the return value from the IRQ setup check, which allows local HVM guest administrators to cause a denial of service (NULL pointer dereference and crash) via unspecif
30-10-2018 - 16:27 05-06-2014 - 20:55
CVE-2016-3125 5.0
The mod_tls module in ProFTPD before 1.3.5b and 1.3.6 before 1.3.6rc2 does not properly handle the TLSDHParamFile directive, which might cause a weaker than intended Diffie-Hellman (DH) key to be used and consequently allow attackers to have unspecif
30-10-2018 - 16:27 05-04-2016 - 20:59
CVE-2016-2041 5.0
libraries/common.inc.php in phpMyAdmin 4.0.x before 4.0.10.13, 4.4.x before 4.4.15.3, and 4.5.x before 4.5.4 does not use a constant-time algorithm for comparing CSRF tokens, which makes it easier for remote attackers to bypass intended access restri
30-10-2018 - 16:27 20-02-2016 - 01:59
CVE-2015-3148 5.0
cURL and libcurl 7.10.6 through 7.41.0 do not properly re-use authenticated Negotiate connections, which allows remote attackers to connect as other users via a request.
30-10-2018 - 16:27 24-04-2015 - 14:59
CVE-2014-5146 4.7
Certain MMU virtualization operations in Xen 4.2.x through 4.4.x before the xsa97-hap patch, when using Hardware Assisted Paging (HAP), are not preemptible, which allows local HVM guest to cause a denial of service (vcpu consumption) by invoking thes
30-10-2018 - 16:27 22-08-2014 - 14:55
CVE-2015-5185 5.0
The lookupProviders function in providerMgr.c in sblim-sfcb 1.3.4 and 1.3.18 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via an empty className in a packet. <a href="http://cwe.mitre.org/data/
30-10-2018 - 16:27 28-09-2015 - 20:59
CVE-2016-3068 6.8
Mercurial before 3.7.3 allows remote attackers to execute arbitrary code via a crafted git ext:: URL when cloning a subrepository.
30-10-2018 - 16:27 13-04-2016 - 16:59
CVE-2015-5300 5.0
The panic_gate check in NTP before 4.2.8p5 is only re-enabled after the first change to the system clock that was greater than 128 milliseconds by default, which allows remote attackers to set NTP to an arbitrary time when started with the -g option,
30-10-2018 - 16:27 21-07-2017 - 14:29
CVE-2015-3340 2.9
Xen 4.2.x through 4.5.x does not initialize certain fields, which allows certain remote service domains to obtain sensitive information from memory via a (1) XEN_DOMCTL_gettscinfo or (2) XEN_SYSCTL_getdomaininfolist request.
30-10-2018 - 16:27 28-04-2015 - 14:59
CVE-2015-4620 7.8
name.c in named in ISC BIND 9.7.x through 9.9.x before 9.9.7-P1 and 9.10.x before 9.10.2-P2, when configured as a recursive resolver with DNSSEC validation, allows remote attackers to cause a denial of service (REQUIRE assertion failure and daemon ex
30-10-2018 - 16:27 08-07-2015 - 14:59
CVE-2015-4588 6.8
Heap-based buffer overflow in the DecodeImage function in libwmf 0.2.8.4 allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted "run-length count" in an image in a WMF file.
30-10-2018 - 16:27 01-07-2015 - 14:59
CVE-2016-2312 4.6
Turning all screens off in Plasma-workspace and kscreenlocker while the lock screen is shown can result in the screen being unlocked when turning a screen on again.
30-10-2018 - 16:27 23-12-2016 - 22:59
CVE-2016-2043 3.5
Cross-site scripting (XSS) vulnerability in the goToFinish1NF function in js/normalization.js in phpMyAdmin 4.4.x before 4.4.15.3 and 4.5.x before 4.5.4 allows remote authenticated users to inject arbitrary web script or HTML via a table name to the
30-10-2018 - 16:27 20-02-2016 - 01:59
CVE-2014-3968 5.5
The HVMOP_inject_msi function in Xen 4.2.x, 4.3.x, and 4.4.x allows local guest HVM administrators to cause a denial of service (host crash) via a large number of crafted requests, which trigger an error messages to be logged.
30-10-2018 - 16:27 05-06-2014 - 20:55
CVE-2007-5200 3.3
hugin, as used on various operating systems including SUSE openSUSE 10.2 and 10.3, allows local users to overwrite arbitrary files via a symlink attack on the hugin_debug_optim_results.txt temporary file.
30-10-2018 - 16:27 14-10-2007 - 18:17
CVE-2016-3959 5.0
The Verify function in crypto/dsa/dsa.go in Go before 1.5.4 and 1.6.x before 1.6.1 does not properly check parameters passed to the big integer library, which might allow remote attackers to cause a denial of service (infinite loop) via a crafted pub
30-10-2018 - 16:27 23-05-2016 - 19:59
CVE-2014-5149 4.7
Certain MMU virtualization operations in Xen 4.2.x through 4.4.x, when using shadow pagetables, are not preemptible, which allows local HVM guest to cause a denial of service (vcpu consumption) by invoking these operations, which process every page a
30-10-2018 - 16:27 22-08-2014 - 14:55
CVE-2015-5309 4.3
Integer overflow in the terminal emulator in PuTTY before 0.66 allows remote attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via an ECH (erase characters) escape sequence with a large parameter value, whi
30-10-2018 - 16:27 07-12-2015 - 20:59
CVE-2016-3075 5.0
Stack-based buffer overflow in the nss_dns implementation of the getnetbyname function in GNU C Library (aka glibc) before 2.24 allows context-dependent attackers to cause a denial of service (stack consumption and application crash) via a long name.
30-10-2018 - 16:27 01-06-2016 - 20:59
CVE-2015-3145 7.5
The sanitize_cookie_path function in cURL and libcurl 7.31.0 through 7.41.0 does not properly calculate an index, which allows remote attackers to cause a denial of service (out-of-bounds write and crash) or possibly have other unspecified impact via
30-10-2018 - 16:27 24-04-2015 - 14:59
CVE-2015-4625 4.6
Integer overflow in the authentication_agent_new_cookie function in PolicyKit (aka polkit) before 0.113 allows local users to gain privileges by creating a large number of connections, which triggers the issuance of a duplicate cookie value.
30-10-2018 - 16:27 26-10-2015 - 19:59
CVE-2016-1683 5.1
numbers.c in libxslt before 1.1.29, as used in Google Chrome before 51.0.2704.63, mishandles namespace nodes, which allows remote attackers to cause a denial of service (out-of-bounds heap memory access) or possibly have unspecified other impact via
30-10-2018 - 16:27 05-06-2016 - 23:59
CVE-2016-4008 4.3
The _asn1_extract_der_octet function in lib/decoding.c in GNU Libtasn1 before 4.8, when used without the ASN1_DECODE_FLAG_STRICT_DER flag, allows remote attackers to cause a denial of service (infinite recursion) via a crafted certificate.
30-10-2018 - 16:27 05-05-2016 - 18:59
CVE-2015-5235 4.3
IcedTea-Web before 1.5.3 and 1.6.x before 1.6.1 does not properly determine the origin of unsigned applets, which allows remote attackers to bypass the approval process or trick users into approving applet execution via a crafted web page.
30-10-2018 - 16:27 09-10-2015 - 14:59
CVE-2013-4124 5.0
Integer overflow in the read_nttrans_ea_list function in nttrans.c in smbd in Samba 3.x before 3.5.22, 3.6.x before 3.6.17, and 4.x before 4.0.8 allows remote attackers to cause a denial of service (memory consumption) via a malformed packet.
30-10-2018 - 16:27 06-08-2013 - 02:56
CVE-2007-5197 7.5
Buffer overflow in the Mono.Math.BigInteger class in Mono 1.2.5.1 and earlier allows context-dependent attackers to execute arbitrary code via unspecified vectors related to Reduce in Montgomery-based Pow methods.
30-10-2018 - 16:27 02-11-2007 - 16:46
CVE-2015-3225 5.0
lib/rack/utils.rb in Rack before 1.5.4 and 1.6.x before 1.6.2, as used with Ruby on Rails 3.x and 4.x and other products, allows remote attackers to cause a denial of service (SystemStackError) via a request with a large parameter depth.
30-10-2018 - 16:27 26-07-2015 - 22:59
CVE-2015-3026 5.0
Icecast before 2.4.2, when a stream_auth handler is defined for URL authentication, allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via a request without login credentials, as demonstrated by a request to "ad
30-10-2018 - 16:27 29-04-2015 - 20:59
CVE-2013-2266 7.8
libdns in ISC BIND 9.7.x and 9.8.x before 9.8.4-P2, 9.8.5 before 9.8.5b2, 9.9.x before 9.9.2-P2, and 9.9.3 before 9.9.3b2 on UNIX platforms allows remote attackers to cause a denial of service (memory consumption) via a crafted regular expression, as
30-10-2018 - 16:27 28-03-2013 - 16:55
CVE-2011-2464 5.0
Unspecified vulnerability in ISC BIND 9 9.6.x before 9.6-ESV-R4-P3, 9.7.x before 9.7.3-P3, and 9.8.x before 9.8.0-P4 allows remote attackers to cause a denial of service (named daemon crash) via a crafted UPDATE request.
30-10-2018 - 16:27 08-07-2011 - 20:55
CVE-2015-2059 7.5
The stringprep_utf8_to_ucs4 function in libin before 1.31, as used in jabberd2, allows context-dependent attackers to read system memory and possibly have other unspecified impact via invalid UTF-8 characters in a string, which triggers an out-of-bou
30-10-2018 - 16:27 12-08-2015 - 14:59
CVE-2015-2331 7.5
Integer overflow in the _zip_cdir_new function in zip_dirent.c in libzip 0.11.2 and earlier, as used in the ZIP extension in PHP before 5.4.39, 5.5.x before 5.5.23, and 5.6.x before 5.6.7 and other products, allows remote attackers to cause a denial
30-10-2018 - 16:27 30-03-2015 - 10:59
CVE-2015-2317 4.3
The utils.http.is_safe_url function in Django before 1.4.20, 1.5.x, 1.6.x before 1.6.11, 1.7.x before 1.7.7, and 1.8.x before 1.8c1 does not properly validate URLs, which allows remote attackers to conduct cross-site scripting (XSS) attacks via a con
30-10-2018 - 16:27 25-03-2015 - 14:59
CVE-2013-2139 2.6
Buffer overflow in srtp.c in libsrtp in srtp 1.4.5 and earlier allows remote attackers to cause a denial of service (crash) via vectors related to a length inconsistency in the crypto_policy_set_from_profile_for_rtp and srtp_protect functions.
30-10-2018 - 16:27 16-01-2014 - 05:05
CVE-2016-1254 5.0
Tor before 0.2.8.12 might allow remote attackers to cause a denial of service (client crash) via a crafted hidden service descriptor.
30-10-2018 - 16:27 05-12-2017 - 16:29
CVE-2015-1349 5.4
named in ISC BIND 9.7.0 through 9.9.6 before 9.9.6-P2 and 9.10.x before 9.10.1-P2, when DNSSEC validation and the managed-keys feature are enabled, allows remote attackers to cause a denial of service (assertion failure and daemon exit, or daemon cra
30-10-2018 - 16:27 19-02-2015 - 03:01
CVE-2013-2065 6.4
(1) DL and (2) Fiddle in Ruby 1.9 before 1.9.3 patchlevel 426, and 2.0 before 2.0.0 patchlevel 195, do not perform taint checking for native functions, which allows context-dependent attackers to bypass intended $SAFE level restrictions.
30-10-2018 - 16:27 02-11-2013 - 19:55
CVE-2013-1987 6.8
Multiple integer overflows in X.org libXrender 0.9.7 and earlier allow X servers to trigger allocation of insufficient memory and a buffer overflow via vectors related to the (1) XRenderQueryFilters, (2) XRenderQueryFormats, and (3) XRenderQueryPictI
30-10-2018 - 16:27 15-06-2013 - 19:55
CVE-2013-2064 6.8
Integer overflow in X.org libxcb 1.9 and earlier allows X servers to trigger allocation of insufficient memory and a buffer overflow via vectors related to the read_packet function.
30-10-2018 - 16:27 15-06-2013 - 19:55
CVE-2014-2326 4.3
Cross-site scripting (XSS) vulnerability in cdef.php in Cacti 0.8.7g, 0.8.8b, and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
30-10-2018 - 16:27 27-03-2014 - 16:55
CVE-2015-2155 7.5
The force printer in tcpdump before 4.7.2 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via unspecified vectors.
30-10-2018 - 16:27 24-03-2015 - 17:59
CVE-2015-1840 5.0
jquery_ujs.js in jquery-rails before 3.1.3 and 4.x before 4.0.4 and rails.js in jquery-ujs before 1.0.4, as used with Ruby on Rails 3.x and 4.x, allow remote attackers to bypass the Same Origin Policy, and trigger transmission of a CSRF token to a di
30-10-2018 - 16:27 26-07-2015 - 22:59
CVE-2015-1433 4.3
program/lib/Roundcube/rcube_washtml.php in Roundcube before 1.0.5 does not properly quote strings, which allows remote attackers to conduct cross-site scripting (XSS) attacks via the style attribute in an email.
30-10-2018 - 16:27 03-02-2015 - 16:59
CVE-2014-2524 3.3
The _rl_tropen function in util.c in GNU readline before 6.3 patch 3 allows local users to create or overwrite arbitrary files via a symlink attack on a /var/tmp/rltrace.[PID] file.
30-10-2018 - 16:27 20-08-2014 - 14:55
CVE-2014-1528 10.0
The sse2_composite_src_x888_8888 function in Pixman, as used in Cairo in Mozilla Firefox 28.0 and SeaMonkey 2.25 on Windows, allows remote attackers to execute arbitrary code or cause a denial of service (out-of-bounds write and application crash) by
30-10-2018 - 16:27 30-04-2014 - 10:49
CVE-2015-2316 5.0
The utils.html.strip_tags function in Django 1.6.x before 1.6.11, 1.7.x before 1.7.7, and 1.8.x before 1.8c1, when using certain versions of Python, allows remote attackers to cause a denial of service (infinite loop) by increasing the length of the
30-10-2018 - 16:27 25-03-2015 - 14:59
CVE-2016-0787 4.3
The diffie_hellman_sha256 function in kex.c in libssh2 before 1.7.0 improperly truncates secrets to 128 or 256 bits, which makes it easier for man-in-the-middle attackers to decrypt or intercept SSH sessions via unspecified vectors, aka a "bits/bytes
30-10-2018 - 16:27 13-04-2016 - 17:59
CVE-2015-0778 7.5
osc before 0.151.0 allows remote attackers to execute arbitrary commands via shell metacharacters in a _service file.
30-10-2018 - 16:27 16-03-2015 - 14:59
CVE-2014-0979 2.1
The start_authentication function in lightdm-gtk-greeter.c in LightDM GTK+ Greeter before 1.7.1 does not properly handle the return value from the lightdm_greeter_get_authentication_user function, which allows local users to cause a denial of service
30-10-2018 - 16:27 23-01-2014 - 01:55
CVE-2015-0848 6.8
Heap-based buffer overflow in libwmf 0.2.8.4 allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted BMP image.
30-10-2018 - 16:27 01-07-2015 - 14:59
CVE-2014-0591 2.6
The query_findclosestnsec3 function in query.c in named in ISC BIND 9.6, 9.7, and 9.8 before 9.8.6-P2 and 9.9 before 9.9.4-P2, and 9.6-ESV before 9.6-ESV-R10-P2, allows remote attackers to cause a denial of service (INSIST assertion failure and daemo
30-10-2018 - 16:27 14-01-2014 - 04:29
CVE-2015-0361 7.8
Use-after-free vulnerability in Xen 4.2.x, 4.3.x, and 4.4.x allows remote domains to cause a denial of service (system crash) via a crafted hypercall during HVM guest teardown. <a href="http://cwe.mitre.org/data/definitions/416.html">CWE-416: Use Aft
30-10-2018 - 16:27 07-01-2015 - 19:59
CVE-2015-1182 7.5
The asn1_get_sequence_of function in library/asn1parse.c in PolarSSL 1.0 through 1.2.12 and 1.3.x through 1.3.9 does not properly initialize a pointer in the asn1_sequence linked list, which allows remote attackers to cause a denial of service (crash
30-10-2018 - 16:27 27-01-2015 - 20:59
CVE-2009-1364 7.5
Use-after-free vulnerability in the embedded GD library in libwmf 0.2.8.4 allows context-dependent attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted WMF file. <a href="http://cwe.mitre.org/dat
30-10-2018 - 16:27 01-05-2009 - 17:30
CVE-2013-0211 5.0
Integer signedness error in the archive_write_zip_data function in archive_write_set_format_zip.c in libarchive 3.1.2 and earlier, when running on 64-bit machines, allows context-dependent attackers to cause a denial of service (crash) via unspecifie
30-10-2018 - 16:27 30-09-2013 - 22:55
CVE-2015-0295 5.0
The BMP decoder in QtGui in QT before 5.5 does not properly calculate the masks used to extract the color components, which allows remote attackers to cause a denial of service (divide-by-zero and crash) via a crafted BMP file.
30-10-2018 - 16:27 25-03-2015 - 14:59
CVE-2014-0019 1.9
Stack-based buffer overflow in socat 1.3.0.0 through 1.7.2.2 and 2.0.0-b1 through 2.0.0-b6 allows local users to cause a denial of service (segmentation fault) via a long server name in the PROXY-CONNECT address in the command line.
30-10-2018 - 16:27 04-02-2014 - 21:55
CVE-2015-7969 4.9
Multiple memory leaks in Xen 4.0 through 4.6.x allow local guest administrators or domains with certain permission to cause a denial of service (memory consumption) via a large number of "teardowns" of domains with the vcpu pointer array allocated us
30-10-2018 - 16:26 30-10-2015 - 15:59
CVE-2015-7813 2.1
Xen 4.4.x, 4.5.x, and 4.6.x does not limit the number of printk console messages when reporting unimplemented hypercalls, which allows local guests to cause a denial of service via a sequence of (1) HYPERVISOR_physdev_op hypercalls, which are not pro
30-10-2018 - 16:26 30-10-2015 - 15:59
CVE-2015-7835 7.2
The mod_l2_entry function in arch/x86/mm.c in Xen 3.4 through 4.6.x does not properly validate level 2 page table entries, which allows local PV guest administrators to gain privileges via a crafted superpage mapping.
30-10-2018 - 16:26 30-10-2015 - 15:59
CVE-2015-7812 4.9
The hypercall_create_continuation function in arch/arm/domain.c in Xen 4.4.x through 4.6.x allows local guest users to cause a denial of service (host crash) via a preemptible hypercall to the multicall interface.
30-10-2018 - 16:26 17-11-2015 - 15:59
CVE-2015-7972 2.1
The (1) libxl_set_memory_target function in tools/libxl/libxl.c and (2) libxl__build_post function in tools/libxl/libxl_dom.c in Xen 3.4.x through 4.6.x do not properly calculate the balloon size when using the populate-on-demand (PoD) system, which
30-10-2018 - 16:26 30-10-2015 - 15:59
CVE-2015-7311 3.6
libxl in Xen 4.1.x through 4.6.x does not properly handle the readonly flag on disks when using the qemu-xen device model, which allows local guest users to write to a read-only disk image.
30-10-2018 - 16:26 01-10-2015 - 20:59
CVE-2014-7188 8.3
The hvm_msr_read_intercept function in arch/x86/hvm/hvm.c in Xen 4.1 through 4.4.x uses an improper MSR range for x2APIC emulation, which allows local HVM guests to cause a denial of service (host crash) or read data from the hypervisor or other gues
30-10-2018 - 16:26 02-10-2014 - 14:55
CVE-2015-7971 2.1
Xen 3.2.x through 4.6.x does not limit the number of printk console messages when logging certain pmu and profiling hypercalls, which allows local guests to cause a denial of service via a sequence of crafted (1) HYPERCALL_xenoprof_op hypercalls, whi
30-10-2018 - 16:26 30-10-2015 - 15:59
CVE-2014-7156 3.3
The x86_emulate function in arch/x86/x86_emulate/x86_emulate.c in Xen 3.3.x through 4.4.x does not check the supervisor mode permissions for instructions that generate software interrupts, which allows local HVM guest users to cause a denial of servi
30-10-2018 - 16:26 02-10-2014 - 14:55
CVE-2014-3124 6.7
The HVMOP_set_mem_type control in Xen 4.1 through 4.4.x allows local guest HVM administrators to cause a denial of service (hypervisor crash) or possibly execute arbitrary code by leveraging a separate qemu-dm vulnerability to trigger invalid page ta
30-10-2018 - 16:26 07-05-2014 - 10:55
CVE-2008-4107 5.1
The (1) rand and (2) mt_rand functions in PHP 5.2.6 do not produce cryptographically strong random numbers, which allows attackers to leverage exposures in products that rely on these functions for security-relevant functionality, as demonstrated by
30-10-2018 - 16:26 18-09-2008 - 17:59
CVE-2010-4450 3.7
Unspecified vulnerability in the Java Runtime Environment (JRE) in Oracle Java SE and Java for Business 6 Update 23 and earlier for Solaris and Linux; 5.0 Update 27 and earlier for Solaris and Linux; and 1.4.2_29 and earlier for Solaris and Linux all
30-10-2018 - 16:26 17-02-2011 - 19:00
CVE-2010-3569 10.0
Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE and Java for Business 6 Update 21, 5.0 Update 25, and 1.4.2_27 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors.
30-10-2018 - 16:26 19-10-2010 - 22:00
CVE-2010-4448 2.6
Unspecified vulnerability in the Java Runtime Environment (JRE) in Oracle Java SE and Java for Business 6 Update 23 and earlier, 5.0 Update 27 and earlier, and 1.4.2_29 earlier allows remote untrusted Java Web Start applications and untrusted Java ap
30-10-2018 - 16:26 17-02-2011 - 19:00
CVE-2010-3562 10.0
Unspecified vulnerability in the 2D component in Oracle Java SE and Java for Business 6 Update 21, 5.0 Update 25, 1.4.2_27, and 1.3.1_28 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the pr
30-10-2018 - 16:26 19-10-2010 - 22:00
CVE-2015-5166 7.2
Use-after-free vulnerability in QEMU in Xen 4.5.x and earlier does not completely unplug emulated block devices, which allows local HVM guest users to gain privileges by unplugging a block device twice.
30-10-2018 - 16:26 12-08-2015 - 14:59
CVE-2010-3574 10.0
Unspecified vulnerability in the Networking component in Oracle Java SE and Java for Business 6 Update 21, 5.0 Update 25, 1.4.2_27, and 1.3.1_28 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE
30-10-2018 - 16:26 19-10-2010 - 22:00
CVE-2009-5016 6.8
Integer overflow in the xml_utf8_decode function in ext/xml/xml.c in PHP before 5.2.11 makes it easier for remote attackers to bypass cross-site scripting (XSS) and SQL injection protection mechanisms via a crafted string that uses overlong UTF-8 enc
30-10-2018 - 16:26 12-11-2010 - 22:00
CVE-2014-4021 2.7
Xen 3.2.x through 4.4.x does not properly clean memory pages recovered from guests, which allows local guest OS users to obtain sensitive information via unspecified vectors.
30-10-2018 - 16:26 18-06-2014 - 19:55
CVE-2010-4469 10.0
Unspecified vulnerability in the Java Runtime Environment (JRE) in Oracle Java SE and Java for Business 6 Update 23 and earlier, 5.0 Update 27 and earlier, and 1.4.2_29 and earlier allows remote untrusted Java Web Start applications and untrusted Jav
30-10-2018 - 16:26 17-02-2011 - 19:00
CVE-2010-4409 5.0
Integer overflow in the NumberFormatter::getSymbol (aka numfmt_get_symbol) function in PHP 5.3.3 and earlier allows context-dependent attackers to cause a denial of service (application crash) via an invalid argument.
30-10-2018 - 16:26 06-12-2010 - 20:13
CVE-2010-3565 10.0
Unspecified vulnerability in the 2D component in Oracle Java SE and Java for Business 6 Update 21, 5.0 Update 25, and 1.4.2_27 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous inf
30-10-2018 - 16:26 19-10-2010 - 22:00
CVE-2010-3557 6.8
Unspecified vulnerability in the Swing component in Oracle Java SE and Java for Business 6 Update 21, 5.0 Update 25, 1.4.2_27, and 1.3.1_28 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the
30-10-2018 - 16:26 19-10-2010 - 22:00
CVE-2010-3554 10.0
Unspecified vulnerability in the CORBA component in Oracle Java SE and Java for Business 6 Update 21, 5.0 Update 25, 1.4.2_27, and 1.3.1_28 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the
30-10-2018 - 16:26 19-10-2010 - 22:00
CVE-2010-4476 5.0
The Double.parseDouble method in Java Runtime Environment (JRE) in Oracle Java SE and Java for Business 6 Update 23 and earlier, 5.0 Update 27 and earlier, and 1.4.2_29 and earlier, as used in OpenJDK, Apache, JBossweb, and other products, allows rem
30-10-2018 - 16:26 17-02-2011 - 19:00
CVE-2006-7243 5.0
PHP before 5.3.4 accepts the \0 character in a pathname, which might allow context-dependent attackers to bypass intended access restrictions by placing a safe file extension after this character, as demonstrated by .php\0.jpg at the end of the argum
30-10-2018 - 16:26 18-01-2011 - 20:00
CVE-2010-4465 10.0
Unspecified vulnerability in the Java Runtime Environment (JRE) in Oracle Java SE and Java for Business 6 Update 23 and earlier, 5.0 Update 27 and earlier, and 1.4.2_29 and earlier allows remote untrusted Java Web Start applications and untrusted Jav
30-10-2018 - 16:26 17-02-2011 - 19:00
CVE-2010-3568 10.0
Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE and Java for Business 6 Update 21, 5.0 Update 25, and 1.4.2_27 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors.
30-10-2018 - 16:26 19-10-2010 - 22:00
CVE-2010-3541 5.1
Unspecified vulnerability in the Networking component in Oracle Java SE and Java for Business 6 Update 21, 5.0 Update 25, 1.4.2_27, and 1.3.1_28 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE
30-10-2018 - 16:26 19-10-2010 - 22:00
CVE-2010-3553 10.0
Unspecified vulnerability in the Swing component in Oracle Java SE and Java for Business 6 Update 21, 5.0 Update 25, 1.4.2_27, and 1.3.1_28 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the
30-10-2018 - 16:26 19-10-2010 - 22:00
CVE-2010-3551 5.0
Unspecified vulnerability in the Networking component in Oracle Java SE and Java for Business 6 Update 21, 5.0 Update 25, and 1.4.2_27 allows remote attackers to affect confidentiality via unknown vectors.
30-10-2018 - 16:26 19-10-2010 - 22:00
CVE-2015-2151 7.2
The x86 emulator in Xen 3.2.x through 4.5.x does not properly ignore segment overrides for instructions with register operands, which allows local guest users to obtain sensitive information, cause a denial of service (memory corruption), or possibly
30-10-2018 - 16:26 12-03-2015 - 14:59
CVE-2015-2044 2.1
The emulation routines for unspecified X86 devices in Xen 3.2.x through 4.5.x does not properly initialize data, which allow local HVM guest users to obtain sensitive information via vectors involving an unsupported access size.
30-10-2018 - 16:26 12-03-2015 - 14:59
CVE-2010-2253 6.8
lwp-download in libwww-perl before 5.835 does not reject downloads to filenames that begin with a . (dot) character, which allows remote servers to create or overwrite files via (1) a 3xx redirect to a URL with a crafted filename or (2) a Content-Dis
30-10-2018 - 16:26 06-07-2010 - 17:17
CVE-2015-2752 4.9
The XEN_DOMCTL_memory_mapping hypercall in Xen 3.2.x through 4.5.x, when using a PCI passthrough device, is not preemptible, which allows local x86 HVM domain users to cause a denial of service (host CPU consumption) via a crafted request to the devi
30-10-2018 - 16:26 01-04-2015 - 14:59
CVE-2015-2152 1.9
Xen 4.5.x and earlier enables certain default backends when emulating a VGA device for an x86 HVM guest qemu even when the configuration disables them, which allows local guest users to obtain access to the VGA console by (1) setting the DISPLAY envi
30-10-2018 - 16:26 18-03-2015 - 16:59
CVE-2015-2150 4.9
Xen 3.3.x through 4.5.x and the Linux kernel through 3.19.1 do not properly restrict access to PCI command registers, which might allow local guest OS users to cause a denial of service (non-maskable interrupt and host crash) by disabling the (1) mem
30-10-2018 - 16:26 12-03-2015 - 14:59
CVE-2015-2756 4.9
QEMU, as used in Xen 3.3.x through 4.5.x, does not properly restrict access to PCI command registers, which might allow local HVM guest users to cause a denial of service (non-maskable interrupt and host crash) by disabling the (1) memory or (2) I/O
30-10-2018 - 16:26 01-04-2015 - 14:59
CVE-2010-3548 5.0
Unspecified vulnerability in the Java Naming and Directory Interface (JNDI) component in Oracle Java SE and Java for Business 6 Update 21, 5.0 Update 25, and 1.4.2_27 allows remote attackers to affect confidentiality via unknown vectors. NOTE: the p
30-10-2018 - 16:26 19-10-2010 - 22:00
CVE-2008-1669 6.9
Linux kernel before 2.6.25.2 does not apply a certain protection mechanism for fcntl functionality, which allows local users to (1) execute code in parallel or (2) exploit a race condition to obtain "re-ordered access to the descriptor table."
30-10-2018 - 16:26 08-05-2008 - 00:20
CVE-2010-3549 6.8
Unspecified vulnerability in the Networking component in Oracle Java SE and Java for Business 6 Update 21, 5.0 Update 25, 1.4.2_27, and 1.3.1_28 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE
30-10-2018 - 16:26 19-10-2010 - 22:00
CVE-2015-2045 2.1
The HYPERVISOR_xen_version hypercall in Xen 3.2.x through 4.5.x does not properly initialize data structures, which allows local guest users to obtain sensitive information via unspecified vectors.
30-10-2018 - 16:26 12-03-2015 - 14:59
CVE-2011-1926 5.1
The STARTTLS implementation in Cyrus IMAP Server before 2.4.7 does not properly restrict I/O buffering, which allows man-in-the-middle attackers to insert commands into encrypted sessions by sending a cleartext command that is processed after TLS is
30-10-2018 - 16:26 23-05-2011 - 22:55
CVE-2015-1563 2.1
The ARM GIC distributor virtualization in Xen 4.4.x and 4.5.x allows local guests to cause a denial of service by causing a large number messages to be logged.
30-10-2018 - 16:26 09-02-2015 - 11:59
CVE-2015-2751 7.1
Xen 4.3.x, 4.4.x, and 4.5.x, when using toolstack disaggregation, allows remote domains with partial management control to cause a denial of service (host lock) via unspecified domctl operations.
30-10-2018 - 16:26 01-04-2015 - 14:59
CVE-2003-0851 5.0
OpenSSL 0.9.6k allows remote attackers to cause a denial of service (crash via large recursion) via malformed ASN.1 sequences.
30-10-2018 - 16:26 01-12-2003 - 05:00
CVE-2011-0421 4.3
The _zip_name_locate function in zip_name_locate.c in the Zip extension in PHP before 5.3.6 does not properly handle a ZIPARCHIVE::FL_UNCHANGED argument, which might allow context-dependent attackers to cause a denial of service (NULL pointer derefer
30-10-2018 - 16:26 20-03-2011 - 02:00
CVE-2011-0708 4.3
exif.c in the Exif extension in PHP before 5.3.6 on 64-bit platforms performs an incorrect cast, which allows remote attackers to cause a denial of service (application crash) via an image with a crafted Image File Directory (IFD) that triggers a buf
30-10-2018 - 16:26 20-03-2011 - 02:00
CVE-2006-1056 2.1
The Linux kernel before 2.6.16.9 and the FreeBSD kernel, when running on AMD64 and other 7th and 8th generation AuthenticAMD processors, only save/restore the FOP, FIP, and FDP x87 registers in FXSAVE/FXRSTOR when an exception is pending, which allow
30-10-2018 - 16:26 20-04-2006 - 10:02
CVE-2006-0744 4.9
Linux kernel before 2.6.16.5 does not properly handle uncanonical return addresses on Intel EM64T CPUs, which reports an exception in the SYSRET instead of the next instruction, which causes the kernel exception handler to run on the user stack with
30-10-2018 - 16:26 18-04-2006 - 10:02
CVE-2007-5398 9.3
Stack-based buffer overflow in the reply_netbios_packet function in nmbd/nmbd_packets.c in nmbd in Samba 3.0.0 through 3.0.26a, when operating as a WINS server, allows remote attackers to execute arbitrary code via crafted WINS Name Registration requ
30-10-2018 - 16:25 16-11-2007 - 18:46
CVE-2008-4619 10.0
The RPC subsystem in Sun Solaris 9 allows remote attackers to cause a denial of service (daemon crash) via a crafted request to procedure 8 in program 100000 (rpcbind), related to the XDR_DECODE operation and the taddr2uaddr function. NOTE: this mig
30-10-2018 - 16:25 21-10-2008 - 00:10
CVE-2008-5013 9.3
Mozilla Firefox 2.x before 2.0.0.18 and SeaMonkey 1.x before 1.1.13 do not properly check when the Flash module has been dynamically unloaded properly, which allows remote attackers to execute arbitrary code via a crafted SWF file that "dynamically u
30-10-2018 - 16:25 13-11-2008 - 11:30
CVE-2008-4582 4.3
Mozilla Firefox 3.0.1 through 3.0.3, Firefox 2.x before 2.0.0.18, and SeaMonkey 1.x before 1.1.13, when running on Windows, do not properly identify the context of Windows .url shortcut files, which allows user-assisted remote attackers to bypass the
30-10-2018 - 16:25 15-10-2008 - 20:08
CVE-2008-5498 5.0
Array index error in the imageRotate function in PHP 5.2.8 and earlier allows context-dependent attackers to read the contents of arbitrary memory locations via a crafted value of the third argument (aka the bgd_color or clrBack argument) for an inde
30-10-2018 - 16:25 26-12-2008 - 20:30
CVE-2007-6015 9.3
Stack-based buffer overflow in the send_mailslot function in nmbd in Samba 3.0.0 through 3.0.27a, when the "domain logons" option is enabled, allows remote attackers to execute arbitrary code via a GETDC mailslot request composed of a long GETDC stri
30-10-2018 - 16:25 13-12-2007 - 21:46
CVE-2007-4572 9.3
Stack-based buffer overflow in nmbd in Samba 3.0.0 through 3.0.26a, when configured as a Primary or Backup Domain controller, allows remote attackers to have an unknown impact via crafted GETDC mailslot requests, related to handling of GETDC logon se
30-10-2018 - 16:25 16-11-2007 - 18:46
CVE-2009-2462 10.0
The browser engine in Mozilla Firefox before 3.0.12 and Thunderbird allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via vectors related to (1) the frame chain and synch
30-10-2018 - 16:25 22-07-2009 - 18:30
CVE-2009-1836 6.8
Mozilla Firefox before 3.0.11, Thunderbird before 2.0.0.22, and SeaMonkey before 1.1.17 use the HTTP Host header to determine the context of a document provided in a non-200 CONNECT response from a proxy server, which allows man-in-the-middle attacke
30-10-2018 - 16:25 12-06-2009 - 21:30
CVE-2008-2750 7.8
The pppol2tp_recvmsg function in drivers/net/pppol2tp.c in the Linux kernel 2.6 before 2.6.26-rc6 allows remote attackers to cause a denial of service (kernel heap memory corruption and system crash) and possibly have unspecified other impact via a c
30-10-2018 - 16:25 18-06-2008 - 19:41
CVE-2009-1838 9.3
The garbage-collection implementation in Mozilla Firefox before 3.0.11, Thunderbird before 2.0.0.22, and SeaMonkey before 1.1.17 sets an element's owner document to null in unspecified circumstances, which allows remote attackers to execute arbitrary
30-10-2018 - 16:25 12-06-2009 - 21:30
CVE-2008-2384 7.5
SQL injection vulnerability in mod_auth_mysql.c in the mod-auth-mysql (aka libapache2-mod-auth-mysql) module for the Apache HTTP Server 2.x, when configured to use a multibyte character set that allows a \ (backslash) as part of the character encodin
30-10-2018 - 16:25 22-01-2009 - 18:30
CVE-2009-1841 9.3
js/src/xpconnect/src/xpcwrappedjsclass.cpp in Mozilla Firefox before 3.0.11, Thunderbird before 2.0.0.22, and SeaMonkey before 1.1.17 allows remote attackers to execute arbitrary web script with the privileges of a chrome object, as demonstrated by t
30-10-2018 - 16:25 12-06-2009 - 21:30
CVE-2009-1835 4.3
Mozilla Firefox before 3.0.11 and SeaMonkey before 1.1.17 associate local documents with external domain names located after the file:// substring in a URL, which allows user-assisted remote attackers to read arbitrary cookies via a crafted HTML docu
30-10-2018 - 16:25 12-06-2009 - 21:30
CVE-2009-1832 9.3
Mozilla Firefox before 3.0.11, Thunderbird before 2.0.0.22, and SeaMonkey before 1.1.17 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via vectors involving "double fra
30-10-2018 - 16:25 12-06-2009 - 21:30
CVE-2009-2674 7.5
Integer overflow in javaws.exe in Sun Java Web Start in Sun Java Runtime Environment (JRE) in JDK and JRE 6 before Update 15 allows context-dependent attackers to execute arbitrary code via a crafted JPEG image that is not properly handled during dis
30-10-2018 - 16:25 05-08-2009 - 19:30
CVE-2009-2465 10.0
Mozilla Firefox before 3.0.12 and Thunderbird allow remote attackers to cause a denial of service (memory corruption and application crash) or execute arbitrary code via vectors involving double frame construction, related to (1) nsHTMLContentSink.cp
30-10-2018 - 16:25 22-07-2009 - 18:30
CVE-2009-2464 10.0
The nsXULTemplateQueryProcessorRDF::CheckIsSeparator function in Mozilla Firefox before 3.0.12, SeaMonkey 2.0a1pre, and Thunderbird allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arb
30-10-2018 - 16:25 22-07-2009 - 18:30
CVE-2009-2463 10.0
Multiple integer overflows in the (1) PL_Base64Decode and (2) PL_Base64Encode functions in nsprpub/lib/libc/src/base64.c in Mozilla Firefox before 3.0.12, Thunderbird before 2.0.0.24, and SeaMonkey before 1.1.19 allow remote attackers to cause a deni
30-10-2018 - 16:25 22-07-2009 - 18:30
CVE-2009-1834 4.3
Visual truncation vulnerability in netwerk/dns/src/nsIDNService.cpp in Mozilla Firefox before 3.0.11 and SeaMonkey before 1.1.17 allows remote attackers to spoof the location bar via an IDN with invalid Unicode characters that are displayed as whites
30-10-2018 - 16:25 12-06-2009 - 21:30
CVE-2005-4790 6.9
Multiple untrusted search path vulnerabilities in SUSE Linux 9.3 and 10.0, and possibly other distributions, cause the working directory to be added to LD_LIBRARY_PATH, which might allow local users to execute arbitrary code via (1) beagle, (2) tombo
30-10-2018 - 16:25 31-12-2005 - 05:00
CVE-2006-4484 2.6
Buffer overflow in the LWZReadByte_ function in ext/gd/libgd/gd_gif_in.c in the GD extension in PHP before 5.1.5 allows remote attackers to have an unknown impact via a GIF file with input_code_size greater than MAX_LWZ_BITS, which triggers an overfl
30-10-2018 - 16:25 31-08-2006 - 21:04
CVE-2009-2466 10.0
The JavaScript engine in Mozilla Firefox before 3.0.12 and Thunderbird allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via vectors related to (1) nsDOMClassInfo.cpp, (2
30-10-2018 - 16:25 22-07-2009 - 18:30
CVE-2009-2210 9.3
Mozilla Thunderbird before 2.0.0.22 and SeaMonkey before 1.1.17 allow remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a multipart/alternative e-mail message containing a text/enhanced part that
30-10-2018 - 16:25 25-06-2009 - 17:30
CVE-2012-1182 10.0
The RPC code generator in Samba 3.x before 3.4.16, 3.5.x before 3.5.14, and 3.6.x before 3.6.4 does not implement validation of an array length in a manner consistent with validation of array memory allocation, which allows remote attackers to execut
30-10-2018 - 16:25 10-04-2012 - 21:55
CVE-2009-1833 9.3
The JavaScript engine in Mozilla Firefox before 3.0.11, Thunderbird before 2.0.0.22, and SeaMonkey before 1.1.17 allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via vec
30-10-2018 - 16:25 12-06-2009 - 21:30
CVE-2009-1392 9.3
The browser engine in Mozilla Firefox 3 before 3.0.11, Thunderbird before 2.0.0.22, and SeaMonkey before 1.1.17 allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via vect
30-10-2018 - 16:25 12-06-2009 - 21:30
CVE-2009-1303 5.0
The browser engine in Mozilla Firefox before 3.0.9, Thunderbird before 2.0.0.22, and SeaMonkey before 1.1.16 allows remote attackers to cause a denial of service (application crash) and possibly trigger memory corruption via vectors related to nsSVGE
30-10-2018 - 16:25 22-04-2009 - 18:30
CVE-2008-0960 10.0
SNMPv3 HMAC verification in (1) Net-SNMP 5.2.x before 5.2.4.1, 5.3.x before 5.3.2.1, and 5.4.x before 5.4.1.1; (2) UCD-SNMP; (3) eCos; (4) Juniper Session and Resource Control (SRC) C-series 1.0.0 through 2.0.0; (5) NetApp (aka Network Appliance) Dat
30-10-2018 - 16:25 10-06-2008 - 18:32
CVE-2010-0174 10.0
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 3.0.19, 3.5.x before 3.5.9, and 3.6.x before 3.6.2; Thunderbird before 3.0.4; and SeaMonkey before 2.0.4 allow remote attackers to cause a denial of service (memory
30-10-2018 - 16:25 05-04-2010 - 17:30
CVE-2010-0173 9.3
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 3.5.9 and 3.6.x before 3.6.2, Thunderbird before 3.0.4, and SeaMonkey before 2.0.4 allow remote attackers to cause a denial of service (memory corruption and applica
30-10-2018 - 16:25 05-04-2010 - 17:30
CVE-2011-0719 5.0
Samba 3.x before 3.3.15, 3.4.x before 3.4.12, and 3.5.x before 3.5.7 does not perform range checks for file descriptors before use of the FD_SET macro, which allows remote attackers to cause a denial of service (stack memory corruption, and infinite
30-10-2018 - 16:25 01-03-2011 - 23:00
CVE-2010-0175 9.3
Use-after-free vulnerability in the nsTreeSelection implementation in Mozilla Firefox before 3.0.19 and 3.5.x before 3.5.9, Thunderbird before 3.0.4, and SeaMonkey before 2.0.4 allows remote attackers to execute arbitrary code or cause a denial of se
30-10-2018 - 16:25 05-04-2010 - 17:30
CVE-2010-0176 9.3
Mozilla Firefox before 3.0.19, 3.5.x before 3.5.9, and 3.6.x before 3.6.2; Thunderbird before 3.0.4; and SeaMonkey before 2.0.4 do not properly manage reference counts for option elements in a XUL tree optgroup, which might allow remote attackers to
30-10-2018 - 16:25 05-04-2010 - 17:30
CVE-2009-1311 4.3
Mozilla Firefox before 3.0.9 and SeaMonkey before 1.1.17 allow user-assisted remote attackers to obtain sensitive information via a web page with an embedded frame, which causes POST data from an outer page to be sent to the inner frame's URL during
30-10-2018 - 16:25 22-04-2009 - 18:30
CVE-2008-0017 9.3
The http-index-format MIME type parser (nsDirIndexParser) in Firefox 3.x before 3.0.4, Firefox 2.x before 2.0.0.18, and SeaMonkey 1.x before 1.1.13 does not check for an allocation failure, which allows remote attackers to cause a denial of service (
26-10-2018 - 14:19 13-11-2008 - 11:30
CVE-2007-5597 4.3
The hook_comments API in Drupal 4.7.x before 4.7.8 and 5.x before 5.3 does not pass publication status, which might allow attackers to bypass access restrictions and trigger e-mail with unpublished comments from some modules, as demonstrated by (1) O
26-10-2018 - 14:14 19-10-2007 - 23:17
CVE-2007-5595 5.1
CRLF injection vulnerability in the drupal_goto function in includes/common.inc Drupal 4.7.x before 4.7.8 and 5.x before 5.3 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via unspecified vectors.
26-10-2018 - 14:13 19-10-2007 - 23:17
CVE-2007-5596 4.3
The core Upload module in Drupal 4.7.x before 4.7.8 and 5.x before 5.3 places the .html extension on a whitelist, which allows remote attackers to conduct cross-site scripting (XSS) attacks by uploading .html files.
26-10-2018 - 14:13 19-10-2007 - 23:17
CVE-2007-3998 5.0
The wordwrap function in PHP 4 before 4.4.8, and PHP 5 before 5.2.4, does not properly use the breakcharlen variable, which allows remote attackers to cause a denial of service (divide-by-zero error and application crash, or infinite loop) via certai
26-10-2018 - 13:59 04-09-2007 - 18:17
CVE-2016-6233 7.5
The (1) order and (2) group methods in Zend_Db_Select in the Zend Framework before 1.12.19 might allow remote attackers to conduct SQL injection attacks via vectors related to use of the character pattern [\w]* in a regular expression.
21-10-2018 - 10:29 17-02-2017 - 02:59
CVE-2016-4861 7.5
The (1) order and (2) group methods in Zend_Db_Select in the Zend Framework before 1.12.20 might allow remote attackers to conduct SQL injection attacks by leveraging failure to remove comments from an SQL statement before validation.
21-10-2018 - 10:29 17-02-2017 - 02:59
CVE-2006-0745 7.2
X.Org server (xorg-server) 1.0.0 and later, X11R6.9.0, and X11R7.0 inadvertently treats the address of the geteuid function as if it is the return value of a call to geteuid, which allows local users to bypass intended restrictions and (1) execute ar
19-10-2018 - 15:46 21-03-2006 - 02:06
CVE-2006-0749 9.3
nsHTMLContentSink.cpp in Mozilla Firefox and Thunderbird 1.x before 1.5 and 1.0.x before 1.0.8, Mozilla Suite before 1.7.13, and SeaMonkey before 1.0 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via
19-10-2018 - 15:46 14-04-2006 - 10:02
CVE-2006-0645 7.5
Tiny ASN.1 Library (libtasn1) before 0.2.18, as used by (1) GnuTLS 1.2.x before 1.2.10 and 1.3.x before 1.3.4, and (2) GNU Shishi, allows attackers to crash the DER decoder and possibly execute arbitrary code via "out-of-bounds access" caused by inva
19-10-2018 - 15:45 10-02-2006 - 18:06
CVE-2006-0301 7.5
Heap-based buffer overflow in Splash.cc in xpdf, as used in other products such as (1) poppler, (2) kdegraphics, (3) gpdf, (4) pdfkit.framework, and others, allows attackers to cause a denial of service and possibly execute arbitrary code via crafted
19-10-2018 - 15:44 30-01-2006 - 22:03
CVE-2006-0454 5.0
Linux kernel before 2.6.15.3 down to 2.6.12, while constructing an ICMP response in icmp_send, does not properly handle when the ip_options_echo function in icmp.c fails, which allows remote attackers to cause a denial of service (crash) via vectors
19-10-2018 - 15:44 07-02-2006 - 18:06
CVE-2006-0225 4.6
scp in OpenSSH 4.2p1 allows attackers to execute arbitrary commands via filenames that contain shell metacharacters or spaces, which are expanded twice.
19-10-2018 - 15:43 25-01-2006 - 11:03
CVE-2006-0292 7.5
The Javascript interpreter (jsinterp.c) in Mozilla and Firefox before 1.5.1 does not properly dereference objects, which allows remote attackers to cause a denial of service (crash) or execute arbitrary code via unknown attack vectors related to garb
19-10-2018 - 15:43 02-02-2006 - 20:06
CVE-2006-0296 5.0
The XULDocument.persist function in Mozilla, Firefox before 1.5.0.1, and SeaMonkey before 1.0 does not validate the attribute name, which allows remote attackers to execute arbitrary Javascript by injecting RDF data into the user's localstore.rdf fil
19-10-2018 - 15:43 02-02-2006 - 20:06
CVE-2006-0058 7.6
Signal handler race condition in Sendmail 8.13.x before 8.13.6 allows remote attackers to execute arbitrary code by triggering timeouts in a way that causes the setjmp and longjmp function calls to be interrupted and modify unexpected memory location
19-10-2018 - 15:42 22-03-2006 - 20:06
CVE-2006-0049 5.0
gpg in GnuPG before 1.4.2.2 does not properly verify non-detached signatures, which allows attackers to inject unsigned data via a data packet that is not associated with a control packet, which causes the check for concatenated signatures to report
19-10-2018 - 15:42 13-03-2006 - 21:06
CVE-2006-0095 2.1
dm-crypt in Linux kernel 2.6.15 and earlier does not clear a structure before it is freed, which leads to a memory disclosure that could allow local users to obtain sensitive information about a cryptographic key.
19-10-2018 - 15:42 06-01-2006 - 11:03
CVE-2005-4134 5.0
Mozilla Firefox 1.5, Netscape 8.0.4 and 7.2, and K-Meleon before 0.9.12 allows remote attackers to cause a denial of service (CPU consumption and delayed application startup) via a web site with a large title, which is recorded in history.dat but not
19-10-2018 - 15:40 09-12-2005 - 15:03
CVE-2005-4077 4.6
Multiple off-by-one errors in the cURL library (libcurl) 7.11.2 through 7.15.0 allow local users to trigger a buffer overflow and cause a denial of service or bypass PHP security restrictions via certain URLs that (1) are malformed in a way that prev
19-10-2018 - 15:40 08-12-2005 - 01:03
CVE-2005-3624 5.0
The CCITTFaxStream::CCITTFaxStream function in Stream.cc for xpdf, gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others allows attackers to corrupt the heap via negative or large integers in a CCITTFaxDecode stream, which lead to int
19-10-2018 - 15:37 31-12-2005 - 05:00
CVE-2005-3625 10.0
Xpdf, as used in products such as gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others, allows attackers to cause a denial of service (infinite loop) via streams that end prematurely, as demonstrated using the (1) CCITTFaxDecode and
19-10-2018 - 15:37 31-12-2005 - 05:00
CVE-2005-3626 5.0
Xpdf, as used in products such as gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others, allows attackers to cause a denial of service (crash) via a crafted FlateDecode stream that triggers a null dereference.
19-10-2018 - 15:37 31-12-2005 - 05:00
CVE-2005-3627 7.5
Stream.cc in Xpdf, as used in products such as gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others, allows attackers to modify memory and possibly execute arbitrary code via a DCTDecode stream with (1) a large "number of components"
19-10-2018 - 15:37 31-12-2005 - 05:00
CVE-2005-3350 7.5
libungif library before 4.1.0 allows attackers to corrupt memory and possibly execute arbitrary code via a crafted GIF file that leads to an out-of-bounds write.
19-10-2018 - 15:35 04-11-2005 - 00:02
CVE-2005-3192 7.5
Heap-based buffer overflow in the StreamPredictor function in Xpdf 3.01, as used in products such as (1) Poppler, (2) teTeX, (3) KDE kpdf, and (4) pdftohtml, (5) KOffice KWord, (6) CUPS, and (7) libextractor allows remote attackers to execute arbitra
19-10-2018 - 15:35 08-12-2005 - 01:03
CVE-2005-3193 5.1
Heap-based buffer overflow in the JPXStream::readCodestream function in the JPX stream parsing code (JPXStream.c) for xpdf 3.01 and earlier, as used in products such as (1) Poppler, (2) teTeX, (3) KDE kpdf, (4) CUPS, and (5) libextractor allows user-
19-10-2018 - 15:35 07-12-2005 - 00:03
CVE-2005-3191 5.1
Multiple heap-based buffer overflows in the (1) DCTStream::readProgressiveSOF and (2) DCTStream::readBaselineSOF functions in the DCT stream parsing code (Stream.cc) in xpdf 3.01 and earlier, as used in products such as (a) Poppler, (b) teTeX, (c) KD
19-10-2018 - 15:34 07-12-2005 - 01:03
CVE-2005-3180 5.0
The Orinoco driver (orinoco.c) in Linux kernel 2.6.13 and earlier does not properly clear memory from a previously used packet whose length is increased, which allows remote attackers to obtain sensitive information.
19-10-2018 - 15:34 12-10-2005 - 13:04
CVE-2005-2495 5.1
Multiple integer overflows in XFree86 before 4.3.0 allow user-assisted attackers to execute arbitrary code via a crafted pixmap image.
19-10-2018 - 15:33 15-09-2005 - 20:03
CVE-2005-2335 5.0
Buffer overflow in the POP3 client in Fetchmail before 6.2.5.2 allows remote POP3 servers to cause a denial of service and possibly execute arbitrary code via long UIDL responses. NOTE: a typo in an advisory accidentally used the wrong CVE identifie
19-10-2018 - 15:32 27-07-2005 - 04:00
CVE-2005-1267 5.0
The bgp_update_print function in tcpdump 3.x does not properly handle a -1 return value from the decode_prefix4 function, which allows remote attackers to cause a denial of service (infinite loop) via a crafted BGP packet.
19-10-2018 - 15:31 10-06-2005 - 04:00
CVE-2004-2761 5.0
The MD5 Message-Digest Algorithm is not collision resistant, which makes it easier for context-dependent attackers to conduct spoofing attacks, as demonstrated by attacks on the use of MD5 in the signature algorithm of an X.509 certificate. There are
19-10-2018 - 15:30 05-01-2009 - 20:30
CVE-2004-0057 5.0
The rawprint function in the ISAKMP decoding routines (print-isakmp.c) for tcpdump 3.8.1 and earlier allows remote attackers to cause a denial of service (segmentation fault) via malformed ISAKMP packets that cause invalid "len" or "loc" values to be
19-10-2018 - 15:29 17-02-2004 - 05:00
CVE-2003-0989 7.5
tcpdump before 3.8.1 allows remote attackers to cause a denial of service (infinite loop) via certain ISAKMP packets, a different vulnerability than CVE-2004-0057.
19-10-2018 - 15:29 17-02-2004 - 05:00
CVE-2006-3117 7.6
Heap-based buffer overflow in OpenOffice.org (aka StarOffice) 1.1.x up to 1.1.5 and 2.0.x before 2.0.3 allows user-assisted attackers to execute arbitrary code via a crafted OpenOffice XML document that is not properly handled by (1) Calc, (2) Draw,
18-10-2018 - 16:45 30-06-2006 - 18:05
CVE-2006-2894 4.0
Mozilla Firefox 1.5.0.4, 2.0.x before 2.0.0.8, Mozilla Suite 1.7.13, Mozilla SeaMonkey 1.0.2 and other versions before 1.1.5, and Netscape 8.1 and earlier allow user-assisted remote attackers to read arbitrary files by tricking a user into typing the
18-10-2018 - 16:43 07-06-2006 - 10:02
CVE-2006-2198 7.6
OpenOffice.org (aka StarOffice) 1.1.x up to 1.1.5 and 2.0.x before 2.0.3 allows user-assisted attackers to conduct unauthorized activities via an OpenOffice document with a malicious BASIC macro, which is executed without prompting the user.
18-10-2018 - 16:38 30-06-2006 - 18:05
CVE-2006-2199 7.6
Unspecified vulnerability in Java Applets in OpenOffice.org 1.1.x (aka StarOffice) up to 1.1.5 and 2.0.x before 2.0.3 allows user-assisted attackers to escape the Java sandbox and conduct unauthorized activities via certain applets in OpenOffice docu
18-10-2018 - 16:38 30-06-2006 - 18:05
CVE-2006-1742 5.0
The JavaScript engine in Mozilla Firefox and Thunderbird 1.x before 1.5 and 1.0.x before 1.0.8, Mozilla Suite before 1.7.13, and SeaMonkey before 1.0 does not properly handle temporary variables that are not garbage collected, which might allow remot
18-10-2018 - 16:36 14-04-2006 - 10:02
CVE-2006-1790 10.0
A regression fix in Mozilla Firefox 1.0.7 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via the InstallTrigger.install method, which leads to memory corruption.
18-10-2018 - 16:36 14-04-2006 - 19:02
CVE-2006-1737 9.3
Integer overflow in Mozilla Firefox and Thunderbird 1.x before 1.5 and 1.0.x before 1.0.8, Mozilla Suite before 1.7.13, and SeaMonkey before 1.0 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary bytecode via
18-10-2018 - 16:35 14-04-2006 - 18:02
CVE-2006-1735 9.3
Mozilla Firefox and Thunderbird 1.x before 1.5 and 1.0.x before 1.0.8, Mozilla Suite before 1.7.13, and SeaMonkey before 1.0 allows remote attackers to execute arbitrary code by using an eval in an XBL method binding (XBL.method.eval) to create Javas
18-10-2018 - 16:35 14-04-2006 - 10:02
CVE-2006-1739 9.3
The CSS border-rendering code in Mozilla Firefox and Thunderbird 1.x before 1.5 and 1.0.x before 1.0.8, Mozilla Suite before 1.7.13, and SeaMonkey before 1.0 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary
18-10-2018 - 16:35 14-04-2006 - 10:02
CVE-2006-1733 6.8
Mozilla Firefox and Thunderbird 1.x before 1.5 and 1.0.x before 1.0.8, Mozilla Suite before 1.7.13, and SeaMonkey before 1.0 does not properly protect the compilation scope of privileged built-in XBL bindings, which allows remote attackers to execute
18-10-2018 - 16:35 14-04-2006 - 10:02
CVE-2006-1740 2.6
Mozilla Firefox 1.x before 1.5 and 1.0.x before 1.0.8, Mozilla Suite before 1.7.13, and SeaMonkey before 1.0 allows remote attackers to spoof secure site indicators such as the locked icon by opening the trusted site in a popup window, then changing
18-10-2018 - 16:35 14-04-2006 - 10:02
CVE-2006-1738 5.0
Unspecified vulnerability in Mozilla Firefox and Thunderbird 1.x before 1.5 and 1.0.x before 1.0.8, Mozilla Suite before 1.7.13, and SeaMonkey before 1.0 allows remote attackers to cause a denial of service (crash) by changing the (1) -moz-grid and (
18-10-2018 - 16:35 14-04-2006 - 18:02
CVE-2006-1734 6.8
Mozilla Firefox and Thunderbird 1.x before 1.5 and 1.0.x before 1.0.8, Mozilla Suite before 1.7.13, and SeaMonkey before 1.0 allows remote attackers to execute arbitrary code by using the Object.watch method to access the "clone parent" internal func
18-10-2018 - 16:35 14-04-2006 - 10:02
CVE-2006-1741 4.3
Mozilla Firefox 1.x before 1.5 and 1.0.x before 1.0.8, Mozilla Suite before 1.7.13, and SeaMonkey before 1.0 allows remote attackers to inject arbitrary Javascript into other sites by (1) "using a modal alert to suspend an event handler while a new p
18-10-2018 - 16:35 14-04-2006 - 10:02
CVE-2006-1727 7.6
Unspecified vulnerability in Mozilla Firefox and Thunderbird 1.x before 1.5.0.2 and 1.0.x before 1.0.8, Mozilla Suite before 1.7.13, and SeaMonkey before 1.0.1 allows remote attackers to gain chrome privileges via multiple attack vectors related to t
18-10-2018 - 16:34 14-04-2006 - 10:02
CVE-2006-1732 4.3
Unspecified vulnerability in Mozilla Firefox and Thunderbird 1.x before 1.5 and 1.0.x before 1.0.8, Mozilla Suite before 1.7.13, and SeaMonkey before 1.0 allows remote attackers to bypass same-origin protections and conduct cross-site scripting (XSS)
18-10-2018 - 16:34 14-04-2006 - 10:02
CVE-2006-1729 4.3
Mozilla Firefox 1.x before 1.5.0.2 and 1.0.x before 1.0.8, Mozilla Suite before 1.7.13, and SeaMonkey before 1.0.1 allows remote attackers to read arbitrary files by (1) inserting the target filename into a text box, then turning that box into a file
18-10-2018 - 16:34 14-04-2006 - 10:02
CVE-2006-1724 7.5
Unspecified vulnerability in Firefox and Thunderbird before 1.5.0.2, 1.0.x before 1.0.8, Mozilla Suite before 1.7.13, and SeaMonkey before 1.0.1 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via atta
18-10-2018 - 16:34 14-04-2006 - 10:02
CVE-2006-1728 9.3
Unspecified vulnerability in Mozilla Firefox and Thunderbird 1.x before 1.5.0.2 and 1.0.x before 1.0.8, Mozilla Suite before 1.7.13, and SeaMonkey before 1.0.1 allows remote attackers to execute arbitrary code via unknown vectors related to the crypt
18-10-2018 - 16:34 14-04-2006 - 10:02
CVE-2006-1730 9.3
Integer overflow in Mozilla Firefox and Thunderbird 1.x before 1.5.0.2 and 1.0.x before 1.0.8, Mozilla Suite before 1.7.13, and SeaMonkey before 1.0.1 allows remote attackers to execute arbitrary code via a large number in the CSS letter-spacing prop
18-10-2018 - 16:34 14-04-2006 - 10:02
CVE-2006-1731 4.3
Mozilla Firefox and Thunderbird 1.x before 1.5 and 1.0.x before 1.0.8, Mozilla Suite before 1.7.13, and SeaMonkey before 1.0 returns the Object class prototype instead of the global window object when (1) .valueOf.call or (2) .valueOf.apply are calle
18-10-2018 - 16:34 14-04-2006 - 10:02
CVE-2006-1550 7.6
Multiple buffer overflows in the xfig import code (xfig-import.c) in Dia 0.87 and later before 0.95-pre6 allow user-assisted attackers to have an unknown impact via a crafted xfig file, possibly involving an invalid (1) color index, (2) number of poi
18-10-2018 - 16:33 30-03-2006 - 23:02
CVE-2006-1059 1.2
The winbindd daemon in Samba 3.0.21 to 3.0.21c writes the machine trust account password in cleartext in log files, which allows local users to obtain the password and spoof the server in the domain.
18-10-2018 - 16:30 30-03-2006 - 17:06
CVE-2017-18220 6.8
The ReadOneJNGImage and ReadJNGImage functions in coders/png.c in GraphicsMagick 1.3.26 allow remote attackers to cause a denial of service (magick/blob.c CloseBlob use-after-free) or possibly have unspecified other impact via a crafted file, a relat
18-10-2018 - 10:29 05-03-2018 - 22:29
CVE-2017-17498 6.8
WritePNMImage in coders/pnm.c in GraphicsMagick 1.3.26 allows remote attackers to cause a denial of service (bit_stream.c MagickBitStreamMSBWrite heap-based buffer overflow and application crash) or possibly have unspecified other impact via a crafte
18-10-2018 - 10:29 11-12-2017 - 02:29
CVE-2017-16547 6.8
The DrawImage function in magick/render.c in GraphicsMagick 1.3.26 does not properly look for pop keywords that are associated with push keywords, which allows remote attackers to cause a denial of service (negative strncpy and application crash) or
18-10-2018 - 10:29 06-11-2017 - 05:29
CVE-2017-16545 6.8
The ReadWPGImage function in coders/wpg.c in GraphicsMagick 1.3.26 does not properly validate colormapped images, which allows remote attackers to cause a denial of service (ImportIndexQuantumType invalid write and application crash) or possibly have
18-10-2018 - 10:29 05-11-2017 - 22:29
CVE-2017-11722 4.3
The WriteOnePNGImage function in coders/png.c in GraphicsMagick 1.3.26 allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted file, because the program's actual control flow was inconsistent with
18-10-2018 - 10:29 28-07-2017 - 13:29
CVE-2017-11638 6.8
GraphicsMagick 1.3.26 has a segmentation violation in the WriteMAPImage() function in coders/map.c when processing a non-colormapped image, a different vulnerability than CVE-2017-11642.
18-10-2018 - 10:29 26-07-2017 - 08:29
CVE-2017-11642 6.8
GraphicsMagick 1.3.26 has a NULL pointer dereference in the WriteMAPImage() function in coders/map.c when processing a non-colormapped image, a different vulnerability than CVE-2017-11638.
18-10-2018 - 10:29 26-07-2017 - 08:29
CVE-2006-6498 6.8
Multiple unspecified vulnerabilities in the JavaScript engine for Mozilla Firefox 2.x before 2.0.0.1, 1.5.x before 1.5.0.9, Thunderbird before 1.5.0.9, SeaMonkey before 1.0.7, and Mozilla 1.7 and probably earlier on Solaris, allow remote attackers to
17-10-2018 - 21:48 20-12-2006 - 01:28
CVE-2006-6497 6.8
Multiple unspecified vulnerabilities in the layout engine for Mozilla Firefox 2.x before 2.0.0.1, 1.5.x before 1.5.0.9, Thunderbird before 1.5.0.9, and SeaMonkey before 1.0.7 allow remote attackers to cause a denial of service (memory corruption and
17-10-2018 - 21:48 20-12-2006 - 01:28
CVE-2006-6503 6.8
Mozilla Firefox 2.x before 2.0.0.1, 1.5.x before 1.5.0.9, Thunderbird before 1.5.0.9, and SeaMonkey before 1.0.7 allows remote attackers to bypass cross-site scripting (XSS) protection by changing the src attribute of an IMG element to a javascript:
17-10-2018 - 21:48 20-12-2006 - 01:28
CVE-2006-6505 6.8
Multiple heap-based buffer overflows in Mozilla Thunderbird before 1.5.0.9 and SeaMonkey before 1.0.7 allow remote attackers to execute arbitrary code via (1) external message modies with long Content-Type headers or (2) long RFC2047-encoded (MIME no
17-10-2018 - 21:48 20-12-2006 - 01:28
CVE-2006-6504 9.3
Mozilla Firefox 2.x before 2.0.0.1, 1.5.x before 1.5.0.9, and SeaMonkey before 1.0.7 allows remote attackers to execute arbitrary code by appending an SVG comment DOM node to another type of document, which triggers memory corruption.
17-10-2018 - 21:48 20-12-2006 - 01:28
CVE-2006-6502 7.1
Use-after-free vulnerability in the LiveConnect bridge code for Mozilla Firefox 2.x before 2.0.0.1, 1.5.x before 1.5.0.9, Thunderbird before 1.5.0.9, and SeaMonkey before 1.0.7 allows remote attackers to cause a denial of service (crash) via unknown
17-10-2018 - 21:48 20-12-2006 - 01:28
CVE-2006-6501 6.8
Unspecified vulnerability in Mozilla Firefox 2.x before 2.0.0.1, 1.5.x before 1.5.0.9, Thunderbird before 1.5.0.9, and SeaMonkey before 1.0.7 allows remote attackers to gain privileges and install malicious code via the watch Javascript function.
17-10-2018 - 21:48 20-12-2006 - 01:28
CVE-2006-6077 5.0
The (1) Password Manager in Mozilla Firefox 2.0, and 1.5.0.8 and earlier; and the (2) Passcard Manager in Netscape 8.1.2 and possibly other versions, do not properly verify that an ACTION URL in a FORM element containing a password INPUT element matc
17-10-2018 - 21:46 24-11-2006 - 17:07
CVE-2006-6104 5.0
The System.Web class in the XSP for ASP.NET server 1.1 through 2.0 in Mono does not properly verify local pathnames, which allows remote attackers to (1) read source code by appending a space (%20) to a URI, and (2) read credentials via a request for
17-10-2018 - 21:46 21-12-2006 - 19:28
CVE-2006-5974 7.8
fetchmail 6.3.5 and 6.3.6 before 6.3.6-rc4, when refusing a message delivered via the mda option, allows remote attackers to cause a denial of service (crash) via unknown vectors that trigger a NULL pointer dereference when calling the (1) ferror or
17-10-2018 - 21:46 31-12-2006 - 05:00
CVE-2006-5867 7.8
fetchmail before 6.3.6-rc4 does not properly enforce TLS and may transmit cleartext passwords over unsecured links if certain circumstances occur, which allows remote attackers to obtain sensitive information via man-in-the-middle (MITM) attacks.
17-10-2018 - 21:45 31-12-2006 - 05:00
CVE-2006-5870 9.3
Multiple integer overflows in OpenOffice.org (OOo) 2.0.4 and earlier, and possibly other versions before 2.1.0; and StarOffice 6 through 8; allow user-assisted remote attackers to execute arbitrary code via a crafted (a) WMF or (b) EMF file that trig
17-10-2018 - 21:45 31-12-2006 - 05:00
CVE-2006-5276 10.0
Stack-based buffer overflow in the DCE/RPC preprocessor in Snort before 2.6.1.3, and 2.7 before beta 2; and Sourcefire Intrusion Sensor; allows remote attackers to execute arbitrary code via crafted SMB traffic. All affected Sourcefire Intrustion Sen
17-10-2018 - 21:41 20-02-2007 - 01:28
CVE-2015-6937 4.9
The __rds_conn_create function in net/rds/connection.c in the Linux kernel through 4.2.3 allows local users to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact by using a socket that was
17-10-2018 - 01:29 19-10-2015 - 10:59
CVE-2015-3237 6.4
The smb_request_state function in cURL and libcurl 7.40.0 through 7.42.1 allows remote SMB servers to obtain sensitive information from memory or cause a denial of service (out-of-bounds read and crash) via crafted length and offset values.
17-10-2018 - 01:29 22-06-2015 - 19:59
CVE-2015-3236 5.0
cURL and libcurl 7.40.0 through 7.42.1 send the HTTP Basic authentication credentials for a previous connection when reusing a reset (curl_easy_reset) connection handle to send a request to the same host name, which allows remote attackers to obtain
17-10-2018 - 01:29 22-06-2015 - 19:59
CVE-2015-3144 9.0
The fix_hostname function in cURL and libcurl 7.37.0 through 7.41.0 does not properly calculate an index, which allows remote attackers to cause a denial of service (out-of-bounds read or write and crash) or possibly have other unspecified impact via
17-10-2018 - 01:29 24-04-2015 - 14:59
CVE-2016-0755 5.0
The ConnectionExists function in lib/url.c in libcurl before 7.47.0 does not properly re-use NTLM-authenticated proxy connections, which might allow remote attackers to authenticate as other users via a request, a similar issue to CVE-2014-0015.
17-10-2018 - 01:29 29-01-2016 - 20:59
CVE-2016-0729 7.5
Multiple buffer overflows in (1) internal/XMLReader.cpp, (2) util/XMLURL.cpp, and (3) util/XMLUri.cpp in the XML Parser library in Apache Xerces-C before 3.1.3 allow remote attackers to cause a denial of service (segmentation fault or memory corrupti
17-10-2018 - 01:29 07-04-2016 - 21:59
CVE-2007-3477 5.0
The (a) imagearc and (b) imagefilledarc functions in GD Graphics Library (libgd) before 2.0.35 allow attackers to cause a denial of service (CPU consumption) via a large (1) start or (2) end angle degree value.
16-10-2018 - 16:50 28-06-2007 - 18:30
CVE-2007-3478 4.3
Race condition in gdImageStringFTEx (gdft_draw_bitmap) in gdft.c in the GD Graphics Library (libgd) before 2.0.35 allows user-assisted remote attackers to cause a denial of service (crash) via unspecified vectors, possibly involving truetype font (TT
16-10-2018 - 16:50 28-06-2007 - 18:30
CVE-2007-3476 4.3
Array index error in gd_gif_in.c in the GD Graphics Library (libgd) before 2.0.35 allows user-assisted remote attackers to cause a denial of service (crash and heap corruption) via large color index values in crafted image data, which results in a se
16-10-2018 - 16:50 28-06-2007 - 18:30
CVE-2007-3472 4.3
Integer overflow in gdImageCreateTrueColor function in the GD Graphics Library (libgd) before 2.0.35 allows user-assisted remote attackers to have unspecified attack vectors and impact. An integer overflow exists in the "gdImageCreateTrueColor()" fun
16-10-2018 - 16:49 28-06-2007 - 18:30
CVE-2007-3475 4.3
The GD Graphics Library (libgd) before 2.0.35 allows user-assisted remote attackers to cause a denial of service (crash) via a GIF image that has no global color map.
16-10-2018 - 16:49 28-06-2007 - 18:30
CVE-2007-3473 4.3
The gdImageCreateXbm function in the GD Graphics Library (libgd) before 2.0.35 allows user-assisted remote attackers to cause a denial of service (crash) via unspecified vectors involving a gdImageCreate failure.
16-10-2018 - 16:49 28-06-2007 - 18:30
CVE-2007-3388 6.8
Multiple format string vulnerabilities in (1) qtextedit.cpp, (2) qdatatable.cpp, (3) qsqldatabase.cpp, (4) qsqlindex.cpp, (5) qsqlrecord.cpp, (6) qglobal.cpp, and (7) qsvgdevice.cpp in QTextEdit in Trolltech Qt 3 before 3.3.8 20070727 allow remote at
16-10-2018 - 16:49 03-08-2007 - 20:17
CVE-2007-3474 2.6
Multiple unspecified vulnerabilities in the GIF reader in the GD Graphics Library (libgd) before 2.0.35 have unspecified impact and user-assisted remote attack vectors. An integer overflow exists in the "gdImageCreateTrueColor()" function.
16-10-2018 - 16:49 28-06-2007 - 18:30
CVE-2007-3386 4.3
Cross-site scripting (XSS) vulnerability in the Host Manager Servlet for Apache Tomcat 6.0.0 to 6.0.13 and 5.5.0 to 5.5.24 allows remote attackers to inject arbitrary HTML and web script via crafted requests, as demonstrated using the aliases paramet
16-10-2018 - 16:48 14-08-2007 - 22:17
CVE-2007-3103 6.2
The init.d script for the X.Org X11 xfs font server on various Linux distributions might allow local users to change the permissions of arbitrary files via a symlink attack on the /tmp/.font-unix temporary file.
16-10-2018 - 16:47 15-07-2007 - 22:30
CVE-2007-2868 9.3
Multiple vulnerabilities in the JavaScript engine for Mozilla Firefox 1.5.x before 1.5.0.12 and 2.x before 2.0.0.4, Thunderbird 1.5.x before 1.5.0.12 and 2.x before 2.0.0.4, and SeaMonkey 1.0.9 and 1.1.2 allow remote attackers to cause a denial of se
16-10-2018 - 16:46 01-06-2007 - 00:30
CVE-2007-2867 9.3
Multiple vulnerabilities in the layout engine for Mozilla Firefox 1.5.x before 1.5.0.12 and 2.x before 2.0.0.4, Thunderbird 1.5.x before 1.5.0.12 and 2.x before 2.0.0.4, and SeaMonkey 1.0.9 and 1.1.2 allow remote attackers to cause a denial of servic
16-10-2018 - 16:45 01-06-2007 - 00:30
CVE-2007-1661 6.4
Perl-Compatible Regular Expression (PCRE) library before 7.3 backtracks too far when matching certain input bytes against some regex patterns in non-UTF-8 mode, which allows context-dependent attackers to obtain sensitive information or cause a denia
16-10-2018 - 16:39 07-11-2007 - 23:46
CVE-2007-1659 6.8
Perl-Compatible Regular Expression (PCRE) library before 7.3 allows context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code via regex patterns containing unmatched "\Q\E" sequences with orphan "\E" codes.
16-10-2018 - 16:39 07-11-2007 - 23:46
CVE-2007-1662 5.0
Perl-Compatible Regular Expression (PCRE) library before 7.3 reads past the end of the string when searching for unmatched brackets and parentheses, which allows context-dependent attackers to cause a denial of service (crash), possibly involving for
16-10-2018 - 16:39 07-11-2007 - 23:46
CVE-2007-1466 6.8
Integer overflow in the WP6GeneralTextPacket::_readContents function in WordPerfect Document importer/exporter (libwpd) before 0.8.9 allows user-assisted remote attackers to cause a denial of service (application crash) and possibly execute arbitrary
16-10-2018 - 16:38 16-03-2007 - 21:19
CVE-2007-1263 5.0
GnuPG 1.4.6 and earlier and GPGME before 1.1.4, when run from the command line, does not visually distinguish signed and unsigned portions of OpenPGP messages with multiple components, which might allow remote attackers to forge the contents of a mes
16-10-2018 - 16:37 06-03-2007 - 20:19
CVE-2007-1095 6.8
Mozilla Firefox before 2.0.0.8 and SeaMonkey before 1.1.5 do not properly implement JavaScript onUnload handlers, which allows remote attackers to run certain JavaScript code and access the location DOM hierarchy in the context of the next web site t
16-10-2018 - 16:36 26-02-2007 - 17:28
CVE-2007-0996 5.8
The child frames in Mozilla Firefox before 1.5.0.10 and 2.x before 2.0.0.2, and SeaMonkey before 1.0.8 inherit the default charset from the parent window, which allows remote attackers to conduct cross-site scripting (XSS) attacks, as demonstrated us
16-10-2018 - 16:36 27-02-2007 - 02:28
CVE-2007-0995 4.3
Mozilla Firefox before 1.5.0.10 and 2.x before 2.0.0.2, and SeaMonkey before 1.0.8 ignores trailing invalid HTML characters in attribute names, which allows remote attackers to bypass content filters that use regular expressions.
16-10-2018 - 16:36 26-02-2007 - 19:28
CVE-2007-0981 7.5
Mozilla based browsers, including Firefox before 1.5.0.10 and 2.x before 2.0.0.2, and SeaMonkey before 1.0.8, allow remote attackers to bypass the same origin policy, steal cookies, and conduct other attacks by writing a URI with a null byte to the h
16-10-2018 - 16:35 16-02-2007 - 01:28
CVE-2007-0779 6.4
GUI overlay vulnerability in Mozilla Firefox 1.5.x before 1.5.0.10 and 2.x before 2.0.0.2, and SeaMonkey before 1.0.8 allows remote attackers to spoof certain user interface elements, such as the host name or security indicators, via the CSS3 hotspot
16-10-2018 - 16:34 26-02-2007 - 20:28
CVE-2007-0800 4.3
Cross-zone vulnerability in Mozilla Firefox 1.5.0.9 considers blocked popups to have an internal zone origin, which allows user-assisted remote attackers to cross zone restrictions and read arbitrary file:// URIs by convincing a user to show a blocke
16-10-2018 - 16:34 07-02-2007 - 11:28
CVE-2007-0776 9.3
Heap-based buffer overflow in the _cairo_pen_init function in Mozilla Firefox 2.x before 2.0.0.2, Thunderbird before 1.5.0.10, and SeaMonkey before 1.0.8 allows remote attackers to execute arbitrary code via a large stroke-width attribute in the clip
16-10-2018 - 16:34 26-02-2007 - 19:28
CVE-2007-0775 3.7
Multiple unspecified vulnerabilities in the layout engine in Mozilla Firefox before 1.5.0.10 and 2.x before 2.0.0.2, Thunderbird before 1.5.0.10, and SeaMonkey before 1.0.8 allow remote attackers to cause a denial of service (crash) and potentially e
16-10-2018 - 16:34 26-02-2007 - 19:28
CVE-2007-0556 6.6
The query planner in PostgreSQL before 8.0.11, 8.1 before 8.1.7, and 8.2 before 8.2.2 does not verify that a table is compatible with a "previously made query plan," which allows remote authenticated users to cause a denial of service (server crash)
16-10-2018 - 16:33 06-02-2007 - 01:28
CVE-2007-0452 6.8
smbd in Samba 3.0.6 through 3.0.23d allows remote authenticated users to cause a denial of service (memory and CPU exhaustion) by renaming a file in a way that prevents a request from being removed from the deferred open queue, which triggers an infi
16-10-2018 - 16:32 06-02-2007 - 02:28
CVE-2007-0005 6.9
Multiple buffer overflows in the (1) read and (2) write handlers in the Omnikey CardMan 4040 driver in the Linux kernel before 2.6.21-rc3 allow local users to gain privileges.
16-10-2018 - 16:29 10-03-2007 - 00:19
CVE-2007-0008 6.8
Integer underflow in the SSLv2 support in Mozilla Network Security Services (NSS) before 3.11.5, as used by Firefox before 1.5.0.10 and 2.x before 2.0.0.2, SeaMonkey before 1.0.8, Thunderbird before 1.5.0.10, and certain Sun Java System server produc
16-10-2018 - 16:29 26-02-2007 - 20:28
CVE-2007-0002 9.3
Multiple heap-based buffer overflows in WordPerfect Document importer/exporter (libwpd) before 0.8.9 allow user-assisted remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a crafted WordPerfect f
16-10-2018 - 16:29 16-03-2007 - 21:19
CVE-2008-0983 5.0
lighttpd 1.4.18, and possibly other versions before 1.5.0, does not properly calculate the size of a file descriptor array, which allows remote attackers to cause a denial of service (crash) via a large number of connections, which triggers an out-of
15-10-2018 - 22:04 26-02-2008 - 18:44
CVE-2008-0786 4.3
CRLF injection vulnerability in Cacti 0.8.7 before 0.8.7b and 0.8.6 before 0.8.6k, when running on older PHP interpreters, allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via unspecified vectors.
15-10-2018 - 22:03 14-02-2008 - 23:00
CVE-2008-0785 7.5
Multiple SQL injection vulnerabilities in Cacti 0.8.7 before 0.8.7b and 0.8.6 before 0.8.6k allow remote authenticated users to execute arbitrary SQL commands via the (1) graph_list parameter to graph_view.php, (2) leaf_id and id parameters to tree.p
15-10-2018 - 22:03 14-02-2008 - 23:00
CVE-2008-0784 5.0
graph.php in Cacti 0.8.7 before 0.8.7b and 0.8.6 before 0.8.6k allows remote attackers to obtain the full path via an invalid local_graph_id parameter and other unspecified vectors.
15-10-2018 - 22:03 14-02-2008 - 23:00
CVE-2008-0783 4.3
Multiple cross-site scripting (XSS) vulnerabilities in Cacti 0.8.7 before 0.8.7b and 0.8.6 before 0.8.6k allow remote attackers to inject arbitrary web script or HTML via (1) the view_type parameter to graph.php; (2) the filter parameter to graph_vie
15-10-2018 - 22:02 14-02-2008 - 23:00
CVE-2008-0674 7.5
Buffer overflow in PCRE before 7.6 allows remote attackers to execute arbitrary code via a regular expression containing a character class with a large number of characters with Unicode code points greater than 255.
15-10-2018 - 22:02 18-02-2008 - 23:00
CVE-2008-0591 4.3
Mozilla Firefox before 2.0.0.12 and Thunderbird before 2.0.0.12 does not properly manage a delay timer used in confirmation dialogs, which might allow remote attackers to trick users into confirming an unsafe action, such as remote file execution, by
15-10-2018 - 22:01 09-02-2008 - 00:00
CVE-2008-0553 6.8
Stack-based buffer overflow in the ReadImage function in tkImgGIF.c in Tk (Tcl/Tk) before 8.5.1 allows remote attackers to execute arbitrary code via a crafted GIF image, a similar issue to CVE-2006-4484.
15-10-2018 - 22:01 07-02-2008 - 21:00
CVE-2008-0544 10.0
Heap-based buffer overflow in the IMG_LoadLBM_RW function in IMG_lbm.c in SDL_image before 1.2.7 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted IFF ILBM file. NOTE: some of t
15-10-2018 - 22:01 01-02-2008 - 20:00
CVE-2008-0592 4.3
Mozilla Firefox before 2.0.0.12 and SeaMonkey before 1.1.8 allows user-assisted remote attackers to cause a denial of service via a plain .txt file with a "Content-Disposition: attachment" and an invalid "Content-Type: plain/text," which prevents Fir
15-10-2018 - 22:01 09-02-2008 - 00:00
CVE-2008-0594 5.0
Mozilla Firefox before 2.0.0.12 does not always display a web forgery warning dialog if the entire contents of a web page are in a DIV tag that uses absolute positioning, which makes it easier for remote attackers to conduct phishing attacks.
15-10-2018 - 22:01 09-02-2008 - 01:00
CVE-2008-0593 4.3
Gecko-based browsers, including Mozilla Firefox before 2.0.0.12 and SeaMonkey before 1.1.8, modify the .href property of stylesheet DOM nodes to the final URI of a 302 redirect, which might allow remote attackers to bypass the Same Origin Policy and
15-10-2018 - 22:01 09-02-2008 - 01:00
CVE-2008-0564 4.3
Multiple cross-site scripting (XSS) vulnerabilities in Mailman before 2.1.10b1 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors related to (1) editing templates and (2) the list's "info attribute" in the web admin
15-10-2018 - 22:01 05-02-2008 - 02:00
CVE-2008-0417 4.3
CRLF injection vulnerability in Mozilla Firefox before 2.0.0.12 allows remote user-assisted web sites to corrupt the user's password store via newlines that are not properly handled when the user saves a password.
15-10-2018 - 22:00 08-02-2008 - 22:00
CVE-2008-0420 9.3
modules/libpr0n/decoders/bmp/nsBMPDecoder.cpp in Mozilla Firefox before 2.0.0.12, Thunderbird before 2.0.0.12, and SeaMonkey before 1.1.8 does not properly perform certain calculations related to the mColors table, which allows remote attackers to re
15-10-2018 - 22:00 12-02-2008 - 03:00
CVE-2008-0419 9.3
Mozilla Firefox before 2.0.0.12 and SeaMonkey before 1.1.8 allows remote attackers to steal navigation history and cause a denial of service (crash) via images in a page that uses designMode frames, which triggers memory corruption related to resize
15-10-2018 - 22:00 08-02-2008 - 22:00
CVE-2008-0418 4.3
Directory traversal vulnerability in Mozilla Firefox before 2.0.0.12, Thunderbird before 2.0.0.12, and SeaMonkey before 1.1.8, when using "flat" addons, allows remote attackers to read arbitrary Javascript, image, and stylesheet files via the chrome:
15-10-2018 - 22:00 08-02-2008 - 22:00
CVE-2008-0486 7.5
Array index vulnerability in libmpdemux/demux_audio.c in MPlayer 1.0rc2 and SVN before r25917, and possibly earlier versions, as used in Xine-lib 1.1.10, might allow remote attackers to execute arbitrary code via a crafted FLAC tag, which triggers a
15-10-2018 - 22:00 05-02-2008 - 12:00
CVE-2008-0412 9.3
The browser engine in Mozilla Firefox before 2.0.0.12, Thunderbird before 2.0.0.12, and SeaMonkey before 1.1.8 allows remote attackers to cause a denial of service (crash) and possibly trigger memory corruption via vectors related to the (1) nsTableF
15-10-2018 - 21:59 08-02-2008 - 22:00
CVE-2008-0413 9.3
The JavaScript engine in Mozilla Firefox before 2.0.0.12, Thunderbird before 2.0.0.12, and SeaMonkey before 1.1.8 allows remote attackers to cause a denial of service (crash) and possibly trigger memory corruption via (1) a large switch statement, (2
15-10-2018 - 21:59 08-02-2008 - 22:00
CVE-2008-0415 4.3
Mozilla Firefox before 2.0.0.12, Thunderbird before 2.0.0.12, and SeaMonkey before 1.1.8 allows remote attackers to execute script outside of the sandbox and conduct cross-site scripting (XSS) attacks via multiple vectors including the XMLDocument.lo
15-10-2018 - 21:59 08-02-2008 - 22:00
CVE-2008-0252 7.5
Directory traversal vulnerability in the _get_file_path function in (1) lib/sessions.py in CherryPy 3.0.x up to 3.0.2, (2) filter/sessionfilter.py in CherryPy 2.1, and (3) filter/sessionfilter.py in CherryPy 2.x allows remote attackers to create or d
15-10-2018 - 21:58 12-01-2008 - 02:46
CVE-2008-0172 5.0
The get_repeat_type function in basic_regex_creator.hpp in the Boost regex library (aka Boost.Regex) in Boost 1.33 and 1.34 allows context-dependent attackers to cause a denial of service (NULL dereference and crash) via an invalid regular expression
15-10-2018 - 21:58 17-01-2008 - 23:00
CVE-2008-0171 5.0
regex/v4/perl_matcher_non_recursive.hpp in the Boost regex library (aka Boost.Regex) in Boost 1.33 and 1.34 allows context-dependent attackers to cause a denial of service (failed assertion and crash) via an invalid regular expression.
15-10-2018 - 21:58 17-01-2008 - 23:00
CVE-2008-0095 5.0
The SIP channel driver in Asterisk Open Source 1.4.x before 1.4.17, Business Edition before C.1.0-beta8, AsteriskNOW before beta7, Appliance Developer Kit before Asterisk 1.4 revision 95946, and Appliance s800i 1.0.x before 1.0.3.4 allows remote atta
15-10-2018 - 21:57 08-01-2008 - 02:46
CVE-2008-0009 2.1
The vmsplice_to_user function in fs/splice.c in the Linux kernel 2.6.22 through 2.6.24 does not validate a certain userspace pointer before dereference, which might allow local users to access arbitrary kernel memory locations.
15-10-2018 - 21:57 12-02-2008 - 21:00
CVE-2008-0010 2.1
The copy_from_user_mmap_sem function in fs/splice.c in the Linux kernel 2.6.22 through 2.6.24 does not validate a certain userspace pointer before dereference, which allow local users to read from arbitrary kernel memory locations.
15-10-2018 - 21:57 12-02-2008 - 21:00
CVE-2008-0072 6.8
Format string vulnerability in the emf_multipart_encrypted function in mail/em-format.c in Evolution 2.12.3 and earlier allows remote attackers to execute arbitrary code via a crafted encrypted message, as demonstrated using the Version field.
15-10-2018 - 21:57 06-03-2008 - 00:44
CVE-2007-6698 4.0
The BDB backend for slapd in OpenLDAP before 2.3.36 allows remote authenticated users to cause a denial of service (crash) via a potentially-successful modify operation with the NOOP control set to critical, possibly due to a double free vulnerabilit
15-10-2018 - 21:56 01-02-2008 - 22:00
CVE-2007-6725 7.5
The CCITTFax decoding filter in Ghostscript 8.60, 8.61, and possibly other versions, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted PDF file that triggers a buffer underflow in the cf_de
15-10-2018 - 21:56 08-04-2009 - 16:30
CVE-2007-6697 7.5
Buffer overflow in the LWZReadByte function in IMG_gif.c in SDL_image before 1.2.7 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted GIF file, a similar issue to CVE-2006-4484.
15-10-2018 - 21:56 01-02-2008 - 20:00
CVE-2008-0002 5.8
Apache Tomcat 6.0.0 through 6.0.15 processes parameters in the context of the wrong request when an exception occurs during parameter processing, which might allow remote attackers to obtain sensitive information, as demonstrated by disconnecting dur
15-10-2018 - 21:56 12-02-2008 - 01:00
CVE-2008-0003 10.0
Stack-based buffer overflow in the PAMBasicAuthenticator::PAMCallback function in OpenPegasus CIM management server (tog-pegasus), when compiled to use PAM and without PEGASUS_USE_PAM_STANDALONE_PROC defined, might allow remote attackers to execute a
15-10-2018 - 21:56 08-01-2008 - 20:46
CVE-2008-0006 7.5
Buffer overflow in (1) X.Org Xserver before 1.4.1, and (2) the libfont and libXfont libraries on some platforms including Sun Solaris, allows context-dependent attackers to execute arbitrary code via a PCF font with a large difference between the las
15-10-2018 - 21:56 18-01-2008 - 23:00
CVE-2007-6600 6.5
PostgreSQL 8.2 before 8.2.6, 8.1 before 8.1.11, 8.0 before 8.0.15, 7.4 before 7.4.19, and 7.3 before 7.3.21 uses superuser privileges instead of table owner privileges for (1) VACUUM and (2) ANALYZE operations within index functions, and supports (3)
15-10-2018 - 21:55 09-01-2008 - 21:46
CVE-2007-6437 5.0
Balabit syslog-ng 2.0.x before 2.0.6 and 2.1.x before 2.1.8 allows remote attackers to cause a denial of service (crash) via a message with a timestamp that does not contain a trailing space, which triggers a NULL pointer dereference.
15-10-2018 - 21:54 19-12-2007 - 21:46
CVE-2007-6429 9.3
Multiple integer overflows in X.Org Xserver before 1.4.1 allow context-dependent attackers to execute arbitrary code via (1) a GetVisualInfo request containing a 32-bit value that is improperly used to calculate an amount of memory for allocation by
15-10-2018 - 21:53 18-01-2008 - 23:00
CVE-2007-6428 5.0
The ProcGetReservedColormapEntries function in the TOG-CUP extension in X.Org Xserver before 1.4.1 allows context-dependent attackers to read the contents of arbitrary memory locations via a request containing a 32-bit value that is improperly used a
15-10-2018 - 21:53 18-01-2008 - 23:00
CVE-2007-6352 6.8
Integer overflow in libexif 0.6.16 and earlier allows context-dependent attackers to execute arbitrary code via an image with crafted EXIF tags, possibly involving the exif_data_load_data_thumbnail function in exif-data.c.
15-10-2018 - 21:52 20-12-2007 - 02:46
CVE-2007-6318 6.8
SQL injection vulnerability in wp-includes/query.php in WordPress 2.3.1 and earlier allows remote attackers to execute arbitrary SQL commands via the s parameter, when DB_CHARSET is set to (1) Big5, (2) GBK, or possibly other character set encodings
15-10-2018 - 21:52 12-12-2007 - 00:46
CVE-2007-6115 10.0
Buffer overflow in the ANSI MAP dissector for Wireshark (formerly Ethereal) 0.99.5 to 0.99.6, when running on unspecified platforms, allows remote attackers to cause a denial of service and possibly execute arbitrary code via unknown vectors.
15-10-2018 - 21:50 23-11-2007 - 20:46
CVE-2007-6121 5.0
Wireshark (formerly Ethereal) 0.8.16 to 0.99.6 allows remote attackers to cause a denial of service (crash) via a malformed RPC Portmap packet.
15-10-2018 - 21:50 23-11-2007 - 20:46
CVE-2007-6120 5.0
The Bluetooth SDP dissector Wireshark (formerly Ethereal) 0.99.2 to 0.99.6 allows remote attackers to cause a denial of service (infinite loop) via unknown vectors.
15-10-2018 - 21:50 23-11-2007 - 20:46
CVE-2007-6119 7.8
The DCP ETSI dissector in Wireshark (formerly Ethereal) 0.99.6 allows remote attackers to cause a denial of service (long loop and resource consumption) via unknown vectors.
15-10-2018 - 21:50 23-11-2007 - 20:46
CVE-2007-6114 10.0
Multiple buffer overflows in Wireshark (formerly Ethereal) 0.99.0 through 0.99.6 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via (1) the SSL dissector or (2) the iSeries (OS/400) Communication trace
15-10-2018 - 21:50 23-11-2007 - 20:46
CVE-2007-6183 6.8
Format string vulnerability in the mdiag_initialize function in gtk/src/rbgtkmessagedialog.c in Ruby-GNOME 2 (aka Ruby/Gnome2) 0.16.0, and SVN versions before 20071127, allows context-dependent attackers to execute arbitrary code via format string sp
15-10-2018 - 21:50 30-11-2007 - 00:46
CVE-2007-6116 5.0
The Firebird/Interbase dissector in Wireshark (formerly Ethereal) 0.99.6 allows remote attackers to cause a denial of service (infinite loop or crash) via unknown vectors.
15-10-2018 - 21:50 23-11-2007 - 20:46
CVE-2007-6118 7.8
The MEGACO dissector in Wireshark (formerly Ethereal) 0.9.14 to 0.99.6 allows remote attackers to cause a denial of service (long loop and resource consumption) via unknown vectors.
15-10-2018 - 21:50 23-11-2007 - 20:46
CVE-2007-6117 5.0
Unspecified vulnerability in the HTTP dissector for Wireshark (formerly Ethereal) 0.10.14 to 0.99.6 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via crafted chunked messages.
15-10-2018 - 21:50 23-11-2007 - 20:46
CVE-2007-6067 6.8
Algorithmic complexity vulnerability in the regular expression parser in TCL before 8.4.17, as used in PostgreSQL 8.2 before 8.2.6, 8.1 before 8.1.11, 8.0 before 8.0.15, and 7.4 before 7.4.19, allows remote authenticated users to cause a denial of se
15-10-2018 - 21:49 09-01-2008 - 21:46
CVE-2007-6112 10.0
Buffer overflow in the PPP dissector Wireshark (formerly Ethereal) 0.99.6 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via unknown vectors.
15-10-2018 - 21:49 23-11-2007 - 20:46
CVE-2007-6113 4.3
Integer signedness error in the DNP3 dissector in Wireshark (formerly Ethereal) 0.10.12 to 0.99.6 allows remote attackers to cause a denial of service (long loop) via a malformed DNP3 packet.
15-10-2018 - 21:49 23-11-2007 - 20:46
CVE-2007-6111 7.1
Multiple unspecified vulnerabilities in Wireshark (formerly Ethereal) allow remote attackers to cause a denial of service (crash) via (1) a crafted MP3 file or (2) unspecified vectors to the NCP dissector.
15-10-2018 - 21:49 23-11-2007 - 20:46
CVE-2007-5971 6.9
Double free vulnerability in the gss_krb5int_make_seal_token_v3 function in lib/gssapi/krb5/k5sealv3.c in MIT Kerberos 5 (krb5) has unknown impact and attack vectors. Information from Apple: http://docs.info.apple.com/article.html?artnum=307562
15-10-2018 - 21:48 06-12-2007 - 02:46
CVE-2007-5969 7.1
MySQL Community Server 5.0.x before 5.0.51, Enterprise Server 5.0.x before 5.0.52, Server 5.1.x before 5.1.23, and Server 6.0.x before 6.0.4, when a table relies on symlinks created through explicit DATA DIRECTORY and INDEX DIRECTORY options, allows
15-10-2018 - 21:48 10-12-2007 - 19:46
CVE-2007-5937 6.8
Multiple buffer overflows in dvi2xx.c in dviljk in teTeX and TeXlive 2007 and earlier might allow user-assisted attackers to execute arbitrary code via a crafted DVI input file.
15-10-2018 - 21:47 13-11-2007 - 22:46
CVE-2007-5958 5.0
X.Org Xserver before 1.4.1 allows local users to determine the existence of arbitrary files via a filename argument in the -sp option to the X program, which produces different error messages depending on whether the filename exists.
15-10-2018 - 21:47 18-01-2008 - 23:00
CVE-2007-5936 3.6
dvips in teTeX and TeXlive 2007 and earlier allows local users to obtain sensitive information and modify certain data by creating certain temporary files before they are processed by dviljk, which can then be read or modified in place.
15-10-2018 - 21:47 13-11-2007 - 22:46
CVE-2007-5959 9.3
Multiple unspecified vulnerabilities in Mozilla Firefox before 2.0.0.10 and SeaMonkey before 1.1.7 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via unknown vectors that trigger memory corruption.
15-10-2018 - 21:47 26-11-2007 - 23:46
CVE-2007-5935 6.8
Stack-based buffer overflow in hpc.c in dvips in teTeX and TeXlive 2007 and earlier allows user-assisted attackers to execute arbitrary code via a DVI file with a long href tag.
15-10-2018 - 21:47 13-11-2007 - 22:46
CVE-2007-5947 4.3
The jar protocol handler in Mozilla Firefox before 2.0.0.10 and SeaMonkey before 1.1.7 retrieves the inner URL regardless of its MIME type, and considers HTML documents within a jar archive to have the same origin as the inner URL, which allows remot
15-10-2018 - 21:47 14-11-2007 - 01:46
CVE-2007-5899 4.3
The output_add_rewrite_var function in PHP before 5.2.5 rewrites local forms in which the ACTION attribute references a non-local URL, which allows remote attackers to obtain potentially sensitive information by reading the requests for this URL, as
15-10-2018 - 21:46 20-11-2007 - 19:46
CVE-2007-5898 6.4
The (1) htmlentities and (2) htmlspecialchars functions in PHP before 5.2.5 accept partial multibyte sequences, which has unknown impact and attack vectors, a different issue than CVE-2006-5465.
15-10-2018 - 21:46 20-11-2007 - 18:46
CVE-2007-5760 9.3
Array index error in the XFree86-Misc extension in X.Org Xserver before 1.4.1 allows context-dependent attackers to execute arbitrary code via a PassMessage request containing a large array index.
15-10-2018 - 21:46 18-01-2008 - 23:00
CVE-2007-5846 7.8
The SNMP agent (snmp_agent.c) in net-snmp before 5.4.1 allows remote attackers to cause a denial of service (CPU and memory consumption) via a GETBULK request with a large max-repeaters value.
15-10-2018 - 21:46 06-11-2007 - 21:46
CVE-2007-5386 4.3
Cross-site scripting (XSS) vulnerability in scripts/setup.php in phpMyAdmin 2.11.1, when accessed by a browser that does not URL-encode requests, allows remote attackers to inject arbitrary web script or HTML via the query string.
15-10-2018 - 21:44 12-10-2007 - 10:17
CVE-2007-5395 10.0
Stack-based buffer overflow in the separate_word function in tokenize.c in Link Grammar 4.1b and possibly other versions, as used in AbiWord Link Grammar 4.2.4, allows remote attackers to execute arbitrary code via a long word, as reachable through t
15-10-2018 - 21:44 08-11-2007 - 02:46
CVE-2007-5338 9.3
Mozilla Firefox before 2.0.0.8 and SeaMonkey before 1.1.5 allow remote attackers to execute arbitrary Javascript with user privileges by using the Script object to modify XPCNativeWrappers in a way that causes the script to be executed when a chrome
15-10-2018 - 21:43 21-10-2007 - 20:17
CVE-2007-5337 4.3
Mozilla Firefox before 2.0.0.8 and SeaMonkey before 1.1.5, when running on Linux systems with gnome-vfs support, might allow remote attackers to read arbitrary files on SSH/sftp servers that accept key authentication by creating a web page on the tar
15-10-2018 - 21:43 21-10-2007 - 20:17
CVE-2007-5269 5.0
Certain chunk handlers in libpng before 1.0.29 and 1.2.x before 1.2.21 allow remote attackers to cause a denial of service (crash) via crafted (1) pCAL (png_handle_pCAL), (2) sCAL (png_handle_sCAL), (3) tEXt (png_push_read_tEXt), (4) iTXt (png_handle
15-10-2018 - 21:42 08-10-2007 - 21:17
CVE-2007-5334 4.3
Mozilla Firefox before 2.0.0.8 and SeaMonkey before 1.1.5 can hide the window's titlebar when displaying XUL markup language documents, which makes it easier for remote attackers to conduct phishing and spoofing attacks by setting the hidechrome attr
15-10-2018 - 21:42 21-10-2007 - 20:17
CVE-2007-5162 4.3
The connect method in lib/net/http.rb in the (1) Net::HTTP and (2) Net::HTTPS libraries in Ruby 1.8.5 and 1.8.6 does not verify that the commonName (CN) field in a server certificate matches the domain name in an HTTPS request, which makes it easier
15-10-2018 - 21:41 01-10-2007 - 05:17
CVE-2007-5034 4.3
ELinks before 0.11.3, when sending a POST request for an https URL, appends the body and content headers of the POST request to the CONNECT request in cleartext, which allows remote attackers to sniff sensitive data that would have been protected by
15-10-2018 - 21:40 21-09-2007 - 20:17
CVE-2007-5038 7.5
The offer_account_by_email function in User.pm in the WebService for Bugzilla before 3.0.2, and 3.1.x before 3.1.2, does not check the value of the createemailregexp parameter, which allows remote attackers to bypass intended restrictions on account
15-10-2018 - 21:40 24-09-2007 - 00:17
CVE-2007-5135 6.8
Off-by-one error in the SSL_get_shared_ciphers function in OpenSSL 0.9.7 up to 0.9.7l, and 0.9.8 up to 0.9.8f, might allow remote attackers to execute arbitrary code via a crafted packet that triggers a one-byte buffer underflow. NOTE: this issue wa
15-10-2018 - 21:40 27-09-2007 - 20:17
CVE-2007-4993 6.9
pygrub (tools/pygrub/src/GrubConf.py) in Xen 3.0.3, when booting a guest domain, allows local users with elevated privileges in the guest domain to execute arbitrary commands in domain 0 via a crafted grub.conf file whose contents are used in exec st
15-10-2018 - 21:39 27-09-2007 - 17:17
CVE-2007-4999 4.3
libpurple in Pidgin 2.1.0 through 2.2.1, when using HTML logging, allows remote attackers to cause a denial of service (NULL dereference and application crash) via a message that contains invalid HTML data, a different vector than CVE-2007-4996.
15-10-2018 - 21:39 29-10-2007 - 22:46
CVE-2007-4995 9.3
Off-by-one error in the DTLS implementation in OpenSSL 0.9.8 before 0.9.8f allows remote attackers to execute arbitrary code via unspecified vectors.
15-10-2018 - 21:39 13-10-2007 - 01:17
CVE-2007-4996 4.3
libpurple in Pidgin before 2.2.1 does not properly handle MSN nudge messages from users who are not on the receiver's buddy list, which allows remote attackers to cause a denial of service (crash) via a nudge message that triggers an access of "an in
15-10-2018 - 21:39 01-10-2007 - 20:17
CVE-2007-4990 7.5
The swap_char2b function in X.Org X Font Server (xfs) before 1.0.5 allows context-dependent attackers to execute arbitrary code via (1) QueryXBitmaps and (2) QueryXExtents protocol requests with crafted size values that specify an arbitrary number of
15-10-2018 - 21:39 05-10-2007 - 21:17
CVE-2007-4782 5.0
PHP before 5.2.3 allows context-dependent attackers to cause a denial of service (application crash) via (1) a long string in the pattern parameter to the glob function; or (2) a long string in the string parameter to the fnmatch function, accompanie
15-10-2018 - 21:38 10-09-2007 - 21:17
CVE-2007-4771 9.3
Heap-based buffer overflow in the doInterval function in regexcmp.cpp in libicu in International Components for Unicode (ICU) 3.8.1 and earlier allows context-dependent attackers to cause a denial of service (memory consumption) and possibly have uns
15-10-2018 - 21:37 29-01-2008 - 00:00
CVE-2007-4752 7.5
ssh in OpenSSH before 4.7 does not properly handle when an untrusted cookie cannot be created and uses a trusted X11 cookie instead, which allows attackers to violate intended policy and gain privileges by causing an X client to be treated as trusted
15-10-2018 - 21:37 12-09-2007 - 01:17
CVE-2007-4769 6.8
The regular expression parser in TCL before 8.4.17, as used in PostgreSQL 8.2 before 8.2.6, 8.1 before 8.1.11, 8.0 before 8.0.15, and 7.4 before 7.4.19, allows remote authenticated users to cause a denial of service (backend crash) via an out-of-boun
15-10-2018 - 21:37 09-01-2008 - 21:46
CVE-2007-4768 6.8
Heap-based buffer overflow in Perl-Compatible Regular Expression (PCRE) library before 7.3 allows context-dependent attackers to execute arbitrary code via a singleton Unicode sequence in a character class in a regex pattern, which is incorrectly opt
15-10-2018 - 21:37 07-11-2007 - 23:46
CVE-2007-4727 6.8
Buffer overflow in the fcgi_env_add function in mod_proxy_backend_fastcgi.c in the mod_fastcgi extension in lighttpd before 1.4.18 allows remote attackers to overwrite arbitrary CGI variables and execute arbitrary code via an HTTP request with a long
15-10-2018 - 21:37 12-09-2007 - 19:17
CVE-2007-4766 7.5
Multiple integer overflows in Perl-Compatible Regular Expression (PCRE) library before 7.3 allow context-dependent attackers to cause a denial of service (crash) or execute arbitrary code via unspecified escape (backslash) sequences.
15-10-2018 - 21:37 07-11-2007 - 23:46
CVE-2007-4770 6.8
libicu in International Components for Unicode (ICU) 3.8.1 and earlier attempts to process backreferences to the nonexistent capture group zero (aka \0), which might allow context-dependent attackers to read from, or write to, out-of-bounds memory lo
15-10-2018 - 21:37 29-01-2008 - 00:00
CVE-2007-4767 5.0
Perl-Compatible Regular Expression (PCRE) library before 7.3 does not properly compute the length of (1) a \p sequence, (2) a \P sequence, or (3) a \P{x} sequence, which allows context-dependent attackers to cause a denial of service (infinite loop o
15-10-2018 - 21:37 07-11-2007 - 23:46
CVE-2007-4573 7.2
The IA32 system call emulation functionality in Linux kernel 2.4.x and 2.6.x before 2.6.22.7, when running on the x86_64 architecture, does not zero extend the eax register after the 32bit entry path to ptrace is used, which might allow local users t
15-10-2018 - 21:36 24-09-2007 - 22:17
CVE-2007-4560 7.6
clamav-milter in ClamAV before 0.91.2, when run in black hole mode, allows remote attackers to execute arbitrary commands via shell metacharacters that are used in a certain popen call, involving the "recipient field of sendmail."
15-10-2018 - 21:36 28-08-2007 - 01:17
CVE-2007-4400 6.8
CRLF injection vulnerability in the included media script in Konversation allows user-assisted remote attackers to execute arbitrary IRC commands via CRLF sequences in the name of the song in a .mp3 file.
15-10-2018 - 21:35 18-08-2007 - 21:17
CVE-2007-4138 6.9
The Winbind nss_info extension (nsswitch/idmap_ad.c) in idmap_ad.so in Samba 3.0.25 through 3.0.25c, when the "winbind nss info" option is set to rfc2307 or sfu, grants all local users the privileges of gid 0 when the (1) RFC2307 or (2) Services for
15-10-2018 - 21:33 14-09-2007 - 01:17
CVE-2007-4131 6.8
Directory traversal vulnerability in the contains_dot_dot function in src/names.c in GNU tar allows user-assisted remote attackers to overwrite arbitrary files via certain //.. (slash slash dot dot) sequences in directory symlinks in a TAR archive.
15-10-2018 - 21:33 25-08-2007 - 00:17
CVE-2007-4224 4.3
KDE Konqueror 3.5.7 allows remote attackers to spoof the URL address bar by calling setInterval with a small interval and changing the window.location property.
15-10-2018 - 21:33 08-08-2007 - 21:17
CVE-2007-4134 6.8
Directory traversal vulnerability in extract.c in star before 1.5a84 allows user-assisted remote attackers to overwrite arbitrary files via certain //.. (slash slash dot dot) sequences in directory symlinks in a TAR archive.
15-10-2018 - 21:33 30-08-2007 - 22:17
CVE-2007-4033 7.5
Buffer overflow in the intT1_EnvGetCompletePath function in lib/t1lib/t1env.c in t1lib 5.1.1 allows context-dependent attackers to execute arbitrary code via a long FileName parameter. NOTE: this issue was originally reported to be in the imagepsloa
15-10-2018 - 21:32 27-07-2007 - 22:30
CVE-2007-3844 4.3
Mozilla Firefox 2.0.0.5, Thunderbird 2.0.0.5 and before 1.5.0.13, and SeaMonkey 1.1.3 allows remote attackers to conduct cross-site scripting (XSS) attacks with chrome privileges via an addon that inserts a (1) javascript: or (2) data: link into an a
15-10-2018 - 21:31 08-08-2007 - 01:17
CVE-2007-3820 2.6
konqueror/konq_combo.cc in Konqueror 3.5.7 allows remote attackers to spoof the data: URI scheme in the address bar via a long URI with trailing whitespace, which prevents the beginning of the URI from being displayed.
15-10-2018 - 21:31 17-07-2007 - 01:30
CVE-2007-3511 4.3
The focus handling for the onkeydown event in Mozilla Firefox 1.5.0.12, 2.0.0.4 and other versions before 2.0.0.8, and SeaMonkey before 1.1.5 allows remote attackers to change field focus and copy keystrokes via the "for" attribute in a label, which
15-10-2018 - 21:29 03-07-2007 - 10:30
CVE-2009-0217 5.0
The design of the W3C XML Signature Syntax and Processing (XMLDsig) recommendation, as implemented in products including (1) the Oracle Security Developer Tools component in Oracle Application Server 10.1.2.3, 10.1.3.4, and 10.1.4.3IM; (2) the WebLog
12-10-2018 - 21:49 14-07-2009 - 23:30
CVE-2009-0196 9.3
Heap-based buffer overflow in the big2_decode_symbol_dict function (jbig2_symbol_dict.c) in the JBIG2 decoding library (jbig2dec) in Ghostscript 8.64, and probably earlier versions, allows remote attackers to execute arbitrary code via a PDF file wit
11-10-2018 - 21:00 16-04-2009 - 15:12
CVE-2009-0159 6.8
Stack-based buffer overflow in the cookedprint function in ntpq/ntpq.c in ntpq in NTP before 4.2.4p7-RC2 allows remote NTP servers to execute arbitrary code via a crafted response.
11-10-2018 - 21:00 14-04-2009 - 15:30
CVE-2009-0135 9.3
Multiple integer overflows in the Audible::Tag::readTag function in metadata/audible/audibletag.cpp in Amarok 1.4.10 through 2.0.1 allow remote attackers to execute arbitrary code via an Audible Audio (.aa) file with a large (1) nlen or (2) vlen Tag
11-10-2018 - 20:59 16-01-2009 - 18:30
CVE-2009-0136 9.3
Multiple array index errors in the Audible::Tag::readTag function in metadata/audible/audibletag.cpp in Amarok 1.4.10 through 2.0.1 allow remote attackers to cause a denial of service (application crash) or execute arbitrary code via an Audible Audio
11-10-2018 - 20:59 16-01-2009 - 18:30
CVE-2009-0025 6.8
BIND 9.6.0, 9.5.1, 9.5.0, 9.4.3, and earlier does not properly check the return value from the OpenSSL DSA_verify function, which allows remote attackers to bypass validation of the certificate chain via a malformed SSL/TLS signature, a similar vulne
11-10-2018 - 20:58 07-01-2009 - 17:30
CVE-2008-6679 5.0
Buffer overflow in the BaseFont writer module in Ghostscript 8.62, and possibly other versions, allows remote attackers to cause a denial of service (ps2pdf crash) and possibly execute arbitrary code via a crafted Postscript file.
11-10-2018 - 20:57 08-04-2009 - 16:30
CVE-2008-5658 7.5
Directory traversal vulnerability in the ZipArchive::extractTo function in PHP 5.2.6 and earlier allows context-dependent attackers to write arbitrary files via a ZIP file with a file whose name contains .. (dot dot) sequences.
11-10-2018 - 20:56 17-12-2008 - 20:30
CVE-2008-5557 10.0
Heap-based buffer overflow in ext/mbstring/libmbfl/filters/mbfilter_htmlent.c in the mbstring extension in PHP 4.3.0 through 5.2.6 allows context-dependent attackers to execute arbitrary code via a crafted string containing an HTML entity, which is n
11-10-2018 - 20:56 23-12-2008 - 18:30
CVE-2008-5619 10.0
html2text.php in Chuggnutt HTML to Text Converter, as used in PHPMailer before 5.2.10, RoundCube Webmail (roundcubemail) 0.2-1.alpha and 0.2-3.beta, Mahara, and AtMail Open 1.03, allows remote attackers to execute arbitrary code via crafted input tha
11-10-2018 - 20:56 17-12-2008 - 02:30
CVE-2008-5660 6.8
Format string vulnerability in the vinagre_utils_show_error function (src/vinagre-utils.c) in Vinagre 0.5.x before 0.5.2 and 2.x before 2.24.2 might allow remote attackers to execute arbitrary code via format string specifiers in a crafted URI or VNC
11-10-2018 - 20:56 17-12-2008 - 20:30
CVE-2008-5182 6.9
The inotify functionality in Linux kernel 2.6 before 2.6.28-rc5 might allow local users to gain privileges via unknown vectors related to race conditions in inotify watch removal and umount.
11-10-2018 - 20:54 21-11-2008 - 02:30
CVE-2008-5233 4.3
xine-lib 1.1.12, and other versions before 1.1.15, does not check for failure of malloc in circumstances including (1) the mymng_process_header function in demux_mng.c, (2) the open_mod_file function in demux_mod.c, and (3) frame_buffer allocation in
11-10-2018 - 20:54 26-11-2008 - 01:30
CVE-2008-5234 9.3
Multiple heap-based buffer overflows in xine-lib 1.1.12, and other versions before 1.1.15, allow remote attackers to execute arbitrary code via vectors related to (1) a crafted metadata atom size processed by the parse_moov_atom function in demux_qt.
11-10-2018 - 20:54 26-11-2008 - 01:30
CVE-2008-5247 4.3
The real_parse_audio_specific_data function in demux_real.c in xine-lib 1.1.12, and other 1.1.15 and earlier versions, uses an untrusted height (aka codec_data_length) value as a divisor, which allow remote attackers to cause a denial of service (div
11-10-2018 - 20:54 26-11-2008 - 01:30
CVE-2008-5242 6.8
demux_qt.c in xine-lib 1.1.12, and other 1.1.15 and earlier versions, does not validate the count field before calling calloc for STSD_ATOM atom allocation, which allows remote attackers to cause a denial of service (crash) or possibly execute arbitr
11-10-2018 - 20:54 26-11-2008 - 01:30
CVE-2008-5079 4.9
net/atm/svc.c in the ATM subsystem in the Linux kernel 2.6.27.8 and earlier allows local users to cause a denial of service (kernel infinite loop) by making two calls to svc_listen for the same socket, and then reading a /proc/net/atm/*vc file, relat
11-10-2018 - 20:54 09-12-2008 - 00:30
CVE-2008-5238 7.1
Integer overflow in the real_parse_mdpr function in demux_real.c in xine-lib 1.1.12, and other versions before 1.1.15, allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted stream_name_size fiel
11-10-2018 - 20:54 26-11-2008 - 01:30
CVE-2008-5241 4.3
Integer underflow in demux_qt.c in xine-lib 1.1.12, and other 1.1.15 and earlier versions, allows remote attackers to cause a denial of service (crash) via a crafted media file that results in a small value of moov_atom_size in a compressed MOV (aka
11-10-2018 - 20:54 26-11-2008 - 01:30
CVE-2008-5240 4.3
xine-lib 1.1.12, and other 1.1.15 and earlier versions, relies on an untrusted input value to determine the memory allocation and does not check the result for (1) the MATROSKA_ID_TR_CODECPRIVATE track entry element processed by demux_matroska.c; and
11-10-2018 - 20:54 26-11-2008 - 01:30
CVE-2008-5243 4.3
The real_parse_headers function in demux_real.c in xine-lib 1.1.12, and other 1.1.15 and earlier versions, relies on an untrusted input length value to "reindex into an allocated buffer," which allows remote attackers to cause a denial of service (cr
11-10-2018 - 20:54 26-11-2008 - 01:30
CVE-2008-5300 4.9
Linux kernel 2.6.28 allows local users to cause a denial of service ("soft lockup" and process loss) via a large number of sendmsg function calls, which does not block during AF_UNIX garbage collection and triggers an OOM condition, a different vulne
11-10-2018 - 20:54 01-12-2008 - 17:30
CVE-2008-5236 9.3
Multiple heap-based buffer overflows in xine-lib 1.1.12, and other 1.1.15 and earlier versions, allow remote attackers to execute arbitrary code via vectors related to (1) a crafted EBML element length processed by the parse_block_group function in d
11-10-2018 - 20:54 26-11-2008 - 01:30
CVE-2008-5239 4.3
xine-lib 1.1.12, and other 1.1.15 and earlier versions, does not properly handle (a) negative and (b) zero values during unspecified read function calls in input_file.c, input_net.c, input_smb.c, and input_http.c, which allows remote attackers to cau
11-10-2018 - 20:54 26-11-2008 - 01:30
CVE-2008-5237 10.0
Multiple integer overflows in xine-lib 1.1.12, and other 1.1.15 and earlier versions, allow remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via (1) crafted width and height values that are not validated by the
11-10-2018 - 20:54 26-11-2008 - 01:30
CVE-2008-5050 9.3
Off-by-one error in the get_unicode_name function (libclamav/vba_extract.c) in Clam Anti-Virus (ClamAV) before 0.94.1 allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted VBA project file, whic
11-10-2018 - 20:53 13-11-2008 - 02:30
CVE-2008-4775 2.6
Cross-site scripting (XSS) vulnerability in pmd_pdf.php in phpMyAdmin 3.0.0, and possibly other versions including 2.11.9.2 and 3.0.1, when register_globals is enabled, allows remote attackers to inject arbitrary web script or HTML via the db paramet
11-10-2018 - 20:52 28-10-2008 - 19:46
CVE-2008-4306 9.3
Buffer overflow in enscript before 1.6.4 has unknown impact and attack vectors, possibly related to the font escape sequence.
11-10-2018 - 20:51 04-11-2008 - 21:00
CVE-2008-4106 5.1
WordPress before 2.6.2 does not properly handle MySQL warnings about insertion of username strings that exceed the maximum column width of the user_login column, and does not properly handle space characters when comparing usernames, which allows rem
11-10-2018 - 20:50 18-09-2008 - 17:59
CVE-2008-3933 3.3
Wireshark (formerly Ethereal) 0.10.14 through 1.0.2 allows attackers to cause a denial of service (crash) via a packet with crafted zlib-compressed data that triggers an invalid read in the tvb_uncompress function.
11-10-2018 - 20:50 04-09-2008 - 19:41
CVE-2008-3889 2.1
Postfix 2.4 before 2.4.9, 2.5 before 2.5.5, and 2.6 before 2.6-20080902, when used with the Linux 2.6 kernel, leaks epoll file descriptors during execution of "non-Postfix" commands, which allows local users to cause a denial of service (application
11-10-2018 - 20:50 12-09-2008 - 16:56
CVE-2008-3863 7.6
Stack-based buffer overflow in the read_special_escape function in src/psgen.c in GNU Enscript 1.6.1 and 1.6.4 beta, when the -e (aka special escapes processing) option is enabled, allows user-assisted remote attackers to execute arbitrary code via a
11-10-2018 - 20:50 23-10-2008 - 22:00
CVE-2008-3934 3.3
Unspecified vulnerability in Wireshark (formerly Ethereal) 0.99.6 through 1.0.2 allows attackers to cause a denial of service (crash) via a crafted Tektronix .rf5 file.
11-10-2018 - 20:50 04-09-2008 - 19:41
CVE-2008-3916 9.3
Heap-based buffer overflow in the strip_escapes function in signal.c in GNU ed before 1.0 allows context-dependent or user-assisted attackers to execute arbitrary code via a long filename. NOTE: since ed itself does not typically run with special pr
11-10-2018 - 20:50 04-09-2008 - 18:41
CVE-2008-3825 4.4
pam_krb5 2.2.14 in Red Hat Enterprise Linux (RHEL) 5 and earlier, when the existing_ticket option is enabled, uses incorrect privileges when reading a Kerberos credential cache, which allows local users to gain privileges by setting the KRB5CCNAME en
11-10-2018 - 20:49 03-10-2008 - 15:07
CVE-2008-3662 5.0
Gallery before 1.5.9, and 2.x before 2.2.6, does not set the secure flag for the session cookie in an https session, which can cause the cookie to be sent in http requests and make it easier for remote attackers to capture this cookie.
11-10-2018 - 20:49 18-09-2008 - 18:00
CVE-2008-3658 7.5
Buffer overflow in the imageloadfont function in ext/gd/gd.c in PHP 4.4.x before 4.4.9 and PHP 5.2 before 5.2.6-r6 allows context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted font file. Mi
11-10-2018 - 20:49 15-08-2008 - 00:41
CVE-2008-3657 7.5
The dl module in Ruby 1.8.5 and earlier, 1.8.6 through 1.8.6-p286, 1.8.7 through 1.8.7-p71, and 1.9 through r18423 does not check "taintness" of inputs, which allows context-dependent attackers to bypass safe levels and execute dangerous functions by
11-10-2018 - 20:49 13-08-2008 - 01:41
CVE-2008-3660 5.0
PHP 4.4.x before 4.4.9, and 5.x through 5.2.6, when used as a FastCGI module, allows remote attackers to cause a denial of service (crash) via a request with multiple dots preceding the extension, as demonstrated using foo..php. Overview contains a t
11-10-2018 - 20:49 15-08-2008 - 00:41
CVE-2008-3546 7.5
Stack-based buffer overflow in the (1) diff_addremove and (2) diff_change functions in GIT before 1.5.6.4 might allow local users to execute arbitrary code via a PATH whose length is larger than the system's PATH_MAX when running GIT utilities such a
11-10-2018 - 20:48 07-08-2008 - 21:41
CVE-2008-3641 10.0
The Hewlett-Packard Graphics Language (HPGL) filter in CUPS before 1.3.9 allows remote attackers to execute arbitrary code via crafted pen width and pen color opcodes that overwrite arbitrary memory.
11-10-2018 - 20:48 10-10-2008 - 10:30
CVE-2008-3656 7.8
Algorithmic complexity vulnerability in the WEBrick::HTTPUtils.split_header_value function in WEBrick::HTTP::DefaultFileHandler in WEBrick in Ruby 1.8.5 and earlier, 1.8.6 through 1.8.6-p286, 1.8.7 through 1.8.7-p71, and 1.9 through r18423 allows con
11-10-2018 - 20:48 13-08-2008 - 01:41
CVE-2008-3655 7.5
Ruby 1.8.5 and earlier, 1.8.6 through 1.8.6-p286, 1.8.7 through 1.8.7-p71, and 1.9 through r18423 does not properly restrict access to critical variables and methods at various safe levels, which allows context-dependent attackers to bypass intended
11-10-2018 - 20:48 13-08-2008 - 01:41
CVE-2008-3139 5.0
The RTMPT dissector in Wireshark (formerly Ethereal) 0.99.8 through 1.0.0 allows remote attackers to cause a denial of service (crash) via unknown vectors. NOTE: this might be due to a use-after-free error.
11-10-2018 - 20:47 10-07-2008 - 23:41
CVE-2008-3138 5.0
The (1) PANA and (2) KISMET dissectors in Wireshark (formerly Ethereal) 0.99.3 through 1.0.0 allow remote attackers to cause a denial of service (application stop) via unknown vectors.
11-10-2018 - 20:47 10-07-2008 - 23:41
CVE-2008-3146 10.0
Multiple buffer overflows in packet_ncp2222.inc in Wireshark (formerly Ethereal) 0.9.7 through 1.0.2 allow attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a crafted NCP packet that causes an invalid
11-10-2018 - 20:47 02-09-2008 - 14:24
CVE-2008-3141 4.9
Unspecified vulnerability in the RMI dissector in Wireshark (formerly Ethereal) 0.9.5 through 1.0.0 allows remote attackers to read system memory via unspecified vectors.
11-10-2018 - 20:47 10-07-2008 - 23:41
CVE-2008-3145 5.0
The fragment_add_work function in epan/reassemble.c in Wireshark 0.8.19 through 1.0.1 allows remote attackers to cause a denial of service (crash) via a series of fragmented packets with non-sequential fragmentation offset values, which lead to a buf
11-10-2018 - 20:47 16-07-2008 - 18:41
CVE-2008-3264 7.8
The FWDOWNL firmware-download implementation in Asterisk Open Source 1.0.x, 1.2.x before 1.2.30, and 1.4.x before 1.4.21.2; Business Edition A.x.x, B.x.x before B.2.5.4, and C.x.x before C.1.10.3; AsteriskNOW; Appliance Developer Kit 0.x.x; and s800i
11-10-2018 - 20:47 24-07-2008 - 15:41
CVE-2008-3137 4.3
The GSM SMS dissector in Wireshark (formerly Ethereal) 0.99.2 through 1.0.0 allows remote attackers to cause a denial of service (application crash) via unknown vectors.
11-10-2018 - 20:47 10-07-2008 - 23:41
CVE-2008-3263 7.8
The IAX2 protocol implementation in Asterisk Open Source 1.0.x, 1.2.x before 1.2.30, and 1.4.x before 1.4.21.2; Business Edition A.x.x, B.x.x before B.2.5.4, and C.x.x before C.1.10.3; AsteriskNOW; Appliance Developer Kit 0.x.x; and s800i 1.0.x befor
11-10-2018 - 20:47 22-07-2008 - 23:41
CVE-2008-3140 5.0
The syslog dissector in Wireshark (formerly Ethereal) 1.0.0 allows remote attackers to cause a denial of service (application crash) via unknown vectors, possibly related to an "incomplete SS7 MSU syslog encapsulated packet."
11-10-2018 - 20:47 10-07-2008 - 23:41
CVE-2008-2952 5.0
liblber/io.c in OpenLDAP 2.2.4 to 2.4.10 allows remote attackers to cause a denial of service (program termination) via crafted ASN.1 BER datagrams that trigger an assertion error.
11-10-2018 - 20:45 01-07-2008 - 21:41
CVE-2008-2935 7.5
Multiple heap-based buffer overflows in the rc4 (1) encryption (aka exsltCryptoRc4EncryptFunction) and (2) decryption (aka exsltCryptoRc4DecryptFunction) functions in crypto.c in libexslt in libxslt 1.1.8 through 1.1.24 allow context-dependent attack
11-10-2018 - 20:45 01-08-2008 - 14:41
CVE-2008-2950 7.5
The Page destructor in Page.cc in libpoppler in Poppler 0.8.4 and earlier deletes a pageWidgets object even if it is not initialized by a Page constructor, which allows remote attackers to execute arbitrary code via a crafted PDF document.
11-10-2018 - 20:45 07-07-2008 - 23:41
CVE-2008-3102 5.0
Mantis 1.1.x through 1.1.2 and 1.2.x through 1.2.0a2 does not set the secure flag for the session cookie in an https session, which can cause the cookie to be sent in http requests and make it easier for remote attackers to capture this cookie.
11-10-2018 - 20:45 24-09-2008 - 11:42
CVE-2008-2937 1.9
Postfix 2.5 before 2.5.4 and 2.6 before 2.6-20080814 delivers to a mailbox file even when this file is not owned by the recipient, which allows local users to read e-mail messages by creating a mailbox file corresponding to another user's account nam
11-10-2018 - 20:45 18-08-2008 - 19:41
CVE-2008-2809 4.0
Mozilla 1.9 M8 and earlier, Mozilla Firefox 2 before 2.0.0.15, SeaMonkey 1.1.5 and other versions before 1.1.10, Netscape 9.0, and other Mozilla-based web browsers, when a user accepts an SSL server certificate on the basis of the CN domain name in t
11-10-2018 - 20:44 08-07-2008 - 23:41
CVE-2008-2808 4.3
Mozilla Firefox before 2.0.0.15 and SeaMonkey before 1.1.10 do not properly escape HTML in file:// URLs in directory listings, which allows remote attackers to conduct cross-site scripting (XSS) attacks or have unspecified other impact via a crafted
11-10-2018 - 20:44 07-07-2008 - 23:41
CVE-2008-2811 10.0
The block reflow implementation in Mozilla Firefox before 2.0.0.15, Thunderbird 2.0.0.14 and earlier, and SeaMonkey before 1.1.10 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via an image whose di
11-10-2018 - 20:44 07-07-2008 - 23:41
CVE-2008-2810 6.8
Mozilla Firefox before 2.0.0.15 and SeaMonkey before 1.1.10 do not properly identify the context of Windows shortcut files, which allows user-assisted remote attackers to bypass the Same Origin Policy via a crafted web site for which the user has pre
11-10-2018 - 20:44 07-07-2008 - 23:41
CVE-2008-2807 5.0
Mozilla Firefox before 2.0.0.15 and SeaMonkey before 1.1.10 do not properly handle an invalid .properties file for an add-on, which allows remote attackers to read uninitialized memory, as demonstrated by use of ISO 8859 encoding instead of UTF-8 enc
11-10-2018 - 20:44 07-07-2008 - 23:41
CVE-2008-2806 7.5
Mozilla Firefox before 2.0.0.15 and SeaMonkey before 1.1.10 on Mac OS X allow remote attackers to bypass the Same Origin Policy and create arbitrary socket connections via a crafted Java applet, related to the Java Embedding Plugin (JEP) and Java Liv
11-10-2018 - 20:44 07-07-2008 - 23:41
CVE-2008-2798 10.0
Multiple unspecified vulnerabilities in Mozilla Firefox before 2.0.0.15, Thunderbird 2.0.0.14 and earlier, and SeaMonkey before 1.1.10 allow remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via unk
11-10-2018 - 20:43 07-07-2008 - 23:41
CVE-2008-2799 10.0
Multiple unspecified vulnerabilities in Mozilla Firefox before 2.0.0.15, Thunderbird 2.0.0.14 and earlier, and SeaMonkey before 1.1.10 allow remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via unk
11-10-2018 - 20:43 07-07-2008 - 23:41
CVE-2008-2801 7.5
Mozilla Firefox before 2.0.0.15 and SeaMonkey before 1.1.10 do not properly implement JAR signing, which allows remote attackers to execute arbitrary code via (1) injection of JavaScript into documents within a JAR archive or (2) a JAR archive that u
11-10-2018 - 20:43 07-07-2008 - 23:41
CVE-2008-2803 6.8
The mozIJSSubScriptLoader.LoadScript function in Mozilla Firefox before 2.0.0.15, Thunderbird 2.0.0.14 and earlier, and SeaMonkey before 1.1.10 does not apply XPCNativeWrappers to scripts loaded from (1) file: URIs, (2) data: URIs, or (3) certain non
11-10-2018 - 20:43 07-07-2008 - 23:41
CVE-2008-2805 5.0
Mozilla Firefox before 2.0.0.15 and SeaMonkey before 1.1.10 allow remote attackers to force the upload of arbitrary local files from a client computer via vectors involving originalTarget and DOM Range.
11-10-2018 - 20:43 07-07-2008 - 23:41
CVE-2008-2802 7.5
Mozilla Firefox before 2.0.0.15, Thunderbird 2.0.0.14 and earlier, and SeaMonkey before 1.1.10 allow remote attackers to execute arbitrary code via an XUL document that includes a script from a chrome: URI that points to a fastload file, related to t
11-10-2018 - 20:43 07-07-2008 - 23:41
CVE-2008-2800 4.3
Mozilla Firefox before 2.0.0.15 and SeaMonkey before 1.1.10 allow remote attackers to bypass the Same Origin Policy and conduct cross-site scripting (XSS) attacks via vectors involving (1) an event handler attached to an outer window, (2) a SCRIPT el
11-10-2018 - 20:43 07-07-2008 - 23:41
CVE-2008-2785 9.3
Mozilla Firefox before 2.0.0.16 and 3.x before 3.0.1, Thunderbird before 2.0.0.16, and SeaMonkey before 1.1.11 use an incorrect integer data type as a CSS object reference counter in the CSSValue array (aka nsCSSValue:Array) data structure, which all
11-10-2018 - 20:42 19-06-2008 - 21:41
CVE-2008-2426 9.3
Multiple stack-based buffer overflows in Imlib 2 (aka imlib2) 1.4.0 allow user-assisted remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via (1) a PNM image with a crafted header, related to the load function i
11-10-2018 - 20:41 02-06-2008 - 21:30
CVE-2008-2327 6.8
Multiple buffer underflows in the (1) LZWDecode, (2) LZWDecodeCompat, and (3) LZWDecodeVector functions in tif_lzw.c in the LZW decoder in LibTIFF 3.8.2 and earlier allow context-dependent attackers to execute arbitrary code via a crafted TIFF file,
11-10-2018 - 20:40 27-08-2008 - 20:41
CVE-2008-2107 7.5
The GENERATE_SEED macro in PHP 4.x before 4.4.8 and 5.x before 5.2.5, when running on 32-bit systems, performs a multiplication using values that can produce a zero seed in rare circumstances, which allows context-dependent attackers to predict subse
11-10-2018 - 20:39 07-05-2008 - 21:20
CVE-2008-2142 6.8
Emacs 21 and XEmacs automatically load and execute .flc (fast lock) files that are associated with other files that are edited within Emacs, which allows user-assisted attackers to execute arbitrary code.
11-10-2018 - 20:39 12-05-2008 - 19:20
CVE-2008-2051 10.0
The escapeshellcmd API function in PHP before 5.2.6 has unknown impact and context-dependent attack vectors related to "incomplete multibyte chars."
11-10-2018 - 20:38 05-05-2008 - 17:20
CVE-2008-1948 10.0
The _gnutls_server_name_recv_params function in lib/ext_server_name.c in libgnutls in gnutls-serv in GnuTLS before 2.2.4 does not properly calculate the number of Server Names in a TLS 1.0 Client Hello message during extension handling, which allows
11-10-2018 - 20:38 21-05-2008 - 13:24
CVE-2008-1950 5.0
Integer signedness error in the _gnutls_ciphertext2compressed function in lib/gnutls_cipher.c in libgnutls in GnuTLS before 2.2.4 allows remote attackers to cause a denial of service (buffer over-read and crash) via a certain integer value in the Ran
11-10-2018 - 20:38 21-05-2008 - 13:24
CVE-2008-1949 9.3
The _gnutls_recv_client_kx_message function in lib/gnutls_kx.c in libgnutls in gnutls-serv in GnuTLS before 2.2.4 continues to process Client Hello messages within a TLS message after one has already been processed, which allows remote attackers to c
11-10-2018 - 20:38 21-05-2008 - 13:24
CVE-2008-1974 4.3
Cross-site scripting (XSS) vulnerability in addevent.php in Horde Kronolith 2.1.7, Groupware Webmail Edition 1.0.6, and Groupware 1.0.5 allows remote attackers to inject arbitrary web script or HTML via the url parameter.
11-10-2018 - 20:38 27-04-2008 - 19:05
CVE-2008-1927 5.0
Double free vulnerability in Perl 5.8.8 allows context-dependent attackers to cause a denial of service (memory corruption and crash) via a crafted regular expression containing UTF8 characters. NOTE: this issue might only be present on certain oper
11-10-2018 - 20:37 24-04-2008 - 05:05
CVE-2008-1807 7.5
FreeType2 before 2.3.6 allow context-dependent attackers to execute arbitrary code via an invalid "number of axes" field in a Printer Font Binary (PFB) file, which triggers a free of arbitrary memory locations, leading to memory corruption.
11-10-2018 - 20:36 16-06-2008 - 19:41
CVE-2008-1806 7.5
Integer overflow in FreeType2 before 2.3.6 allows context-dependent attackers to execute arbitrary code via a crafted set of 16-bit length values within the Private dictionary table in a Printer Font Binary (PFB) file, which triggers a heap-based buf
11-10-2018 - 20:36 16-06-2008 - 19:41
CVE-2008-1675 7.2
The bdx_ioctl_priv function in the tehuti driver (tehuti.c) in Linux kernel 2.6.x before 2.6.25.1 does not properly check certain information related to register size, which has unspecified impact and local attack vectors, probably related to reading
11-10-2018 - 20:36 02-05-2008 - 16:05
CVE-2008-1686 9.3
Array index vulnerability in Speex 1.1.12 and earlier, as used in libfishsound 0.9.0 and earlier, including Illiminable DirectShow Filters and Annodex Plugins for Firefox, xine-lib before 1.1.12, and many other products, allows remote attackers to ex
11-10-2018 - 20:36 08-04-2008 - 18:05
CVE-2008-1561 5.0
Multiple unspecified vulnerabilities in Wireshark (formerly Ethereal) 0.99.5 through 0.99.8 allow remote attackers to cause a denial of service (application crash) via a malformed packet to the (1) X.509sat or (2) Roofnet dissectors. NOTE: Vector 2
11-10-2018 - 20:35 31-03-2008 - 22:44
CVE-2008-1552 6.8
The silc_pkcs1_decode function in the silccrypt library (silcpkcs1.c) in Secure Internet Live Conferencing (SILC) Toolkit before 1.1.7, SILC Client before 1.1.4, and SILC Server before 1.1.2 allows remote attackers to execute arbitrary code via a cra
11-10-2018 - 20:35 31-03-2008 - 17:44
CVE-2008-1562 5.0
The LDAP dissector in Wireshark (formerly Ethereal) 0.99.2 through 0.99.8 allows remote attackers to cause a denial of service (application crash) via a malformed packet, a different vulnerability than CVE-2006-5740.
11-10-2018 - 20:35 31-03-2008 - 22:44
CVE-2008-1637 6.8
PowerDNS Recursor before 3.1.5 uses insufficient randomness to calculate (1) TRXID values and (2) UDP source port numbers, which makes it easier for remote attackers to poison a DNS cache, related to (a) algorithmic deficiencies in rand and random fu
11-10-2018 - 20:35 02-04-2008 - 17:44
CVE-2008-1563 4.3
The "decode as" feature in packet-bssap.c in the SCCP dissector in Wireshark (formerly Ethereal) 0.99.6 through 0.99.8 allows remote attackers to cause a denial of service (application crash) via a malformed packet.
11-10-2018 - 20:35 31-03-2008 - 22:44
CVE-2008-1482 6.8
Multiple integer overflows in xine-lib 1.1.11 and earlier allow remote attackers to trigger heap-based buffer overflows and possibly execute arbitrary code via (1) a crafted .FLV file, which triggers an overflow in demuxers/demux_flv.c; (2) a crafted
11-10-2018 - 20:34 24-03-2008 - 22:44
CVE-2008-1387 4.3
ClamAV before 0.93 allows remote attackers to cause a denial of service (CPU consumption) via a crafted ARJ archive, as demonstrated by the PROTOS GENOME test suite for Archive Formats.
11-10-2018 - 20:33 16-04-2008 - 16:05
CVE-2008-1390 9.3
The AsteriskGUI HTTP server in Asterisk Open Source 1.4.x before 1.4.19-rc3 and 1.6.x before 1.6.0-beta6, Business Edition C.x.x before C.1.6, AsteriskNOW before 1.0.2, Appliance Developer Kit before revision 104704, and s800i 1.0.x before 1.1.0.2 ge
11-10-2018 - 20:33 24-03-2008 - 17:44
CVE-2008-1382 7.5
libpng 1.0.6 through 1.0.32, 1.2.0 through 1.2.26, and 1.4.0beta01 through 1.4.0beta19 allows context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code via a PNG file with zero length "unknown" chunks, which
11-10-2018 - 20:32 14-04-2008 - 16:05
CVE-2008-1372 4.3
bzlib.c in bzip2 before 1.0.5 allows user-assisted remote attackers to cause a denial of service (crash) via a crafted file that triggers a buffer over-read, as demonstrated by the PROTOS GENOME test suite for Archive Formats.
11-10-2018 - 20:32 18-03-2008 - 21:44
CVE-2008-1373 5.8
Buffer overflow in the gif_read_lzw function in CUPS 1.3.6 allows remote attackers to have an unknown impact via a GIF file with a large code_size value, a similar issue to CVE-2006-4484.
11-10-2018 - 20:32 04-04-2008 - 00:44
CVE-2008-1284 6.0
Directory traversal vulnerability in Horde 3.1.6, Groupware before 1.0.5, and Groupware Webmail Edition before 1.0.6, when running with certain configurations, allows remote authenticated users to read and execute arbitrary files via ".." sequences a
11-10-2018 - 20:31 11-03-2008 - 00:44
CVE-2008-1332 8.8
Unspecified vulnerability in Asterisk Open Source 1.2.x before 1.2.27, 1.4.x before 1.4.18.1 and 1.4.19-rc3; Business Edition A.x.x, B.x.x before B.2.5.1, and C.x.x before C.1.6.2; AsteriskNOW 1.0.x before 1.0.2; Appliance Developer Kit before 1.4 re
11-10-2018 - 20:31 20-03-2008 - 00:44
CVE-2008-1289 7.5
Multiple buffer overflows in Asterisk Open Source 1.4.x before 1.4.18.1 and 1.4.19-rc3, Open Source 1.6.x before 1.6.0-beta6, Business Edition C.x.x before C.1.6.1, AsteriskNOW 1.0.x before 1.0.2, Appliance Developer Kit before 1.4 revision 109386, a
11-10-2018 - 20:31 24-03-2008 - 17:44
CVE-2008-1233 6.8
Unspecified vulnerability in Mozilla Firefox before 2.0.0.13, Thunderbird before 2.0.0.13, and SeaMonkey before 1.1.9 allows remote attackers to execute arbitrary code via "XPCNativeWrapper pollution."
11-10-2018 - 20:30 27-03-2008 - 10:44
CVE-2008-1237 6.8
Multiple unspecified vulnerabilities in Mozilla Firefox before 2.0.0.13, Thunderbird before 2.0.0.13, and SeaMonkey before 1.1.9 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via unknown vectors relat
11-10-2018 - 20:30 27-03-2008 - 10:44
CVE-2008-1235 9.3
Unspecified vulnerability in Mozilla Firefox before 2.0.0.13, Thunderbird before 2.0.0.13, and SeaMonkey before 1.1.9 allows remote attackers to execute arbitrary code via unknown vectors that cause JavaScript to execute with the wrong principal, aka
11-10-2018 - 20:30 27-03-2008 - 10:44
CVE-2008-1218 6.8
Argument injection vulnerability in Dovecot 1.0.x before 1.0.13, and 1.1.x before 1.1.rc3, when using blocking passdbs, allows remote attackers to bypass the password check via a password containing TAB characters, which are treated as argument delim
11-10-2018 - 20:30 10-03-2008 - 23:44
CVE-2008-1234 4.3
Cross-site scripting (XSS) vulnerability in Mozilla Firefox before 2.0.0.13, Thunderbird before 2.0.0.13, and SeaMonkey before 1.1.9 allows remote attackers to inject arbitrary web script or HTML via event handlers, aka "Universal XSS using event han
11-10-2018 - 20:30 27-03-2008 - 10:44
CVE-2008-1236 6.8
Multiple unspecified vulnerabilities in Mozilla Firefox before 2.0.0.13, Thunderbird before 2.0.0.13, and SeaMonkey before 1.1.9 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via unknown vectors relat
11-10-2018 - 20:30 27-03-2008 - 10:44
CVE-2008-1199 4.4
Dovecot before 1.0.11, when configured to use mail_extra_groups to allow Dovecot to create dotlocks in /var/mail, might allow local users to read sensitive mail files for other users, or modify files or directories that are writable by group, via a s
11-10-2018 - 20:30 06-03-2008 - 21:44
CVE-2008-1111 5.0
mod_cgi in lighttpd 1.4.18 sends the source code of CGI scripts instead of a 500 error when a fork failure occurs, which might allow remote attackers to obtain sensitive information.
11-10-2018 - 20:29 04-03-2008 - 23:44
CVE-2008-1072 4.7
The TFTP dissector in Wireshark (formerly Ethereal) 0.6.0 through 0.99.7, when running on Ubuntu 7.10, allows remote attackers to cause a denial of service (crash or memory consumption) via a malformed packet, possibly related to a Cairo library bug.
11-10-2018 - 20:29 28-02-2008 - 22:44
CVE-2008-1136 9.3
The Utils::runScripts function in src/utils.cpp in vdccm 0.92 through 0.10.0 in SynCE (SynCE-dccm) allows remote attackers to execute arbitrary commands via shell metacharacters in a certain string to TCP port 5679.
11-10-2018 - 20:29 04-03-2008 - 19:44
CVE-2008-1071 4.3
The SNMP dissector in Wireshark (formerly Ethereal) 0.99.6 through 0.99.7 allows remote attackers to cause a denial of service (crash) via a malformed packet.
11-10-2018 - 20:29 28-02-2008 - 22:44
CVE-2008-1070 5.0
The SCTP dissector in Wireshark (formerly Ethereal) 0.99.5 through 0.99.7 allows remote attackers to cause a denial of service (crash) via a malformed packet.
11-10-2018 - 20:29 28-02-2008 - 22:44
CVE-2010-3614 6.4
named in ISC BIND 9.x before 9.6.2-P3, 9.7.x before 9.7.2-P3, 9.4-ESV before 9.4-ESV-R4, and 9.6-ESV before 9.6-ESV-R3 does not properly determine the security status of an NS RRset during a DNSKEY algorithm rollover, which might allow remote attacke
10-10-2018 - 20:04 06-12-2010 - 13:44
CVE-2010-3573 5.1
Unspecified vulnerability in the Networking component in Oracle Java SE and Java for Business 6 Update 21 and 5.0 Update 25 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous inform
10-10-2018 - 20:04 19-10-2010 - 22:00
CVE-2010-3613 4.0
named in ISC BIND 9.6.2 before 9.6.2-P3, 9.6-ESV before 9.6-ESV-R3, and 9.7.x before 9.7.2-P3 does not properly handle the combination of signed negative responses and corresponding RRSIG records in the cache, which allows remote attackers to cause a
10-10-2018 - 20:04 06-12-2010 - 13:44
CVE-2010-3567 10.0
Unspecified vulnerability in the 2D component in Oracle Java SE and Java for Business 6 Update 21, and 5.0 Update 25 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information w
10-10-2018 - 20:04 19-10-2010 - 22:00
CVE-2010-3561 7.5
Unspecified vulnerability in the CORBA component in Oracle Java SE and Java for Business 6 Update 21 and 5.0 Update 25 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information
10-10-2018 - 20:03 19-10-2010 - 22:00
CVE-2010-2956 6.2
Sudo 1.7.0 through 1.7.4p3, when a Runas group is configured, does not properly handle use of the -u option in conjunction with the -g option, which allows local users to gain privileges via a command line containing a "-u root" sequence.
10-10-2018 - 20:00 10-09-2010 - 19:00
CVE-2010-2574 2.1
Cross-site scripting (XSS) vulnerability in manage_proj_cat_add.php in MantisBT 1.2.2 allows remote authenticated administrators to inject arbitrary web script or HTML via the name parameter in an Add Category action. Per: http://secunia.com/secunia_
10-10-2018 - 19:59 10-08-2010 - 12:23
CVE-2010-2575 6.8
Heap-based buffer overflow in the RLE decompression functionality in the TranscribePalmImageToJPEG function in generators/plucker/inplug/image.cpp in Okular in KDE SC 4.3.0 through 4.5.0 allows remote attackers to cause a denial of service (applicati
10-10-2018 - 19:59 30-08-2010 - 21:00
CVE-2010-2251 7.5
The get1 command, as used by lftpget, in LFTP before 4.0.6 does not properly validate a server-provided filename before determining the destination filename of a download, which allows remote servers to create or overwrite arbitrary files via a Conte
10-10-2018 - 19:59 06-07-2010 - 17:17
CVE-2010-2024 4.4
transports/appendfile.c in Exim before 4.72, when MBX locking is enabled, allows local users to change permissions of arbitrary files or create arbitrary files, and cause a denial of service or possibly gain privileges, via a symlink attack on a lock
10-10-2018 - 19:58 07-06-2010 - 17:12
CVE-2010-2023 4.4
transports/appendfile.c in Exim before 4.72, when a world-writable sticky-bit mail directory is used, does not verify the st_nlink field of mailbox files, which allows local users to cause a denial of service or possibly gain privileges by creating a
10-10-2018 - 19:58 07-06-2010 - 17:12
CVE-2010-1512 4.3
Directory traversal vulnerability in aria2 before 1.9.3 allows remote attackers to create arbitrary files via directory traversal sequences in the name attribute of a file element in a metalink file.
10-10-2018 - 19:57 17-05-2010 - 21:00
CVE-2010-1646 6.2
The secure path feature in env.c in sudo 1.3.1 through 1.6.9p22 and 1.7.0 through 1.7.2p6 does not properly handle an environment that contains multiple PATH variables, which might allow local users to gain privileges via a crafted value of the last
10-10-2018 - 19:57 07-06-2010 - 17:12
CVE-2010-1511 6.4
KGet 2.4.2 in KDE SC 4.0.0 through 4.4.3 does not properly request download confirmation from the user, which makes it easier for remote attackers to overwrite arbitrary files via a crafted metalink file.
10-10-2018 - 19:57 17-05-2010 - 21:00
CVE-2010-1224 4.3
main/acl.c in Asterisk Open Source 1.6.0.x before 1.6.0.25, 1.6.1.x before 1.6.1.17, and 1.6.2.x before 1.6.2.5 does not properly enforce remote host access controls when CIDR notation "/0" is used in permit= and deny= configuration rules, which caus
10-10-2018 - 19:56 01-04-2010 - 21:30
CVE-2010-1199 9.3
Integer overflow in the XSLT node sorting implementation in Mozilla Firefox 3.5.x before 3.5.10 and 3.6.x before 3.6.4, Thunderbird before 3.0.5, and SeaMonkey before 2.0.5 allows remote attackers to execute arbitrary code via a large text value for
10-10-2018 - 19:56 24-06-2010 - 12:30
CVE-2010-1125 5.8
The JavaScript implementation in Mozilla Firefox 3.x before 3.5.10 and 3.6.x before 3.6.4, and SeaMonkey before 2.0.5, allows remote attackers to send selected keystrokes to a form field in a hidden frame, instead of the intended form field in a visi
10-10-2018 - 19:55 26-03-2010 - 20:30
CVE-2010-1163 6.9
The command matching functionality in sudo 1.6.8 through 1.7.2p5 does not properly handle when a file in the current working directory has the same name as a pseudo-command in the sudoers file and the PATH contains an entry for ".", which allows loca
10-10-2018 - 19:55 16-04-2010 - 19:30
CVE-2010-1000 5.8
Directory traversal vulnerability in KGet in KDE SC 4.0.0 through 4.4.3 allows remote attackers to create arbitrary files via directory traversal sequences in the name attribute of a file element in a metalink file. Per: http://www.kde.org/info/secur
10-10-2018 - 19:55 17-05-2010 - 21:00
CVE-2010-0624 6.8
Heap-based buffer overflow in the rmt_read__ function in lib/rtapelib.c in the rmt client functionality in GNU tar before 1.23 and GNU cpio before 2.11 allows remote rmt servers to cause a denial of service (memory corruption) or possibly execute arb
10-10-2018 - 19:53 15-03-2010 - 13:28
CVE-2010-0788 4.4
ncpfs 2.2.6 allows local users to cause a denial of service, obtain sensitive information, or possibly gain privileges via symlink attacks involving the (1) ncpmount and (2) ncpumount programs.
10-10-2018 - 19:53 02-03-2010 - 18:30
CVE-2010-0734 6.8
content_encoding.c in libcurl 7.10.5 through 7.19.7, when zlib is enabled, does not properly restrict the amount of callback data sent to an application that requests automatic decompression, which might allow remote attackers to cause a denial of se
10-10-2018 - 19:53 19-03-2010 - 19:30
CVE-2010-0792 1.9
fcrontab in fcron before 3.0.5 allows local users to read arbitrary files via a symlink attack on an unspecified file.
10-10-2018 - 19:53 05-03-2010 - 19:30
CVE-2010-0622 2.1
The wake_futex_pi function in kernel/futex.c in the Linux kernel before 2.6.33-rc7 does not properly handle certain unlock operations for a Priority Inheritance (PI) futex, which allows local users to cause a denial of service (OOPS) and possibly hav
10-10-2018 - 19:53 15-02-2010 - 18:30
CVE-2010-0685 5.0
The design of the dialplan functionality in Asterisk Open Source 1.2.x, 1.4.x, and 1.6.x; and Asterisk Business Edition B.x.x and C.x.x, when using the ${EXTEN} channel variable and wildcard pattern matches, allows context-dependent attackers to inje
10-10-2018 - 19:53 23-02-2010 - 20:30
CVE-2010-0426 6.9
sudo 1.6.x before 1.6.9p21 and 1.7.x before 1.7.2p4, when a pseudo-command is enabled, permits a match between the name of the pseudo-command and the name of an executable file in an arbitrary directory, which allows local users to gain privileges vi
10-10-2018 - 19:52 24-02-2010 - 18:30
CVE-2010-0405 5.1
Integer overflow in the BZ2_decompress function in decompress.c in bzip2 and libbzip2 before 1.0.6 allows context-dependent attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted compressed file.
10-10-2018 - 19:52 28-09-2010 - 18:00
CVE-2010-0441 5.0
Asterisk Open Source 1.6.0.x before 1.6.0.22, 1.6.1.x before 1.6.1.14, and 1.6.2.x before 1.6.2.2, and Business Edition C.3 before C.3.3.2, allows remote attackers to cause a denial of service (daemon crash) via an SIP T.38 negotiation with an SDP Fa
10-10-2018 - 19:52 04-02-2010 - 20:15
CVE-2010-0160 10.0
The Web Worker functionality in Mozilla Firefox 3.0.x before 3.0.18 and 3.5.x before 3.5.8, and SeaMonkey before 2.0.3, does not properly handle array data types for posted messages, which allows remote attackers to cause a denial of service (heap me
10-10-2018 - 19:51 22-02-2010 - 13:00
CVE-2010-0119 2.1
Bournal before 1.4.1 on FreeBSD 8.0, when the -K option is used, places a ccrypt key on the command line, which allows local users to obtain sensitive information by listing the process and its arguments, related to "echoing."
10-10-2018 - 19:51 25-02-2010 - 00:30
CVE-2010-0118 3.3
Bournal before 1.4.1 allows local users to overwrite arbitrary files via a symlink attack on unspecified temporary files associated with a --hack_the_gibson update check.
10-10-2018 - 19:51 25-02-2010 - 00:30
CVE-2010-0132 2.6
Cross-site scripting (XSS) vulnerability in ViewVC 1.1 before 1.1.5 and 1.0 before 1.0.11, when the regular expression search functionality is enabled, allows remote attackers to inject arbitrary web script or HTML via vectors related to "search_re i
10-10-2018 - 19:51 31-03-2010 - 18:00
CVE-2009-4496 5.0
Boa 0.94.14rc21 writes data to a log file without sanitizing non-printable characters, which might allow remote attackers to modify a window's title, or possibly execute arbitrary commands or overwrite files, via an HTTP request containing an escape
10-10-2018 - 19:49 13-01-2010 - 20:30
CVE-2009-4009 10.0
Buffer overflow in PowerDNS Recursor before 3.1.7.2 allows remote attackers to cause a denial of service (daemon crash) or possibly execute arbitrary code via crafted packets.
10-10-2018 - 19:48 08-01-2010 - 17:30
CVE-2009-4055 5.0
rtp.c in Asterisk Open Source 1.2.x before 1.2.37, 1.4.x before 1.4.27.1, 1.6.0.x before 1.6.0.19, and 1.6.1.x before 1.6.1.11; Business Edition B.x.x before B.2.5.13, C.2.x.x before C.2.4.6, and C.3.x.x before C.3.2.3; and s800i 1.3.x before 1.3.0.6
10-10-2018 - 19:48 02-12-2009 - 11:30
CVE-2009-4034 5.8
PostgreSQL 7.4.x before 7.4.27, 8.0.x before 8.0.23, 8.1.x before 8.1.19, 8.2.x before 8.2.15, 8.3.x before 8.3.9, and 8.4.x before 8.4.2 does not properly handle a '\0' character in a domain name in the subject's Common Name (CN) field of an X.509 c
10-10-2018 - 19:48 15-12-2009 - 18:30
CVE-2009-4010 7.5
Unspecified vulnerability in PowerDNS Recursor before 3.1.7.2 allows remote attackers to spoof DNS data via crafted zones.
10-10-2018 - 19:48 08-01-2010 - 17:30
CVE-2009-4136 6.5
PostgreSQL 7.4.x before 7.4.27, 8.0.x before 8.0.23, 8.1.x before 8.1.19, 8.2.x before 8.2.15, 8.3.x before 8.3.9, and 8.4.x before 8.4.2 does not properly manage session-local state during execution of an index function by a database superuser, whic
10-10-2018 - 19:48 15-12-2009 - 18:30
CVE-2009-3994 9.3
Stack-based buffer overflow in the GetUID function in src-IL/src/il_dicom.c in DevIL 1.7.8 allows remote attackers to cause a denial of service (application crash) or execute arbitrary code via a crafted DICOM file.
10-10-2018 - 19:47 08-12-2009 - 17:30
CVE-2009-3637 10.0
Stack-based buffer overflow in the M_AddToServerList function in client/menu.c in Red Planet Arena Alien Arena 7.30 allows remote attackers to execute arbitrary code via a packet with a crafted server description to UDP port 27901 followed by a packe
10-10-2018 - 19:47 13-01-2010 - 11:30
CVE-2009-3230 6.5
The core server component in PostgreSQL 8.4 before 8.4.1, 8.3 before 8.3.8, 8.2 before 8.2.14, 8.1 before 8.1.18, 8.0 before 8.0.22, and 7.4 before 7.4.26 does not use the appropriate privileges for the (1) RESET ROLE and (2) RESET SESSION AUTHORIZAT
10-10-2018 - 19:43 17-09-2009 - 10:30
CVE-2009-3229 4.0
The core server component in PostgreSQL 8.4 before 8.4.1, 8.3 before 8.3.8, and 8.2 before 8.2.14 allows remote authenticated users to cause a denial of service (backend shutdown) by "re-LOAD-ing" libraries from a certain plugins directory.
10-10-2018 - 19:43 17-09-2009 - 10:30
CVE-2009-2847 4.9
The do_sigaltstack function in kernel/signal.c in Linux kernel 2.4 through 2.4.37 and 2.6 before 2.6.31-rc5, when running on 64-bit systems, does not clear certain padding bytes from a structure, which allows local users to obtain sensitive informati
10-10-2018 - 19:42 18-08-2009 - 21:00
CVE-2009-2813 6.0
Samba 3.4 before 3.4.2, 3.3 before 3.3.8, 3.2 before 3.2.15, and 3.0.12 through 3.0.36, as used in the SMB subsystem in Apple Mac OS X 10.5.8 when Windows File Sharing is enabled, Fedora 11, and other operating systems, does not properly handle error
10-10-2018 - 19:42 14-09-2009 - 16:30
CVE-2009-2671 5.0
The SOCKS proxy implementation in Sun Java Runtime Environment (JRE) in JDK and JRE 6 before Update 15, and JDK and JRE 5.0 before Update 20, allows remote attackers to discover the username of the account that invoked an untrusted (1) applet or (2)
10-10-2018 - 19:41 05-08-2009 - 19:30
CVE-2009-2670 5.0
The audio system in Sun Java Runtime Environment (JRE) in JDK and JRE 6 before Update 15, and JDK and JRE 5.0 before Update 20, does not prevent access to java.lang.System properties by (1) untrusted applets and (2) Java Web Start applications, which
10-10-2018 - 19:41 05-08-2009 - 19:30
CVE-2009-2675 10.0
Integer overflow in the unpack200 utility in Sun Java Runtime Environment (JRE) in JDK and JRE 6 before Update 15, and JDK and JRE 5.0 before Update 20, allows context-dependent attackers to gain privileges via unspecified length fields in the header
10-10-2018 - 19:41 05-08-2009 - 19:30
CVE-2009-2673 7.5
The proxy mechanism implementation in Sun Java Runtime Environment (JRE) in JDK and JRE 6 before Update 15, and JDK and JRE 5.0 before Update 20, allows remote attackers to bypass intended access restrictions and connect to arbitrary sites via unspec
10-10-2018 - 19:41 05-08-2009 - 19:30
CVE-2009-2479 7.8
Mozilla Firefox 3.0.x, 3.5, and 3.5.1 on Windows allows remote attackers to cause a denial of service (uncaught exception and application crash) via a long Unicode string argument to the write method. NOTE: this was originally reported as a stack-bas
10-10-2018 - 19:40 16-07-2009 - 15:30
CVE-2009-2537 4.3
KDE Konqueror allows remote attackers to cause a denial of service (memory consumption) via a large integer value for the length property of a Select object, a related issue to CVE-2009-1692.
10-10-2018 - 19:40 20-07-2009 - 18:30
CVE-2009-2334 4.9
wp-admin/admin.php in WordPress and WordPress MU before 2.8.1 does not require administrative authentication to access the configuration of a plugin, which allows remote attackers to specify a configuration file in the page parameter to obtain sensit
10-10-2018 - 19:39 10-07-2009 - 21:00
CVE-2009-2347 9.3
Multiple integer overflows in inter-color spaces conversion tools in libtiff 3.8 through 3.8.2, 3.9, and 4.0 allow context-dependent attackers to execute arbitrary code via a TIFF image with large (1) width and (2) height values, which triggers a hea
10-10-2018 - 19:39 14-07-2009 - 20:30
CVE-2009-1882 9.3
Integer overflow in the XMakeImage function in magick/xwindow.c in ImageMagick 6.5.2-8, and GraphicsMagick, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted TIFF file, which triggers a buf
10-10-2018 - 19:38 02-06-2009 - 15:30
CVE-2009-1629 6.8
ajaxterm.js in AjaxTerm 0.10 and earlier generates session IDs with predictable random numbers based on certain JavaScript functions, which makes it easier for remote attackers to (1) hijack a session or (2) cause a denial of service (session ID exha
10-10-2018 - 19:37 14-05-2009 - 17:30
CVE-2009-1571 10.0
Use-after-free vulnerability in the HTML parser in Mozilla Firefox 3.0.x before 3.0.18 and 3.5.x before 3.5.8, Thunderbird before 3.0.2, and SeaMonkey before 2.0.3 allows remote attackers to execute arbitrary code via unspecified method calls that at
10-10-2018 - 19:37 22-02-2010 - 13:00
CVE-2009-1439 7.8
Buffer overflow in fs/cifs/connect.c in CIFS in the Linux kernel 2.6.29 and earlier allows remote attackers to cause a denial of service (crash) via a long nativeFileSystem field in a Tree Connect response to an SMB mount request.
10-10-2018 - 19:36 27-04-2009 - 18:00
CVE-2009-1337 4.4
The exit_notify function in kernel/exit.c in the Linux kernel before 2.6.30-rc1 does not restrict exit signals when the CAP_KILL capability is held, which allows local users to send an arbitrary signal to a process by running a program that modifies
10-10-2018 - 19:36 22-04-2009 - 15:30
CVE-2009-1382 10.0
Multiple stack-based buffer overflows in mimetex.cgi in mimeTeX, when downloaded before 20090713, allow remote attackers to execute arbitrary code via a TeX file with long (1) picture, (2) circle, or (3) input tags.
10-10-2018 - 19:36 14-07-2009 - 20:30
CVE-2009-1312 4.3
Mozilla Firefox before 3.0.9 and SeaMonkey 1.1.17 do not block javascript: URIs in Refresh headers in HTTP responses, which allows remote attackers to conduct cross-site scripting (XSS) attacks via vectors related to (1) injecting a Refresh header or
10-10-2018 - 19:35 22-04-2009 - 18:30
CVE-2009-1252 6.8
Stack-based buffer overflow in the crypto_recv function in ntp_crypto.c in ntpd in NTP before 4.2.4p7 and 4.2.5 before 4.2.5p74, when OpenSSL and autokey are enabled, allows remote attackers to execute arbitrary code via a crafted packet containing a
10-10-2018 - 19:35 19-05-2009 - 19:30
CVE-2009-1210 10.0
Format string vulnerability in the PROFINET/DCP (PN-DCP) dissector in Wireshark 1.0.6 and earlier allows remote attackers to execute arbitrary code via a PN-DCP packet with format string specifiers in the station name. NOTE: some of these details ar
10-10-2018 - 19:35 01-04-2009 - 10:30
CVE-2009-1274 5.0
Integer overflow in the qt_error parse_trak_atom function in demuxers/demux_qt.c in xine-lib 1.1.16.2 and earlier allows remote attackers to execute arbitrary code via a Quicktime movie file with a large count value in an STTS atom, which triggers a
10-10-2018 - 19:35 08-04-2009 - 18:30
CVE-2009-1269 5.0
Unspecified vulnerability in Wireshark 0.99.6 through 1.0.6 allows remote attackers to cause a denial of service (crash) via a crafted Tektronix .rf5 file.
10-10-2018 - 19:35 13-04-2009 - 16:30
CVE-2009-1298 7.8
The ip_frag_reasm function in net/ipv4/ip_fragment.c in the Linux kernel 2.6.32-rc8, and 2.6.29 and later versions before 2.6.32, calls IP_INC_STATS_BH with an incorrect argument, which allows remote attackers to cause a denial of service (NULL point
10-10-2018 - 19:35 08-12-2009 - 23:30
CVE-2009-1268 4.3
The Check Point High-Availability Protocol (CPHAP) dissector in Wireshark 0.9.6 through 1.0.6 allows remote attackers to cause a denial of service (crash) via a crafted FWHA_MY_STATE packet.
10-10-2018 - 19:35 13-04-2009 - 16:30
CVE-2009-1255 5.0
The process_stat function in (1) Memcached before 1.2.8 and (2) MemcacheDB 1.2.0 discloses (a) the contents of /proc/self/maps in response to a stats maps command and (b) memory-allocation statistics in response to a stats malloc command, which allow
10-10-2018 - 19:35 30-04-2009 - 20:30
CVE-2009-0922 4.0
PostgreSQL before 8.3.7, 8.2.13, 8.1.17, 8.0.21, and 7.4.25 allows remote authenticated users to cause a denial of service (stack consumption and crash) by triggering a failure in the conversion of a localized error message to a client-specified enco
10-10-2018 - 19:32 17-03-2009 - 17:30
CVE-2009-0945 9.3
Array index error in the insertItemBefore method in WebKit, as used in Apple Safari before 3.2.3 and 4 Public Beta, iPhone OS 1.0 through 2.2.1, iPhone OS for iPod touch 1.1 through 2.2.1, Google Chrome Stable before 1.0.154.65, and possibly other pr
10-10-2018 - 19:32 13-05-2009 - 17:30
CVE-2009-1044 9.3
Mozilla Firefox 3.0.7 on Windows 7 allows remote attackers to execute arbitrary code via unknown vectors related to the _moveToEdgeShift XUL tree method, which triggers garbage collection on objects that are still in use, as demonstrated by Nils duri
10-10-2018 - 19:32 23-03-2009 - 14:19
CVE-2009-0847 4.3
The asn1buf_imbed function in the ASN.1 decoder in MIT Kerberos 5 (aka krb5) 1.6.3, when PK-INIT is used, allows remote attackers to cause a denial of service (application crash) via a crafted length value that triggers an erroneous malloc call, rela
10-10-2018 - 19:32 09-04-2009 - 00:30
CVE-2009-0696 4.3
The dns_db_findrdataset function in db.c in named in ISC BIND 9.4 before 9.4.3-P3, 9.5 before 9.5.1-P3, and 9.6 before 9.6.1-P1, when configured as a master server, allows remote attackers to cause a denial of service (assertion failure and daemon ex
10-10-2018 - 19:30 29-07-2009 - 17:30
CVE-2009-0584 9.3
icc.c in the International Color Consortium (ICC) Format library (aka icclib), as used in Ghostscript 8.64 and earlier and Argyll Color Management System (CMS) 1.0.3 and earlier, allows context-dependent attackers to cause a denial of service (applic
10-10-2018 - 19:29 23-03-2009 - 20:00
CVE-2009-0599 5.0
Buffer overflow in wiretap/netscreen.c in Wireshark 0.99.7 through 1.0.5 allows user-assisted remote attackers to cause a denial of service (application crash) via a malformed NetScreen snoop file.
10-10-2018 - 19:29 16-02-2009 - 20:30
CVE-2009-0600 4.3
Wireshark 0.99.6 through 1.0.5 allows user-assisted remote attackers to cause a denial of service (application crash) via a crafted Tektronix K12 text capture file, as demonstrated by a file with exactly one frame.
10-10-2018 - 19:29 16-02-2009 - 20:30
CVE-2016-9962 4.4
RunC allowed additional container processes via 'runc exec' to be ptraced by the pid 1 of the container. This allows the main processes of the container, if running as root, to gain access to file-descriptors of these new processes during the initia
09-10-2018 - 20:01 31-01-2017 - 22:59
CVE-2016-6186 4.3
Cross-site scripting (XSS) vulnerability in the dismissChangeRelatedObjectPopup function in contrib/admin/static/admin/js/admin/RelatedObjectLookups.js in Django before 1.8.14, 1.9.x before 1.9.8, and 1.10.x before 1.10rc1 allows remote attackers to
09-10-2018 - 20:00 05-08-2016 - 15:59
CVE-2016-1926 4.3
Cross-site scripting (XSS) vulnerability in the charts module in Greenbone Security Assistant (GSA) 6.x before 6.0.8 allows remote attackers to inject arbitrary web script or HTML via the aggregate_type parameter in a get_aggregate command to omp.
09-10-2018 - 19:59 26-01-2016 - 19:59
CVE-2015-7566 4.9
The clie_5_attach function in drivers/usb/serial/visor.c in the Linux kernel through 4.4.1 allows physically proximate attackers to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact by ins
09-10-2018 - 19:58 08-02-2016 - 03:59
CVE-2015-7555 4.3
Heap-based buffer overflow in giffix.c in giffix in giflib 5.1.1 allows attackers to cause a denial of service (program crash) via crafted image and logical screen width fields in a GIF file.
09-10-2018 - 19:58 13-04-2016 - 15:59
CVE-2015-8124 6.8
Session fixation vulnerability in the "Remember Me" login feature in Symfony 2.3.x before 2.3.35, 2.6.x before 2.6.12, and 2.7.x before 2.7.7 allows remote attackers to hijack web sessions via a session id. <a href="https://cwe.mitre.org/data/definit
09-10-2018 - 19:58 07-12-2015 - 20:59
CVE-2015-3885 4.3
Integer overflow in the ljpeg_start function in dcraw 7.00 and earlier allows remote attackers to cause a denial of service (crash) via a crafted image, which triggers a buffer overflow, related to the len variable.
09-10-2018 - 19:56 19-05-2015 - 18:59
CVE-2015-3429 4.3
Cross-site scripting (XSS) vulnerability in example.html in Genericons before 3.3.1, as used in WordPress before 4.2.2, allows remote attackers to inject arbitrary web script or HTML via a fragment identifier.
09-10-2018 - 19:56 17-06-2015 - 18:59
CVE-2015-3008 4.3
Asterisk Open Source 1.8 before 1.8.32.3, 11.x before 11.17.1, 12.x before 12.8.2, and 13.x before 13.3.2 and Certified Asterisk 1.8.28 before 1.8.28-cert5, 11.6 before 11.6-cert11, and 13.1 before 13.1-cert2, when registering a SIP TLS device, does
09-10-2018 - 19:56 10-04-2015 - 15:00
CVE-2015-2153 5.0
The rpki_rtr_pdu_print function in print-rpki-rtr.c in the TCP printer in tcpdump before 4.7.2 allows remote attackers to cause a denial of service (out-of-bounds read or write and crash) via a crafted header length in an RPKI-RTR Protocol Data Unit
09-10-2018 - 19:56 24-03-2015 - 17:59
CVE-2015-2154 5.0
The osi_print_cksum function in print-isoclns.c in the ethernet printer in tcpdump before 4.7.2 allows remote attackers to cause a denial of service (out-of-bounds read and crash) via a crafted (1) length, (2) offset, or (3) base pointer checksum val
09-10-2018 - 19:56 24-03-2015 - 17:59
CVE-2015-0247 4.6
Heap-based buffer overflow in openfs.c in the libext2fs library in e2fsprogs before 1.42.12 allows local users to execute arbitrary code via crafted block group descriptor data in a filesystem image.
09-10-2018 - 19:55 17-02-2015 - 15:59
CVE-2015-0261 7.5
Integer signedness error in the mobility_opt_print function in the IPv6 mobility printer in tcpdump before 4.7.2 allows remote attackers to cause a denial of service (out-of-bounds read and crash) or possibly execute arbitrary code via a negative len
09-10-2018 - 19:55 24-03-2015 - 17:59
CVE-2014-8324 5.0
network.c in Aircrack-ng before 1.2 Beta 3 allows remote attackers to cause a denial of service (segmentation fault) via a response with a crafted length parameter.
09-10-2018 - 19:53 17-10-2017 - 14:29
CVE-2014-8323 5.0
buddy-ng.c in Aircrack-ng before 1.2 Beta 3 allows remote attackers to cause a denial of service (segmentation fault) via a response with a crafted length parameter.
09-10-2018 - 19:53 17-10-2017 - 14:29
CVE-2014-6603 5.0
The SSHParseBanner function in SSH parser (app-layer-ssh.c) in Suricata before 2.0.4 allows remote attackers to bypass SSH rules, cause a denial of service (crash), or possibly have unspecified other impact via a crafted banner, which triggers a larg
09-10-2018 - 19:51 07-10-2014 - 14:55
CVE-2014-4330 2.1
The Dumper method in Data::Dumper before 2.154, as used in Perl 5.20.1 and earlier, allows context-dependent attackers to cause a denial of service (stack consumption and crash) via an Array-Reference with many nested Array-References, which triggers
09-10-2018 - 19:49 30-09-2014 - 16:55
CVE-2014-1492 4.3
The cert_TestHostName function in lib/certdb/certdb.c in the certificate-checking implementation in Mozilla Network Security Services (NSS) before 3.16 accepts a wildcard character that is embedded in an internationalized domain name's U-label, which
09-10-2018 - 19:42 25-03-2014 - 13:25
CVE-2014-0244 3.3
The sys_recvfrom function in nmbd in Samba 3.6.x before 3.6.24, 4.0.x before 4.0.19, and 4.1.x before 4.1.9 allows remote attackers to cause a denial of service (infinite loop and CPU consumption) via a malformed UDP packet.
09-10-2018 - 19:41 23-06-2014 - 14:55
CVE-2014-0015 4.0
cURL and libcurl 7.10.6 through 7.34.0, when more than one authentication method is enabled, re-uses NTLM connections, which might allow context-dependent attackers to authenticate as other users via a request.
09-10-2018 - 19:35 02-02-2014 - 00:55
CVE-2013-6450 5.8
The DTLS retransmission implementation in OpenSSL 1.0.0 before 1.0.0l and 1.0.1 before 1.0.1f does not properly maintain data structures for digest and encryption contexts, which might allow man-in-the-middle attackers to trigger the use of a differe
09-10-2018 - 19:34 01-01-2014 - 16:05
CVE-2013-6449 4.3
The ssl_get_algorithm2 function in ssl/s3_lib.c in OpenSSL before 1.0.2 obtains a certain version number from an incorrect data structure, which allows remote attackers to cause a denial of service (daemon crash) via crafted traffic from a TLS 1.2 cl
09-10-2018 - 19:34 23-12-2013 - 22:55
CVE-2011-3578 4.3
Cross-site scripting (XSS) vulnerability in bug_actiongroup_ext_page.php in MantisBT before 1.2.8 allows remote attackers to inject arbitrary web script or HTML via the action parameter, related to bug_actiongroup_page.php, a different vulnerability
09-10-2018 - 19:33 21-09-2011 - 16:55
CVE-2011-3358 4.3
Multiple cross-site scripting (XSS) vulnerabilities in MantisBT before 1.2.8 allow remote attackers to inject arbitrary web script or HTML via the (1) os, (2) os_build, or (3) platform parameter to (a) bug_report_page.php or (b) bug_update_advanced_p
09-10-2018 - 19:33 21-09-2011 - 16:55
CVE-2011-3356 4.3
Multiple cross-site scripting (XSS) vulnerabilities in config_defaults_inc.php in MantisBT before 1.2.8 allow remote attackers to inject arbitrary web script or HTML via the PATH_INFO, as demonstrated by the PATH_INFO to (1) manage_config_email_page.
09-10-2018 - 19:33 21-09-2011 - 16:55
CVE-2011-3357 6.8
Directory traversal vulnerability in bug_actiongroup_ext_page.php in MantisBT before 1.2.8 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the action parameter, related to bug_actiongroup_page.php.
09-10-2018 - 19:33 21-09-2011 - 16:55
CVE-2011-2764 10.0
The FS_CheckFilenameIsNotExecutable function in qcommon/files.c in the ioQuake3 engine 1.36 and earlier, as used in World of Padman, Smokin' Guns, OpenArena, Tremulous, and ioUrbanTerror, does not properly determine dangerous file extensions, which a
09-10-2018 - 19:33 04-08-2011 - 02:45
CVE-2011-2216 5.0
reqresp_parser.c in the SIP channel driver in Asterisk Open Source 1.8.x before 1.8.4.2 does not initialize certain strings, which allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via a malformed Contac
09-10-2018 - 19:32 06-06-2011 - 19:55
CVE-2011-2507 6.5
libraries/server_synchronize.lib.php in the Synchronize implementation in phpMyAdmin 3.x before 3.3.10.2 and 3.4.x before 3.4.3.1 does not properly quote regular expressions, which allows remote authenticated users to inject a PCRE e (aka PREG_REPLAC
09-10-2018 - 19:32 14-07-2011 - 23:55
CVE-2011-1947 5.0
fetchmail 5.9.9 through 6.3.19 does not properly limit the wait time after issuing a (1) STARTTLS or (2) STLS request, which allows remote servers to cause a denial of service (application hang) by acknowledging the request but not sending additional
09-10-2018 - 19:32 02-06-2011 - 19:55
CVE-2011-2508 6.0
Directory traversal vulnerability in libraries/display_tbl.lib.php in phpMyAdmin 3.x before 3.3.10.2 and 3.4.x before 3.4.3.1, when a certain MIME transformation feature is enabled, allows remote authenticated users to include and execute arbitrary l
09-10-2018 - 19:32 14-07-2011 - 23:55
CVE-2011-2505 6.4
libraries/auth/swekey/swekey.auth.lib.php in the Swekey authentication feature in phpMyAdmin 3.x before 3.3.10.2 and 3.4.x before 3.4.3.1 assigns values to arbitrary parameters referenced in the query string, which allows remote attackers to modify t
09-10-2018 - 19:32 14-07-2011 - 23:55
CVE-2011-2193 8.5
Multiple buffer overflows in Terascale Open-Source Resource and Queue Manager (aka TORQUE Resource Manager) 2.x before 2.4.14, 2.5.x before 2.5.6, and 3.x before 3.0.2 allow (1) remote authenticated users to gain privileges via a long Job_Name field
09-10-2018 - 19:32 24-06-2011 - 20:55
CVE-2011-2506 7.5
setup/lib/ConfigGenerator.class.php in phpMyAdmin 3.x before 3.3.10.2 and 3.4.x before 3.4.3.1 does not properly restrict the presence of comment closing delimiters, which allows remote attackers to conduct static code injection attacks by leveraging
09-10-2018 - 19:32 14-07-2011 - 23:55
CVE-2011-2465 2.6
Unspecified vulnerability in ISC BIND 9 9.8.0, 9.8.0-P1, 9.8.0-P2, and 9.8.1b1, when recursion is enabled and the Response Policy Zone (RPZ) contains DNAME or certain CNAME records, allows remote attackers to cause a denial of service (named daemon c
09-10-2018 - 19:32 08-07-2011 - 20:55
CVE-2011-1577 4.9
Heap-based buffer overflow in the is_gpt_valid function in fs/partitions/efi.c in the Linux kernel 2.6.38 and earlier allows physically proximate attackers to cause a denial of service (OOPS) or possibly have unspecified other impact via a crafted si
09-10-2018 - 19:31 03-05-2011 - 19:55
CVE-2011-1412 7.5
sys/sys_unix.c in the ioQuake3 engine on Unix and Linux, as used in World of Padman 1.5.x before 1.5.1.1 and OpenArena 0.8.x-15 and 0.8.x-16, allows remote game servers to execute arbitrary commands via shell metacharacters in a long fs_game variable
09-10-2018 - 19:30 04-08-2011 - 02:45
CVE-2009-2285 4.3
Buffer underflow in the LZWDecodeCompat function in libtiff 3.8.2 allows context-dependent attackers to cause a denial of service (crash) via a crafted TIFF image, a different vulnerability than CVE-2008-2327.
03-10-2018 - 22:00 01-07-2009 - 13:00
CVE-2009-2663 9.3
libvorbis before r16182, as used in Mozilla Firefox 3.5.x before 3.5.2 and other products, allows context-dependent attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via a crafted .ogg
03-10-2018 - 22:00 04-08-2009 - 16:30
CVE-2009-2654 5.8
Mozilla Firefox before 3.0.13, and 3.5.x before 3.5.2, allows remote attackers to spoof the address bar, and possibly conduct phishing attacks, via a crafted web page that calls window.open with an invalid character in the URL, makes document.write c
03-10-2018 - 22:00 03-08-2009 - 14:30
CVE-2009-1391 6.8
Off-by-one error in the inflate function in Zlib.xs in Compress::Raw::Zlib Perl module before 2.017, as used in AMaViS, SpamAssassin, and possibly other products, allows context-dependent attackers to cause a denial of service (hang or crash) via a c
03-10-2018 - 22:00 16-06-2009 - 23:30
CVE-2009-1310 4.3
Cross-site scripting (XSS) vulnerability in the MozSearch plugin implementation in Mozilla Firefox before 3.0.9 allows user-assisted remote attackers to inject arbitrary web script or HTML via a javascript: URI in the SearchForm element.
03-10-2018 - 22:00 22-04-2009 - 18:30
CVE-2009-1309 4.3
Mozilla Firefox before 3.0.9, Thunderbird, and SeaMonkey do not properly implement the Same Origin Policy for (1) XMLHttpRequest, involving a mismatch for a document's principal, and (2) XPCNativeWrapper.toString, involving an incorrect __proto__ sco
03-10-2018 - 22:00 22-04-2009 - 18:30
CVE-2009-1271 5.0
The JSON_parser function (ext/json/JSON_parser.c) in PHP 5.2.x before 5.2.9 allows remote attackers to cause a denial of service (segmentation fault) via a malformed string to the json_decode API function.
03-10-2018 - 21:59 08-04-2009 - 18:30
CVE-2009-1307 6.8
The view-source: URI implementation in Mozilla Firefox before 3.0.9, Thunderbird, and SeaMonkey does not properly implement the Same Origin Policy, which allows remote attackers to (1) bypass crossdomain.xml restrictions and connect to arbitrary web
03-10-2018 - 21:59 22-04-2009 - 18:30
CVE-2009-1306 4.3
The jar: URI implementation in Mozilla Firefox before 3.0.9, Thunderbird, and SeaMonkey does not follow the Content-Disposition header of the inner URI, which allows remote attackers to conduct cross-site scripting (XSS) attacks and possibly other at
03-10-2018 - 21:59 22-04-2009 - 18:30
CVE-2009-1304 5.0
The JavaScript engine in Mozilla Firefox 3.x before 3.0.9, Thunderbird before 2.0.0.22, and SeaMonkey before 1.1.16 allows remote attackers to cause a denial of service (application crash) and possibly trigger memory corruption via vectors involving
03-10-2018 - 21:59 22-04-2009 - 18:30
CVE-2009-1305 5.0
The JavaScript engine in Mozilla Firefox before 3.0.9, Thunderbird before 2.0.0.22, and SeaMonkey before 1.1.16 allows remote attackers to cause a denial of service (application crash) and possibly trigger memory corruption via vectors involving JSOP
03-10-2018 - 21:59 22-04-2009 - 18:30
CVE-2009-1302 5.0
The browser engine in Mozilla Firefox 3.x before 3.0.9, Thunderbird before 2.0.0.22, and SeaMonkey before 1.1.16 allows remote attackers to cause a denial of service (application crash) and possibly trigger memory corruption via vectors related to (1
03-10-2018 - 21:59 22-04-2009 - 18:30
CVE-2009-0772 9.3
The layout engine in Mozilla Firefox 2 and 3 before 3.0.7, Thunderbird before 2.0.0.21, and SeaMonkey 1.1.15 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via vectors related to nsCSSStyleSheet::GetO
03-10-2018 - 21:58 05-03-2009 - 02:30
CVE-2009-0652 5.8
The Internationalized Domain Names (IDN) blacklist in Mozilla Firefox 3.0.6 and other versions before 3.0.9; Thunderbird before 2.0.0.21; and SeaMonkey before 1.1.15 does not include box-drawing characters, which allows remote attackers to spoof URLs
03-10-2018 - 21:58 20-02-2009 - 19:30
CVE-2009-0776 7.1
nsIRDFService in Mozilla Firefox before 3.0.7, Thunderbird before 2.0.0.21, and SeaMonkey before 1.1.15 allows remote attackers to bypass the same-origin policy and read XML data from another domain via a cross-domain redirect.
03-10-2018 - 21:58 05-03-2009 - 02:30
CVE-2009-0352 10.0
Multiple unspecified vulnerabilities in Mozilla Firefox 3.x before 3.0.6, Thunderbird before 2.0.0.21, and SeaMonkey before 1.1.15 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbit
03-10-2018 - 21:58 04-02-2009 - 19:30
CVE-2009-0754 2.1
PHP 4.4.4, 5.1.6, and other versions, when running on Apache, allows local users to modify behavior of other sites hosted on the same web server by modifying the mbstring.func_overload setting within .htaccess, which causes this setting to be applied
03-10-2018 - 21:58 03-03-2009 - 16:30
CVE-2009-0774 9.3
The layout engine in Mozilla Firefox 2 and 3 before 3.0.7, Thunderbird before 2.0.0.21, and SeaMonkey 1.1.15 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via vectors related to gczeal, a different v
03-10-2018 - 21:58 05-03-2009 - 02:30
CVE-2009-0022 6.3
Samba 3.2.0 through 3.2.6, when registry shares are enabled, allows remote authenticated users to access the root filesystem via a crafted connection request that specifies a blank share name. Patch Information - http://www.samba.org/samba/history/se
03-10-2018 - 21:57 05-01-2009 - 20:30
CVE-2008-3905 5.8
resolv.rb in Ruby 1.8.5 and earlier, 1.8.6 before 1.8.6-p287, 1.8.7 before 1.8.7-p72, and 1.9 r18423 and earlier uses sequential transaction IDs and constant source ports for DNS requests, which makes it easier for remote attackers to spoof DNS respo
03-10-2018 - 21:55 04-09-2008 - 17:41
CVE-2008-3790 5.0
The REXML module in Ruby 1.8.6 through 1.8.6-p287, 1.8.7 through 1.8.7-p72, and 1.9 allows context-dependent attackers to cause a denial of service (CPU consumption) via an XML document with recursively nested entities, aka an "XML entity explosion."
03-10-2018 - 21:55 27-08-2008 - 20:41
CVE-2008-3639 7.5
Heap-based buffer overflow in the read_rle16 function in imagetops in CUPS before 1.3.9 allows remote attackers to execute arbitrary code via an SGI image with malformed Run Length Encoded (RLE) data containing a small image and a large row count.
03-10-2018 - 21:55 14-10-2008 - 21:10
CVE-2008-3640 6.8
Integer overflow in the WriteProlog function in texttops in CUPS before 1.3.9 allows remote attackers to execute arbitrary code via a crafted PostScript file that triggers a heap-based buffer overflow.
03-10-2018 - 21:55 14-10-2008 - 21:10
CVE-2008-3443 5.0
The regular expression engine (regex.c) in Ruby 1.8.5 and earlier, 1.8.6 through 1.8.6-p286, 1.8.7 through 1.8.7-p71, and 1.9 through r18423 allows remote attackers to cause a denial of service (infinite loop and crash) via multiple long requests to
03-10-2018 - 21:55 14-08-2008 - 23:41
CVE-2008-1722 4.3
Multiple integer overflows in (1) filter/image-png.c and (2) filter/image-zoom.c in CUPS 1.3 allow attackers to cause a denial of service (crash) and trigger memory corruption, as demonstrated via a crafted PNG image.
03-10-2018 - 21:54 10-04-2008 - 19:05
CVE-2008-1099 5.0
_macro_Getval in wikimacro.py in MoinMoin 1.5.8 and earlier does not properly enforce ACLs, which allows remote attackers to read protected pages.
03-10-2018 - 21:53 05-03-2008 - 20:44
CVE-2008-0781 4.3
Multiple cross-site scripting (XSS) vulnerabilities in action/AttachFile.py in MoinMoin 1.5.8 and earlier allow remote attackers to inject arbitrary web script or HTML via (1) message, (2) pagename, and (3) target filenames.
03-10-2018 - 21:53 14-02-2008 - 21:00
CVE-2008-1420 6.8
Integer overflow in residue partition value (aka partvals) evaluation in Xiph.org libvorbis 1.2.0 and earlier allows remote attackers to execute arbitrary code via a crafted OGG file, which triggers a heap overflow.
03-10-2018 - 21:53 16-05-2008 - 12:54
CVE-2008-0780 4.3
Cross-site scripting (XSS) vulnerability in MoinMoin 1.5.x through 1.5.8 and 1.6.x before 1.6.1 allows remote attackers to inject arbitrary web script or HTML via the login action.
03-10-2018 - 21:53 14-02-2008 - 21:00
CVE-2008-1098 4.3
Multiple cross-site scripting (XSS) vulnerabilities in MoinMoin 1.5.8 and earlier allow remote attackers to inject arbitrary web script or HTML via (1) certain input processed by formatter/text_gedit.py (aka the gui editor formatter); (2) a page name
03-10-2018 - 21:53 05-03-2008 - 20:44
CVE-2007-5925 4.0
The convert_search_mode_to_innobase function in ha_innodb.cc in the InnoDB engine in MySQL 5.1.23-BK and earlier allows remote authenticated users to cause a denial of service (database crash) via a certain CONTAINS operation on an indexed column, wh
03-10-2018 - 21:50 10-11-2007 - 02:46
CVE-2007-5208 7.6
hpssd in Hewlett-Packard Linux Imaging and Printing Project (hplip) 1.x and 2.x before 2.7.10 allows context-dependent attackers to execute arbitrary commands via shell metacharacters in a from address, which is not properly handled when invoking sen
03-10-2018 - 21:49 13-10-2007 - 00:17
CVE-2007-5335 4.3
Mozilla Firefox 2.0 before 2.0.0.8 allows remote attackers to obtain sensitive system information by using the addMicrosummaryGenerator sidebar method to access file: URIs.
03-10-2018 - 21:49 24-10-2007 - 00:46
CVE-2007-4670 5.0
Unspecified vulnerability in PHP before 5.2.4 has unknown impact and attack vectors, related to an "Improved fix for MOPB-03-2007," probably a variant of CVE-2007-1285.
03-10-2018 - 21:48 05-09-2007 - 00:17
CVE-2007-4658 7.5
The money_format function in PHP 5 before 5.2.4, and PHP 4 before 4.4.8, permits multiple (1) %i and (2) %n tokens, which has unknown impact and attack vectors, possibly related to a format string vulnerability.
03-10-2018 - 21:48 04-09-2007 - 22:17
CVE-2007-3799 4.3
The session_start function in ext/session in PHP 4.x up to 4.4.7 and 5.x up to 5.2.3 allows remote attackers to insert arbitrary attributes into the session cookie via special characters in a cookie that is obtained from (1) PATH_INFO, (2) the sessio
03-10-2018 - 21:47 16-07-2007 - 22:30
CVE-2007-4351 10.0
Off-by-one error in the ippReadIO function in cups/ipp.c in CUPS 1.3.3 allows remote attackers to cause a denial of service (crash) via a crafted (1) textWithLanguage or (2) nameWithLanguage Internet Printing Protocol (IPP) tag, leading to a stack-ba
03-10-2018 - 21:47 31-10-2007 - 22:46
CVE-2006-2453 7.5
Multiple unspecified format string vulnerabilities in Dia have unspecified impact and attack vectors, a different set of issues than CVE-2006-2480.
03-10-2018 - 21:40 28-05-2006 - 10:06
CVE-2006-1525 4.9
ip_route_input in Linux kernel 2.6 before 2.6.16.8 allows local users to cause a denial of service (panic) via a request for a route for a multicast IP address, which triggers a null dereference.
03-10-2018 - 21:37 19-04-2006 - 18:18
CVE-2006-1057 3.7
Race condition in daemon/slave.c in gdm before 2.14.1 allows local users to gain privileges via a symlink attack when gdm performs chown and chgrp operations on the .ICEauthority file.
03-10-2018 - 21:36 25-04-2006 - 01:02
CVE-2006-1055 4.9
The fill_write_buffer function in sysfs/file.c in Linux kernel 2.6.12 up to versions before 2.6.17-rc1 does not zero terminate a buffer when a length of PAGE_SIZE or more is requested, which might allow local users to cause a denial of service (crash
03-10-2018 - 21:36 05-04-2006 - 17:04
CVE-2006-0741 1.2
Linux kernel before 2.6.15.5, when running on Intel processors, allows local users to cause a denial of service ("endless recursive fault") via unknown attack vectors related to a "bad elf entry address."
03-10-2018 - 21:35 07-03-2006 - 02:02
CVE-2006-0555 2.1
The Linux Kernel before 2.6.15.5 allows local users to cause a denial of service (NFS client panic) via unknown attack vectors related to the use of O_DIRECT (direct I/O).
03-10-2018 - 21:35 07-03-2006 - 02:02
CVE-2005-3808 4.9
Integer overflow in the invalidate_inode_pages2_range function in mm/truncate.c in Linux kernel 2.6.11 to 2.6.14 allows local users to cause a denial of service (hang) via 64-bit mmap calls that are not properly handled on a 32-bit system.
03-10-2018 - 21:33 25-11-2005 - 21:03
CVE-2005-2972 5.1
Multiple stack-based buffer overflows in the RTF import feature in AbiWord before 2.2.11 allow user-assisted attackers to execute arbitrary code via an RTF file with long identifiers, which are not properly handled in the (1) ParseLevelText, (2) getC
03-10-2018 - 21:31 23-10-2005 - 10:02
CVE-2005-3185 7.5
Stack-based buffer overflow in the ntlm_output function in http-ntlm.c for (1) wget 1.10, (2) curl 7.13.2, and (3) libcurl 7.13.2, and other products that use libcurl, when NTLM authentication is enabled, allows remote servers to execute arbitrary co
03-10-2018 - 21:31 13-10-2005 - 22:02
CVE-2005-3183 4.3
The HTBoundary_put_block function in HTBound.c for W3C libwww (w3c-libwww) allows remote servers to cause a denial of service (segmentation fault) via a crafted multipart/byteranges MIME message that triggers an out-of-bounds read.
03-10-2018 - 21:31 12-10-2005 - 22:02
CVE-2005-2550 7.5
Format string vulnerability in Evolution 1.4 through 2.3.6.1 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via the calendar entries such as task lists, which are not properly handled when the user se
03-10-2018 - 21:31 12-08-2005 - 04:00
CVE-2005-2971 7.5
Heap-based buffer overflow in the KWord RTF importer for KOffice 1.2.0 through 1.4.1 allows remote attackers to execute arbitrary code via a crafted RTF file.
03-10-2018 - 21:31 20-10-2005 - 10:02
CVE-2005-2958 7.5
Multiple format string vulnerabilities in the GNOME Data Access library for GNOME2 (libgda2) 1.2.1 and earlier allow attackers to execute arbitrary code.
03-10-2018 - 21:31 25-10-2005 - 16:02
CVE-2005-2549 7.5
Multiple format string vulnerabilities in Evolution 1.5 through 2.3.6.1 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via (1) full vCard data, (2) contact data from remote LDAP servers, or (3) task li
03-10-2018 - 21:30 12-08-2005 - 04:00
CVE-2014-0243 2.1
Check_MK through 1.2.5i2p1 allows local users to read arbitrary files via a symlink attack to a file in /var/lib/check_mk_agent/job.
17-09-2018 - 18:04 19-07-2018 - 17:29
CVE-2016-7942 7.5
The XGetImage function in X.org libX11 before 1.6.4 might allow remote X servers to gain privileges via vectors involving image type and geometry, which triggers out-of-bounds read operations.
13-09-2018 - 10:29 13-12-2016 - 20:59
CVE-2016-7943 7.5
The XListFonts function in X.org libX11 before 1.6.4 might allow remote X servers to gain privileges via vectors involving length fields, which trigger out-of-bounds write operations.
13-09-2018 - 10:29 13-12-2016 - 20:59
CVE-2016-3115 5.5
Multiple CRLF injection vulnerabilities in session.c in sshd in OpenSSH before 7.2p2 allow remote authenticated users to bypass intended shell-command restrictions via crafted X11 forwarding data, related to the (1) do_authenticated1 and (2) session_
11-09-2018 - 10:29 22-03-2016 - 10:59
CVE-2015-8767 4.9
net/sctp/sm_sideeffect.c in the Linux kernel before 4.3 does not properly manage the relationship between a lock and a socket, which allows local users to cause a denial of service (deadlock) via a crafted sctp_accept call.
30-08-2018 - 16:53 08-02-2016 - 03:59
CVE-2015-3991 7.5
strongSwan 5.2.2 and 5.3.0 allows remote attackers to cause a denial of service (daemon crash) or execute arbitrary code.
13-08-2018 - 21:47 07-09-2017 - 20:29
CVE-2006-6772 9.3
Format string vulnerability in the inputAnswer function in file.c in w3m before 0.5.2, when run with the dump or backend option, allows remote attackers to execute arbitrary code via format string specifiers in the Common Name (CN) field of an SSL ce
13-08-2018 - 21:47 27-12-2006 - 23:28
CVE-2015-4335 10.0
Redis before 2.8.21 and 3.x before 3.0.2 allows remote attackers to execute arbitrary Lua bytecode via the eval command.
13-08-2018 - 21:47 09-06-2015 - 14:59
CVE-2009-3618 4.3
Cross-site scripting (XSS) vulnerability in viewvc.py in ViewVC 1.0 before 1.0.9 and 1.1 before 1.1.2 allows remote attackers to inject arbitrary web script or HTML via the view parameter. NOTE: some of these details are obtained from third party in
13-08-2018 - 21:47 10-11-2009 - 02:30
CVE-2009-3619 5.0
Unspecified vulnerability in ViewVC 1.0 before 1.0.9 and 1.1 before 1.1.2 has unknown impact and remote attack vectors related to "printing illegal parameter names and values."
13-08-2018 - 21:47 10-11-2009 - 02:30
CVE-2010-0004 5.0
ViewVC before 1.1.3 composes the root listing view without using the authorizer for each root, which might allow remote attackers to discover private root names by reading this view.
13-08-2018 - 21:47 29-01-2010 - 18:30
CVE-2012-3448 7.5
Unspecified vulnerability in Ganglia Web before 3.5.1 allows remote attackers to execute arbitrary PHP code via unknown attack vectors.
04-08-2018 - 01:29 06-08-2012 - 18:55
CVE-2015-5146 3.5
ntpd in ntp before 4.2.8p3 with remote configuration enabled allows remote authenticated users with knowledge of the configuration password and access to a computer entrusted to perform remote configuration to cause a denial of service (service crash
02-08-2018 - 01:29 24-08-2017 - 20:29
CVE-2016-5139 6.8
Multiple integer overflows in the opj_tcd_init_tile function in tcd.c in OpenJPEG, as used in PDFium in Google Chrome before 52.0.2743.116, allow remote attackers to cause a denial of service (heap-based buffer overflow) or possibly have unspecified
21-07-2018 - 01:29 07-08-2016 - 19:59
CVE-2014-2532 5.8
sshd in OpenSSH before 6.6 does not properly support wildcards on AcceptEnv lines in sshd_config, which allows remote attackers to bypass intended environment restrictions by using a substring located before a wildcard character.
19-07-2018 - 01:29 18-03-2014 - 05:18
CVE-2015-3218 2.1
The authentication_agent_new function in polkitbackend/polkitbackendinteractiveauthority.c in PolicyKit (aka polkit) before 0.113 allows local users to cause a denial of service (NULL pointer dereference and polkitd daemon crash) by calling RegisterA
18-07-2018 - 01:29 26-10-2015 - 19:59
CVE-2014-9092 4.3
libjpeg-turbo before 1.3.1 allows remote attackers to cause a denial of service (crash) via a crafted JPEG file, related to the Exif marker.
12-07-2018 - 01:29 10-10-2017 - 13:29
CVE-2016-8887 4.3
The jp2_colr_destroy function in libjasper/jp2/jp2_cod.c in JasPer before 1.900.10 allows remote attackers to cause a denial of service (NULL pointer dereference).
29-06-2018 - 01:29 23-03-2017 - 18:59
CVE-2015-3246 7.2
libuser before 0.56.13-8 and 0.60 before 0.60-7, as used in the userhelper program in the usermode package, directly modifies /etc/passwd, which allows local users to cause a denial of service (inconsistent file state) by causing an error during the
20-05-2018 - 01:29 11-08-2015 - 14:59
CVE-2014-1400 4.0
The entity_access API in the Entity API module 7.x-1.x before 7.x-1.3 for Drupal might allow remote authenticated users to bypass intended access restrictions and read unpublished comments via unspecified vectors.
18-05-2018 - 14:31 10-04-2018 - 15:29
CVE-2014-1398 4.0
The entity wrapper access API in the Entity API module 7.x-1.x before 7.x-1.3 for Drupal might allow remote authenticated users to bypass intended access restrictions on comment, user and node statistics properties via unspecified vectors.
18-05-2018 - 14:31 10-04-2018 - 15:29
CVE-2014-1399 4.0
The entity wrapper access API in the Entity API module 7.x-1.x before 7.x-1.3 for Drupal might allow remote authenticated users to bypass intended access restrictions on referenced entities via unspecified vectors.
18-05-2018 - 12:19 10-04-2018 - 15:29
CVE-2015-7978 5.0
NTP before 4.2.8p6 and 4.3.0 before 4.3.90 allows a remote attackers to cause a denial of service (stack exhaustion) via an ntpdc relist command, which triggers recursive traversal of the restriction list.
18-05-2018 - 01:29 30-01-2017 - 21:59
CVE-2017-13704 5.0
In dnsmasq before 2.78, if the DNS packet size does not match the expected size, the size parameter in a memset call gets a negative value. As it is an unsigned value, memset ends up writing up to 0xffffffff zero's (0xffffffffffffffff in 64 bit platf
11-05-2018 - 01:29 03-10-2017 - 01:29
CVE-2004-0941 10.0
Multiple buffer overflows in the gd graphics library (libgd) 2.0.21 and earlier may allow remote attackers to execute arbitrary code via malformed image files that trigger the overflows due to improper calls to the gdMalloc function, a different set
03-05-2018 - 01:29 09-02-2005 - 05:00
CVE-2004-0180 2.6
The client for CVS before 1.11 allows a remote malicious CVS server to create arbitrary files using certain RCS diff files that use absolute pathnames during checkouts or updates, a different vulnerability than CVE-2004-0405.
03-05-2018 - 01:29 01-06-2004 - 04:00
CVE-1999-0710 7.5
The Squid package in Red Hat Linux 5.2 and 6.0, and other distributions, installs cachemgr.cgi in a public web directory, which allows remote attackers to use it as an intermediary to connect to other systems.
03-05-2018 - 01:29 25-07-1999 - 04:00
CVE-2004-0077 7.2
The do_mremap function for the mremap system call in Linux 2.2 to 2.2.25, 2.4 to 2.4.24, and 2.6 to 2.6.2, does not properly check the return value from the do_munmap function when the maximum number of VMA descriptors is exceeded, which allows local
03-05-2018 - 01:29 03-03-2004 - 05:00
CVE-2015-8853 5.0
The (1) S_reghop3, (2) S_reghop4, and (3) S_reghopmaybe3 functions in regexec.c in Perl before 5.24.0 allow context-dependent attackers to cause a denial of service (infinite loop) via crafted utf-8 data, as demonstrated by "a\x80."
02-05-2018 - 01:29 25-05-2016 - 15:59
CVE-2012-4929 2.6
The TLS protocol 1.2 and earlier, as used in Mozilla Firefox, Google Chrome, Qt, and other products, can encrypt compressed data without properly obfuscating the length of the unencrypted data, which allows man-in-the-middle attackers to obtain plain
22-04-2018 - 01:29 15-09-2012 - 18:55
CVE-2014-5450 2.1
Zarafa Collaboration Platform 4.1 uses world-readable permissions for /etc/zarafa/license, which allows local users to obtain sensitive information by reading license files.
20-04-2018 - 14:56 19-03-2018 - 21:29
CVE-2014-7271 4.6
Simple Desktop Display Manager (SDDM) before 0.10.0 allows local users to log in as user "sddm" without authentication.
27-03-2018 - 23:50 08-03-2018 - 20:29
CVE-2014-7272 7.2
Simple Desktop Display Manager (SDDM) before 0.10.0 allows local users to gain root privileges because code running as root performs write operations within a user home directory, and this user may have created links in advance (exploitation requires
27-03-2018 - 23:50 08-03-2018 - 20:29
CVE-2016-3674 5.0
Multiple XML external entity (XXE) vulnerabilities in the (1) Dom4JDriver, (2) DomDriver, (3) JDomDriver, (4) JDom2Driver, (5) SjsxpDriver, (6) StandardStaxDriver, and (7) WstxDriver drivers in XStream before 1.4.9 allow remote attackers to read arbi
26-03-2018 - 18:47 17-05-2016 - 14:08
CVE-2014-1693 7.5
Multiple CRLF injection vulnerabilities in the FTP module in Erlang/OTP R15B03 allow context-dependent attackers to inject arbitrary FTP commands via CRLF sequences in the (1) user, (2) account, (3) cd, (4) ls, (5) nlist, (6) rename, (7) delete, (8)
16-03-2018 - 01:29 08-12-2014 - 11:59
CVE-2013-7329 5.0
The CGI::Application module before 4.50_50 and 4.50_51 for Perl, when run modes are not specified, allows remote attackers to obtain sensitive information (web queries and environment details) via vectors related to the dump_html function.
07-03-2018 - 02:29 06-10-2014 - 23:55
CVE-2014-3005 7.5
XML external entity (XXE) vulnerability in Zabbix 1.8.x before 1.8.21rc1, 2.0.x before 2.0.13rc1, 2.2.x before 2.2.5rc1, and 2.3.x before 2.3.2 allows remote attackers to read arbitrary files or potentially execute arbitrary code via a crafted DTD in
21-02-2018 - 14:57 01-02-2018 - 17:29
CVE-2014-1858 2.1
__init__.py in f2py in NumPy before 1.8.1 allows local users to write to arbitrary files via a symlink attack on a temporary file.
30-01-2018 - 14:44 08-01-2018 - 19:29
CVE-2012-1573 5.0
gnutls_cipher.c in libgnutls in GnuTLS before 2.12.17 and 3.x before 3.0.15 does not properly handle data encrypted with a block cipher, which allows remote attackers to cause a denial of service (heap memory corruption and application crash) via a c
18-01-2018 - 02:29 26-03-2012 - 19:55
CVE-2012-1569 5.0
The asn1_get_length_der function in decoding.c in GNU Libtasn1 before 2.12, as used in GnuTLS before 3.0.16 and other products, does not properly handle certain large length values, which allows remote attackers to cause a denial of service (heap mem
18-01-2018 - 02:29 26-03-2012 - 19:55
CVE-2012-1902 4.3
show_config_errors.php in phpMyAdmin 3.4.x before 3.4.10.2, when a configuration file does not exist, allows remote attackers to obtain sensitive information via a direct request, which reveals the installation path in an error message about this mis
18-01-2018 - 02:29 06-04-2012 - 19:55
CVE-2012-1190 4.3
Cross-site scripting (XSS) vulnerability in the replication-setup functionality in js/replication.js in phpMyAdmin 3.4.x before 3.4.10.1 allows user-assisted remote attackers to inject arbitrary web script or HTML via a crafted database name.
18-01-2018 - 02:29 03-05-2012 - 04:08
CVE-2012-1172 5.8
The file-upload implementation in rfc1867.c in PHP before 5.4.0 does not properly handle invalid [ (open square bracket) characters in name values, which makes it easier for remote attackers to cause a denial of service (malformed $_FILES indexes) or
18-01-2018 - 02:29 24-05-2012 - 00:55
CVE-2012-0250 3.3
Buffer overflow in the OSPFv2 implementation in ospfd in Quagga before 0.99.20.1 allows remote attackers to cause a denial of service (daemon crash) via a Link State Update (aka LS Update) packet containing a network-LSA link-state advertisement for
18-01-2018 - 02:29 05-04-2012 - 13:25
CVE-2012-0060 6.8
RPM before 4.9.1.3 does not properly validate region tags, which allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via an invalid region tag in a package header to the (1) headerLoad, (2) rpmReadSignatur
18-01-2018 - 02:29 04-06-2012 - 20:55
CVE-2012-0061 6.8
The headerLoad function in lib/header.c in RPM before 4.9.1.3 does not properly validate region tags, which allows user-assisted remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a large region size in a pa
18-01-2018 - 02:29 04-06-2012 - 20:55
CVE-2012-0249 3.3
Buffer overflow in the ospf_ls_upd_list_lsa function in ospf_packet.c in the OSPFv2 implementation in ospfd in Quagga before 0.99.20.1 allows remote attackers to cause a denial of service (assertion failure and daemon exit) via a Link State Update (a
18-01-2018 - 02:29 05-04-2012 - 13:25
CVE-2012-0255 5.0
The BGP implementation in bgpd in Quagga before 0.99.20.1 does not properly use message buffers for OPEN messages, which allows remote attackers to cause a denial of service (assertion failure and daemon exit) via a message associated with a malforme
18-01-2018 - 02:29 05-04-2012 - 13:25
CVE-2012-0817 5.0
Memory leak in smbd in Samba 3.6.x before 3.6.3 allows remote attackers to cause a denial of service (memory and CPU consumption) by making many connection requests.
18-01-2018 - 02:29 30-01-2012 - 17:55
CVE-2012-0815 6.8
The headerVerifyInfo function in lib/header.c in RPM before 4.9.1.3 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a negative value in a region offset of a package header, which is not properly ha
18-01-2018 - 02:29 04-06-2012 - 20:55
CVE-2012-1165 5.0
The mime_param_cmp function in crypto/asn1/asn_mime.c in OpenSSL before 0.9.8u and 1.x before 1.0.0h allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted S/MIME message, a different vulne
13-01-2018 - 02:29 15-03-2012 - 17:55
CVE-2015-8008 5.0
The OAuth extension for MediaWiki improperly negotiates a new client token only over Special:OAuth/initiate, which allows attackers to bypass intended IP address access restrictions by making an API request with an existing token.
11-01-2018 - 16:03 29-12-2017 - 22:29
CVE-2014-4978 3.6
The rs_filter_graph function in librawstudio/rs-filter.c in rawstudio might allow local users to truncate arbitrary files via a symlink attack on (1) /tmp/rs-filter-graph.png or (2) /tmp/rs-filter-graph.
10-01-2018 - 19:21 29-12-2017 - 22:29
CVE-2017-16876 4.3
Cross-site scripting (XSS) vulnerability in the _keyify function in mistune.py in Mistune before 0.8.1 allows remote attackers to inject arbitrary web script or HTML by leveraging failure to escape the "key" argument.
10-01-2018 - 17:15 29-12-2017 - 15:29
CVE-2012-0884 5.0
The implementation of Cryptographic Message Syntax (CMS) and PKCS #7 in OpenSSL before 0.9.8u and 1.x before 1.0.0h does not properly restrict certain oracle behavior, which makes it easier for context-dependent attackers to decrypt data via a Millio
10-01-2018 - 02:29 13-03-2012 - 03:12
CVE-2011-4313 5.0
query.c in ISC BIND 9.0.x through 9.6.x, 9.4-ESV through 9.4-ESV-R5, 9.6-ESV through 9.6-ESV-R5, 9.7.0 through 9.7.4, 9.8.0 through 9.8.1, and 9.9.0a1 through 9.9.0b1 allows remote attackers to cause a denial of service (assertion failure and named e
06-01-2018 - 02:29 29-11-2011 - 17:55
CVE-2010-4167 6.9
Untrusted search path vulnerability in configure.c in ImageMagick before 6.6.5-5, when MAGICKCORE_INSTALLED_SUPPORT is defined, allows local users to gain privileges via a Trojan horse configuration file in the current working directory. Per: http://
06-01-2018 - 02:29 22-11-2010 - 20:00
CVE-2016-7545 7.2
SELinux policycoreutils allows local users to execute arbitrary commands outside of the sandbox via a crafted TIOCSTI ioctl call.
05-01-2018 - 02:31 19-01-2017 - 20:59
CVE-2016-8885 4.3
The bmp_getdata function in libjasper/bmp/bmp_dec.c in JasPer before 1.900.9 allows remote attackers to cause a denial of service (NULL pointer dereference) by calling the imginfo command with a crafted BMP image.
05-01-2018 - 02:31 23-03-2017 - 18:59
CVE-2016-7543 7.2
Bash before 4.4 allows local users to execute arbitrary commands with root privileges via crafted SHELLOPTS and PS4 environment variables.
05-01-2018 - 02:31 19-01-2017 - 20:59
CVE-2016-8691 4.3
The jpc_dec_process_siz function in libjasper/jpc/jpc_dec.c in JasPer before 1.900.4 allows remote attackers to cause a denial of service (divide-by-zero error and application crash) via a crafted XRsiz value in a BMP image to the imginfo command.
05-01-2018 - 02:31 15-02-2017 - 19:59
CVE-2016-8884 4.3
The bmp_getdata function in libjasper/bmp/bmp_dec.c in JasPer 1.900.5 allows remote attackers to cause a denial of service (NULL pointer dereference) by calling the imginfo command with a crafted BMP image. NOTE: this vulnerability exists because of
05-01-2018 - 02:31 28-03-2017 - 14:59
CVE-2016-8692 4.3
The jpc_dec_process_siz function in libjasper/jpc/jpc_dec.c in JasPer before 1.900.4 allows remote attackers to cause a denial of service (divide-by-zero error and application crash) via a crafted YRsiz value in a BMP image to the imginfo command.
05-01-2018 - 02:31 15-02-2017 - 19:59
CVE-2015-8777 2.1
The process_envvars function in elf/rtld.c in the GNU C Library (aka glibc or libc6) before 2.23 allows local users to bypass a pointer-guarding protection mechanism via a zero value of the LD_POINTER_GUARD environment variable.
05-01-2018 - 02:30 20-01-2016 - 05:59
CVE-2015-7496 7.2
GNOME Display Manager (gdm) before 3.18.2 allows physically proximate attackers to bypass the lock screen by holding the Escape key.
05-01-2018 - 02:30 24-11-2015 - 20:59
CVE-2015-8868 9.3
Heap-based buffer overflow in the ExponentialFunction::ExponentialFunction function in Poppler before 0.40.0 allows remote attackers to cause a denial of service (memory corruption and crash) or possibly execute arbitrary code via an invalid blend mo
05-01-2018 - 02:30 06-05-2016 - 17:59
CVE-2015-3143 5.0
cURL and libcurl 7.10.6 through 7.41.0 does not properly re-use NTLM connections, which allows remote attackers to connect as other users via an unauthenticated request, a similar issue to CVE-2014-0015.
05-01-2018 - 02:30 24-04-2015 - 14:59
CVE-2015-2922 3.3
The ndisc_router_discovery function in net/ipv6/ndisc.c in the Neighbor Discovery (ND) protocol implementation in the IPv6 stack in the Linux kernel before 3.19.6 allows remote attackers to reconfigure a hop-limit setting via a small hop_limit value
05-01-2018 - 02:30 27-05-2015 - 10:59
CVE-2015-1799 4.3
The symmetric-key feature in the receive function in ntp_proto.c in ntpd in NTP 3.x and 4.x before 4.2.8p2 performs state-variable updates upon receiving certain invalid packets, which makes it easier for man-in-the-middle attackers to cause a denial
05-01-2018 - 02:30 08-04-2015 - 10:59
CVE-2015-2806 10.0
Stack-based buffer overflow in asn1_der_decoding in libtasn1 before 4.4 allows remote attackers to have unspecified impact via unknown vectors.
05-01-2018 - 02:30 10-04-2015 - 15:00
CVE-2015-1856 5.5
OpenStack Object Storage (Swift) before 2.3.0, when allow_version is configured, allows remote authenticated users to delete the latest version of an object by leveraging listing access to the x-versions-location container.
05-01-2018 - 02:30 17-04-2015 - 17:59
CVE-2013-6954 5.0
The png_do_expand_palette function in libpng before 1.6.8 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via (1) a PLTE chunk of zero bytes or (2) a NULL palette, related to pngrtran.c and pngset
05-01-2018 - 02:29 12-01-2014 - 18:34
CVE-2014-8712 5.0
The build_expert_data function in epan/dissectors/packet-ncp2222.inc in the NCP dissector in Wireshark 1.10.x before 1.10.11 and 1.12.x before 1.12.2 does not properly initialize a data structure, which allows remote attackers to cause a denial of se
05-01-2018 - 02:29 23-11-2014 - 02:59
CVE-2014-8710 5.0
The decompress_sigcomp_message function in epan/sigcomp-udvm.c in the SigComp UDVM dissector in Wireshark 1.10.x before 1.10.11 allows remote attackers to cause a denial of service (buffer over-read and application crash) via a crafted packet.
05-01-2018 - 02:29 23-11-2014 - 02:59
CVE-2014-8711 5.0
Multiple integer overflows in epan/dissectors/packet-amqp.c in the AMQP dissector in Wireshark 1.10.x before 1.10.11 and 1.12.x before 1.12.2 allow remote attackers to cause a denial of service (application crash) via a crafted amqp_0_10 PDU in a pac
05-01-2018 - 02:29 23-11-2014 - 02:59
CVE-2014-9419 2.1
The __switch_to function in arch/x86/kernel/process_64.c in the Linux kernel through 3.18.1 does not ensure that Thread Local Storage (TLS) descriptors are loaded before proceeding with other steps, which makes it easier for local users to bypass the
05-01-2018 - 02:29 26-12-2014 - 00:59
CVE-2014-8714 5.0
The dissect_write_structured_field function in epan/dissectors/packet-tn5250.c in the TN5250 dissector in Wireshark 1.10.x before 1.10.11 and 1.12.x before 1.12.2 allows remote attackers to cause a denial of service (infinite loop) via a crafted pack
05-01-2018 - 02:29 23-11-2014 - 02:59
CVE-2014-8713 5.0
Stack-based buffer overflow in the build_expert_data function in epan/dissectors/packet-ncp2222.inc in the NCP dissector in Wireshark 1.10.x before 1.10.11 and 1.12.x before 1.12.2 allows remote attackers to cause a denial of service (application cra
05-01-2018 - 02:29 23-11-2014 - 02:59
CVE-2014-8150 4.3
CRLF injection vulnerability in libcurl 6.0 through 7.x before 7.40.0, when using an HTTP proxy, allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via CRLF sequences in a URL. <a href="http://cwe.mit
05-01-2018 - 02:29 15-01-2015 - 15:59
CVE-2012-3291 7.8
Heap-based buffer overflow in OpenConnect 3.18 allows remote servers to cause a denial of service via a crafted greeting banner.
05-01-2018 - 02:29 07-06-2012 - 20:55
CVE-2012-2337 7.2
sudo 1.6.x and 1.7.x before 1.7.9p1, and 1.8.x before 1.8.4p5, does not properly support configurations that use a netmask syntax, which allows local users to bypass intended command restrictions in opportunistic circumstances by executing a command
05-01-2018 - 02:29 18-05-2012 - 18:55
CVE-2012-2110 7.5
The asn1_d2i_read_bio function in crypto/asn1/a_d2i_fp.c in OpenSSL before 0.9.8v, 1.0.0 before 1.0.0i, and 1.0.1 before 1.0.1a does not properly interpret integer data, which allows remote attackers to conduct buffer overflow attacks, and cause a de
05-01-2018 - 02:29 19-04-2012 - 17:55
CVE-2012-2333 6.8
Integer underflow in OpenSSL before 0.9.8x, 1.0.0 before 1.0.0j, and 1.0.1 before 1.0.1c, when TLS 1.1, TLS 1.2, or DTLS is used with CBC encryption, allows remote attackers to cause a denial of service (buffer over-read) or possibly have unspecified
05-01-2018 - 02:29 14-05-2012 - 22:55
CVE-2012-2111 6.5
The (1) CreateAccount, (2) OpenAccount, (3) AddAccountRights, and (4) RemoveAccountRights LSA RPC procedures in smbd in Samba 3.4.x before 3.4.17, 3.5.x before 3.5.15, and 3.6.x before 3.6.5 do not properly restrict modifications to the privileges da
05-01-2018 - 02:29 30-04-2012 - 14:55
CVE-2011-0010 4.4
check.c in sudo 1.7.x before 1.7.4p5, when a Runas group is configured, does not require a password for command execution that involves a gid change but no uid change, which allows local users to bypass an intended authentication requirement via the
05-01-2018 - 02:29 18-01-2011 - 18:03
CVE-2014-1642 4.4
The IRQ setup in Xen 4.2.x and 4.3.x, when using device passthrough and configured to support a large number of CPUs, frees certain memory that may still be intended for use, which allows local guest administrators to cause a denial of service (memor
03-01-2018 - 02:29 26-01-2014 - 16:58
CVE-2014-1666 8.3
The do_physdev_op function in Xen 4.1.5, 4.1.6.1, 4.2.2 through 4.2.3, and 4.3.x does not properly restrict access to the (1) PHYSDEVOP_prepare_msix and (2) PHYSDEVOP_release_msix operations, which allows local PV guests to cause a denial of service
03-01-2018 - 02:29 26-01-2014 - 16:58
CVE-2014-3152 7.5
Integer underflow in the LCodeGen::PrepareKeyedOperand function in arm/lithium-codegen-arm.cc in Google V8 before 3.25.28.16, as used in Google Chrome before 35.0.1916.114, allows remote attackers to cause a denial of service or possibly have unspeci
29-12-2017 - 02:29 21-05-2014 - 11:14
CVE-2014-3121 7.6
rxvt-unicode before 9.20 does not properly handle OSC escape sequences, which allows user-assisted remote attackers to manipulate arbitrary X window properties and execute arbitrary commands.
29-12-2017 - 02:29 14-05-2014 - 00:55
CVE-2014-3956 1.9
The sm_close_on_exec function in conf.c in sendmail before 8.14.9 has arguments in the wrong order, and consequently skips setting expected FD_CLOEXEC flags, which allows local users to access unintended high-numbered file descriptors via a custom ma
29-12-2017 - 02:29 04-06-2014 - 11:19
CVE-2011-4128 4.3
Buffer overflow in the gnutls_session_get_data function in lib/gnutls_session.c in GnuTLS 2.12.x before 2.12.14 and 3.x before 3.0.7, when used on a client that performs nonstandard session resumption, allows remote TLS servers to cause a denial of s
29-12-2017 - 02:29 08-12-2011 - 20:55
CVE-2012-1596 5.0
The mp2t_process_fragmented_payload function in epan/dissectors/packet-mp2t.c in the MP2T dissector in Wireshark 1.4.x before 1.4.12 and 1.6.x before 1.6.6 allows remote attackers to cause a denial of service (application crash) via a packet containi
29-12-2017 - 02:29 11-04-2012 - 10:39
CVE-2012-1593 3.3
epan/dissectors/packet-ansi_a.c in the ANSI A dissector in Wireshark 1.4.x before 1.4.12 and 1.6.x before 1.6.6 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a malformed packet. Per: http://
29-12-2017 - 02:29 11-04-2012 - 10:39
CVE-2011-3048 6.8
The png_set_text_2 function in pngset.c in libpng 1.0.x before 1.0.59, 1.2.x before 1.2.49, 1.4.x before 1.4.11, and 1.5.x before 1.5.10 allows remote attackers to cause a denial of service (crash) or execute arbitrary code via a crafted text chunk i
29-12-2017 - 02:29 29-05-2012 - 20:55
CVE-2012-1179 5.2
The Linux kernel before 3.3.1, when KVM is used, allows guest OS users to cause a denial of service (host OS crash) by leveraging administrative access to the guest OS, related to the pmd_none_or_clear_bad function and page faults for huge pages.
29-12-2017 - 02:29 17-05-2012 - 11:00
CVE-2012-1594 3.3
epan/dissectors/packet-ieee80211.c in the IEEE 802.11 dissector in Wireshark 1.6.x before 1.6.6 allows remote attackers to cause a denial of service (infinite loop) via a crafted packet.
29-12-2017 - 02:29 11-04-2012 - 10:39
CVE-2010-4470 5.0
Unspecified vulnerability in the Java Runtime Environment (JRE) in Oracle Java SE and Java for Business 6 Update 23, and, and earlier allows remote attackers to affect availability via unknown vectors related to JAXP and unspecified APIs. NOTE: the
22-12-2017 - 02:29 17-02-2011 - 19:00
CVE-2010-4472 2.6
Unspecified vulnerability in the Java Runtime Environment (JRE) in Oracle Java SE and Java for Business 6 Update 23 and earlier allows remote attackers to affect availability, related to XML Digital Signature and unspecified APIs. NOTE: the previous
22-12-2017 - 02:29 17-02-2011 - 19:00
CVE-2010-4471 5.0
Unspecified vulnerability in the Java Runtime Environment (JRE) in Oracle Java SE and Java for Business 6 Update 23 and earlier, and 5.0 Update 27 and earlier allows remote untrusted Java Web Start applications and untrusted Java applets to affect co
22-12-2017 - 02:29 17-02-2011 - 19:00
CVE-2014-2855 7.8
The check_secret function in authenticate.c in rsync 3.1.0 and earlier allows remote attackers to cause a denial of service (infinite loop and CPU consumption) via a user name which does not exist in the secrets file.
16-12-2017 - 02:29 23-04-2014 - 15:55
CVE-2012-2414 6.5
main/manager.c in the Manager Interface in Asterisk Open Source 1.6.2.x before 1.6.2.24, 1.8.x before 1.8.11.1, and 10.x before 10.3.1 and Asterisk Business Edition C.3.x before C.3.7.4 does not properly enforce System class authorization requirement
14-12-2017 - 02:29 30-04-2012 - 20:55
CVE-2012-2415 6.5
Heap-based buffer overflow in chan_skinny.c in the Skinny channel driver in Asterisk Open Source 1.6.2.x before 1.6.2.24, 1.8.x before 1.8.11.1, and 10.x before 10.3.1 allows remote authenticated users to cause a denial of service or possibly have un
14-12-2017 - 02:29 30-04-2012 - 20:55
CVE-2012-2416 6.5
chan_sip.c in the SIP channel driver in Asterisk Open Source 1.8.x before 1.8.11.1 and 10.x before 10.3.1 and Asterisk Business Edition C.3.x before C.3.7.4, when the trustrpid option is enabled, allows remote authenticated users to cause a denial of
14-12-2017 - 02:29 30-04-2012 - 20:55
CVE-2016-0773 5.0
PostgreSQL before 9.1.20, 9.2.x before 9.2.15, 9.3.x before 9.3.11, 9.4.x before 9.4.6, and 9.5.x before 9.5.1 allows remote attackers to cause a denial of service (infinite loop or buffer overflow and crash) via a large Unicode character range in a
09-12-2017 - 02:29 17-02-2016 - 15:59
CVE-2010-0156 3.3
Puppet 0.24.x before 0.24.9 and 0.25.x before 0.25.2 allows local users to overwrite arbitrary files via a symlink attack on the (1) /tmp/daemonout, (2) /tmp/puppetdoc.txt, (3) /tmp/puppetdoc.tex, or (4) /tmp/puppetdoc.aux temporary file.
09-12-2017 - 02:29 03-03-2010 - 19:30
CVE-2016-0739 4.3
libssh before 0.7.3 improperly truncates ephemeral secrets generated for the (1) diffie-hellman-group1 and (2) diffie-hellman-group14 key exchange methods to 128 bits, which makes it easier for man-in-the-middle attackers to decrypt or intercept SSH
09-12-2017 - 02:29 13-04-2016 - 17:59
CVE-2009-2851 4.3
Cross-site scripting (XSS) vulnerability in the administrator interface in WordPress before 2.8.2 allows remote attackers to inject arbitrary web script or HTML via a comment author URL.
07-12-2017 - 21:36 18-08-2009 - 21:00
CVE-2012-1113 4.3
Multiple cross-site scripting (XSS) vulnerabilities in the administration subsystem in Gallery 2 before 2.3.2 and 3 before 3.0.3 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors.
07-12-2017 - 02:29 22-04-2012 - 18:55
CVE-2016-2334 9.3
Heap-based buffer overflow in the NArchive::NHfs::CHandler::ExtractZlibFile method in 7zip before 16.00 and p7zip allows remote attackers to execute arbitrary code via a crafted HFS+ image.
03-12-2017 - 02:29 13-12-2016 - 22:59
CVE-2013-3232 4.9
The nr_recvmsg function in net/netrom/af_netrom.c in the Linux kernel before 3.9-rc7 does not initialize a certain data structure, which allows local users to obtain sensitive information from kernel stack memory via a crafted recvmsg or recvfrom sys
29-11-2017 - 02:29 22-04-2013 - 11:41
CVE-2013-3231 4.7
The llc_ui_recvmsg function in net/llc/af_llc.c in the Linux kernel before 3.9-rc7 does not initialize a certain length variable, which allows local users to obtain sensitive information from kernel stack memory via a crafted recvmsg or recvfrom syst
29-11-2017 - 02:29 22-04-2013 - 11:41
CVE-2013-3224 4.9
The bt_sock_recvmsg function in net/bluetooth/af_bluetooth.c in the Linux kernel before 3.9-rc7 does not properly initialize a certain length variable, which allows local users to obtain sensitive information from kernel stack memory via a crafted re
29-11-2017 - 02:29 22-04-2013 - 11:41
CVE-2013-3222 4.9
The vcc_recvmsg function in net/atm/common.c in the Linux kernel before 3.9-rc7 does not initialize a certain length variable, which allows local users to obtain sensitive information from kernel stack memory via a crafted recvmsg or recvfrom system
29-11-2017 - 02:29 22-04-2013 - 11:41
CVE-2013-3228 4.9
The irda_recvmsg_dgram function in net/irda/af_irda.c in the Linux kernel before 3.9-rc7 does not initialize a certain length variable, which allows local users to obtain sensitive information from kernel stack memory via a crafted recvmsg or recvfro
29-11-2017 - 02:29 22-04-2013 - 11:41
CVE-2013-3223 4.9
The ax25_recvmsg function in net/ax25/af_ax25.c in the Linux kernel before 3.9-rc7 does not initialize a certain data structure, which allows local users to obtain sensitive information from kernel stack memory via a crafted recvmsg or recvfrom syste
29-11-2017 - 02:29 22-04-2013 - 11:41
CVE-2013-3234 4.9
The rose_recvmsg function in net/rose/af_rose.c in the Linux kernel before 3.9-rc7 does not initialize a certain data structure, which allows local users to obtain sensitive information from kernel stack memory via a crafted recvmsg or recvfrom syste
29-11-2017 - 02:29 22-04-2013 - 11:41
CVE-2013-3076 4.9
The crypto API in the Linux kernel through 3.9-rc8 does not initialize certain length variables, which allows local users to obtain sensitive information from kernel stack memory via a crafted recvmsg or recvfrom system call, related to the hash_recv
29-11-2017 - 02:29 22-04-2013 - 11:40
CVE-2013-3225 4.9
The rfcomm_sock_recvmsg function in net/bluetooth/rfcomm/sock.c in the Linux kernel before 3.9-rc7 does not initialize a certain length variable, which allows local users to obtain sensitive information from kernel stack memory via a crafted recvmsg
29-11-2017 - 02:29 22-04-2013 - 11:41
CVE-2016-6494 2.1
The client in MongoDB uses world-readable permissions on .dbshell history files, which might allow local users to obtain sensitive information by reading these files.
28-11-2017 - 13:04 03-10-2016 - 18:59
CVE-2011-0701 4.0
wp-admin/async-upload.php in the media uploader in WordPress before 3.0.5 allows remote authenticated users to read (1) draft posts or (2) private posts via a modified attachment_id parameter.
22-11-2017 - 16:05 14-03-2011 - 19:55
CVE-2010-4536 4.3
Multiple cross-site scripting (XSS) vulnerabilities in KSES, as used in WordPress before 3.0.4, allow remote attackers to inject arbitrary web script or HTML via vectors related to (1) the & (ampersand) character, (2) the case of an attribute name, (
21-11-2017 - 18:09 03-01-2011 - 20:00
CVE-2010-4257 6.0
SQL injection vulnerability in the do_trackbacks function in wp-includes/comment.php in WordPress before 3.0.2 allows remote authenticated users to execute arbitrary SQL commands via the Send Trackbacks field.
21-11-2017 - 18:09 07-12-2010 - 13:53
CVE-2011-0700 3.5
Multiple cross-site scripting (XSS) vulnerabilities in WordPress before 3.0.5 allow remote authenticated users to inject arbitrary web script or HTML via vectors related to (1) the Quick/Bulk Edit title (aka post title or post_title), (2) post_status
21-11-2017 - 18:08 14-03-2011 - 19:55
CVE-2005-0755 5.1
Heap-based buffer overflow in RealPlayer 10 and earlier, Helix Player before 10.0.4, and RealOne Player v1 and v2 allows remote attackers to execute arbitrary code via a long hostname in a RAM file.
21-11-2017 - 14:13 19-04-2005 - 04:00
CVE-2015-8139 5.0
ntpq in NTP before 4.2.8p7 allows remote attackers to obtain origin timestamps and then impersonate peers via unspecified vectors.
21-11-2017 - 02:29 30-01-2017 - 21:59
CVE-2016-1286 5.0
named in ISC BIND 9.x before 9.9.8-P4 and 9.10.x before 9.10.3-P4 allows remote attackers to cause a denial of service (assertion failure and daemon exit) via a crafted signature record for a DNAME record, related to db.c and resolver.c.
21-11-2017 - 02:29 09-03-2016 - 23:59
CVE-2016-1285 4.3
named in ISC BIND 9.x before 9.9.8-P4 and 9.10.x before 9.10.3-P4 does not properly handle DNAME records when parsing fetch reply messages, which allows remote attackers to cause a denial of service (assertion failure and daemon exit) via a malformed
21-11-2017 - 02:29 09-03-2016 - 23:59
CVE-2014-8275 5.0
OpenSSL before 0.9.8zd, 1.0.0 before 1.0.0p, and 1.0.1 before 1.0.1k does not enforce certain constraints on certificate data, which allows remote attackers to defeat a fingerprint-based certificate-blacklist protection mechanism by including crafted
15-11-2017 - 02:29 09-01-2015 - 02:59
CVE-2014-3508 4.3
The OBJ_obj2txt function in crypto/objects/obj_dat.c in OpenSSL 0.9.8 before 0.9.8zb, 1.0.0 before 1.0.0n, and 1.0.1 before 1.0.1i, when pretty printing is used, does not ensure the presence of '\0' characters, which allows context-dependent attacker
15-11-2017 - 02:29 13-08-2014 - 23:55
CVE-2014-3511 4.3
The ssl23_get_client_hello function in s23_srvr.c in OpenSSL 1.0.1 before 1.0.1i allows man-in-the-middle attackers to force the use of TLS 1.0 by triggering ClientHello message fragmentation in communication between a client and server that both sup
15-11-2017 - 02:29 13-08-2014 - 23:55
CVE-2015-4103 4.9
Xen 3.3.x through 4.5.x does not properly restrict write access to the host MSI message data field, which allows local x86 HVM guest administrators to cause a denial of service (host interrupt handling confusion) via vectors related to qemu and acces
15-11-2017 - 02:29 03-06-2015 - 20:59
CVE-2015-4104 7.8
Xen 3.3.x through 4.5.x does not properly restrict access to PCI MSI mask bits, which allows local x86 HVM guest users to cause a denial of service (unexpected interrupt and host crash) via unspecified vectors.
15-11-2017 - 02:29 03-06-2015 - 20:59
CVE-2014-3509 6.8
Race condition in the ssl_parse_serverhello_tlsext function in t1_lib.c in OpenSSL 1.0.0 before 1.0.0n and 1.0.1 before 1.0.1i, when multithreading and session resumption are used, allows remote SSL servers to cause a denial of service (memory overwr
15-11-2017 - 02:29 13-08-2014 - 23:55
CVE-2015-4105 4.9
Xen 3.3.x through 4.5.x enables logging for PCI MSI-X pass-through error messages, which allows local x86 HVM guests to cause a denial of service (host disk consumption) via certain invalid operations.
15-11-2017 - 02:29 03-06-2015 - 20:59
CVE-2014-3570 5.0
The BN_sqr implementation in OpenSSL before 0.9.8zd, 1.0.0 before 1.0.0p, and 1.0.1 before 1.0.1k does not properly calculate the square of a BIGNUM value, which might make it easier for remote attackers to defeat cryptographic protection mechanisms
15-11-2017 - 02:29 09-01-2015 - 02:59
CVE-2015-0205 5.0
The ssl3_get_cert_verify function in s3_srvr.c in OpenSSL 1.0.0 before 1.0.0p and 1.0.1 before 1.0.1k accepts client authentication with a Diffie-Hellman (DH) certificate without requiring a CertificateVerify message, which allows remote attackers to
15-11-2017 - 02:29 09-01-2015 - 02:59
CVE-2014-9449 5.0
Buffer overflow in the RiffVideo::infoTagsHandler function in riffvideo.cpp in Exiv2 0.24 allows remote attackers to cause a denial of service (crash) via a long IKEY INFO tag value in an AVI file.
10-11-2017 - 02:29 02-01-2015 - 20:59
CVE-2015-5477 7.8
named in ISC BIND 9.x before 9.9.7-P2 and 9.10.x before 9.10.2-P3 allows remote attackers to cause a denial of service (REQUIRE assertion failure and daemon exit) via TKEY queries.
10-11-2017 - 02:29 29-07-2015 - 14:59
CVE-2015-4342 7.5
SQL injection vulnerability in Cacti before 0.8.8d allows remote attackers to execute arbitrary SQL commands via unspecified vectors involving a cdef id.
08-11-2017 - 02:29 17-06-2015 - 18:59
CVE-2015-1572 4.6
Heap-based buffer overflow in closefs.c in the libext2fs library in e2fsprogs before 1.42.12 allows local users to execute arbitrary code by causing a crafted block group descriptor to be marked as dirty. NOTE: this vulnerability exists because of an
08-11-2017 - 02:29 24-02-2015 - 15:59
CVE-2014-9474 7.5
Buffer overflow in the mpfr_strtofr function in GNU MPFR before 3.1.2-p11 allows context-dependent attackers to have unspecified impact via vectors related to incorrect documentation for mpn_set_str.
05-11-2017 - 23:16 10-10-2017 - 01:30
CVE-2016-9014 6.8
Django before 1.8.x before 1.8.16, 1.9.x before 1.9.11, and 1.10.x before 1.10.3, when settings.DEBUG is True, allow remote attackers to conduct DNS rebinding attacks by leveraging failure to validate the HTTP Host header against settings.ALLOWED_HOS
04-11-2017 - 01:29 09-12-2016 - 20:59
CVE-2016-9013 7.5
Django 1.8.x before 1.8.16, 1.9.x before 1.9.11, and 1.10.x before 1.10.3 use a hardcoded password for a temporary database user created when running tests with an Oracle database, which makes it easier for remote attackers to obtain access to the da
04-11-2017 - 01:29 09-12-2016 - 20:59
CVE-2015-8569 1.9
The (1) pptp_bind and (2) pptp_connect functions in drivers/net/ppp/pptp.c in the Linux kernel through 4.3.3 do not verify an address length, which allows local users to obtain sensitive information from kernel memory and bypass the KASLR protection
04-11-2017 - 01:29 28-12-2015 - 11:59
CVE-2015-8575 2.1
The sco_sock_bind function in net/bluetooth/sco.c in the Linux kernel before 4.3.4 does not verify an address length, which allows local users to obtain sensitive information from kernel memory and bypass the KASLR protection mechanism via a crafted
04-11-2017 - 01:29 08-02-2016 - 03:59
CVE-2015-8808 4.3
The DecodeImage function in coders/gif.c in GraphicsMagick 1.3.18 allows remote attackers to cause a denial of service (uninitialized memory access) via a crafted GIF file.
04-11-2017 - 01:29 13-07-2016 - 15:59
CVE-2015-8472 7.5
Buffer overflow in the png_set_PLTE function in libpng before 1.0.65, 1.1.x and 1.2.x before 1.2.55, 1.3.x, 1.4.x before 1.4.18, 1.5.x before 1.5.25, and 1.6.x before 1.6.20 allows remote attackers to cause a denial of service (application crash) or
04-11-2017 - 01:29 21-01-2016 - 15:59
CVE-2014-8088 5.0
The (1) Zend_Ldap class in Zend before 1.12.9 and (2) Zend\Ldap component in Zend 2.x before 2.2.8 and 2.3.x before 2.3.3 allows remote attackers to bypass authentication via a password starting with a null byte, which triggers an unauthenticated bin
04-11-2017 - 01:29 22-10-2014 - 14:55
CVE-2015-4454 7.5
SQL injection vulnerability in the get_hash_graph_template function in lib/functions.php in Cacti before 0.8.8d allows remote attackers to execute arbitrary SQL commands via the graph_template_id parameter to graph_templates.php.
04-11-2017 - 01:29 17-06-2015 - 18:59
CVE-2016-2316 7.1
chan_sip in Asterisk Open Source 1.8.x, 11.x before 11.21.1, 12.x, and 13.x before 13.7.1 and Certified Asterisk 1.8.28, 11.6 before 11.6-cert12, and 13.1 before 13.1-cert3, when the timert1 sip.conf configuration is set to a value greater than 1245,
04-11-2017 - 01:29 22-02-2016 - 15:59
CVE-2015-2665 4.3
Cross-site scripting (XSS) vulnerability in Cacti before 0.8.8d allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
04-11-2017 - 01:29 17-06-2015 - 18:59
CVE-2015-0296 1.2
The pre-install script in texlive 3.1.20140525_r34255.fc21 as packaged in Fedora 21 and rpm, and texlive 6.20131226_r32488.fc20 and rpm allows local users to delete arbitrary files via a crafted file in the user's home directory.
01-11-2017 - 12:46 06-10-2017 - 22:29
CVE-2015-7687 7.5
Use-after-free vulnerability in OpenSMTPD before 5.7.2 allows remote attackers to cause a denial of service (crash) or execute arbitrary code via vectors involving req_ca_vrfy_smtp and req_ca_vrfy_mta.
01-11-2017 - 11:50 16-10-2017 - 18:29
CVE-2014-3571 5.0
OpenSSL before 0.9.8zd, 1.0.0 before 1.0.0p, and 1.0.1 before 1.0.1k allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted DTLS message that is processed with a different read operation fo
20-10-2017 - 01:29 09-01-2015 - 02:59
CVE-2013-1900 8.5
PostgreSQL 9.2.x before 9.2.4, 9.1.x before 9.1.9, 9.0.x before 9.0.13, and 8.4.x before 8.4.17, when using OpenSSL, generates insufficiently random numbers, which might allow remote authenticated users to have an unspecified impact via vectors relat
20-10-2017 - 01:29 04-04-2013 - 17:55
CVE-2013-0255 6.8
PostgreSQL 9.2.x before 9.2.3, 9.1.x before 9.1.8, 9.0.x before 9.0.12, 8.4.x before 8.4.16, and 8.3.x before 8.3.23 does not properly declare the enum_recv function in backend/utils/adt/enum.c, which causes it to be invoked with incorrect arguments
20-10-2017 - 01:29 13-02-2013 - 01:55
CVE-2015-0206 5.0
Memory leak in the dtls1_buffer_record function in d1_pkt.c in OpenSSL 1.0.0 before 1.0.0p and 1.0.1 before 1.0.1k allows remote attackers to cause a denial of service (memory consumption) by sending many duplicate records for the next epoch, leading
20-10-2017 - 01:29 09-01-2015 - 02:59
CVE-2006-1664 7.5
Buffer overflow in xine_list_delete_current in libxine 1.14 and earlier, as distributed in xine-lib 1.1.1 and earlier, allows remote attackers to execute arbitrary code via a crafted MPEG stream.
19-10-2017 - 01:29 07-04-2006 - 10:04
CVE-2007-1900 5.0
CRLF injection vulnerability in the FILTER_VALIDATE_EMAIL filter in ext/filter in PHP 5.2.0 and 5.2.1 allows context-dependent attackers to inject arbitrary e-mail headers via an e-mail address with a '\n' character, which causes a regular expression
11-10-2017 - 01:32 10-04-2007 - 18:19
CVE-2007-2756 4.3
The gdPngReadData function in libgd 2.0.34 allows user-assisted attackers to cause a denial of service (CPU consumption) via a crafted PNG image with truncated data, which causes an infinite loop in the png_read_info function in libpng.
11-10-2017 - 01:32 18-05-2007 - 18:30
CVE-2007-3102 4.3
Unspecified vulnerability in the linux_audit_record_event function in OpenSSH 4.3p2, as used on Fedora Core 6 and possibly other systems, allows remote attackers to write arbitrary characters to an audit log via a crafted username. NOTE: some of the
11-10-2017 - 01:32 18-10-2007 - 20:17
CVE-2006-6142 6.8
Multiple cross-site scripting (XSS) vulnerabilities in SquirrelMail 1.4.0 through 1.4.9 allow remote attackers to inject arbitrary web script or HTML via the (1) mailto parameter in (a) webmail.php, the (2) session and (3) delete_draft parameters in
11-10-2017 - 01:31 05-12-2006 - 11:28
CVE-2007-1218 6.8
Off-by-one buffer overflow in the parse_elements function in the 802.11 printer code (print-802_11.c) for tcpdump 3.9.5 and earlier allows remote attackers to cause a denial of service (crash) via a crafted 802.11 frame. NOTE: this was originally re
11-10-2017 - 01:31 02-03-2007 - 21:18
CVE-2007-0451 4.3
Apache SpamAssassin before 3.1.8 allows remote attackers to cause a denial of service via long URLs in malformed HTML, which triggers "massive memory usage." Upgrade to SpamAssassin version 3.1.8
11-10-2017 - 01:31 16-02-2007 - 19:28
CVE-2007-1000 7.2
The ipv6_getsockopt_sticky function in net/ipv6/ipv6_sockglue.c in the Linux kernel before 2.6.20.2 allows local users to read arbitrary kernel memory via certain getsockopt calls that trigger a NULL dereference.
11-10-2017 - 01:31 12-03-2007 - 23:19
CVE-2007-1006 10.0
Multiple format string vulnerabilities in the gm_main_window_flash_message function in Ekiga before 2.0.5 allow attackers to cause a denial of service and possibly execute arbitrary code via a crafted Q.931 SETUP packet. Update to version 2.0.5.
11-10-2017 - 01:31 20-02-2007 - 01:28
CVE-2007-0457 4.3
Unspecified vulnerability in the IEEE 802.11 dissector in Wireshark (formerly Ethereal) 0.10.14 through 0.99.4 allows remote attackers to cause a denial of service (application crash) via unspecified vectors.
11-10-2017 - 01:31 02-02-2007 - 20:28
CVE-2007-0494 4.3
ISC BIND 9.0.x, 9.1.x, 9.2.0 up to 9.2.7, 9.3.0 up to 9.3.3, 9.4.0a1 up to 9.4.0a6, 9.4.0b1 up to 9.4.0b4, 9.4.0rc1, and 9.5.0a1 (Bind Forum only) allows remote attackers to cause a denial of service (exit) via a type * (ANY) DNS query response that
11-10-2017 - 01:31 25-01-2007 - 20:28
CVE-2007-1282 9.3
Integer overflow in Mozilla Thunderbird before 1.5.0.10 and SeaMonkey before 1.0.8 allows remote attackers to trigger a buffer overflow and possibly execute arbitrary code via a text/enhanced or text/richtext e-mail message with an extremely long lin
11-10-2017 - 01:31 06-03-2007 - 02:19
CVE-2007-0456 4.3
Unspecified vulnerability in the LLT dissector in Wireshark (formerly Ethereal) 0.99.3 and 0.99.4 allows remote attackers to cause a denial of service (application crash) via unspecified vectors.
11-10-2017 - 01:31 02-02-2007 - 20:28
CVE-2007-0458 4.3
Unspecified vulnerability in the HTTP dissector in Wireshark (formerly Ethereal) 0.99.3 and 0.99.4 allows remote attackers to cause a denial of service (application crash) via unspecified vectors, a different issue than CVE-2006-5468.
11-10-2017 - 01:31 02-02-2007 - 20:28
CVE-2007-0998 4.3
The VNC server implementation in QEMU, as used by Xen and possibly other environments, allows local users of a guest operating system to read arbitrary files on the host operating system via unspecified vectors related to QEMU monitor mode, as demons
11-10-2017 - 01:31 20-03-2007 - 10:19
CVE-2007-0459 5.0
packet-tcp.c in the TCP dissector in Wireshark (formerly Ethereal) 0.99.2 through 0.99.4 allows remote attackers to cause a denial of service (application crash or hang) via fragmented HTTP packets.
11-10-2017 - 01:31 02-02-2007 - 20:28
CVE-2007-0242 4.3
The UTF-8 decoder in codecs/qutfcodec.cpp in Qt 3.3.8 and 4.2.3 does not reject long UTF-8 sequences as required by the standard, which allows remote attackers to conduct cross-site scripting (XSS) and directory traversal attacks via long sequences t
11-10-2017 - 01:31 03-04-2007 - 16:19
CVE-2005-2874 5.0
The is_path_absolute function in scheduler/client.c for the daemon in CUPS before 1.1.23 allows remote attackers to cause a denial of service (CPU consumption by tight loop) via a "..\.." URL in an HTTP request.
11-10-2017 - 01:30 13-09-2005 - 22:03
CVE-2005-1519 6.4
Squid 2.5 STABLE9 and earlier, when the DNS client port is unfiltered and the environment does not prevent IP spoofing, allows remote attackers to spoof DNS lookups.
11-10-2017 - 01:30 11-05-2005 - 04:00
CVE-2006-0188 4.3
webmail.php in SquirrelMail 1.4.0 to 1.4.5 allows remote attackers to inject arbitrary web pages into the right frame via a URL in the right_frame parameter. NOTE: this has been called a cross-site scripting (XSS) issue, but it is different than wha
11-10-2017 - 01:30 24-02-2006 - 00:02
CVE-2005-2496 4.6
The xntpd ntp (ntpd) daemon before 4.2.0b, when run with the -u option and using a string to specify the group, uses the group ID of the user instead of the group, which causes xntpd to run with different privileges than intended.
11-10-2017 - 01:30 02-09-2005 - 17:03
CVE-2006-0195 4.3
Interpretation conflict in the MagicHTML filter in SquirrelMail 1.4.0 to 1.4.5 allows remote attackers to conduct cross-site scripting (XSS) attacks via style sheet specifiers with invalid (1) "/*" and "*/" comments, or (2) a newline in a "url" speci
11-10-2017 - 01:30 24-02-2006 - 00:02
CVE-2005-2104 2.1
sysreport before 1.3.7 allows local users to obtain sensitive information via a symlink attack on a temporary directory.
11-10-2017 - 01:30 07-10-2005 - 18:02
CVE-2006-0377 5.0
CRLF injection vulnerability in SquirrelMail 1.4.0 to 1.4.5 allows remote attackers to inject arbitrary IMAP commands via newline characters in the mailbox parameter of the sqimap_mailbox_select command, aka "IMAP injection."
11-10-2017 - 01:30 24-02-2006 - 00:02
CVE-2005-1852 7.5
Multiple integer overflows in libgadu, as used in Kopete in KDE 3.2.3 to 3.4.1, ekg before 1.6rc3, GNU Gadu, CenterICQ, Kadu, and other packages, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via an
11-10-2017 - 01:30 26-07-2005 - 04:00
CVE-2005-3351 5.0
SpamAssassin 3.0.4 allows attackers to bypass spam detection via an e-mail with a large number of recipients ("To" addresses), which triggers a bus error in Perl.
11-10-2017 - 01:30 20-11-2005 - 21:03
CVE-2004-0495 7.2
Multiple unknown vulnerabilities in Linux kernel 2.4 and 2.6 allow local users to gain privileges or access kernel memory, as found by the Sparse source code checking tool.
11-10-2017 - 01:29 06-08-2004 - 04:00
CVE-2005-0365 2.1
The dcopidlng script in KDE 3.2.x and 3.3.x creates temporary files with predictable filenames, which allows local users to overwrite arbitrary files via a symlink attack.
11-10-2017 - 01:29 02-05-2005 - 04:00
CVE-2004-1235 6.2
Race condition in the (1) load_elf_library and (2) binfmt_aout function calls for uselib in Linux kernel 2.4 through 2.429-rc2 and 2.6 through 2.6.10 allows local users to execute arbitrary code by manipulating the VMA descriptor.
11-10-2017 - 01:29 14-04-2005 - 04:00
CVE-2004-0785 7.5
Multiple buffer overflows in Gaim before 0.82 allow remote attackers to cause a denial of service and possibly execute arbitrary code via (1) Rich Text Format (RTF) messages, (2) a long hostname for the local system as obtained from DNS, or (3) a lon
11-10-2017 - 01:29 20-10-2004 - 04:00
CVE-2004-0521 10.0
SQL injection vulnerability in SquirrelMail before 1.4.3 RC1 allows remote attackers to execute unauthorized SQL statements, with unknown impact, probably via abook_database.php.
11-10-2017 - 01:29 18-08-2004 - 04:00
CVE-2004-0010 7.2
Stack-based buffer overflow in the ncp_lookup function for ncpfs in Linux kernel 2.4.x allows local users to gain privileges.
11-10-2017 - 01:29 03-03-2004 - 05:00
CVE-2005-0175 5.0
Squid 2.5 up to 2.5.STABLE7 allows remote attackers to poison the cache via an HTTP response splitting attack.
11-10-2017 - 01:29 07-02-2005 - 05:00
CVE-2004-0784 7.5
The smiley theme functionality in Gaim before 0.82 allows remote attackers to execute arbitrary commands via shell metacharacters in the filename of the tar file that is dragged to the smiley selector.
11-10-2017 - 01:29 20-10-2004 - 04:00
CVE-2004-0914 10.0
Multiple vulnerabilities in libXpm for 6.8.1 and earlier, as used in XFree86 and other packages, include (1) multiple integer overflows, (2) out-of-bounds memory accesses, (3) directory traversal, (4) shell metacharacter, (5) endless loops, and (6) m
11-10-2017 - 01:29 10-01-2005 - 05:00
CVE-2003-1023 7.5
Stack-based buffer overflow in vfs_s_resolve_symlink of vfs/direntry.c for Midnight Commander (mc) 4.6.0 and earlier, and possibly later versions, allows remote attackers to execute arbitrary code during symlink conversion.
11-10-2017 - 01:29 20-01-2004 - 05:00
CVE-2003-0973 5.0
Unknown vulnerability in mod_python 3.0.x before 3.0.4, and 2.7.x before 2.7.9, allows remote attackers to cause a denial of service (httpd crash) via a certain query string.
11-10-2017 - 01:29 15-12-2003 - 05:00
CVE-2004-0557 10.0
Multiple buffer overflows in the st_wavstartread function in wav.c for Sound eXchange (SoX) 12.17.2 through 12.17.4 allow remote attackers to execute arbitrary code via certain WAV file header fields.
11-10-2017 - 01:29 06-08-2004 - 04:00
CVE-2004-0405 5.0
CVS before 1.11 allows CVS clients to read arbitrary files via .. (dot dot) sequences in filenames via CVS client requests, a different vulnerability than CVE-2004-0180.
11-10-2017 - 01:29 01-06-2004 - 04:00
CVE-2005-0174 5.0
Squid 2.5 up to 2.5.STABLE7 allows remote attackers to poison the cache or conduct certain attacks via headers that do not follow the HTTP specification, including (1) multiple Content-Length headers, (2) carriage return (CR) characters that are not
11-10-2017 - 01:29 07-02-2005 - 05:00
CVE-2003-0848 4.6
Heap-based buffer overflow in main.c of slocate 2.6, and possibly other versions, may allow local users to gain privileges via a modified slocate database that causes a negative "pathlen" value to be used.
11-10-2017 - 01:29 17-11-2003 - 05:00
CVE-2004-0235 6.4
Multiple directory traversal vulnerabilities in LHA 1.14 allow remote attackers or local users to create arbitrary files via an LHA archive containing filenames with (1) .. sequences or (2) absolute pathnames with double leading slashes ("//absolute/
11-10-2017 - 01:29 18-08-2004 - 04:00
CVE-2004-0918 5.0
The asn_parse_header function (asn1.c) in the SNMP module for Squid Web Proxy Cache before 2.4.STABLE7 allows remote attackers to cause a denial of service (server restart) via certain SNMP packets with negative length fields that trigger a memory al
11-10-2017 - 01:29 27-01-2005 - 05:00
CVE-2003-0984 4.6
Real time clock (RTC) routines in Linux kernel 2.4.23 and earlier do not properly initialize their structures, which could leak kernel data to user space.
11-10-2017 - 01:29 05-01-2004 - 05:00
CVE-2004-0520 6.8
Cross-site scripting (XSS) vulnerability in mime.php for SquirrelMail before 1.4.3 allows remote attackers to insert arbitrary HTML and script via the content-type mail header, as demonstrated using read_body.php.
11-10-2017 - 01:29 18-08-2004 - 04:00
CVE-2003-0856 4.9
iproute 2.4.7 and earlier allows local users to cause a denial of service via spoofed messages as other users to the kernel netlink interface.
11-10-2017 - 01:29 15-12-2003 - 05:00
CVE-2004-0234 10.0
Multiple stack-based buffer overflows in the get_header function in header.c for LHA 1.14, as used in products such as Barracuda Spam Firewall, allow remote attackers or local users to execute arbitrary code via long directory or file names in an LHA
11-10-2017 - 01:29 18-08-2004 - 04:00
CVE-2005-0706 7.5
Buffer overflow in discdb.c for grip 3.1.2 allows attackers to cause a denial of service (crash) and possibly execute arbitrary code by causing the cddb lookup to return more matches than expected.
11-10-2017 - 01:29 02-05-2005 - 04:00
CVE-2004-0055 5.0
The print_attr_string function in print-radius.c for tcpdump 3.8.1 and earlier allows remote attackers to cause a denial of service (segmentation fault) via a RADIUS attribute with a large length value.
11-10-2017 - 01:29 17-02-2004 - 05:00
CVE-2004-0519 6.8
Multiple cross-site scripting (XSS) vulnerabilities in SquirrelMail 1.4.2 allow remote attackers to execute arbitrary script as other users and possibly steal authentication information via multiple attack vectors, including the mailbox parameter in
11-10-2017 - 01:29 18-08-2004 - 04:00
CVE-2004-0754 7.5
Integer overflow in Gaim before 0.82 allows remote attackers to cause a denial of service and possibly execute arbitrary code via the size variable in Groupware server messages.
11-10-2017 - 01:29 20-10-2004 - 04:00
CVE-2004-0396 7.5
Heap-based buffer overflow in CVS 1.11.x up to 1.11.15, and 1.12.x up to 1.12.7, when using the pserver mechanism allows remote attackers to execute arbitrary code via Entry lines.
11-10-2017 - 01:29 14-06-2004 - 04:00
CVE-2004-0500 7.5
Buffer overflow in the MSN protocol plugins (1) object.c and (2) slp.c for Gaim before 0.82 allows remote attackers to cause a denial of service and possibly execute arbitrary code via MSNSLP protocol messages that are not properly handled in a strnc
11-10-2017 - 01:29 28-09-2004 - 04:00
CVE-2004-0554 2.1
Linux kernel 2.4.x and 2.6.x for x86 allows local users to cause a denial of service (system crash), possibly via an infinite loop that triggers a signal handler with a certain sequence of fsave and frstor instructions, as originally demonstrated usi
11-10-2017 - 01:29 06-08-2004 - 04:00
CVE-2004-0587 2.1
Insecure permissions for the /proc/scsi/qla2300/HbaApiNode file in Linux allows local users to cause a denial of service.
11-10-2017 - 01:29 06-08-2004 - 04:00
CVE-2004-0535 2.1
The e1000 driver for Linux kernel 2.4.26 and earlier does not properly initialize memory before using it, which allows local users to read portions of kernel memory. NOTE: this issue was originally incorrectly reported as a "buffer overflow" by some
11-10-2017 - 01:29 06-08-2004 - 04:00
CVE-2015-5069 4.0
The (1) filesystem::get_wml_location function in filesystem.cpp and (2) is_legal_file function in filesystem_boost.cpp in Battle for Wesnoth before 1.12.3 and 1.13.x before 1.13.1 allow remote attackers to obtain sensitive information via vectors rel
10-10-2017 - 14:54 26-09-2017 - 14:29
CVE-2015-5070 3.5
The (1) filesystem::get_wml_location function in filesystem.cpp and (2) is_legal_file function in filesystem_boost.cpp in Battle for Wesnoth before 1.12.4 and 1.13.x before 1.13.1, when a case-insensitive filesystem is used, allow remote attackers to
10-10-2017 - 14:54 26-09-2017 - 14:29
CVE-2015-5704 7.2
scripts/licensecheck.pl in devscripts before 2.15.7 allows local users to execute arbitrary shell commands.
06-10-2017 - 13:56 25-09-2017 - 21:29
CVE-2015-3420 4.3
The ssl-proxy-openssl.c function in Dovecot before 2.2.17, when SSLv3 is disabled, allow remote attackers to cause a denial of service (login process crash) via vectors related to handshake failures.
05-10-2017 - 15:17 19-09-2017 - 15:29
CVE-2015-5607 6.8
Cross-site request forgery in the REST API in IPython 2 and 3.
05-10-2017 - 14:31 20-09-2017 - 16:29
CVE-2015-5963 5.0
contrib.sessions.middleware.SessionMiddleware in Django 1.8.x before 1.8.4, 1.7.x before 1.7.10, 1.4.x before 1.4.22, and possibly other versions allows remote attackers to cause a denial of service (session store consumption or session record remova
03-10-2017 - 01:29 24-08-2015 - 14:59
CVE-2009-1759 9.3
Stack-based buffer overflow in the btFiles::BuildFromMI function (trunk/btfiles.cpp) in Enhanced CTorrent (aka dTorrent) 3.3.2 and probably earlier, and CTorrent 1.3.4, allows remote attackers to cause a denial of service (crash) and possibly execute
29-09-2017 - 01:34 22-05-2009 - 11:52
CVE-2009-1669 10.0
The smarty_function_math function in libs/plugins/function.math.php in Smarty 2.6.22 allows context-dependent attackers to execute arbitrary commands via shell metacharacters in the equation attribute of the math function. NOTE: some of these detail
29-09-2017 - 01:34 18-05-2009 - 18:30
CVE-2009-1580 5.8
Session fixation vulnerability in SquirrelMail before 1.4.18 allows remote attackers to hijack web sessions via a crafted cookie.
29-09-2017 - 01:34 14-05-2009 - 17:30
CVE-2009-1687 9.3
The JavaScript garbage collector in WebKit in Apple Safari before 4.0, iPhone OS 1.0 through 2.2.1, and iPhone OS for iPod touch 1.1 through 2.2.1 does not properly handle allocation failures, which allows remote attackers to execute arbitrary code o
29-09-2017 - 01:34 10-06-2009 - 14:30
CVE-2009-1789 4.3
mod/server.mod/servmsg.c in Eggheads Eggdrop and Windrop 1.6.19 and earlier allows remote attackers to cause a denial of service (crash) via a crafted PRIVMSG that causes an empty string to trigger a negative string length copy. NOTE: this issue exi
29-09-2017 - 01:34 26-05-2009 - 16:30
CVE-2009-1889 5.0
The OSCAR protocol implementation in Pidgin before 2.5.8 misinterprets the ICQWebMessage message type as the ICQSMS message type, which allows remote attackers to cause a denial of service (application crash) via a crafted ICQ web message that trigge
29-09-2017 - 01:34 01-07-2009 - 13:00
CVE-2009-1839 5.4
Mozilla Firefox 3 before 3.0.11 associates an incorrect principal with a file: URL loaded through the location bar, which allows user-assisted remote attackers to bypass intended access restrictions and read files via a crafted HTML document, aka a "
29-09-2017 - 01:34 12-06-2009 - 21:30
CVE-2009-1904 5.0
The BigDecimal library in Ruby 1.8.6 before p369 and 1.8.7 before p173 allows context-dependent attackers to cause a denial of service (application crash) via a string argument that represents a large number, as demonstrated by an attempted conversio
29-09-2017 - 01:34 11-06-2009 - 21:30
CVE-2009-1829 5.0
Unspecified vulnerability in the PCNFSD dissector in Wireshark 0.8.20 through 1.0.7 allows remote attackers to cause a denial of service (crash) via crafted PCNFSD packets.
29-09-2017 - 01:34 29-05-2009 - 22:30
CVE-2009-1578 4.3
Multiple cross-site scripting (XSS) vulnerabilities in SquirrelMail before 1.4.18 and NaSMail before 1.7 allow remote attackers to inject arbitrary web script or HTML via vectors involving (1) certain encrypted strings in e-mail headers, related to c
29-09-2017 - 01:34 14-05-2009 - 17:30
CVE-2009-1579 6.8
The map_yp_alias function in functions/imap_general.php in SquirrelMail before 1.4.18 and NaSMail before 1.7 allows remote attackers to execute arbitrary commands via shell metacharacters in a username string that is used by the ypmatch program.
29-09-2017 - 01:34 14-05-2009 - 17:30
CVE-2009-1574 5.0
racoon/isakmp_frag.c in ipsec-tools before 0.7.2 allows remote attackers to cause a denial of service (crash) via crafted fragmented packets without a payload, which triggers a NULL pointer dereference.
29-09-2017 - 01:34 06-05-2009 - 17:30
CVE-2009-1840 9.3
Mozilla Firefox before 3.0.11, Thunderbird, and SeaMonkey do not check content policy before loading a script file into a XUL document, which allows remote attackers to bypass intended access restrictions via a crafted HTML document, as demonstrated
29-09-2017 - 01:34 12-06-2009 - 21:30
CVE-2009-1581 4.3
functions/mime.php in SquirrelMail before 1.4.18 does not protect the application's content from Cascading Style Sheets (CSS) positioning in HTML e-mail messages, which allows remote attackers to spoof the user interface, and conduct cross-site scrip
29-09-2017 - 01:34 14-05-2009 - 17:30
CVE-2009-1374 5.0
Buffer overflow in the decrypt_out function in Pidgin (formerly Gaim) before 2.5.6 allows remote attackers to cause a denial of service (application crash) via a QQ packet.
29-09-2017 - 01:34 26-05-2009 - 15:30
CVE-2009-1169 9.3
The txMozillaXSLTProcessor::TransformToDoc function in Mozilla Firefox before 3.0.8 and SeaMonkey before 1.1.16 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via an XML file with a crafted XSLT trans
29-09-2017 - 01:34 27-03-2009 - 00:30
CVE-2009-1375 5.0
The PurpleCircBuffer implementation in Pidgin (formerly Gaim) before 2.5.6 does not properly maintain a certain buffer, which allows remote attackers to cause a denial of service (memory corruption and application crash) via vectors involving the (1)
29-09-2017 - 01:34 26-05-2009 - 15:30
CVE-2009-0753 5.0
Absolute path traversal vulnerability in MLDonkey 2.8.4 through 2.9.7 allows remote attackers to read arbitrary files via a leading "//" (double slash) in the filename.
29-09-2017 - 01:34 03-03-2009 - 16:30
CVE-2009-0773 10.0
The JavaScript engine in Mozilla Firefox before 3.0.7, Thunderbird before 2.0.0.21, and SeaMonkey 1.1.15 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via (1) a splice of an array that contains "some
29-09-2017 - 01:34 05-03-2009 - 02:30
CVE-2009-0798 5.0
ACPI Event Daemon (acpid) before 1.0.10 allows remote attackers to cause a denial of service (CPU consumption and connectivity loss) by opening a large number of UNIX sockets without closing them, which triggers an infinite loop.
29-09-2017 - 01:34 24-04-2009 - 15:30
CVE-2009-0775 10.0
Double free vulnerability in Mozilla Firefox before 3.0.7, Thunderbird before 2.0.0.21, and SeaMonkey before 1.1.15 allows remote attackers to execute arbitrary code via "cloned XUL DOM elements which were linked as a parent and child," which are not
29-09-2017 - 01:34 05-03-2009 - 02:30
CVE-2008-6552 6.9
Red Hat Cluster Project 2.x allows local users to modify or overwrite arbitrary files via symlink attacks on files in /tmp, involving unspecified components in Resource Group Manager (aka rgmanager) before 2.03.09-1, gfs2-utils before 2.03.09-1, and
29-09-2017 - 01:33 30-03-2009 - 16:30
CVE-2008-6393 10.0
PSI Jabber client before 0.12.1 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a file transfer request with a negative value in a SOCKS5 option, which bypasses a signed integer check and triggers
29-09-2017 - 01:33 03-03-2009 - 16:30
CVE-2009-0692 10.0
Stack-based buffer overflow in the script_write_params method in client/dhclient.c in ISC DHCP dhclient 4.1 before 4.1.0p1, 4.0 before 4.0.1p1, 3.1 before 3.1.2p1, 3.0, and 2.0 allows remote DHCP servers to execute arbitrary code via a crafted subnet
29-09-2017 - 01:33 14-07-2009 - 20:30
CVE-2009-0547 5.0
Evolution 2.22.3.1 checks S/MIME signatures against a copy of the e-mail text within a signed-data blob, not the copy of the e-mail text displayed to the user, which allows remote attackers to spoof a signature by modifying the latter copy, a differe
29-09-2017 - 01:33 12-02-2009 - 23:30
CVE-2009-0353 10.0
Unspecified vulnerability in Mozilla Firefox 3.x before 3.0.6, Thunderbird before 2.0.0.21, and SeaMonkey before 1.1.15 allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code
29-09-2017 - 01:33 04-02-2009 - 19:30
CVE-2009-0358 3.3
Mozilla Firefox 3.x before 3.0.6 does not properly implement the (1) no-store and (2) no-cache Cache-Control directives, which allows local users to obtain sensitive information by using the (a) back button or (b) history list of the victim's browser
29-09-2017 - 01:33 04-02-2009 - 19:30
CVE-2009-0355 5.4
components/sessionstore/src/nsSessionStore.js in Mozilla Firefox before 3.0.6 does not block changes of INPUT elements to type="file" during tab restoration, which allows user-assisted remote attackers to read arbitrary files on a client machine via
29-09-2017 - 01:33 04-02-2009 - 19:30
CVE-2009-0357 5.0
Mozilla Firefox before 3.0.6 and SeaMonkey before 1.1.15 do not properly restrict access from web pages to the (1) Set-Cookie and (2) Set-Cookie2 HTTP response headers, which allows remote attackers to obtain sensitive information from cookies via XM
29-09-2017 - 01:33 04-02-2009 - 19:30
CVE-2009-0582 5.8
The ntlm_challenge function in the NTLM SASL authentication mechanism in camel/camel-sasl-ntlm.c in Camel in Evolution Data Server (aka evolution-data-server) 2.24.5 and earlier, and 2.25.92 and earlier 2.25.x versions, does not validate whether a ce
29-09-2017 - 01:33 14-03-2009 - 18:30
CVE-2009-0153 4.3
International Components for Unicode (ICU) 4.0, 3.6, and other 3.x versions, as used in Apple Mac OS X 10.5 before 10.5.7, iPhone OS 1.0 through 2.2.1, iPhone OS for iPod touch 1.1 through 2.2.1, Fedora 9 and 10, and possibly other operating systems,
29-09-2017 - 01:33 13-05-2009 - 15:30
CVE-2009-0065 10.0
Buffer overflow in net/sctp/sm_statefuns.c in the Stream Control Transmission Protocol (sctp) implementation in the Linux kernel before 2.6.28-git8 allows remote attackers to have an unknown impact via an FWD-TSN (aka FORWARD-TSN) chunk with a large
29-09-2017 - 01:33 07-01-2009 - 19:30
CVE-2008-5086 7.2
Multiple methods in libvirt 0.3.2 through 0.5.1 do not check if a connection is read-only, which allows local users to bypass intended access restrictions and perform administrative actions.
29-09-2017 - 01:32 19-12-2008 - 17:30
CVE-2008-5913 4.9
The Math.random function in the JavaScript implementation in Mozilla Firefox 3.5.x before 3.5.10 and 3.6.x before 3.6.4, and SeaMonkey before 2.0.5, uses a random number generator that is seeded only once per browser session, which makes it easier fo
29-09-2017 - 01:32 20-01-2009 - 16:30
CVE-2008-4770 10.0
The CMsgReader::readRect function in the VNC Viewer component in RealVNC VNC Free Edition 4.0 through 4.1.2, Enterprise Edition E4.0 through E4.4.2, and Personal Edition P4.0 through P4.4.2 allows remote VNC servers to execute arbitrary code via craf
29-09-2017 - 01:32 16-01-2009 - 21:30
CVE-2008-5621 6.0
Cross-site request forgery (CSRF) vulnerability in phpMyAdmin 2.11.x before 2.11.9.4 and 3.x before 3.1.1.0 allows remote attackers to perform unauthorized actions as the administrator via a link or IMG tag to tbl_structure.php with a modified table
29-09-2017 - 01:32 17-12-2008 - 02:30
CVE-2008-4554 4.6
The do_splice_from function in fs/splice.c in the Linux kernel before 2.6.27 does not reject file descriptors that have the O_APPEND flag set, which allows local users to bypass append mode and make arbitrary changes to other locations in the file.
29-09-2017 - 01:32 15-10-2008 - 20:07
CVE-2008-4226 10.0
Integer overflow in the xmlSAX2Characters function in libxml2 2.7.2 allows context-dependent attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via a large XML document.
29-09-2017 - 01:32 25-11-2008 - 23:30
CVE-2008-4690 10.0
lynx 2.8.6dev.15 and earlier, when advanced mode is enabled and lynx is configured as a URL handler, allows remote attackers to execute arbitrary commands via a crafted lynxcgi: URL, a related issue to CVE-2005-2929. NOTE: this might only be a vulne
29-09-2017 - 01:32 22-10-2008 - 18:00
CVE-2008-4225 7.8
Integer overflow in the xmlBufferResize function in libxml2 2.7.2 allows context-dependent attackers to cause a denial of service (infinite loop) via a large XML document.
29-09-2017 - 01:32 25-11-2008 - 23:30
CVE-2008-4576 7.8
sctp in Linux kernel before 2.6.25.18 allows remote attackers to cause a denial of service (OOPS) via an INIT-ACK that states the peer does not support AUTH, which causes the sctp_process_init function to clean up active transports and triggers the O
29-09-2017 - 01:32 15-10-2008 - 20:07
CVE-2008-5015 5.1
Mozilla Firefox 3.x before 3.0.4 assigns chrome privileges to a file: URI when it is accessed in the same tab from a chrome or privileged about: page, which makes it easier for user-assisted attackers to execute arbitrary JavaScript with chrome privi
29-09-2017 - 01:32 13-11-2008 - 11:30
CVE-2008-4066 4.3
Mozilla Firefox 2.0.0.14, and other versions before 2.0.0.17, allows remote attackers to bypass cross-site scripting (XSS) protection mechanisms and conduct XSS attacks via HTML-escaped low surrogate characters that are ignored by the HTML parser, as
29-09-2017 - 01:31 24-09-2008 - 20:37
CVE-2008-4060 7.5
Mozilla Firefox before 2.0.0.17 and 3.x before 3.0.2, Thunderbird before 2.0.0.17, and SeaMonkey before 1.1.12 allow remote attackers to create documents that lack script-handling objects, and execute arbitrary code with chrome privileges, via vector
29-09-2017 - 01:31 24-09-2008 - 20:37
CVE-2008-3835 7.5
The nsXMLDocument::OnChannelRedirect function in Mozilla Firefox before 2.0.0.17, Thunderbird before 2.0.0.17, and SeaMonkey before 1.1.12 allows remote attackers to bypass the Same Origin Policy and execute arbitrary JavaScript code via unknown vect
29-09-2017 - 01:31 24-09-2008 - 20:37
CVE-2008-4063 9.3
Multiple unspecified vulnerabilities in Mozilla Firefox 3.x before 3.0.2 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via vectors related to the layout engine and (1)
29-09-2017 - 01:31 24-09-2008 - 20:37
CVE-2008-4069 5.0
The XBM decoder in Mozilla Firefox before 2.0.0.17 and SeaMonkey before 1.1.12 allows remote attackers to read uninitialized memory, and possibly obtain sensitive information in opportunistic circumstances, via a crafted XBM image file.
29-09-2017 - 01:31 24-09-2008 - 20:37
CVE-2008-4059 7.5
The XPConnect component in Mozilla Firefox before 2.0.0.17 allows remote attackers to "pollute XPCNativeWrappers" and execute arbitrary code with chrome privileges via vectors related to a SCRIPT element.
29-09-2017 - 01:31 24-09-2008 - 20:37
CVE-2008-3834 2.1
The dbus_signature_validate function in the D-bus library (libdbus) before 1.2.4 allows remote attackers to cause a denial of service (application abort) via a message containing a malformed signature, which triggers a failed assertion error.
29-09-2017 - 01:31 07-10-2008 - 21:01
CVE-2008-4064 10.0
Multiple unspecified vulnerabilities in Mozilla Firefox 3.x before 3.0.2 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via vectors related to graphics rendering and (1
29-09-2017 - 01:31 24-09-2008 - 20:37
CVE-2008-2929 4.3
Multiple cross-site scripting (XSS) vulnerabilities in the adminutil library in the Directory Server Administration Express and Directory Server Gateway (DSGW) web interface in Red Hat Directory Server 7.1 before SP7 and 8 EL4 and EL5, and Fedora Dir
29-09-2017 - 01:31 29-08-2008 - 18:41
CVE-2008-2292 6.8
Buffer overflow in the __snprint_value function in snmp_get in Net-SNMP 5.1.4, 5.2.4, and 5.4.1, as used in SNMP.xs for Perl, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a large OCTETSTRING in
29-09-2017 - 01:31 18-05-2008 - 14:20
CVE-2008-2928 10.0
Multiple buffer overflows in the adminutil library in CGI applications in Red Hat Directory Server 7.1 before SP7 allow remote attackers to cause a denial of service (daemon crash) or possibly execute arbitrary code via a crafted Accept-Language HTTP
29-09-2017 - 01:31 29-08-2008 - 18:41
CVE-2008-2379 4.3
Cross-site scripting (XSS) vulnerability in SquirrelMail before 1.4.17 allows remote attackers to inject arbitrary web script or HTML via a crafted hyperlink in an HTML part of an e-mail message.
29-09-2017 - 01:31 05-12-2008 - 00:30
CVE-2008-2930 7.1
Red Hat Directory Server 7.1 before SP7, Red Hat Directory Server 8, and Fedora Directory Server 1.1.1 allow remote attackers to cause a denial of service (CPU consumption and search outage) via crafted LDAP search requests with patterns, related to
29-09-2017 - 01:31 29-08-2008 - 18:41
CVE-2008-3283 7.8
Multiple memory leaks in Red Hat Directory Server 7.1 before SP7, Red Hat Directory Server 8, and Fedora Directory Server 1.1.1 and earlier allow remote attackers to cause a denial of service (memory consumption) via vectors involving (1) the authent
29-09-2017 - 01:31 29-08-2008 - 18:41
CVE-2008-2358 7.2
Integer overflow in the dccp_feat_change function in net/dccp/feat.c in the Datagram Congestion Control Protocol (DCCP) subsystem in the Linux kernel 2.6.18, and 2.6.17 through 2.6.20, allows local users to gain privileges via an invalid feature leng
29-09-2017 - 01:31 10-06-2008 - 00:32
CVE-2008-2276 6.8
Cross-site request forgery (CSRF) vulnerability in manage_user_create.php in Mantis 1.1.1 allows remote attackers to create new administrative users via a crafted link.
29-09-2017 - 01:31 16-05-2008 - 12:54
CVE-2008-2237 9.3
Heap-based buffer overflow in OpenOffice.org (OOo) 2.x before 2.4.2 allows remote attackers to execute arbitrary code via a crafted WMF file associated with a StarOffice/StarSuite document.
29-09-2017 - 01:31 30-10-2008 - 20:00
CVE-2008-2152 9.3
Integer overflow in the rtl_allocateMemory function in sal/rtl/source/alloc_global.c in OpenOffice.org (OOo) 2.0 through 2.4 allows remote attackers to execute arbitrary code via a crafted file that triggers a heap-based buffer overflow.
29-09-2017 - 01:31 10-06-2008 - 18:32
CVE-2008-2238 9.3
Multiple integer overflows in OpenOffice.org (OOo) 2.x before 2.4.2 allow remote attackers to execute arbitrary code via crafted EMR records in an EMF file associated with a StarOffice/StarSuite document, which trigger a heap-based buffer overflow.
29-09-2017 - 01:31 30-10-2008 - 20:00
CVE-2008-1615 4.9
Linux kernel 2.6.18, and possibly other versions, when running on AMD64 architectures, allows local users to cause a denial of service (crash) via certain ptrace calls.
29-09-2017 - 01:30 08-05-2008 - 00:20
CVE-2008-1878 7.5
Stack-based buffer overflow in the demux_nsf_send_chunk function in src/demuxers/demux_nsf.c in xine-lib 1.1.12 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long NSF title.
29-09-2017 - 01:30 17-04-2008 - 22:05
CVE-2008-1801 9.3
Integer underflow in the iso_recv_msg function (iso.c) in rdesktop 1.5.0 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a Remote Desktop Protocol (RDP) request with a small length field.
29-09-2017 - 01:30 12-05-2008 - 16:20
CVE-2008-1802 9.3
Buffer overflow in the process_redirect_pdu (rdp.c) function in rdesktop 1.5.0 allows remote attackers to execute arbitrary code via a Remote Desktop Protocol (RDP) redirect request with modified length fields.
29-09-2017 - 01:30 12-05-2008 - 16:20
CVE-2008-1803 9.3
Integer signedness error in the xrealloc function (rdesktop.c) in RDesktop 1.5.0 allows remote attackers to execute arbitrary code via unknown parameters that trigger a heap-based overflow. NOTE: the role of the channel_process function was not spec
29-09-2017 - 01:30 12-05-2008 - 22:20
CVE-2008-1693 6.8
The CairoFont::create function in CairoFontEngine.cc in Poppler, possibly before 0.8.0, as used in Xpdf, Evince, ePDFview, KWord, and other applications, does not properly handle embedded fonts in PDF files, which allows remote attackers to execute a
29-09-2017 - 01:30 18-04-2008 - 15:05
CVE-2008-0882 10.0
Double free vulnerability in the process_browse_data function in CUPS 1.3.5 allows remote attackers to cause a denial of service (daemon crash) and possibly execute arbitrary code via crafted UDP Browse packets to the cupsd port (631/udp), related to
29-09-2017 - 01:30 21-02-2008 - 19:44
CVE-2008-1419 4.3
Xiph.org libvorbis 1.2.0 and earlier does not properly handle a zero value for codebook.dim, which allows remote attackers to cause a denial of service (crash or infinite loop) or trigger an integer overflow.
29-09-2017 - 01:30 16-05-2008 - 12:54
CVE-2008-1108 7.6
Buffer overflow in Evolution 2.22.1, when the ITip Formatter plugin is disabled, allows remote attackers to execute arbitrary code via a long timezone string in an iCalendar attachment.
29-09-2017 - 01:30 04-06-2008 - 20:32
CVE-2008-1109 9.3
Heap-based buffer overflow in Evolution 2.22.1 allows user-assisted remote attackers to execute arbitrary code via a long DESCRIPTION property in an iCalendar attachment, which is not properly handled during a reply in the calendar view (aka the Cale
29-09-2017 - 01:30 04-06-2008 - 20:32
CVE-2008-0047 9.3
Heap-based buffer overflow in the cgiCompileSearch function in CUPS 1.3.5, and other versions including the version bundled with Apple Mac OS X 10.5.2, when printer sharing is enabled, allows remote attackers to execute arbitrary code via crafted sea
29-09-2017 - 01:30 18-03-2008 - 23:44
CVE-2008-1423 9.3
Integer overflow in a certain quantvals and quantlist calculation in Xiph.org libvorbis 1.2.0 and earlier allows remote attackers to cause a denial of service (crash) or execute arbitrary code via a crafted OGG file with a large virtual space for its
29-09-2017 - 01:30 16-05-2008 - 12:54
CVE-2008-0887 4.7
gnome-screensaver before 2.22.1, when a remote authentication server is enabled, crashes upon an unlock attempt during a network outage, which allows physically proximate attackers to gain access to the locked session, a related issue to CVE-2007-185
29-09-2017 - 01:30 06-04-2008 - 23:44
CVE-2008-0320 9.3
Heap-based buffer overflow in the OLE importer in OpenOffice.org before 2.4 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via an OLE file with a crafted DocumentSummaryInformation stream.
29-09-2017 - 01:30 17-04-2008 - 19:05
CVE-2008-0053 10.0
Multiple buffer overflows in the HP-GL/2-to-PostScript filter in CUPS before 1.3.6 might allow remote attackers to execute arbitrary code via a crafted HP-GL/2 file.
29-09-2017 - 01:30 18-03-2008 - 23:44
CVE-2008-0304 7.5
Heap-based buffer overflow in Mozilla Thunderbird before 2.0.0.12 and SeaMonkey before 1.1.8 might allow remote attackers to execute arbitrary code via a crafted external-body MIME type in an e-mail message, related to an incorrect memory allocation
29-09-2017 - 01:30 29-02-2008 - 19:44
CVE-2008-0016 10.0
Stack-based buffer overflow in the URL parsing implementation in Mozilla Firefox before 2.0.0.17 and SeaMonkey before 1.1.12 allows remote attackers to execute arbitrary code via a crafted UTF-8 URL in a link.
29-09-2017 - 01:30 24-09-2008 - 20:37
CVE-2007-5746 6.8
Integer overflow in OpenOffice.org before 2.4 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via an EMF file with a crafted EMR_STRETCHBLT record, which triggers a heap-based buffer overflow.
29-09-2017 - 01:29 17-04-2008 - 19:05
CVE-2007-5747 6.8
Integer underflow in OpenOffice.org before 2.4 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a Quattro Pro (QPRO) file with crafted values that trigger an excessive loop and a stack-based buffer
29-09-2017 - 01:29 17-04-2008 - 19:05
CVE-2007-5392 9.3
Integer overflow in the DCTStream::reset method in xpdf/Stream.cc in Xpdf 3.02p11 allows remote attackers to execute arbitrary code via a crafted PDF file, resulting in a heap-based buffer overflow.
29-09-2017 - 01:29 08-11-2007 - 02:46
CVE-2007-5393 9.3
Heap-based buffer overflow in the CCITTFaxStream::lookChar method in xpdf/Stream.cc in Xpdf 3.02p11 allows remote attackers to execute arbitrary code via a PDF file that contains a crafted CCITTFaxDecode filter.
29-09-2017 - 01:29 08-11-2007 - 02:46
CVE-2007-6239 5.0
The "cache update reply processing" functionality in Squid 2.x before 2.6.STABLE17 and Squid 3.0 allows remote attackers to cause a denial of service (crash) via unknown vectors related to HTTP headers and an Array memory leak during requests for cac
29-09-2017 - 01:29 04-12-2007 - 18:46
CVE-2007-6110 4.3
Cross-site scripting (XSS) vulnerability in htsearch in htdig 3.2.0b6 allows remote attackers to inject arbitrary web script or HTML via the sort parameter.
29-09-2017 - 01:29 23-11-2007 - 20:46
CVE-2007-6335 7.5
Integer overflow in libclamav in ClamAV before 0.92 allows remote attackers to execute arbitrary code via a crafted MEW packed PE file, which triggers a heap-based buffer overflow.
29-09-2017 - 01:29 20-12-2007 - 01:46
CVE-2007-5964 6.9
The default configuration of autofs 5 in some Linux distributions, such as Red Hat Enterprise Linux (RHEL) 5, omits the nosuid option for the hosts (/net filesystem) map, which allows local users to gain privileges via a setuid program on a remote NF
29-09-2017 - 01:29 13-12-2007 - 18:46
CVE-2007-5745 6.8
Multiple heap-based buffer overflows in OpenOffice.org before 2.4 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a Quattro Pro (QPRO) file with crafted (1) Attribute and (2) Font Description record
29-09-2017 - 01:29 17-04-2008 - 19:05
CVE-2007-5137 6.8
Buffer overflow in the ReadImage function in generic/tkImgGIF.c in Tcl (Tcl/Tk) 8.4.13 through 8.4.15 allows remote attackers to execute arbitrary code via multi-frame interlaced GIF files in which later frames are smaller than the first. NOTE: this
29-09-2017 - 01:29 28-09-2007 - 21:17
CVE-2007-6285 6.2
The default configuration for autofs 5 (autofs5) in some Linux distributions, such as Red Hat Enterprise Linux (RHEL) 4 and 5, does not specify the nodev mount option for the -hosts map, which allows local users to access "important devices" by opera
29-09-2017 - 01:29 20-12-2007 - 22:46
CVE-2007-5901 6.9
Use-after-free vulnerability in the gss_indicate_mechs function in lib/gssapi/mechglue/g_initialize.c in MIT Kerberos 5 (krb5) has unknown impact and attack vectors. NOTE: this might be the result of a typo in the source code. Information from Apple
29-09-2017 - 01:29 06-12-2007 - 02:46
CVE-2007-4619 9.3
Multiple integer overflows in Free Lossless Audio Codec (FLAC) libFLAC before 1.2.1, as used in Winamp before 5.5 and other products, allow user-assisted remote attackers to execute arbitrary code via a malformed FLAC file that triggers improper memo
29-09-2017 - 01:29 12-10-2007 - 21:17
CVE-2007-4575 9.3
HSQLDB before 1.8.0.9, as used in OpenOffice.org (OOo) 2 before 2.3.1, allows user-assisted remote attackers to execute arbitrary Java code via crafted database documents, related to "exposing static java methods."
29-09-2017 - 01:29 06-12-2007 - 02:46
CVE-2007-4569 6.8
backend/session.c in KDM in KDE 3.3.0 through 3.5.7, when autologin is configured and "shutdown with password" is enabled, allows remote attackers to bypass the password requirement and login to arbitrary accounts via unspecified vectors.
29-09-2017 - 01:29 21-09-2007 - 19:17
CVE-2007-4352 7.6
Array index error in the DCTStream::readProgressiveDataUnit method in xpdf/Stream.cc in Xpdf 3.02pl1, as used in poppler, teTeX, KDE, KOffice, CUPS, and other products, allows remote attackers to trigger memory corruption and execute arbitrary code v
29-09-2017 - 01:29 08-11-2007 - 02:46
CVE-2007-3996 6.8
Multiple integer overflows in libgd in PHP before 5.2.4 allow remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a large (1) srcW or (2) srcH value to the (a) gdImageCopyResized function, or a la
29-09-2017 - 01:29 04-09-2007 - 18:17
CVE-2007-3919 6.0
(1) xenbaked and (2) xenmon.py in Xen 3.1 and earlier allow local users to truncate arbitrary files via a symlink attack on /tmp/xenq-shm.
29-09-2017 - 01:29 28-10-2007 - 17:08
CVE-2007-3920 6.2
GNOME screensaver 2.20 in Ubuntu 7.10, when used with Compiz, does not properly reserve input focus, which allows attackers with physical access to take control of the session after entering an Alt-Tab sequence, a related issue to CVE-2007-3069.
29-09-2017 - 01:29 29-10-2007 - 21:46
CVE-2015-5143 7.8
The session backends in Django before 1.4.21, 1.5.x through 1.6.x, 1.7.x before 1.7.9, and 1.8.x before 1.8.3 allows remote attackers to cause a denial of service (session store consumption) via multiple requests with unique session keys.
22-09-2017 - 01:29 14-07-2015 - 17:59
CVE-2015-5144 4.3
Django before 1.4.21, 1.5.x through 1.6.x, 1.7.x before 1.7.9, and 1.8.x before 1.8.3 uses an incorrect regular expression, which allows remote attackers to inject arbitrary headers and conduct HTTP response splitting attacks via a newline character
22-09-2017 - 01:29 14-07-2015 - 17:59
CVE-2015-4695 5.0
meta.h in libwmf 0.2.8.4 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted WMF file.
22-09-2017 - 01:29 01-07-2015 - 14:59
CVE-2015-5400 6.8
Squid before 3.5.6 does not properly handle CONNECT method peer responses when configured with cache_peer, which allows remote attackers to bypass intended restrictions and gain access to a backend proxy via a CONNECT request.
22-09-2017 - 01:29 28-09-2015 - 20:59
CVE-2015-4692 4.9
The kvm_apic_has_events function in arch/x86/kvm/lapic.h in the Linux kernel through 4.1.3 allows local users to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact by leveraging /dev/kvm ac
22-09-2017 - 01:29 27-07-2015 - 10:59
CVE-2015-4696 4.3
Use-after-free vulnerability in libwmf 0.2.8.4 allows remote attackers to cause a denial of service (crash) via a crafted WMF file to the (1) wmf2gd or (2) wmf2eps command. <a href="http://cwe.mitre.org/data/definitions/416.html">CWE-416: Use After F
22-09-2017 - 01:29 01-07-2015 - 14:59
CVE-2015-5697 2.1
The get_bitmap_file function in drivers/md/md.c in the Linux kernel before 4.1.6 does not initialize a certain bitmap data structure, which allows local users to obtain sensitive information from kernel memory via a GET_BITMAP_FILE ioctl call.
21-09-2017 - 01:29 31-08-2015 - 10:59
CVE-2013-1724 9.3
Use-after-free vulnerability in the mozilla::dom::HTMLFormElement::IsDefaultSubmitElement function in Mozilla Firefox before 24.0, Thunderbird before 24.0, and SeaMonkey before 2.21 allows remote attackers to execute arbitrary code or cause a denial
19-09-2017 - 01:36 18-09-2013 - 10:08
CVE-2013-1728 4.3
The IonMonkey JavaScript engine in Mozilla Firefox before 24.0, Thunderbird before 24.0, and SeaMonkey before 2.21, when Valgrind mode is used, does not properly initialize memory, which makes it easier for remote attackers to obtain sensitive inform
19-09-2017 - 01:36 18-09-2013 - 10:08
CVE-2013-1719 10.0
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 24.0, Thunderbird before 24.0, and SeaMonkey before 2.21 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly ex
19-09-2017 - 01:36 18-09-2013 - 10:08
CVE-2013-1721 9.3
Integer overflow in the drawLineLoop function in the libGLESv2 library in Almost Native Graphics Layer Engine (ANGLE), as used in Mozilla Firefox before 24.0 and SeaMonkey before 2.21, allows remote attackers to execute arbitrary code via a crafted w
19-09-2017 - 01:36 18-09-2013 - 10:08
CVE-2013-1720 6.8
The nsHtml5TreeBuilder::resetTheInsertionMode function in the HTML5 Tree Builder in Mozilla Firefox before 24.0, Thunderbird before 24.0, and SeaMonkey before 2.21 does not properly maintain the state of the insertion-mode stack for template elements
19-09-2017 - 01:36 18-09-2013 - 10:08
CVE-2013-1738 9.3
Use-after-free vulnerability in the JS_GetGlobalForScopeChain function in Mozilla Firefox before 24.0, Thunderbird before 24.0, and SeaMonkey before 2.21 allows remote attackers to execute arbitrary code by leveraging incorrect garbage collection in
19-09-2017 - 01:36 18-09-2013 - 10:08
CVE-2013-1723 4.3
The NativeKey widget in Mozilla Firefox before 24.0, Thunderbird before 24.0, and SeaMonkey before 2.21 processes key messages after destruction by a dispatched event listener, which allows remote attackers to cause a denial of service (application c
19-09-2017 - 01:36 18-09-2013 - 10:08
CVE-2016-10243 7.5
TeX Live allows remote attackers to execute arbitrary commands by leveraging inclusion of mpost in shell_escape_commands in the texmf.cnf config file.
19-09-2017 - 01:36 02-05-2017 - 14:59
CVE-2012-5166 7.8
ISC BIND 9.x before 9.7.6-P4, 9.8.x before 9.8.3-P4, 9.9.x before 9.9.1-P4, and 9.4-ESV and 9.6-ESV before 9.6-ESV-R7-P4 allows remote attackers to cause a denial of service (named daemon hang) via unspecified combinations of resource records.
19-09-2017 - 01:35 10-10-2012 - 21:55
CVE-2011-3184 4.3
The msn_httpconn_parse_data function in httpconn.c in the MSN protocol plugin in libpurple in Pidgin before 2.10.0 does not properly handle HTTP 100 responses, which allows remote attackers to cause a denial of service (incorrect memory access and ap
19-09-2017 - 01:33 29-08-2011 - 17:55
CVE-2011-2597 4.3
The Lucent/Ascend file parser in Wireshark 1.2.x before 1.2.18, 1.4.x through 1.4.7, and 1.6.0 allows remote attackers to cause a denial of service (infinite loop) via malformed packets.
19-09-2017 - 01:33 07-07-2011 - 19:55
CVE-2011-1591 9.3
Stack-based buffer overflow in the DECT dissector in epan/dissectors/packet-dect.c in Wireshark 1.4.x before 1.4.5 allows remote attackers to execute arbitrary code via a crafted .pcap file.
19-09-2017 - 01:32 29-04-2011 - 22:55
CVE-2011-2174 4.3
Double free vulnerability in the tvb_uncompress function in epan/tvbuff.c in Wireshark 1.2.x before 1.2.17 and 1.4.x before 1.4.7 allows remote attackers to cause a denial of service (application crash) via a packet with malformed data that uses zlib
19-09-2017 - 01:32 06-06-2011 - 19:55
CVE-2011-1921 4.3
The mod_dav_svn module for the Apache HTTP Server, as distributed in Apache Subversion 1.5.x and 1.6.x before 1.6.17, when the SVNPathAuthz short_circuit option is disabled, does not properly enforce permissions for files that had been publicly reada
19-09-2017 - 01:32 06-06-2011 - 19:55
CVE-2011-1959 4.3
The snoop_read function in wiretap/snoop.c in Wireshark 1.2.x before 1.2.17 and 1.4.x before 1.4.7 does not properly handle certain virtualizable buffers, which allows remote attackers to cause a denial of service (application crash) via a large leng
19-09-2017 - 01:32 06-06-2011 - 19:55
CVE-2011-2175 4.3
Integer underflow in the visual_read function in wiretap/visual.c in Wireshark 1.2.x before 1.2.17 and 1.4.x before 1.4.7 allows remote attackers to cause a denial of service (application crash) via a malformed Visual Networks file that triggers a he
19-09-2017 - 01:32 06-06-2011 - 19:55
CVE-2011-1139 4.3
wiretap/pcapng.c in Wireshark 1.2.0 through 1.2.14 and 1.4.0 through 1.4.3 allows remote attackers to cause a denial of service (application crash) via a pcap-ng file that contains a large packet-length field.
19-09-2017 - 01:32 03-03-2011 - 01:00
CVE-2011-0715 4.3
The mod_dav_svn module for the Apache HTTP Server, as distributed in Apache Subversion before 1.6.16, allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via a request that contains a lock token. Per: http
19-09-2017 - 01:32 11-03-2011 - 22:55
CVE-2011-0445 5.0
The ASN.1 BER dissector in Wireshark 1.4.0 through 1.4.2 allows remote attackers to cause a denial of service (assertion failure) via crafted packets, as demonstrated by fuzz-2010-12-30-28473.pcap.
19-09-2017 - 01:32 13-01-2011 - 01:00
CVE-2011-1140 4.3
Multiple stack consumption vulnerabilities in the dissect_ms_compressed_string and dissect_mscldap_string functions in Wireshark 1.0.x, 1.2.0 through 1.2.14, and 1.4.0 through 1.4.3 allow remote attackers to cause a denial of service (infinite recurs
19-09-2017 - 01:32 03-03-2011 - 01:00
CVE-2011-1138 4.3
Off-by-one error in the dissect_6lowpan_iphc function in packet-6lowpan.c in Wireshark 1.4.0 through 1.4.3 on 32-bit platforms allows remote attackers to cause a denial of service (application crash) via a malformed 6LoWPAN IPv6 packet.
19-09-2017 - 01:32 03-03-2011 - 01:00
CVE-2011-1141 4.3
epan/dissectors/packet-ldap.c in Wireshark 1.0.x, 1.2.0 through 1.2.14, and 1.4.0 through 1.4.3 allows remote attackers to cause a denial of service (memory consumption) via (1) a long LDAP filter string or (2) an LDAP filter string containing many e
19-09-2017 - 01:32 03-03-2011 - 01:00
CVE-2011-0538 6.8
Wireshark 1.2.0 through 1.2.14, 1.4.0 through 1.4.3, and 1.5.0 frees an uninitialized pointer during processing of a .pcap file in the pcap-ng format, which allows remote attackers to cause a denial of service (memory corruption) or possibly have uns
19-09-2017 - 01:32 08-02-2011 - 22:00
CVE-2011-1143 4.3
epan/dissectors/packet-ntlmssp.c in the NTLMSSP dissector in Wireshark before 1.4.4 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted .pcap file. Per: http://cwe.mitre.org/data/definit
19-09-2017 - 01:32 03-03-2011 - 01:00
CVE-2010-3776 9.3
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 3.5.16 and 3.6.x before 3.6.13, Thunderbird before 3.0.11 and 3.1.x before 3.1.7, and SeaMonkey before 2.0.11 allow remote attackers to cause a denial of service (me
19-09-2017 - 01:31 10-12-2010 - 19:00
CVE-2010-3770 4.3
Multiple cross-site scripting (XSS) vulnerabilities in the rendering engine in Mozilla Firefox before 3.5.16 and 3.6.x before 3.6.13, and SeaMonkey before 2.0.11, allow remote attackers to inject arbitrary web script or HTML via (1) x-mac-arabic, (2)
19-09-2017 - 01:31 10-12-2010 - 19:00
CVE-2010-3775 9.3
Mozilla Firefox before 3.5.16 and 3.6.x before 3.6.13, and SeaMonkey before 2.0.11, does not properly handle certain redirections involving data: URLs and Java LiveConnect scripts, which allows remote attackers to start processes, read arbitrary loca
19-09-2017 - 01:31 10-12-2010 - 19:00
CVE-2010-3771 6.8
Mozilla Firefox before 3.5.16 and 3.6.x before 3.6.13, and SeaMonkey before 2.0.11, does not properly handle injection of an ISINDEX element into an about:blank page, which allows remote attackers to execute arbitrary JavaScript code with chrome priv
19-09-2017 - 01:31 10-12-2010 - 19:00
CVE-2010-3813 5.8
The WebCore::HTMLLinkElement::process function in WebCore/html/HTMLLinkElement.cpp in WebKit, as used in Apple Safari before 5.0.3 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1.3 on Mac OS X 10.4; webkitgtk before 1.2.6; and possibly othe
19-09-2017 - 01:31 22-11-2010 - 13:00
CVE-2010-3768 9.3
Mozilla Firefox before 3.5.16 and 3.6.x before 3.6.13, Thunderbird before 3.0.11 and 3.1.x before 3.1.7, and SeaMonkey before 2.0.11 do not properly validate downloadable fonts before use within an operating system's font implementation, which allows
19-09-2017 - 01:31 10-12-2010 - 19:00
CVE-2010-3774 4.3
The NS_SecurityCompareURIs function in netwerk/base/public/nsNetUtil.h in Mozilla Firefox before 3.5.16 and 3.6.x before 3.6.13, and SeaMonkey before 2.0.11, does not properly handle (1) about:neterror and (2) about:certerror pages, which allows remo
19-09-2017 - 01:31 10-12-2010 - 19:00
CVE-2010-3772 9.3
Mozilla Firefox before 3.5.16 and 3.6.x before 3.6.13, and SeaMonkey before 2.0.11, does not properly calculate index values for certain child content in a XUL tree, which allows remote attackers to execute arbitrary code via vectors involving a DIV
19-09-2017 - 01:31 10-12-2010 - 19:00
CVE-2010-3769 9.3
The line-breaking implementation in Mozilla Firefox before 3.5.16 and 3.6.x before 3.6.13, Thunderbird before 3.0.11 and 3.1.x before 3.1.7, and SeaMonkey before 2.0.11 on Windows does not properly handle long strings, which allows remote attackers t
19-09-2017 - 01:31 10-12-2010 - 19:00
CVE-2010-4528 4.0
directconn.c in the MSN protocol plugin in libpurple 2.7.6 through 2.7.8 in Pidgin before 2.7.9 allows remote authenticated users to cause a denial of service (NULL pointer dereference and application crash) via a short p2pv2 packet in a DirectConnec
19-09-2017 - 01:31 07-01-2011 - 12:00
CVE-2010-3778 9.3
Unspecified vulnerability in Mozilla Firefox 3.5.x before 3.5.16, Thunderbird before 3.0.11, and SeaMonkey before 2.0.11 allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code
19-09-2017 - 01:31 10-12-2010 - 19:00
CVE-2010-4538 9.3
Buffer overflow in the sect_enttec_dmx_da function in epan/dissectors/packet-enttec.c in Wireshark 1.4.2 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted ENTTEC DMX packet with
19-09-2017 - 01:31 07-01-2011 - 19:00
CVE-2010-3773 6.8
Mozilla Firefox before 3.5.16 and 3.6.x before 3.6.13, and SeaMonkey before 2.0.11, when the XMLHttpRequestSpy module in the Firebug add-on is used, does not properly handle interaction between the XMLHttpRequestSpy object and chrome privileged objec
19-09-2017 - 01:31 10-12-2010 - 19:00
CVE-2010-3767 9.3
Integer overflow in the NewIdArray function in Mozilla Firefox before 3.5.16 and 3.6.x before 3.6.13, and SeaMonkey before 2.0.11, allows remote attackers to execute arbitrary code via a JavaScript array with many elements.
19-09-2017 - 01:31 10-12-2010 - 19:00
CVE-2010-4150 5.0
Double free vulnerability in the imap_do_open function in the IMAP extension (ext/imap/php_imap.c) in PHP 5.2 before 5.2.15 and 5.3 before 5.3.4 allows attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via
19-09-2017 - 01:31 07-12-2010 - 22:00
CVE-2010-3766 9.3
Use-after-free vulnerability in Mozilla Firefox before 3.5.16 and 3.6.x before 3.6.13, and SeaMonkey before 2.0.11, allows remote attackers to execute arbitrary code via vectors involving a change to an nsDOMAttribute node.
19-09-2017 - 01:31 10-12-2010 - 19:00
CVE-2010-3711 4.0
libpurple in Pidgin before 2.7.4 does not properly validate the return value of the purple_base64_decode function, which allows remote authenticated users to cause a denial of service (NULL pointer dereference and application crash) via a crafted mes
19-09-2017 - 01:31 28-10-2010 - 00:00
CVE-2010-3812 9.3
Integer overflow in the Text::wholeText method in dom/Text.cpp in WebKit, as used in Apple Safari before 5.0.3 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1.3 on Mac OS X 10.4; webkitgtk before 1.2.6; and possibly other products allows re
19-09-2017 - 01:31 22-11-2010 - 13:00
CVE-2010-3777 9.3
Unspecified vulnerability in Mozilla Firefox 3.6.x before 3.6.13 and Thunderbird 3.1.x before 3.1.7 allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.
19-09-2017 - 01:31 10-12-2010 - 19:00
CVE-2010-3564 6.4
Unspecified vulnerability in the Oracle Communications Messaging Server (Sun Java System Messaging Server) component in Oracle Sun Products Suite 7.0 allows remote attackers to affect confidentiality and integrity via unknown vectors related to Webma
19-09-2017 - 01:31 14-10-2010 - 18:00
CVE-2010-3765 9.3
Mozilla Firefox 3.5.x through 3.5.14 and 3.6.x through 3.6.11, Thunderbird 3.1.6 before 3.1.6 and 3.0.x before 3.0.10, and SeaMonkey 2.x before 2.0.10, when JavaScript is enabled, allows remote attackers to execute arbitrary code via vectors related
19-09-2017 - 01:31 28-10-2010 - 00:00
CVE-2010-3183 9.3
The LookupGetterOrSetter function in js3250.dll in Mozilla Firefox before 3.5.14 and 3.6.x before 3.6.11, Thunderbird before 3.0.9 and 3.1.x before 3.1.5, and SeaMonkey before 2.0.9 does not properly support window.__lookupGetter__ function calls tha
19-09-2017 - 01:31 21-10-2010 - 19:00
CVE-2010-3169 9.3
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 3.5.12 and 3.6.x before 3.6.9, Thunderbird before 3.0.7 and 3.1.x before 3.1.3, and SeaMonkey before 2.0.7 allow remote attackers to cause a denial of service (memor
19-09-2017 - 01:31 09-09-2010 - 19:00
CVE-2010-3177 4.3
Multiple cross-site scripting (XSS) vulnerabilities in the Gopher parser in Mozilla Firefox before 3.5.14 and 3.6.x before 3.6.11, and SeaMonkey before 2.0.9, allow remote attackers to inject arbitrary web script or HTML via a crafted name of a (1) f
19-09-2017 - 01:31 21-10-2010 - 19:00
CVE-2010-3180 9.3
Use-after-free vulnerability in the nsBarProp function in Mozilla Firefox before 3.5.14 and 3.6.x before 3.6.11, Thunderbird before 3.0.9 and 3.1.x before 3.1.5, and SeaMonkey before 2.0.9 allows remote attackers to execute arbitrary code by accessin
19-09-2017 - 01:31 21-10-2010 - 19:00
CVE-2010-2768 4.3
Mozilla Firefox before 3.5.12 and 3.6.x before 3.6.9, Thunderbird before 3.0.7 and 3.1.x before 3.1.3, and SeaMonkey before 2.0.7 do not properly restrict use of the type attribute of an OBJECT element to set a document's charset, which allows remote
19-09-2017 - 01:31 09-09-2010 - 19:00
CVE-2010-3167 9.3
The nsTreeContentView function in Mozilla Firefox before 3.5.12 and 3.6.x before 3.6.9, Thunderbird before 3.0.7 and 3.1.x before 3.1.3, and SeaMonkey before 2.0.7 does not properly handle node removal in XUL trees, which allows remote attackers to e
19-09-2017 - 01:31 09-09-2010 - 19:00
CVE-2010-2764 4.3
Mozilla Firefox before 3.5.12 and 3.6.x before 3.6.9, Thunderbird before 3.0.7 and 3.1.x before 3.1.3, and SeaMonkey before 2.0.7 do not properly restrict read access to the statusText property of XMLHttpRequest objects, which allows remote attackers
19-09-2017 - 01:31 09-09-2010 - 19:00
CVE-2010-2760 9.3
Use-after-free vulnerability in the nsTreeSelection function in Mozilla Firefox before 3.5.12 and 3.6.x before 3.6.9, Thunderbird before 3.0.7 and 3.1.x before 3.1.3, and SeaMonkey before 2.0.7 might allow remote attackers to execute arbitrary code v
19-09-2017 - 01:31 09-09-2010 - 19:00
CVE-2010-3433 6.0
The PL/perl and PL/Tcl implementations in PostgreSQL 7.4 before 7.4.30, 8.0 before 8.0.26, 8.1 before 8.1.22, 8.2 before 8.2.18, 8.3 before 8.3.12, 8.4 before 8.4.5, and 9.0 before 9.0.1 do not properly protect script execution by a different SQL use
19-09-2017 - 01:31 06-10-2010 - 17:00
CVE-2010-3179 9.3
Stack-based buffer overflow in the text-rendering functionality in Mozilla Firefox before 3.5.14 and 3.6.x before 3.6.11, Thunderbird before 3.0.9 and 3.1.x before 3.1.5, and SeaMonkey before 2.0.9 allows remote attackers to execute arbitrary code or
19-09-2017 - 01:31 21-10-2010 - 19:00
CVE-2010-3175 9.3
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox 3.6.x before 3.6.11 and Thunderbird 3.1.x before 3.1.5 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arb
19-09-2017 - 01:31 21-10-2010 - 19:00
CVE-2010-3168 9.3
Mozilla Firefox before 3.5.12 and 3.6.x before 3.6.9, Thunderbird before 3.0.7 and 3.1.x before 3.1.3, and SeaMonkey before 2.0.7 do not properly restrict the role of property changes in triggering XUL tree removal, which allows remote attackers to c
19-09-2017 - 01:31 09-09-2010 - 19:00
CVE-2010-2766 9.3
The normalizeDocument function in Mozilla Firefox before 3.5.12 and 3.6.x before 3.6.9, Thunderbird before 3.0.7 and 3.1.x before 3.1.3, and SeaMonkey before 2.0.7 does not properly handle the removal of DOM nodes during normalization, which might al
19-09-2017 - 01:31 09-09-2010 - 19:00
CVE-2010-3176 9.3
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox 3.5.x before 3.5.14 and 3.6.x before 3.6.11, Thunderbird before 3.0.9 and 3.1.x before 3.1.5, and SeaMonkey before 2.0.9 allow remote attackers to cause a denial of service
19-09-2017 - 01:31 21-10-2010 - 19:00
CVE-2010-3178 5.8
Mozilla Firefox before 3.5.14 and 3.6.x before 3.6.11, Thunderbird before 3.0.9 and 3.1.x before 3.1.5, and SeaMonkey before 2.0.9 do not properly handle certain modal calls made by javascript: URLs in circumstances related to opening a new window an
19-09-2017 - 01:31 21-10-2010 - 19:00
CVE-2010-2767 9.3
The navigator.plugins implementation in Mozilla Firefox before 3.5.12 and 3.6.x before 3.6.9, Thunderbird before 3.0.7 and 3.1.x before 3.1.3, and SeaMonkey before 2.0.7 does not properly handle destruction of the DOM plugin array, which might allow
19-09-2017 - 01:31 09-09-2010 - 19:00
CVE-2010-3182 6.9
A certain application-launch script in Mozilla Firefox before 3.5.14 and 3.6.x before 3.6.11, Thunderbird before 3.0.9 and 3.1.x before 3.1.5, and SeaMonkey before 2.0.9 on Linux places a zero-length directory name in the LD_LIBRARY_PATH, which allow
19-09-2017 - 01:31 21-10-2010 - 19:00
CVE-2010-3445 5.0
Stack consumption vulnerability in the dissect_ber_unknown function in epan/dissectors/packet-ber.c in the BER dissector in Wireshark 1.4.x before 1.4.1 and 1.2.x before 1.2.12 allows remote attackers to cause a denial of service (NULL pointer derefe
19-09-2017 - 01:31 26-11-2010 - 19:00
CVE-2010-3166 9.3
Heap-based buffer overflow in the nsTextFrameUtils::TransformText function in Mozilla Firefox before 3.5.12 and 3.6.x before 3.6.9, Thunderbird before 3.0.7 and 3.1.x before 3.1.3, and SeaMonkey before 2.0.7 might allow remote attackers to execute ar
19-09-2017 - 01:31 09-09-2010 - 19:00
CVE-2010-2769 4.3
Cross-site scripting (XSS) vulnerability in Mozilla Firefox before 3.5.12 and 3.6.x before 3.6.9, Thunderbird before 3.0.7 and 3.1.x before 3.1.3, and SeaMonkey before 2.0.7 allows user-assisted remote attackers to inject arbitrary web script or HTML
19-09-2017 - 01:31 09-09-2010 - 19:00
CVE-2010-2763 4.3
The XPCSafeJSObjectWrapper class in the SafeJSObjectWrapper (aka SJOW) implementation in Mozilla Firefox before 3.5.12, Thunderbird before 3.0.7, and SeaMonkey before 2.0.7 does not properly restrict scripted functions, which allows remote attackers
19-09-2017 - 01:31 09-09-2010 - 19:00
CVE-2010-2765 9.3
Integer overflow in the FRAMESET element implementation in Mozilla Firefox before 3.5.12 and 3.6.x before 3.6.9, Thunderbird before 3.0.7 and 3.1.x before 3.1.3, and SeaMonkey before 2.0.7 might allow remote attackers to execute arbitrary code via a
19-09-2017 - 01:31 09-09-2010 - 19:00
CVE-2011-0444 10.0
Buffer overflow in the MAC-LTE dissector (epan/dissectors/packet-mac-lte.c) in Wireshark 1.2.0 through 1.2.13 and 1.4.0 through 1.4.2 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a large number
19-09-2017 - 01:31 13-01-2011 - 01:00
CVE-2011-0014 5.0
ssl/t1_lib.c in OpenSSL 0.9.8h through 0.9.8q and 1.0.0 through 1.0.0c allows remote attackers to cause a denial of service (crash), and possibly obtain sensitive information in applications that use OpenSSL, via a malformed ClientHello handshake mes
19-09-2017 - 01:31 19-02-2011 - 01:00
CVE-2010-1198 9.3
Use-after-free vulnerability in Mozilla Firefox 3.5.x before 3.5.10 and 3.6.x before 3.6.4, and SeaMonkey before 2.0.5, allows remote attackers to execute arbitrary code via vectors involving multiple plugin instances.
19-09-2017 - 01:30 24-06-2010 - 12:30
CVE-2010-1196 9.3
Integer overflow in the nsGenericDOMDataNode::SetTextInternal function in Mozilla Firefox 3.5.x before 3.5.10 and 3.6.x before 3.6.4, Thunderbird before 3.0.5, and SeaMonkey before 2.0.5 allows remote attackers to execute arbitrary code via a DOM nod
19-09-2017 - 01:30 24-06-2010 - 12:30
CVE-2010-1201 9.3
Unspecified vulnerability in the browser engine in Mozilla Firefox 3.5.x before 3.5.10, Thunderbird before 3.0.5, and SeaMonkey before 2.0.5 allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly ex
19-09-2017 - 01:30 24-06-2010 - 12:30
CVE-2010-1197 4.3
Mozilla Firefox 3.5.x before 3.5.10 and 3.6.x before 3.6.4, and SeaMonkey before 2.0.5, does not properly handle situations in which both "Content-Disposition: attachment" and "Content-Type: multipart" are present in HTTP headers, which allows remote
19-09-2017 - 01:30 24-06-2010 - 12:30
CVE-2010-1121 10.0
Mozilla Firefox 3.6.x before 3.6.3 does not properly manage the scopes of DOM nodes that are moved from one document to another, which allows remote attackers to conduct use-after-free attacks and execute arbitrary code via unspecified vectors involv
19-09-2017 - 01:30 25-03-2010 - 21:00
CVE-2010-1202 9.3
Multiple unspecified vulnerabilities in the JavaScript engine in Mozilla Firefox 3.5.x before 3.5.10 and 3.6.x before 3.6.4, Thunderbird before 3.0.5, and SeaMonkey before 2.0.5 allow remote attackers to cause a denial of service (memory corruption a
19-09-2017 - 01:30 24-06-2010 - 12:30
CVE-2010-1170 6.0
The PL/Tcl implementation in PostgreSQL 7.4 before 7.4.29, 8.0 before 8.0.25, 8.1 before 8.1.21, 8.2 before 8.2.17, 8.3 before 8.3.11, 8.4 before 8.4.4, and 9.0 Beta before 9.0 Beta 2 loads Tcl code from the pltcl_modules table regardless of the tabl
19-09-2017 - 01:30 19-05-2010 - 18:30
CVE-2010-1200 9.3
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox 3.5.x before 3.5.10 and 3.6.x before 3.6.4, Thunderbird before 3.0.5, and SeaMonkey before 2.0.5 allow remote attackers to cause a denial of service (memory corruption and
19-09-2017 - 01:30 24-06-2010 - 12:30
CVE-2010-1169 8.5
PostgreSQL 7.4 before 7.4.29, 8.0 before 8.0.25, 8.1 before 8.1.21, 8.2 before 8.2.17, 8.3 before 8.3.11, 8.4 before 8.4.4, and 9.0 Beta before 9.0 Beta 2 does not properly restrict PL/perl procedures, which allows remote authenticated users, with da
19-09-2017 - 01:30 19-05-2010 - 18:30
CVE-2010-0826 1.9
The Free Software Foundation (FSF) Berkeley DB NSS module (aka libnss-db) 2.2.3pre1 reads the DB_CONFIG file in the current working directory, which allows local users to obtain sensitive information via a symlink attack involving a setgid or setuid
19-09-2017 - 01:30 05-04-2010 - 15:30
CVE-2010-0097 4.3
ISC BIND 9.0.x through 9.3.x, 9.4 before 9.4.3-P5, 9.5 before 9.5.2-P2, 9.6 before 9.6.1-P3, and 9.7.0 beta does not properly validate DNSSEC (1) NSEC and (2) NSEC3 records, which allows remote attackers to add the Authenticated Data (AD) flag to a f
19-09-2017 - 01:30 22-01-2010 - 22:00
CVE-2010-0829 4.3
Multiple array index errors in set.c in dvipng 1.11 and 1.12, and teTeX, allow remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a malformed DVI file.
19-09-2017 - 01:30 07-05-2010 - 18:24
CVE-2010-0046 9.3
The Cascading Style Sheets (CSS) implementation in WebKit in Apple Safari before 4.0.5 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via crafted format arguments. Per: http://
19-09-2017 - 01:30 15-03-2010 - 13:28
CVE-2010-0054 9.3
Use-after-free vulnerability in WebKit in Apple Safari before 4.0.5 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via vectors involving HTML IMG elements. Per: http://lists.apple.com/archives/secur
19-09-2017 - 01:30 15-03-2010 - 14:15
CVE-2010-0423 5.0
gtkimhtml.c in Pidgin before 2.6.6 allows remote attackers to cause a denial of service (CPU consumption and application hang) by sending many smileys in a (1) IM or (2) chat.
19-09-2017 - 01:30 24-02-2010 - 18:30
CVE-2010-0420 4.3
libpurple in Finch in Pidgin before 2.6.6, when an XMPP multi-user chat (MUC) room is used, does not properly parse nicknames containing <br> sequences, which allows remote attackers to cause a denial of service (application crash) via a crafted nick
19-09-2017 - 01:30 24-02-2010 - 18:30
CVE-2010-0648 4.3
Mozilla Firefox, possibly before 3.6, allows remote attackers to discover a redirect's target URL, for the session of a specific user of a web site, by placing the site's URL in the HREF attribute of a stylesheet LINK element, and then reading the do
19-09-2017 - 01:30 18-02-2010 - 18:00
CVE-2010-0183 9.3
Use-after-free vulnerability in the nsCycleCollector::MarkRoots function in Mozilla Firefox 3.5.x before 3.5.10 and SeaMonkey before 2.0.5 allows remote attackers to execute arbitrary code via a crafted HTML document, related to an improper frame con
19-09-2017 - 01:30 24-06-2010 - 12:30
CVE-2010-0049 9.3
Use-after-free vulnerability in WebKit in Apple Safari before 4.0.5 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via HTML elements with right-to-left (RTL) text directionality. Per: http://lists.a
19-09-2017 - 01:30 15-03-2010 - 14:15
CVE-2010-0053 9.3
Use-after-free vulnerability in WebKit in Apple Safari before 4.0.5 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via vectors related to the run-in Cascading Style Sheets (CSS) display property. Pe
19-09-2017 - 01:30 15-03-2010 - 14:15
CVE-2010-0304 7.5
Multiple buffer overflows in the LWRES dissector in Wireshark 0.9.15 through 1.0.10 and 1.2.0 through 1.2.5 allow remote attackers to cause a denial of service (crash) via a malformed packet, as demonstrated using a stack-based buffer overflow to the
19-09-2017 - 01:30 03-02-2010 - 18:30
CVE-2010-0277 5.0
slp.c in the MSN protocol plugin in libpurple in Pidgin before 2.6.6, including 2.6.4, and Adium 1.3.8 allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly have unspecified other impact via a malf
19-09-2017 - 01:30 09-01-2010 - 18:30
CVE-2010-0656 4.3
WebKit before r51295, as used in Google Chrome before 4.0.249.78, presents a directory-listing page in response to an XMLHttpRequest for a file:/// URL that corresponds to a directory, which allows attackers to obtain sensitive information or possibl
19-09-2017 - 01:30 18-02-2010 - 18:00
CVE-2010-0436 6.9
Race condition in backend/ctrl.c in KDM in KDE Software Compilation (SC) 2.2.0 through 4.4.2 allows local users to change the permissions of arbitrary files, and consequently gain privileges, by blocking the removal of a certain directory that contai
19-09-2017 - 01:30 15-04-2010 - 17:30
CVE-2010-0162 4.3
Mozilla Firefox 3.0.x before 3.0.18 and 3.5.x before 3.5.8, and SeaMonkey before 2.0.3, does not properly support the application/octet-stream content type as a protection mechanism against execution of web script in certain circumstances involving S
19-09-2017 - 01:30 22-02-2010 - 13:00
CVE-2010-0052 9.3
Use-after-free vulnerability in WebKit in Apple Safari before 4.0.5 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via vectors related to "callbacks for HTML elements." Per: http://lists.apple.com/a
19-09-2017 - 01:30 15-03-2010 - 14:15
CVE-2009-4022 2.6
Unspecified vulnerability in ISC BIND 9.0.x through 9.3.x, 9.4 before 9.4.3-P4, 9.5 before 9.5.2-P1, 9.6 before 9.6.1-P2, and 9.7 beta before 9.7.0b3, with DNSSEC validation enabled and checking disabled (CD), allows remote attackers to conduct DNS c
19-09-2017 - 01:29 25-11-2009 - 16:30
CVE-2009-4376 9.3
Buffer overflow in the daintree_sna_read function in the Daintree SNA file parser in Wireshark 1.2.0 through 1.2.4 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted packet.
19-09-2017 - 01:29 21-12-2009 - 21:30
CVE-2009-4377 4.3
The (1) SMB and (2) SMB2 dissectors in Wireshark 0.9.0 through 1.2.4 allow remote attackers to cause a denial of service (crash) via a crafted packet that triggers a NULL pointer dereference, as demonstrated by fuzz-2009-12-07-11141.pcap.
19-09-2017 - 01:29 21-12-2009 - 21:30
CVE-2009-4355 5.0
Memory leak in the zlib_stateful_finish function in crypto/comp/c_zlib.c in OpenSSL 0.9.8l and earlier and 1.0.0 Beta through Beta 4 allows remote attackers to cause a denial of service (memory consumption) via vectors that trigger incorrect calls to
19-09-2017 - 01:29 14-01-2010 - 19:30
CVE-2009-4378 4.3
The IPMI dissector in Wireshark 1.2.0 through 1.2.4 on Windows allows remote attackers to cause a denial of service (crash) via a crafted packet, related to "formatting a date/time using strftime."
19-09-2017 - 01:29 21-12-2009 - 21:30
CVE-2009-2470 5.0
Mozilla Firefox before 3.0.12, and 3.5.x before 3.5.2, allows remote SOCKS5 proxy servers to cause a denial of service (data stream corruption) via a long domain name in a reply.
19-09-2017 - 01:29 04-08-2009 - 16:30
CVE-2009-3984 6.8
Mozilla Firefox before 3.0.16 and 3.5.x before 3.5.6, and SeaMonkey before 2.0.1, allows remote attackers to spoof an SSL indicator for an http URL or a file URL by setting document.location to an https URL corresponding to a site that responds with
19-09-2017 - 01:29 17-12-2009 - 17:30
CVE-2009-3983 6.8
Mozilla Firefox before 3.0.16 and 3.5.x before 3.5.6, and SeaMonkey before 2.0.1, allows remote attackers to send authenticated requests to arbitrary applications by replaying the NTLM credentials of a browser user.
19-09-2017 - 01:29 17-12-2009 - 17:30
CVE-2009-2904 6.9
A certain Red Hat modification to the ChrootDirectory feature in OpenSSH 4.8, as used in sshd in OpenSSH 4.3 in Red Hat Enterprise Linux (RHEL) 5.4 and Fedora 11, allows local users to gain privileges via hard links to setuid programs that use config
19-09-2017 - 01:29 01-10-2009 - 15:30
CVE-2009-2849 4.7
The md driver (drivers/md/md.c) in the Linux kernel before 2.6.30.2 might allow local users to cause a denial of service (NULL pointer dereference) via vectors related to "suspend_* sysfs attributes" and the (1) suspend_lo_store or (2) suspend_hi_sto
19-09-2017 - 01:29 18-08-2009 - 21:00
CVE-2009-2473 4.3
neon before 0.28.6, when expat is used, does not properly detect recursion during entity expansion, which allows context-dependent attackers to cause a denial of service (memory and CPU consumption) via a crafted XML document containing a large numbe
19-09-2017 - 01:29 21-08-2009 - 17:30
CVE-2009-3379 10.0
Multiple unspecified vulnerabilities in libvorbis, as used in Mozilla Firefox 3.5.x before 3.5.4, allow remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via unknown vectors. NOTE: this might overla
19-09-2017 - 01:29 29-10-2009 - 14:30
CVE-2009-2471 10.0
The setTimeout function in Mozilla Firefox before 3.0.12 does not properly preserve object wrapping, which allows remote attackers to execute arbitrary JavaScript with chrome privileges via a crafted call, related to XPCNativeWrapper.
19-09-2017 - 01:29 22-07-2009 - 18:30
CVE-2009-2632 4.4
Buffer overflow in the SIEVE script component (sieve/script.c), as used in cyrus-imapd in Cyrus IMAP Server 2.2.13 and 2.3.14, and Dovecot 1.0 before 1.0.4 and 1.1 before 1.1.7, allows local users to execute arbitrary code and read or modify arbitrar
19-09-2017 - 01:29 08-09-2009 - 23:30
CVE-2009-3985 6.8
Mozilla Firefox before 3.0.16 and 3.5.x before 3.5.6, and SeaMonkey before 2.0.1, allows remote attackers to associate spoofed content with an invalid URL by setting document.location to this URL, and then writing arbitrary web script or HTML to the
19-09-2017 - 01:29 17-12-2009 - 17:30
CVE-2009-3979 9.3
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 3.0.16 and 3.5.x before 3.5.6, SeaMonkey before 2.0.1, and Thunderbird allow remote attackers to cause a denial of service (memory corruption and application crash)
19-09-2017 - 01:29 17-12-2009 - 17:30
CVE-2009-2689 10.0
JDK13Services.getProviders in Sun Java SE 5.0 before Update 20 and 6 before Update 15, and OpenJDK, grants full privileges to instances of unspecified object types, which allows context-dependent attackers to bypass intended access restrictions via a
19-09-2017 - 01:29 10-08-2009 - 18:30
CVE-2009-2690 5.0
The encoder in Sun Java SE 6 before Update 15, and OpenJDK, grants read access to private variables with unspecified names, which allows context-dependent attackers to obtain sensitive information via an untrusted (1) applet or (2) application.
19-09-2017 - 01:29 10-08-2009 - 18:30
CVE-2009-2664 5.0
The js_watch_set function in js/src/jsdbgapi.cpp in the JavaScript engine in Mozilla Firefox before 3.0.12 allows remote attackers to cause a denial of service (assertion failure and application exit) or possibly execute arbitrary code via a crafted
19-09-2017 - 01:29 04-08-2009 - 16:30
CVE-2009-2411 8.5
Multiple integer overflows in the libsvn_delta library in Subversion before 1.5.7, and 1.6.x before 1.6.4, allow remote authenticated users and remote Subversion servers to execute arbitrary code via an svndiff stream with large windows that trigger
19-09-2017 - 01:29 07-08-2009 - 19:30
CVE-2009-2469 10.0
Mozilla Firefox before 3.0.12 does not properly handle an SVG element that has a property with a watch function and an __defineSetter__ function, which allows remote attackers to cause a denial of service (memory corruption and application crash) or
19-09-2017 - 01:29 22-07-2009 - 18:30
CVE-2009-2467 10.0
Mozilla Firefox before 3.0.12 and 3.5 before 3.5.1 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via vectors involving a Flash object, a slow script dialog, and the unloading of the Flash
19-09-2017 - 01:29 22-07-2009 - 18:30
CVE-2009-3988 5.0
Mozilla Firefox 3.0.x before 3.0.18 and 3.5.x before 3.5.8, and SeaMonkey before 2.0.3, does not properly restrict read access to object properties in showModalDialog, which allows remote attackers to bypass the Same Origin Policy and conduct cross-s
19-09-2017 - 01:29 22-02-2010 - 13:00
CVE-2009-2620 5.0
src/remote/server.cpp in fbserver.exe in Firebird SQL 1.5 before 1.5.6, 2.0 before 2.0.6, 2.1 before 2.1.3, and 2.5 before 2.5 Beta 2 allows remote attackers to cause a denial of service (daemon crash) via a malformed op_connect_request message that
19-09-2017 - 01:29 29-07-2009 - 17:30
CVE-2009-3245 10.0
OpenSSL before 0.9.8m does not check for a NULL return value from bn_wexpand function calls in (1) crypto/bn/bn_div.c, (2) crypto/bn/bn_gf2m.c, (3) crypto/ec/ec2_smpl.c, and (4) engines/e_ubsec.c, which has unspecified impact and context-dependent at
19-09-2017 - 01:29 05-03-2010 - 19:30
CVE-2009-2476 10.0
The Java Management Extensions (JMX) implementation in Sun Java SE 6 before Update 15, and OpenJDK, does not properly enforce OpenType checks, which allows context-dependent attackers to bypass intended access restrictions by leveraging finalizer res
19-09-2017 - 01:29 10-08-2009 - 18:30
CVE-2009-2477 9.3
js/src/jstracer.cpp in the Just-in-time (JIT) JavaScript compiler (aka TraceMonkey) in Mozilla Firefox 3.5 before 3.5.1 allows remote attackers to execute arbitrary code via certain use of the escape function that triggers access to uninitialized mem
19-09-2017 - 01:29 15-07-2009 - 15:30
CVE-2009-3982 9.3
Multiple unspecified vulnerabilities in the JavaScript engine in Mozilla Firefox 3.5.x before 3.5.6, SeaMonkey before 2.0.1, and Thunderbird allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly exe
19-09-2017 - 01:29 17-12-2009 - 17:30
CVE-2009-2695 7.2
The Linux kernel before 2.6.31-rc7 does not properly prevent mmap operations that target page zero and other low memory addresses, which allows local users to gain privileges by exploiting NULL pointer dereference vulnerabilities, related to (1) the
19-09-2017 - 01:29 28-08-2009 - 15:30
CVE-2009-3986 7.6
Mozilla Firefox before 3.0.16 and 3.5.x before 3.5.6, and SeaMonkey before 2.0.1, allows remote attackers to execute arbitrary JavaScript with chrome privileges by leveraging a reference to a chrome window from a content window, related to the window
19-09-2017 - 01:29 17-12-2009 - 17:30
CVE-2009-3235 7.5
Multiple stack-based buffer overflows in the Sieve plugin in Dovecot 1.0 before 1.0.4 and 1.1 before 1.1.7, as derived from Cyrus libsieve, allow context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code via
19-09-2017 - 01:29 17-09-2009 - 10:30
CVE-2009-3377 10.0
Multiple unspecified vulnerabilities in liboggz before cf5feeaab69b05e24, as used in Mozilla Firefox 3.5.x before 3.5.4, allow remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via unknown vectors.
19-09-2017 - 01:29 29-10-2009 - 14:30
CVE-2009-3980 9.3
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox 3.5.x before 3.5.6, SeaMonkey before 2.0.1, and Thunderbird allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execut
19-09-2017 - 01:29 17-12-2009 - 17:30
CVE-2009-2964 6.8
Multiple cross-site request forgery (CSRF) vulnerabilities in SquirrelMail 1.4.19 and earlier, and NaSMail before 1.7, allow remote attackers to hijack the authentication of unspecified victims via features such as send message and change preferences
19-09-2017 - 01:29 25-08-2009 - 17:30
CVE-2009-4005 7.2
The collect_rx_frame function in drivers/isdn/hisax/hfc_usb.c in the Linux kernel before 2.6.32-rc7 allows attackers to have an unspecified impact via a crafted HDLC packet that arrives over ISDN and triggers a buffer under-read.
19-09-2017 - 01:29 20-11-2009 - 02:30
CVE-2009-3384 9.3
Multiple unspecified vulnerabilities in WebKit in Apple Safari before 4.0.4 on Windows allow remote FTP servers to execute arbitrary code, cause a denial of service (application crash), or obtain sensitive information via a crafted directory listing
19-09-2017 - 01:29 13-11-2009 - 15:30
CVE-2009-3736 6.9
ltdl.c in libltdl in GNU Libtool 1.5.x, and 2.2.6 before 2.2.6b, as used in Ham Radio Control Libraries, Q, and possibly other products, attempts to open a .la file in the current working directory, which allows local users to gain privileges via a T
19-09-2017 - 01:29 29-11-2009 - 13:07
CVE-2009-3389 9.3
Integer overflow in libtheora in Xiph.Org Theora before 1.1, as used in Mozilla Firefox 3.5 before 3.5.6 and SeaMonkey before 2.0.1, allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a vid
19-09-2017 - 01:29 17-12-2009 - 17:30
CVE-2009-3388 9.3
liboggplay in Mozilla Firefox 3.5.x before 3.5.6 and SeaMonkey before 2.0.1 might allow context-dependent attackers to cause a denial of service (application crash) or execute arbitrary code via unspecified vectors, related to "memory safety issues."
19-09-2017 - 01:29 17-12-2009 - 17:30
CVE-2009-2475 7.8
Sun Java SE 5.0 before Update 20 and 6 before Update 15, and OpenJDK, might allow context-dependent attackers to obtain sensitive information via vectors involving static variables that are declared without the final keyword, related to (1) LayoutQue
19-09-2017 - 01:29 10-08-2009 - 18:30
CVE-2015-7941 4.3
libxml2 2.9.2 does not properly stop parsing invalid input, which allows context-dependent attackers to cause a denial of service (out-of-bounds read and libxml2 crash) via crafted XML data to the (1) xmlParseEntityDecl or (2) xmlParseConditionalSect
14-09-2017 - 01:29 18-11-2015 - 16:59
CVE-2017-6362 5.0
Double free vulnerability in the gdImagePngPtr function in libgd2 before 2.2.5 allows remote attackers to cause a denial of service via vectors related to a palette with no colors.
13-09-2017 - 17:46 07-09-2017 - 13:29
CVE-2015-5705 5.0
Argument injection vulnerability in devscripts before 2.15.7 allows remote attackers to write to arbitrary files via a crafted symlink and crafted filename.
13-09-2017 - 11:21 06-09-2017 - 21:29
CVE-2015-0233 4.6
Multiple insecure Temporary File vulnerabilities in 389 Administration Server before 1.1.38.
08-09-2017 - 11:56 28-08-2017 - 19:29
CVE-2014-8625 6.8
Multiple format string vulnerabilities in the parse_error_msg function in parsehelp.c in dpkg before 1.17.22 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via format string specifiers in the (1) packa
08-09-2017 - 01:29 20-01-2015 - 15:59
CVE-2014-7828 3.5
FreeIPA 4.0.x before 4.0.5 and 4.1.x before 4.1.1, when 2FA is enabled, allows remote attackers to bypass the password requirement of the two-factor authentication leveraging an enabled OTP token, which triggers an anonymous bind.
08-09-2017 - 01:29 19-11-2014 - 18:59
CVE-2014-6394 7.5
visionmedia send before 0.8.4 for Node.js uses a partial comparison for verifying whether a directory is within the document root, which allows remote attackers to access restricted directories, as demonstrated using "public-restricted" under a "publ
08-09-2017 - 01:29 08-10-2014 - 17:55
CVE-2015-1200 2.1
Race condition in pxz 4.999.99 Beta 3 uses weak file permissions for the output file when compressing a file before changing the permission to match the original file, which allows local users to bypass the intended access restrictions.
08-09-2017 - 01:29 23-01-2015 - 15:59
CVE-2015-1038 5.8
p7zip 9.20.1 allows remote attackers to write to arbitrary files via a symlink attack in an archive.
08-09-2017 - 01:29 21-01-2015 - 18:59
CVE-2014-9637 7.1
GNU patch 2.7.2 and earlier allows remote attackers to cause a denial of service (memory consumption and segmentation fault) via a crafted diff file.
30-08-2017 - 01:16 25-08-2017 - 18:29
CVE-2015-1395 7.8
Directory traversal vulnerability in GNU patch versions which support Git-style patching before 2.7.3 allows remote attackers to write to arbitrary files with the permissions of the target user via a .. (dot dot) in a diff file name.
30-08-2017 - 01:13 25-08-2017 - 18:29
CVE-2013-7299 5.0
framework/common/messageheaderparser.cpp in Tntnet before 2.2.1 allows remote attackers to obtain sensitive information via a header that ends in \n instead of \r\n, which prevents a null terminator from being added and causes Tntnet to include heade
29-08-2017 - 01:34 26-01-2014 - 20:55
CVE-2013-7298 5.0
query_params.cpp in cxxtools before 2.2.1 allows remote attackers to cause a denial of service (infinite recursion and crash) via an HTTP query that contains %% (double percent) characters.
29-08-2017 - 01:34 26-01-2014 - 20:55
CVE-2013-7296 5.0
The JBIG2Stream::readSegments method in JBIG2Stream.cc in Poppler before 0.24.5 does not use the correct specifier within a format string, which allows context-dependent attackers to cause a denial of service (segmentation fault and application crash
29-08-2017 - 01:34 26-01-2014 - 01:55
CVE-2013-7130 7.1
The i_create_images_and_backing (aka create_images_and_backing) method in libvirt driver in OpenStack Compute (Nova) Grizzly, Havana, and Icehouse, when using KVM live block migration, does not properly create all expected files, which allows attacke
29-08-2017 - 01:34 06-02-2014 - 17:00
CVE-2014-3507 5.0
Memory leak in d1_both.c in the DTLS implementation in OpenSSL 0.9.8 before 0.9.8zb, 1.0.0 before 1.0.0n, and 1.0.1 before 1.0.1i allows remote attackers to cause a denial of service (memory consumption) via zero-length DTLS fragments that trigger im
29-08-2017 - 01:34 13-08-2014 - 23:55
CVE-2014-2708 7.5
Multiple SQL injection vulnerabilities in graph_xport.php in Cacti 0.8.7g, 0.8.8b, and earlier allow remote attackers to execute arbitrary SQL commands via the (1) graph_start, (2) graph_end, (3) graph_height, (4) graph_width, (5) graph_nolegend, (6)
29-08-2017 - 01:34 10-04-2014 - 20:29
CVE-2014-3506 5.0
d1_both.c in the DTLS implementation in OpenSSL 0.9.8 before 0.9.8zb, 1.0.0 before 1.0.0n, and 1.0.1 before 1.0.1i allows remote attackers to cause a denial of service (memory consumption) via crafted DTLS handshake messages that trigger memory alloc
29-08-2017 - 01:34 13-08-2014 - 23:55
CVE-2014-3510 4.3
The ssl3_send_client_key_exchange function in s3_clnt.c in OpenSSL 0.9.8 before 0.9.8zb, 1.0.0 before 1.0.0n, and 1.0.1 before 1.0.1i allows remote DTLS servers to cause a denial of service (NULL pointer dereference and client application crash) via
29-08-2017 - 01:34 13-08-2014 - 23:55
CVE-2014-1875 3.6
The Capture::Tiny module before 0.24 for Perl allows local users to write to arbitrary files via a symlink attack on a temporary file.
29-08-2017 - 01:34 06-10-2014 - 23:55
CVE-2014-1446 1.9
The yam_ioctl function in drivers/net/hamradio/yam.c in the Linux kernel before 3.12.8 does not initialize a certain structure member, which allows local users to obtain sensitive information from kernel memory by leveraging the CAP_NET_ADMIN capabil
29-08-2017 - 01:34 18-01-2014 - 22:55
CVE-2013-6497 2.1
clamscan in ClamAV before 0.98.5, when using -a option, allows remote attackers to cause a denial of service (crash) as demonstrated by the jwplayer.js file.
29-08-2017 - 01:33 01-12-2014 - 15:59
CVE-2013-2298 9.3
Multiple stack-based buffer overflows in the XML parser in BOINC 7.x allow attackers to have unspecified impact via a crafted XML file, related to the scheduler.
29-08-2017 - 01:33 02-06-2014 - 15:55
CVE-2013-2059 6.0
OpenStack Identity (Keystone) Folsom 2012.2.4 and earlier, Grizzly before 2013.1.1, and Havana does not immediately revoke the authentication token when deleting a user through the Keystone v2 API, which allows remote authenticated users to retain ac
29-08-2017 - 01:33 21-05-2013 - 18:55
CVE-2013-1952 1.9
Xen 4.x, when using Intel VT-d for a bus mastering capable PCI device, does not properly check the source when accessing a bridge device's interrupt remapping table entries for MSI interrupts, which allows local guest domains to cause a denial of ser
29-08-2017 - 01:33 13-05-2013 - 23:55
CVE-2013-1864 4.3
The Portable Tool Library (aka PTLib) before 2.10.10, as used in Ekiga before 4.0.1, does not properly detect recursion during entity expansion, which allows remote attackers to cause a denial of service (memory and CPU consumption) via a crafted PXM
29-08-2017 - 01:33 23-05-2014 - 14:55
CVE-2012-5671 6.8
Heap-based buffer overflow in the dkim_exim_query_dns_txt function in dkim.c in Exim 4.70 through 4.80, when DKIM support is enabled and acl_smtp_connect and acl_smtp_rcpt are not set to "warn control = dkim_disable_verify," allows remote attackers t
29-08-2017 - 01:32 31-10-2012 - 16:55
CVE-2012-5574 5.0
lib/form/sfForm.class.php in Symfony CMS before 1.4.20 allows remote attackers to read arbitrary files via a crafted upload request.
29-08-2017 - 01:32 18-12-2012 - 01:55
CVE-2012-5483 2.1
tools/sample_data.sh in OpenStack Keystone 2012.1.3, when access to Amazon Elastic Compute Cloud (Amazon EC2) is configured, uses world-readable permissions for /etc/keystone/ec2rc, which allows local users to obtain access to EC2 services by reading
29-08-2017 - 01:32 26-12-2012 - 22:55
CVE-2012-4560 7.5
Multiple buffer overflows in libssh before 0.5.3 allow remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via unspecified vectors.
29-08-2017 - 01:32 30-11-2012 - 22:55
CVE-2012-5621 5.0
lib/engine/components/opal/opal-call.cpp in ekiga before 4.0.0 allows remote attackers to cause a denial of service (crash) via an OPAL connection with a party name that contains invalid UTF-8 strings.
29-08-2017 - 01:32 29-09-2014 - 22:55
CVE-2012-5482 5.5
The v2 API in OpenStack Glance Grizzly, Folsom (2012.2), and Essex (2012.1) allows remote authenticated users to delete arbitrary non-protected images via an image deletion request. NOTE: this vulnerability exists because of an incomplete fix for CV
29-08-2017 - 01:32 11-11-2012 - 13:00
CVE-2012-4562 7.5
Multiple integer overflows in libssh before 0.5.3 allow remote attackers to cause a denial of service (infinite loop or crash) and possibly execute arbitrary code via unspecified vectors, which triggers a buffer overflow, infinite loop, or possibly s
29-08-2017 - 01:32 30-11-2012 - 22:55
CVE-2012-5391 6.8
Session fixation vulnerability in Special:UserLogin in MediaWiki before 1.18.6, 1.19.x before 1.19.3, and 1.20.x before 1.20.1 allows remote attackers to hijack web sessions via the session_id. Per: http://cwe.mitre.org/data/definitions/384.html "CW
29-08-2017 - 01:32 02-06-2014 - 15:55
CVE-2012-4544 2.1
The PV domain builder in Xen 4.2 and earlier does not validate the size of the kernel or ramdisk (1) before or (2) after decompression, which allows local guest administrators to cause a denial of service (domain 0 memory consumption) via a crafted (
29-08-2017 - 01:32 31-10-2012 - 16:55
CVE-2012-4559 6.8
Multiple double free vulnerabilities in the (1) agent_sign_data function in agent.c, (2) channel_request function in channels.c, (3) ssh_userauth_pubkey function in auth.c, (4) sftp_parse_attr_3 function in sftp.c, and (5) try_publickey_from_file fun
29-08-2017 - 01:32 30-11-2012 - 22:55
CVE-2012-5571 3.5
OpenStack Keystone Essex (2012.1) and Folsom (2012.2) does not properly handle EC2 tokens when the user role has been removed from a tenant, which allows remote authenticated users to bypass intended authorization restrictions by leveraging a token f
29-08-2017 - 01:32 18-12-2012 - 01:55
CVE-2012-4573 5.5
The v1 API in OpenStack Glance Grizzly, Folsom (2012.2), and Essex (2012.1) allows remote authenticated users to delete arbitrary non-protected images via an image deletion request, a different vulnerability than CVE-2012-5482.
29-08-2017 - 01:32 11-11-2012 - 13:00
CVE-2012-4561 5.0
The (1) publickey_make_dss, (2) publickey_make_rsa, (3) signature_from_string, (4) ssh_do_sign, and (5) ssh_sign_session_id functions in keys.c in libssh before 0.5.3 free "an invalid pointer on an error path," which might allow remote attackers to c
29-08-2017 - 01:32 30-11-2012 - 22:55
CVE-2013-0176 4.3
The publickey_from_privatekey function in libssh before 0.5.4, when no algorithm is matched during negotiations, allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via a "Client: Diffie-Hellman Key Exchange Init
29-08-2017 - 01:32 05-02-2013 - 23:55
CVE-2012-3547 6.8
Stack-based buffer overflow in the cbtls_verify function in FreeRADIUS 2.1.10 through 2.1.12, when using TLS-based EAP methods, allows remote attackers to cause a denial of service (server crash) and possibly execute arbitrary code via a long "not af
29-08-2017 - 01:31 18-09-2012 - 17:55
CVE-2012-2101 3.5
Openstack Compute (Nova) Folsom, 2012.1, and 2011.3 does not limit the number of security group rules, which allows remote authenticated users with certain permissions to cause a denial of service (CPU and hard drive consumption) via a network reques
29-08-2017 - 01:31 07-06-2012 - 19:55
CVE-2012-2417 4.3
PyCrypto before 2.6 does not produce appropriate prime numbers when using an ElGamal scheme to generate a key, which reduces the signature space or public key space and makes it easier for attackers to conduct brute force attacks to obtain the privat
29-08-2017 - 01:31 17-06-2012 - 03:41
CVE-2012-1176 5.0
Buffer overflow in the fribidi_utf8_to_unicode function in PyFriBidi before 0.11.0 allows remote attackers to cause a denial of service (application crash) via a 4-byte utf-8 sequence.
29-08-2017 - 01:31 26-08-2012 - 20:55
CVE-2012-2451 3.6
The Config::IniFiles module before 2.71 for Perl creates temporary files with predictable names, which allows local users to overwrite arbitrary files via a symlink attack. NOTE: some of these details are obtained from third party information. NOTE
29-08-2017 - 01:31 27-06-2012 - 21:55
CVE-2012-2094 4.3
Cross-site scripting (XSS) vulnerability in the refresh mechanism in the log viewer in horizon/static/horizon/js/horizon.js in OpenStack Dashboard (Horizon) folsom-1 and 2012.1 and earlier allows remote attackers to inject arbitrary web script or HTM
29-08-2017 - 01:31 05-06-2012 - 22:55
CVE-2012-2385 4.0
The terminal dispatcher in mosh before 1.2.1 allows remote authenticated users to cause a denial of service (long loop and CPU consumption) via an escape sequence with a large repeat count value.
29-08-2017 - 01:31 29-06-2012 - 19:55
CVE-2012-2090 9.3
Multiple format string vulnerabilities in FlightGear 2.6 and earlier and SimGear 2.6 and earlier allow user-assisted remote attackers to cause a denial of service and possibly execute arbitrary code via format string specifiers in certain data chunk
29-08-2017 - 01:31 17-06-2012 - 03:41
CVE-2012-1152 5.0
Multiple format string vulnerabilities in the error reporting functionality in the YAML::LibYAML (aka YAML-LibYAML and perl-YAML-LibYAML) module 0.38 for Perl allow remote attackers to cause a denial of service (process crash) via format string speci
29-08-2017 - 01:31 09-09-2012 - 21:55
CVE-2012-2144 6.8
Session fixation vulnerability in OpenStack Dashboard (Horizon) folsom-1 and 2012.1 allows remote attackers to hijack web sessions via the sessionid cookie.
29-08-2017 - 01:31 05-06-2012 - 22:55
CVE-2012-1616 9.3
Use-after-free vulnerability in icclib before 2.13, as used by Argyll CMS before 1.4 and possibly other programs, allows remote attackers to cause a denial of service (crash) or execute arbitrary code via a crafted ICC profile file.
29-08-2017 - 01:31 21-06-2012 - 15:55
CVE-2012-2737 1.9
The user_change_icon_file_authorized_cb function in /usr/libexec/accounts-daemon in AccountsService before 0.6.22 does not properly check the UID when copying an icon file to the system cache directory, which allows local users to read arbitrary file
29-08-2017 - 01:31 22-07-2012 - 17:55
CVE-2012-2093 3.3
src/common/latex.py in Gajim 0.15 allows local users to overwrite arbitrary files via a symlink attack on a temporary latex file, related to the get_tmpfile_name function.
29-08-2017 - 01:31 18-05-2012 - 22:55
CVE-2012-0862 4.3
builtins.c in Xinetd before 2.3.15 does not check the service type when the tcpmux-server service is enabled, which exposes all enabled services and allows remote attackers to bypass intended access restrictions via a request to tcpmux port 1.
29-08-2017 - 01:31 04-06-2012 - 20:55
CVE-2011-4782 4.3
Cross-site scripting (XSS) vulnerability in libraries/config/ConfigFile.class.php in the setup interface in phpMyAdmin 3.4.x before 3.4.9 allows remote attackers to inject arbitrary web script or HTML via the host parameter.
29-08-2017 - 01:30 22-12-2011 - 20:55
CVE-2011-4113 7.5
SQL injection vulnerability in the Views module before 6.x-2.13 for Drupal allows remote attackers to execute arbitrary SQL commands via vectors related to "filters/arguments on certain types of views with specific configurations of arguments."
29-08-2017 - 01:30 17-02-2012 - 23:55
CVE-2011-3256 4.3
FreeType 2 before 2.4.7, as used in CoreGraphics in Apple iOS before 5, Mandriva Enterprise Server 5, and possibly other products, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted font,
29-08-2017 - 01:30 14-10-2011 - 10:55
CVE-2011-4869 7.8
validator/val_nsec3.c in Unbound before 1.4.13p2 does not properly perform proof processing for NSEC3-signed zones, which allows remote DNS servers to cause a denial of service (daemon crash) via a malformed response that lacks expected NSEC3 records
29-08-2017 - 01:30 20-12-2011 - 11:55
CVE-2011-3265 5.0
popup.php in Zabbix before 1.8.7 allows remote attackers to read the contents of arbitrary database tables via a modified srctbl parameter.
29-08-2017 - 01:30 19-08-2011 - 21:55
CVE-2011-4615 4.3
Multiple cross-site scripting (XSS) vulnerabilities in Zabbix before 1.8.10 allow remote attackers to inject arbitrary web script or HTML via the gname parameter (aka host groups name) to (1) hostgroups.php and (2) usergrps.php, the update action to
29-08-2017 - 01:30 29-12-2011 - 22:55
CVE-2011-4824 7.5
SQL injection vulnerability in auth_login.php in Cacti before 0.8.7h allows remote attackers to execute arbitrary SQL commands via the login_username parameter.
29-08-2017 - 01:30 15-12-2011 - 03:57
CVE-2011-3194 9.3
Buffer overflow in the TIFF reader in gui/image/qtiffhandler.cpp in Qt 4.7.4 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via the TIFFTAG_SAMPLESPERPIXEL tag in a greyscale TIFF image with multiple
29-08-2017 - 01:30 16-06-2012 - 00:55
CVE-2011-2535 5.0
chan_iax2.c in the IAX2 channel driver in Asterisk Open Source 1.4.x before 1.4.41.1, 1.6.2.x before 1.6.2.18.1, and 1.8.x before 1.8.4.3, and Asterisk Business Edition C.3 before C.3.7.3, accesses a memory address contained in an option control fram
29-08-2017 - 01:29 06-07-2011 - 19:55
CVE-2011-2642 2.6
Multiple cross-site scripting (XSS) vulnerabilities in the table Print view implementation in tbl_printview.php in phpMyAdmin before 3.3.10.3 and 3.4.x before 3.4.3.2 allow remote authenticated users to inject arbitrary web script or HTML via a craft
29-08-2017 - 01:29 01-08-2011 - 19:55
CVE-2011-2643 6.8
Directory traversal vulnerability in sql.php in phpMyAdmin 3.4.x before 3.4.3.2, when configuration storage is enabled, allows remote attackers to include and execute arbitrary local files via directory traversal sequences in a MIME-type transformati
29-08-2017 - 01:29 01-08-2011 - 19:55
CVE-2011-2900 7.5
Stack-based buffer overflow in the (1) put_dir function in mongoose.c in Mongoose 3.0, (2) put_dir function in yasslEWS.c in yaSSL Embedded Web Server (yasslEWS) 0.2, and (3) _shttpd_put_dir function in io_dir.c in Simple HTTPD (shttpd) 1.42 allows r
29-08-2017 - 01:29 05-08-2011 - 21:55
CVE-2011-2904 4.3
Cross-site scripting (XSS) vulnerability in acknow.php in Zabbix before 1.8.6 allows remote attackers to inject arbitrary web script or HTML via the backurl parameter.
29-08-2017 - 01:29 19-08-2011 - 21:55
CVE-2011-2529 5.0
chan_sip.c in the SIP channel driver in Asterisk Open Source 1.6.x before 1.6.2.18.1 and 1.8.x before 1.8.4.3 does not properly handle '\0' characters in SIP packets, which allows remote attackers to cause a denial of service (memory corruption) or p
29-08-2017 - 01:29 06-07-2011 - 19:55
CVE-2011-2510 4.3
Cross-site scripting (XSS) vulnerability in the RSS embedding feature in DokuWiki before 2011-05-25a Rincewind allows remote attackers to inject arbitrary web script or HTML via a link.
29-08-2017 - 01:29 14-07-2011 - 23:55
CVE-2017-12843 4.0
Cyrus IMAP before 3.0.3 allows remote authenticated users to write to arbitrary files via a crafted (1) SYNCAPPLY, (2) SYNCGET or (3) SYNCRESTORE command.
26-08-2017 - 09:13 22-08-2017 - 14:29
CVE-2015-0839 6.8
The hp-plugin utility in HP Linux Imaging and Printing (HPLIP) makes it easier for man-in-the-middle attackers to execute arbitrary code by leveraging use of a short GPG key id from a keyserver to verify print plugin downloads.
25-08-2017 - 11:42 02-08-2017 - 19:29
CVE-2015-1783 5.0
The prefix variable in the get_or_define_ns function in Lasso before commit 6d854cef4211cdcdbc7446c978f23ab859847cdd allows remote attackers to cause a denial of service (uninitialized memory access and application crash) via unspecified vectors.
24-08-2017 - 16:10 11-08-2017 - 21:29
CVE-2015-3277 5.0
The mod_nss module before 1.0.11 in Fedora allows remote attackers to obtain cipher lists due to incorrect parsing of multi-keyword cipherstring.
21-08-2017 - 14:36 09-08-2017 - 18:29
CVE-2015-6816 7.5
ganglia-web before 3.7.1 allows remote attackers to bypass authentication.
20-08-2017 - 16:36 09-08-2017 - 18:29
CVE-2011-1922 4.3
daemon/worker.c in Unbound 1.x before 1.4.10, when debugging functionality and the interface-automatic option are enabled, allows remote attackers to cause a denial of service (assertion failure and daemon exit) via a crafted DNS request that trigger
17-08-2017 - 01:34 31-05-2011 - 20:55
CVE-2011-1429 5.8
Mutt does not verify that the smtps server hostname matches the domain name of the subject of an X.509 certificate, which allows man-in-the-middle attackers to spoof an SSL SMTP server via an arbitrary certificate, a different vulnerability than CVE-
17-08-2017 - 01:34 16-03-2011 - 22:55
CVE-2011-1579 5.8
The checkCss function in includes/Sanitizer.php in the wikitext parser in MediaWiki before 1.16.3 does not properly validate Cascading Style Sheets (CSS) token sequences, which allows remote attackers to conduct cross-site scripting (XSS) attacks or
17-08-2017 - 01:34 27-04-2011 - 00:55
CVE-2011-1496 4.6
tmux 1.3 and 1.4 does not properly drop group privileges, which allows local users to gain utmp group privileges via a filename to the -S command-line option.
17-08-2017 - 01:34 18-04-2011 - 18:55
CVE-2011-1841 4.3
Cross-site scripting (XSS) vulnerability in the link_to helper in Mojolicious before 1.12 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
17-08-2017 - 01:34 03-05-2011 - 00:55
CVE-2011-1580 3.5
The transwiki import functionality in MediaWiki before 1.16.3 does not properly check privileges, which allows remote authenticated users to perform imports from any wgImportSources wiki via a crafted POST request.
17-08-2017 - 01:34 27-04-2011 - 00:55
CVE-2011-1929 5.0
lib-mail/message-header-parser.c in Dovecot 1.2.x before 1.2.17 and 2.0.x before 2.0.13 does not properly handle '\0' characters in header names, which allows remote attackers to cause a denial of service (daemon crash or mailbox corruption) via a cr
17-08-2017 - 01:34 24-05-2011 - 23:55
CVE-2011-1589 5.0
Directory traversal vulnerability in Path.pm in Mojolicious before 1.16 allows remote attackers to read arbitrary files via a %2f..%2f (encoded slash dot dot slash) in a URI.
17-08-2017 - 01:34 29-04-2011 - 22:55
CVE-2011-1753 5.0
expat_erl.c in ejabberd before 2.1.7 and 3.x before 3.0.0-alpha-3, and exmpp before 0.9.7, does not properly detect recursion during entity expansion, which allows remote attackers to cause a denial of service (memory and CPU consumption) via a craft
17-08-2017 - 01:34 21-06-2011 - 02:52
CVE-2011-1487 5.0
The (1) lc, (2) lcfirst, (3) uc, and (4) ucfirst functions in Perl 5.10.x, 5.11.x, and 5.12.x through 5.12.3, and 5.13.x through 5.13.11, do not apply the taint attribute to the return value upon processing tainted input, which might allow context-de
17-08-2017 - 01:34 11-04-2011 - 18:55
CVE-2010-4341 2.1
The pam_parse_in_data_v2 function in src/responder/pam/pamsrv_cmd.c in the PAM responder in SSSD 1.5.0, 1.4.x, and 1.3 allows local users to cause a denial of service (infinite loop, crash, and login prevention) via a crafted packet.
17-08-2017 - 01:33 25-01-2011 - 01:00
CVE-2010-4567 4.3
Bugzilla before 3.2.10, 3.4.x before 3.4.10, 3.6.x before 3.6.4, and 4.0.x before 4.0rc2 does not properly handle whitespace preceding a (1) javascript: or (2) data: URI, which allows remote attackers to conduct cross-site scripting (XSS) attacks via
17-08-2017 - 01:33 28-01-2011 - 16:00
CVE-2010-3872 7.2
The fcgid_header_bucket_read function in fcgid_bucket.c in the mod_fcgid module before 2.3.6 for the Apache HTTP Server does not use bytewise pointer arithmetic in certain circumstances, which has unspecified impact and attack vectors related to "unt
17-08-2017 - 01:33 22-11-2010 - 12:54
CVE-2010-3611 4.3
ISC DHCP server 4.0 before 4.0.2, 4.1 before 4.1.2, and 4.2 before 4.2.0-P1 allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via a DHCPv6 packet containing a Relay-Forward message without an address in the Rel
17-08-2017 - 01:33 04-11-2010 - 18:00
CVE-2010-3764 5.0
The Old Charts implementation in Bugzilla 2.12 through 3.2.8, 3.4.8, 3.6.2, 3.7.3, and 4.1 creates graph files with predictable names in graphs/, which allows remote attackers to obtain sensitive information via a modified URL.
17-08-2017 - 01:33 05-11-2010 - 17:00
CVE-2010-4572 4.3
CRLF injection vulnerability in chart.cgi in Bugzilla before 3.2.10, 3.4.x before 3.4.10, 3.6.x before 3.6.4, and 4.0.x before 4.0rc2 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via the query s
17-08-2017 - 01:33 28-01-2011 - 16:00
CVE-2010-4015 6.5
Buffer overflow in the gettoken function in contrib/intarray/_int_bool.c in the intarray array module in PostgreSQL 9.0.x before 9.0.3, 8.4.x before 8.4.7, 8.3.x before 8.3.14, and 8.2.x before 8.2.20 allows remote authenticated users to cause a deni
17-08-2017 - 01:33 02-02-2011 - 01:00
CVE-2010-4694 6.8
Buffer overflow in gif2png.c in gif2png 2.5.3 and earlier might allow context-dependent attackers to cause a denial of service (application crash) or have unspecified other impact via a GIF file that contains many images, leading to long extensions s
17-08-2017 - 01:33 14-01-2011 - 18:00
CVE-2010-4267 7.5
Stack-based buffer overflow in the hpmud_get_pml function in io/hpmud/pml.c in Hewlett-Packard Linux Imaging and Printing (HPLIP) 1.6.7, 3.9.8, 3.10.9, and probably other versions allows remote attackers to cause a denial of service (crash) and possi
17-08-2017 - 01:33 20-01-2011 - 19:00
CVE-2010-4349 5.0
admin/upgrade_unattended.php in MantisBT before 1.2.4 allows remote attackers to obtain sensitive information via an invalid db_type parameter, which reveals the installation path in an error message, related to an unsafe call by MantisBT to a functi
17-08-2017 - 01:33 03-01-2011 - 20:00
CVE-2010-4695 5.0
A certain Fedora patch for gif2png.c in gif2png 2.5.1 and 2.5.2, as distributed in gif2png-2.5.1-1200.fc12 on Fedora 12 and gif2png_2.5.2-1 on Debian GNU/Linux, truncates a GIF pathname specified on the command line, which might allow remote attacker
17-08-2017 - 01:33 14-01-2011 - 18:00
CVE-2010-4568 7.5
Bugzilla 2.14 through 2.22.7; 3.0.x, 3.1.x, and 3.2.x before 3.2.10; 3.4.x before 3.4.10; 3.6.x before 3.6.4; and 4.0.x before 4.0rc2 does not properly generate random values for cookies and tokens, which allows remote attackers to obtain access to a
17-08-2017 - 01:33 28-01-2011 - 16:00
CVE-2010-4098 5.0
monotone before 0.48.1, when configured to allow remote commands, allows remote attackers to cause a denial of service (crash) via an empty argument to the mtn command.
17-08-2017 - 01:33 27-10-2010 - 19:00
CVE-2011-0003 5.8
MediaWiki before 1.16.1, when user or site JavaScript or CSS is enabled, allows remote attackers to conduct clickjacking attacks via unspecified vectors.
17-08-2017 - 01:33 11-01-2011 - 03:00
CVE-2011-1058 2.6
Cross-site scripting (XSS) vulnerability in the reStructuredText (rst) parser in parser/text_rst.py in MoinMoin before 1.9.3, when docutils is installed or when "format rst" is set, allows remote attackers to inject arbitrary web script or HTML via a
17-08-2017 - 01:33 22-02-2011 - 18:00
CVE-2011-0987 6.5
The PMA_Bookmark_get function in libraries/bookmark.lib.php in phpMyAdmin 2.11.x before 2.11.11.3, and 3.3.x before 3.3.9.2, does not properly restrict bookmark queries, which makes it easier for remote authenticated users to trigger another user's e
17-08-2017 - 01:33 14-02-2011 - 22:00
CVE-2011-0728 3.5
Cross-site scripting (XSS) vulnerability in templatefunctions.py in Loggerhead before 1.18.1 allows remote authenticated users to inject arbitrary web script or HTML via a filename, which is not properly handled in a revision view.
17-08-2017 - 01:33 29-03-2011 - 18:55
CVE-2011-0986 5.0
phpMyAdmin 2.11.x before 2.11.11.2, and 3.3.x before 3.3.9.1, does not properly handle the absence of the (1) README, (2) ChangeLog, and (3) LICENSE files, which allows remote attackers to obtain the installation path via a direct request for a nonex
17-08-2017 - 01:33 14-02-2011 - 22:00
CVE-2011-1153 7.5
Multiple format string vulnerabilities in phar_object.c in the phar extension in PHP 5.3.5 and earlier allow context-dependent attackers to obtain sensitive information from process memory, cause a denial of service (memory corruption), or possibly e
17-08-2017 - 01:33 16-03-2011 - 22:55
CVE-2011-1000 6.4
jingle-factory.c in Telepathy Gabble 0.11 before 0.11.7, 0.10 before 0.10.5, and 0.8 before 0.8.15 allows remote attackers to sniff audio and video calls via a crafted google:jingleinfo stanza that specifies an alternate server for streamed media.
17-08-2017 - 01:33 19-02-2011 - 01:00
CVE-2011-0738 4.3
MyProxy 5.0 through 5.2, as used in Globus Toolkit 5.0.0 through 5.0.2, does not properly verify the (1) hostname or (2) identity in the X.509 certificate for the myproxy-server, which allows remote attackers to spoof the server and conduct man-in-th
17-08-2017 - 01:33 02-02-2011 - 01:00
CVE-2011-1174 5.0
manager.c in Asterisk Open Source 1.6.1.x before 1.6.1.24, 1.6.2.x before 1.6.2.17.2, and 1.8.x before 1.8.3.2 allows remote attackers to cause a denial of service (CPU and memory consumption) via a series of manager sessions involving invalid data.
17-08-2017 - 01:33 31-03-2011 - 22:55
CVE-2011-0465 9.3
xrdb.c in xrdb before 1.0.9 in X.Org X11R7.6 and earlier allows remote attackers to execute arbitrary commands via shell metacharacters in a hostname obtained from a (1) DHCP or (2) XDMCP message.
17-08-2017 - 01:33 08-04-2011 - 15:17
CVE-2011-0048 4.3
Bugzilla before 3.2.10, 3.4.x before 3.4.10, 3.6.x before 3.6.4, and 4.0.x before 4.0rc2 creates a clickable link for a (1) javascript: or (2) data: URI in the URL (aka bug_file_loc) field, which allows remote attackers to conduct cross-site scriptin
17-08-2017 - 01:33 28-01-2011 - 16:00
CVE-2011-0047 4.3
Cross-site scripting (XSS) vulnerability in MediaWiki before 1.16.2 allows remote attackers to inject arbitrary web script or HTML via crafted Cascading Style Sheets (CSS) comments, aka "CSS injection vulnerability."
17-08-2017 - 01:33 04-02-2011 - 01:00
CVE-2011-0530 7.5
Buffer overflow in the mainloop function in nbd-server.c in the server in Network Block Device (nbd) before 2.9.20 might allow remote attackers to execute arbitrary code via a long request. NOTE: this issue exists because of a CVE-2005-3534 regressi
17-08-2017 - 01:33 22-02-2011 - 19:00
CVE-2011-0002 6.4
libuser before 0.57 uses a cleartext password value of (1) !! or (2) x for new LDAP user accounts, which makes it easier for remote attackers to obtain access by specifying one of these values.
17-08-2017 - 01:33 22-01-2011 - 22:00
CVE-2011-1175 5.0
tcptls.c in the TCP/TLS server in Asterisk Open Source 1.6.1.x before 1.6.1.23, 1.6.2.x before 1.6.2.17.1, and 1.8.x before 1.8.3.1 allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) by establishing many
17-08-2017 - 01:33 31-03-2011 - 22:55
CVE-2011-0046 6.8
Multiple cross-site request forgery (CSRF) vulnerabilities in Bugzilla before 3.2.10, 3.4.x before 3.4.10, 3.6.x before 3.6.4, and 4.0.x before 4.0rc2 allow remote attackers to hijack the authentication of arbitrary users for requests related to (1)
17-08-2017 - 01:33 28-01-2011 - 16:00
CVE-2011-0727 6.9
GNOME Display Manager (gdm) 2.x before 2.32.1 allows local users to change the ownership of arbitrary files via a symlink attack on a (1) dmrc or (2) face icon file under /var/cache/gdm/.
17-08-2017 - 01:33 31-03-2011 - 22:55
CVE-2011-0402 6.8
dpkg-source in dpkg before 1.14.31 and 1.15.x allows user-assisted remote attackers to modify arbitrary files via a symlink attack on unspecified files in the .pc directory.
17-08-2017 - 01:33 11-01-2011 - 03:00
CVE-2010-2058 2.1
setup.py in Prewikka 0.9.14 installs prewikka.conf with world-readable permissions, which allows local users to obtain the SQL database password.
17-08-2017 - 01:32 07-06-2010 - 17:13
CVE-2010-2352 5.0
The Node Reference module in Content Construction Kit (CCK) module 5.x before 5.x-1.11 and 6.x before 6.x-2.7 for Drupal does not perform access checks before displaying referenced nodes, which allows remote attackers to read controlled nodes.
17-08-2017 - 01:32 21-06-2010 - 19:30
CVE-2010-1156 4.3
core/nicklist.c in Irssi before 0.8.15 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via vectors related to an attempted fuzzy nick match at the instant that a victim leaves a channel. Per: http
17-08-2017 - 01:32 16-04-2010 - 19:30
CVE-2010-1155 6.8
Irssi before 0.8.15, when SSL is used, does not verify that the server hostname matches a domain name in the subject's Common Name (CN) field or a Subject Alternative Name field of the X.509 certificate, which allows man-in-the-middle attackers to sp
17-08-2017 - 01:32 16-04-2010 - 19:30
CVE-2010-2813 5.0
functions/imap_general.php in SquirrelMail before 1.4.21 does not properly handle 8-bit characters in passwords, which allows remote attackers to cause a denial of service (disk consumption) by making many IMAP login attempts with different usernames
17-08-2017 - 01:32 19-08-2010 - 18:00
CVE-2010-2156 5.0
ISC DHCP 4.1 before 4.1.1-P1 and 4.0 before 4.0.2-P1 allows remote attackers to cause a denial of service (server exit) via a zero-length client ID.
17-08-2017 - 01:32 07-06-2010 - 17:13
CVE-2010-2353 5.0
The Node Reference module in Content Construction Kit (CCK) module 6.x before 6.x-2.7 for Drupal does not perform access checks for the source field in the backend URL for the autocomplete widget, which allows remote attackers to discover titles and
17-08-2017 - 01:32 21-06-2010 - 19:30
CVE-2010-2053 3.3
emesenelib/ProfileManager.py in emesene before 1.6.2 allows local users to overwrite arbitrary files via a symlink attack on the emsnpic temporary file.
17-08-2017 - 01:32 07-06-2010 - 17:13
CVE-2010-3444 7.5
Buffer overflow in the log2vis_utf8 function in pyfribidi.c in GNU FriBidi 0.19.1, 0.19.2, and possibly other versions, as used in PyFriBidi 0.10.1, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via
17-08-2017 - 01:32 11-01-2011 - 03:00
CVE-2010-3350 6.9
bareFTP 0.3.4 places a zero-length directory name in the LD_LIBRARY_PATH, which allows local users to gain privileges via a Trojan horse shared library in the current working directory.
17-08-2017 - 01:32 20-10-2010 - 18:00
CVE-2010-2796 2.6
Cross-site scripting (XSS) vulnerability in phpCAS before 1.1.2, when proxy mode is enabled, allows remote attackers to inject arbitrary web script or HTML via a callback URL.
17-08-2017 - 01:32 05-08-2010 - 18:17
CVE-2010-2795 4.0
phpCAS before 1.1.2 allows remote authenticated users to hijack sessions via a query string containing a crafted ticket value.
17-08-2017 - 01:32 05-08-2010 - 18:17
CVE-2010-2534 5.0
The NetworkSyncCommandQueue function in network/network_command.cpp in OpenTTD before 1.0.3 does not properly clear a pointer in a linked list, which allows remote attackers to cause a denial of service (infinite loop and CPU consumption) via a craft
17-08-2017 - 01:32 28-07-2010 - 12:48
CVE-2010-1679 6.8
Directory traversal vulnerability in dpkg-source in dpkg before 1.14.31 and 1.15.x allows user-assisted remote attackers to modify arbitrary files via directory traversal sequences in a patch for a source-format 3.0 package.
17-08-2017 - 01:32 11-01-2011 - 03:00
CVE-2010-1132 9.3
The mlfi_envrcpt function in spamass-milter.cpp in SpamAssassin Milter Plugin 0.3.1, when using the expand option, allows remote attackers to execute arbitrary system commands via shell metacharacters in the RCPT TO field of an email message.
17-08-2017 - 01:32 27-03-2010 - 19:07
CVE-2010-0789 3.3
fusermount in FUSE before 2.7.5, and 2.8.x before 2.8.2, allows local users to unmount an arbitrary FUSE filesystem share via a symlink attack on a mountpoint.
17-08-2017 - 01:32 02-03-2010 - 18:30
CVE-2010-0828 3.5
Cross-site scripting (XSS) vulnerability in action/Despam.py in the Despam action module in MoinMoin 1.8.7 and 1.9.2 allows remote authenticated users to inject arbitrary web script or HTML by creating a page with a crafted URI.
17-08-2017 - 01:32 05-04-2010 - 15:30
CVE-2010-0787 4.4
client/mount.cifs.c in mount.cifs in smbfs in Samba 3.0.22, 3.0.28a, 3.2.3, 3.3.2, 3.4.0, and 3.4.5 allows local users to mount a CIFS share on an arbitrary mountpoint, and gain privileges, via a symlink attack on the mountpoint directory file.
17-08-2017 - 01:32 02-03-2010 - 18:30
CVE-2010-0668 6.8
Unspecified vulnerability in MoinMoin 1.5.x through 1.7.x, 1.8.x before 1.8.7, and 1.9.x before 1.9.2 has unknown impact and attack vectors, related to configurations that have a non-empty superuser list, the xmlrpc action enabled, the SyncPages acti
17-08-2017 - 01:32 26-02-2010 - 19:30
CVE-2009-4664 3.3
Firewall Builder 3.0.4, 3.0.5, and 3.0.6, when running on Linux, allows local users to gain privileges via a symlink attack on an unspecified temporary file that is created by the iptables script.
17-08-2017 - 01:31 03-03-2010 - 20:30
CVE-2009-5018 6.8
Stack-based buffer overflow in gif2png.c in gif2png 2.5.3 and earlier might allow context-dependent attackers to execute arbitrary code via a long command-line argument, as demonstrated by a CGI program that launches gif2png.
17-08-2017 - 01:31 14-01-2011 - 17:00
CVE-2009-4025 10.0
Argument injection vulnerability in the traceroute function in Traceroute.php in the Net_Traceroute package before 0.21.2 for PEAR allows remote attackers to execute arbitrary shell commands via the host parameter. NOTE: some of these details are ob
17-08-2017 - 01:31 29-11-2009 - 13:07
CVE-2009-4405 7.5
Multiple unspecified vulnerabilities in Trac before 0.11.6 have unknown impact and attack vectors, possibly related to (1) "policy checks in report results when using alternate formats" or (2) a "check for the 'raw' role that is missing in docutils <
17-08-2017 - 01:31 23-12-2009 - 21:30
CVE-2009-4193 3.3
Merkaartor 0.14 allows local users to append data to arbitrary files via a symlink attack on the /tmp/merkaartor.log temporary file.
17-08-2017 - 01:31 03-12-2009 - 19:30
CVE-2009-3639 5.8
The mod_tls module in ProFTPD before 1.3.2b, and 1.3.3 before 1.3.3rc2, when the dNSNameRequired TLS option is enabled, does not properly handle a '\0' character in a domain name in the Subject Alternative Name field of an X.509 client certificate, w
17-08-2017 - 01:31 28-10-2009 - 14:30
CVE-2009-3585 5.8
Session fixation vulnerability in html/Elements/SetupSessionCookie in Best Practical Solutions RT 3.0.0 through 3.6.9 and 3.8.x through 3.8.5 allows remote attackers to hijack web sessions by setting the session identifier via a manipulation that lev
17-08-2017 - 01:31 02-12-2009 - 16:30
CVE-2009-4151 5.8
Session fixation vulnerability in html/Elements/SetupSessionCookie in Best Practical Solutions RT 3.0.0 through 3.6.9 and 3.8.x through 3.8.5 allows remote attackers to hijack web sessions by setting the session identifier via a manipulation that lev
17-08-2017 - 01:31 02-12-2009 - 16:30
CVE-2009-4024 10.0
Argument injection vulnerability in the ping function in Ping.php in the Net_Ping package before 2.4.5 for PEAR allows remote attackers to execute arbitrary shell commands via the host parameter. NOTE: this has also been reported as a shell metachar
17-08-2017 - 01:31 29-11-2009 - 13:07
CVE-2009-3697 7.5
SQL injection vulnerability in the PDF schema generator functionality in phpMyAdmin 2.11.x before 2.11.9.6 and 3.x before 3.2.2.1 allows remote attackers to execute arbitrary SQL commands via unspecified interface parameters.
17-08-2017 - 01:31 16-10-2009 - 16:30
CVE-2009-3696 4.3
Cross-site scripting (XSS) vulnerability in phpMyAdmin 2.11.x before 2.11.9.6 and 3.x before 3.2.2.1 allows remote attackers to inject arbitrary web script or HTML via a crafted name for a MySQL table.
17-08-2017 - 01:31 16-10-2009 - 16:30
CVE-2010-0295 5.0
lighttpd before 1.4.26, and 1.5.x, allocates a buffer for each read operation that occurs for a request, which allows remote attackers to cause a denial of service (memory consumption) by breaking a request into small pieces that are sent at a slow r
17-08-2017 - 01:31 03-02-2010 - 19:30
CVE-2010-0422 4.0
gnome-screensaver 2.28.x before 2.28.3 does not properly synchronize the state of screen locking and the unlock dialog in situations involving a change to the number of monitors, which allows physically proximate attackers to bypass screen locking an
17-08-2017 - 01:31 24-02-2010 - 18:30
CVE-2009-1572 5.0
The BGP daemon (bgpd) in Quagga 0.99.11 and earlier allows remote attackers to cause a denial of service (crash) via an AS path containing ASN elements whose string representation is longer than expected, which triggers an assert error.
17-08-2017 - 01:30 06-05-2009 - 17:30
CVE-2009-2108 5.0
git-daemon in git 1.4.4.5 through 1.6.3 allows remote attackers to cause a denial of service (infinite loop and CPU consumption) via a request containing extra unrecognized arguments.
17-08-2017 - 01:30 18-06-2009 - 18:30
CVE-2009-1892 5.0
dhcpd in ISC DHCP 3.0.4 and 3.1.1, when the dhcp-client-identifier and hardware ethernet configuration settings are both used, allows remote attackers to cause a denial of service (daemon crash) via unspecified requests.
17-08-2017 - 01:30 17-07-2009 - 16:30
CVE-2009-1885 4.3
Stack consumption vulnerability in validators/DTD/DTDScanner.cpp in Apache Xerces C++ 2.7.0 and 2.8.0 allows context-dependent attackers to cause a denial of service (application crash) via vectors involving nested parentheses and invalid byte values
17-08-2017 - 01:30 11-08-2009 - 18:30
CVE-2009-1575 4.3
Cross-site scripting (XSS) vulnerability in Drupal 5.x before 5.17 and 6.x before 6.11, as used in vbDrupal before 5.17.0, allows remote attackers to inject arbitrary web script or HTML via crafted UTF-8 byte sequences before the Content-Type meta ta
17-08-2017 - 01:30 06-05-2009 - 17:30
CVE-2009-1756 2.1
SLiM Simple Login Manager 1.3.0 places the X authority magic cookie (mcookie) on the command line when invoking xauth from (1) app.cpp and (2) switchuser.cpp, which allows local users to access the X session by listing the process and its arguments.
17-08-2017 - 01:30 22-05-2009 - 11:52
CVE-2009-2841 5.0
The HTMLMediaElement::loadResource function in html/HTMLMediaElement.cpp in WebCore in WebKit before r49480, as used in Apple Safari before 4.0.4 on Mac OS X, does not perform the expected callbacks for HTML 5 media elements that have external URLs f
17-08-2017 - 01:30 13-11-2009 - 15:30
CVE-2009-2369 6.8
Integer overflow in the wxImage::Create function in src/common/image.cpp in wxWidgets 2.8.10 allows attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted JPEG file, which triggers a heap-based buffer overflo
17-08-2017 - 01:30 08-07-2009 - 15:30
CVE-2009-2691 2.1
The mm_for_maps function in fs/proc/base.c in the Linux kernel 2.6.30.4 and earlier allows local users to read (1) maps and (2) smaps files under proc/ via vectors related to ELF loading, a setuid process, and a race condition.
17-08-2017 - 01:30 14-08-2009 - 15:16
CVE-2009-2967 4.3
Multiple cross-site scripting (XSS) vulnerabilities in Buildbot 0.7.6 through 0.7.11p2 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors, different vulnerabilities than CVE-2009-2959.
17-08-2017 - 01:30 26-08-2009 - 14:24
CVE-2009-2042 4.3
libpng before 1.2.37 does not properly parse 1-bit interlaced images with width values that are not divisible by 8, which causes libpng to include uninitialized bits in certain rows of a PNG file and might allow remote attackers to read portions of s
17-08-2017 - 01:30 12-06-2009 - 20:30
CVE-2009-1959 5.0
Off-by-one error in the event_wallops function in fe-common/irc/fe-events.c in irssi 0.8.13 allows remote IRC servers to cause a denial of service (crash) via an empty command, which triggers a one-byte buffer under-read and a one-byte buffer underfl
17-08-2017 - 01:30 08-06-2009 - 01:00
CVE-2009-2410 7.5
The local_handler_callback function in server/responder/pam/pam_LOCAL_domain.c in sssd 0.4.1 does not properly handle blank-password accounts in the SSSD BE database, which allows context-dependent attackers to obtain access by sending the account's
17-08-2017 - 01:30 30-07-2009 - 18:30
CVE-2009-1438 7.5
Integer overflow in the CSoundFile::ReadMed function (src/load_med.cpp) in libmodplug before 0.8.6, as used in gstreamer-plugins, TTPlayer, and other products, allows context-dependent attackers to execute arbitrary code via a MED file with a crafted
17-08-2017 - 01:30 27-04-2009 - 18:00
CVE-2009-1390 6.8
Mutt 1.5.19, when linked against (1) OpenSSL (mutt_ssl.c) or (2) GnuTLS (mutt_ssl_gnutls.c), allows connections when only one TLS certificate in the chain is accepted instead of verifying the entire chain, which allows remote attackers to spoof trust
17-08-2017 - 01:30 16-06-2009 - 21:00
CVE-2009-0934 4.3
Cross-site scripting (XSS) vulnerability in ejabberd before 2.0.4 allows remote attackers to inject arbitrary web script or HTML via unknown vectors related to links and MUC logs.
17-08-2017 - 01:30 18-03-2009 - 02:00
CVE-2009-1213 6.8
Cross-site request forgery (CSRF) vulnerability in attachment.cgi in Bugzilla 3.2 before 3.2.3, 3.3 before 3.3.4, and earlier versions allows remote attackers to hijack the authentication of arbitrary users for requests that use attachment editing.
17-08-2017 - 01:30 01-04-2009 - 10:30
CVE-2008-7218 10.0
Unspecified vulnerability in the Horde API in Horde 3.1 before 3.1.6 and 3.2 before 3.2 before 3.2-RC2; Turba H3 2.1 before 2.1.6 and 2.2 before 2.2-RC2; Kronolith H3 2.1 before 2.1.7 and H3 2.2 before 2.2-RC2; Nag H3 2.1 before 2.1.4 and 2.2 before
17-08-2017 - 01:29 13-09-2009 - 22:30
CVE-2008-6755 5.0
ZoneMinder 1.23.3 on Fedora 10 sets the ownership of /etc/zm.conf to the apache user account, and sets the permissions to 0600, which makes it easier for remote attackers to modify this file by accessing it through a (1) PHP or (2) CGI script.
17-08-2017 - 01:29 27-04-2009 - 22:30
CVE-2008-6514 6.2
The Expo plugin in Compiz Fusion 0.7.8 allows local users with physical access to drag the screen saver aside and access the locked desktop by using Expo mouse shortcuts, a related issue to CVE-2007-3920.
17-08-2017 - 01:29 24-03-2009 - 14:30
CVE-2008-6229 3.5
Cross-site scripting (XSS) vulnerability in the administrative interface in Drupal Content Construction Kit (CCK) 5.x before 5.x-1.10 and 6.x before 6.x-2.0, a module for Drupal, allows remote authenticated users with "administer content" permissions
17-08-2017 - 01:29 20-02-2009 - 23:30
CVE-2008-6954 9.0
The web interface (CobblerWeb) in Cobbler before 1.2.9 allows remote authenticated users to execute arbitrary Python code in cobblerd by editing a Cheetah kickstart template to import arbitrary Python modules.
17-08-2017 - 01:29 12-08-2009 - 10:30
CVE-2008-6532 6.8
Multiple cross-site request forgery (CSRF) vulnerabilities in the update feature in Drupal 5.x before 5.13 and 6.x before 6.7 allow remote attackers to perform unauthorized actions as the superuser via unspecified vectors, as demonstrated by causing
17-08-2017 - 01:29 26-03-2009 - 21:00
CVE-2008-6560 7.8
Buffer overflow in CMAN - The Cluster Manager before 2.03.09-1 on Fedora 9 and Red Hat Enterprise Linux (RHEL) 5 allows attackers to cause a denial of service (CPU consumption and memory corruption) via a cluster.conf file with many lines. NOTE: it
17-08-2017 - 01:29 31-03-2009 - 14:09
CVE-2008-6171 9.3
includes/bootstrap.inc in Drupal 5.x before 5.12 and 6.x before 6.6, when the server is configured for "IP-based virtual hosts," allows remote attackers to include and execute arbitrary files via the HTTP Host header.
17-08-2017 - 01:29 19-02-2009 - 15:30
CVE-2008-6533 4.3
Drupal 5.x before 5.13 and 6.x before 6.7 does not delete all related content when an input format is deleted, which prevents the content from being properly filtered and allows remote attackers to conduct cross-site scripting (XSS) attacks via unspe
17-08-2017 - 01:29 26-03-2009 - 21:00
CVE-2008-6547 7.5
schema.py in FormEncode for Python (python-formencode) 1.0 does not apply the chained_validators feature, which allows attackers to bypass intended access restrictions via unknown vectors.
17-08-2017 - 01:29 30-03-2009 - 01:30
CVE-2007-5589 4.3
Multiple cross-site scripting (XSS) vulnerabilities in phpMyAdmin before 2.11.1.2 allow remote attackers to inject arbitrary web script or HTML via certain input available in (1) PHP_SELF in (a) server_status.php, and (b) grab_globals.lib.php, (c) di
17-08-2017 - 01:29 19-10-2007 - 23:17
CVE-2008-6170 3.5
Cross-site scripting (XSS) vulnerability in Drupal 5.x before 5.12 and 6.x before 6.6 allows remote authenticated users with create book content or edit node book hierarchy permissions to inject arbitrary web script or HTML via the book page title.
17-08-2017 - 01:29 19-02-2009 - 15:30
CVE-2015-5244 7.5
The NSSCipherSuite option with ciphersuites enabled in mod_nss before 1.0.12 allows remote attackers to bypass application restrictions.
16-08-2017 - 16:16 07-08-2017 - 20:29
CVE-2016-6224 2.1
ecryptfs-setup-swap in eCryptfs does not prevent the unencrypted swap partition from activating during boot when using GPT partitioning on a (1) NVMe or (2) MMC drive, which allows local users to obtain sensitive information via unspecified vectors.
08-08-2017 - 01:33 22-07-2016 - 14:59
CVE-2008-5514 4.3
Off-by-one error in the rfc822_output_char function in the RFC822BUFFER routines in the University of Washington (UW) c-client library, as used by the UW IMAP toolkit before imap-2007e and other applications, allows context-dependent attackers to cau
08-08-2017 - 01:33 23-12-2008 - 18:30
CVE-2008-5298 2.1
chm2pdf 0.9 uses temporary files in directories with fixed names, which allows local users to cause a denial of service (chm2pdf failure) of other users by creating those directories ahead of time.
08-08-2017 - 01:33 01-12-2008 - 15:30
CVE-2008-5916 4.6
gitweb/gitweb.perl in gitweb in Git 1.6.x before 1.6.0.6, 1.5.6.x before 1.5.6.6, 1.5.5.x before 1.5.5.6, 1.5.4.x before 1.5.4.7, and other versions after 1.4.3 allows local repository owners to execute arbitrary commands by modifying the diff.extern
08-08-2017 - 01:33 21-01-2009 - 02:30
CVE-2008-5743 6.9
pdfjam creates the (1) pdf90, (2) pdfjoin, and (3) pdfnup files with a predictable name, which allows local users to overwrite arbitrary files via a symlink attack.
08-08-2017 - 01:33 26-12-2008 - 21:30
CVE-2008-5657 7.5
CRLF injection vulnerability in Quassel Core before 0.3.0.3 allows remote attackers to spoof IRC messages as other users via a crafted CTCP message.
08-08-2017 - 01:33 17-12-2008 - 20:30
CVE-2008-6098 4.0
Bugzilla 3.2 before 3.2 RC2, 3.0 before 3.0.6, 2.22 before 2.22.6, 2.20 before 2.20.7, and other versions after 2.17.4 allows remote authenticated users to bypass moderation to approve and disapprove quips via a direct request to quips.cgi with the a
08-08-2017 - 01:33 09-02-2009 - 18:30
CVE-2008-5687 5.0
MediaWiki 1.11, and other versions before 1.13.3, does not properly protect against the download of backups of deleted images, which might allow remote attackers to obtain sensitive information via requests for files in images/deleted/.
08-08-2017 - 01:33 19-12-2008 - 17:30
CVE-2008-5299 6.9
chm2pdf 0.9 allows user-assisted local users to delete arbitrary files via a symlink attack on .chm files in the (1) /tmp/chm2pdf/work or (2) /tmp/chm2pdf/orig temporary directories.
08-08-2017 - 01:33 01-12-2008 - 15:30
CVE-2008-6020 7.5
SQL injection vulnerability in the Views module 6.x before 6.x-2.2 for Drupal allows remote attackers to execute arbitrary SQL commands via unspecified vectors related to "an exposed filter on CCK text fields."
08-08-2017 - 01:33 02-02-2009 - 22:00
CVE-2008-5278 4.3
Cross-site scripting (XSS) vulnerability in the self_link function in in the RSS Feed Generator (wp-includes/feed.php) for WordPress before 2.6.5 allows remote attackers to inject arbitrary web script or HTML via the Host header (HTTP_HOST variable).
08-08-2017 - 01:33 28-11-2008 - 19:30
CVE-2008-4959 6.9
geo-code in gpsdrive-scripts 2.10~pre4 allows local users to overwrite arbitrary files via a symlink attack on (1) /tmp/geo.google, (2) /tmp/geo.yahoo, (3) /tmp/geo.coords, and (4) /tmp/geo#####.coords temporary files.
08-08-2017 - 01:33 05-11-2008 - 15:00
CVE-2008-5984 6.9
Untrusted search path vulnerability in the Python plugin in Dia 0.96.1, and possibly other versions, allows local users to execute arbitrary code via a Trojan horse Python file in the current working directory, related to a vulnerability in the PySys
08-08-2017 - 01:33 28-01-2009 - 11:30
CVE-2008-4987 6.9
xastir 1.9.2 allows local users to overwrite arbitrary files via a symlink attack on the (a) /tmp/ldconfig.tmp, (b) /tmp/ldconf.tmp, and (c) /tmp/ld.so.conf temporary files, related to the (1) get-maptools.sh and (2) get_shapelib.sh scripts.
08-08-2017 - 01:33 06-11-2008 - 15:55
CVE-2009-0413 4.3
Cross-site scripting (XSS) vulnerability in RoundCube Webmail (roundcubemail) 0.2 stable allows remote attackers to inject arbitrary web script or HTML via the background attribute embedded in an HTML e-mail message.
08-08-2017 - 01:33 03-02-2009 - 23:30
CVE-2009-0180 7.5
Certain Fedora build scripts for nfs-utils before 1.1.2-9.fc9 on Fedora 9, and before 1.1.4-6.fc10 on Fedora 10, omit TCP Wrapper support, which might allow remote attackers to bypass intended access restrictions, possibly a related issue to CVE-2008
08-08-2017 - 01:33 20-01-2009 - 16:30
CVE-2009-0368 2.1
OpenSC before 0.11.7 allows physically proximate attackers to bypass intended PIN requirements and read private data objects via a (1) low level APDU command or (2) debugging tool, as demonstrated by reading the 4601 or 4701 file with the opensc-expl
08-08-2017 - 01:33 02-03-2009 - 22:30
CVE-2008-4410 4.9
The vmi_write_ldt_entry function in arch/x86/kernel/vmi_32.c in the Virtual Machine Interface (VMI) in the Linux kernel 2.6.26.5 invokes write_idt_entry where write_ldt_entry was intended, which allows local users to cause a denial of service (persis
08-08-2017 - 01:32 03-10-2008 - 17:41
CVE-2008-4409 5.0
libxml2 2.7.0 and 2.7.1 does not properly handle "predefined entities definitions" in entities, which allows context-dependent attackers to cause a denial of service (memory consumption and application crash), as demonstrated by use of xmllint on a c
08-08-2017 - 01:32 03-10-2008 - 17:41
CVE-2008-4408 4.3
Cross-site scripting (XSS) vulnerability in MediaWiki 1.13.1, 1.12.0, and possibly other versions before 1.13.2 allows remote attackers to inject arbitrary web script or HTML via the useskin parameter to an unspecified component.
08-08-2017 - 01:32 03-10-2008 - 17:41
CVE-2008-4311 4.6
The default configuration of system.conf in D-Bus (aka DBus) before 1.2.6 omits the send_type attribute in certain rules, which allows local users to bypass intended access restrictions by (1) sending messages, related to send_requested_reply; and po
08-08-2017 - 01:32 10-12-2008 - 00:30
CVE-2008-3972 6.6
pkcs15-tool in OpenSC before 0.11.6 does not apply security updates to a smart card unless the card's label matches the "OpenSC" string, which might allow physically proximate attackers to exploit vulnerabilities that the card owner expected were pat
08-08-2017 - 01:32 11-09-2008 - 01:13
CVE-2008-4191 6.6
extract-table.pl in Emacspeak 26 and 28 allows local users to overwrite arbitrary files via a symlink attack on the extract-table.csv temporary file.
08-08-2017 - 01:32 24-09-2008 - 11:42
CVE-2008-4437 7.1
Directory traversal vulnerability in importxml.pl in Bugzilla before 2.22.5, and 3.x before 3.0.5, when --attach_path is enabled, allows remote attackers to read arbitrary files via an XML file with a .. (dot dot) in the data element.
08-08-2017 - 01:32 03-10-2008 - 22:22
CVE-2008-4096 8.5
libraries/database_interface.lib.php in phpMyAdmin before 2.11.9.1 allows remote authenticated users to execute arbitrary code via a request to server_databases.php with a sort_by parameter containing PHP sequences, which are processed by create_func
08-08-2017 - 01:32 18-09-2008 - 15:04
CVE-2008-3920 7.5
Unspecified vulnerability in BitlBee before 1.2.2 allows remote attackers to "recreate" and "hijack" existing accounts via unspecified vectors.
08-08-2017 - 01:32 04-09-2008 - 18:41
CVE-2008-4799 4.3
pamperspective in Netpbm before 10.35.48 does not properly calculate a window height, which allows context-dependent attackers to cause a denial of service (crash) via a crafted image file that triggers an out-of-bounds read.
08-08-2017 - 01:32 31-10-2008 - 00:00
CVE-2008-4242 6.8
ProFTPD 1.3.1 interprets long commands from an FTP client as multiple commands, which allows remote attackers to conduct cross-site request forgery (CSRF) attacks and execute arbitrary FTP commands via a long ftp:// URI that leverages an existing ses
08-08-2017 - 01:32 25-09-2008 - 19:25
CVE-2008-4129 4.0
Gallery before 1.5.9, and 2.x before 2.2.6, does not properly handle ZIP archives containing symbolic links, which allows remote authenticated users to conduct directory traversal attacks and read arbitrary files via vectors related to the archive up
08-08-2017 - 01:32 18-09-2008 - 20:00
CVE-2008-3746 4.3
neon 0.28.0 through 0.28.2 allows remote servers to cause a denial of service (NULL pointer dereference and crash) via vectors related to Digest authentication, Digest domain parameter support, and the parse_domain function. Per: http://cwe.mitre.org
08-08-2017 - 01:32 27-08-2008 - 15:21
CVE-2008-3745 5.5
The Upload module in Drupal 6.x before 6.4 allows remote authenticated users to edit nodes, delete files, and download unauthorized attachments via unspecified vectors.
08-08-2017 - 01:32 27-08-2008 - 15:21
CVE-2008-3744 5.8
Multiple cross-site request forgery (CSRF) vulnerabilities in Drupal 5.x before 5.10 and 6.x before 6.4 allow remote attackers to hijack the authentication of administrators for requests that (1) add or (2) delete user access rules.
08-08-2017 - 01:32 27-08-2008 - 15:21
CVE-2008-3743 5.8
Multiple cross-site request forgery (CSRF) vulnerabilities in forms in Drupal 6.x before 6.4 allow remote attackers to perform unspecified actions via unknown vectors, related to improper token validation for (1) cached forms and (2) forms with AHAH
08-08-2017 - 01:32 27-08-2008 - 15:21
CVE-2008-3742 6.5
Unrestricted file upload vulnerability in the BlogAPI module in Drupal 5.x before 5.10 and 6.x before 6.4 allows remote authenticated users to execute arbitrary code by uploading a file with an executable extension, which is not validated.
08-08-2017 - 01:32 27-08-2008 - 15:21
CVE-2008-3741 3.5
The private filesystem in Drupal 5.x before 5.10 and 6.x before 6.4 trusts the MIME type sent by a web browser, which allows remote authenticated users to conduct cross-site scripting (XSS) attacks by uploading files containing arbitrary web script o
08-08-2017 - 01:32 27-08-2008 - 15:21
CVE-2008-3740 4.3
Cross-site scripting (XSS) vulnerability in the output filter in Drupal 5.x before 5.10 and 6.x before 6.4 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
08-08-2017 - 01:32 27-08-2008 - 15:21
CVE-2008-4130 4.3
Cross-site scripting (XSS) vulnerability in Gallery 2.x before 2.2.6 allows remote attackers to inject arbitrary web script or HTML via a crafted Flash animation, related to the ability of the animation to "interact with the embedding page."
08-08-2017 - 01:32 18-09-2008 - 20:00
CVE-2008-4192 6.9
The pserver_shutdown function in fence_egenera in cman 2.20080629 and 2.20080801 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/eglog temporary file.
08-08-2017 - 01:32 29-09-2008 - 17:17
CVE-2008-3699 3.3
The MagnatuneBrowser::listDownloadComplete function in magnatunebrowser/magnatunebrowser.cpp in Amarok before 1.4.10 allows local users to overwrite arbitrary files via a symlink attack on the album_info.xml temporary file.
08-08-2017 - 01:32 14-08-2008 - 23:41
CVE-2008-3714 4.3
Cross-site scripting (XSS) vulnerability in awstats.pl in AWStats 6.8 allows remote attackers to inject arbitrary web script or HTML via the query_string, a different vulnerability than CVE-2006-3681 and CVE-2006-1945.
08-08-2017 - 01:32 19-08-2008 - 19:41
CVE-2008-3429 6.8
Buffer overflow in URI processing in HTTrack and WinHTTrack before 3.42-3 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long URL.
08-08-2017 - 01:31 31-07-2008 - 22:41
CVE-2008-2720 4.3
Cross-site scripting (XSS) vulnerability in Menalto Gallery before 2.2.5 allows remote attackers to inject arbitrary web script or HTML via the (1) host and (2) path components of a URL.
08-08-2017 - 01:31 16-06-2008 - 23:41
CVE-2008-3231 4.3
xine-lib before 1.1.15 allows remote attackers to cause a denial of service (crash) via a crafted OGG file, as demonstrated by playing lol-ffplay.ogg with xine.
08-08-2017 - 01:31 18-07-2008 - 16:41
CVE-2008-2420 6.8
The OCSP functionality in stunnel before 4.24 does not properly search certificate revocation lists (CRL), which allows remote attackers to bypass intended access restrictions by using revoked certificates.
08-08-2017 - 01:31 23-05-2008 - 15:32
CVE-2008-3328 4.3
Cross-site scripting (XSS) vulnerability in the wiki engine in Trac before 0.10.5 allows remote attackers to inject arbitrary web script or HTML via unknown vectors.
08-08-2017 - 01:31 27-07-2008 - 22:41
CVE-2008-3456 6.4
phpMyAdmin before 2.11.8 does not sufficiently prevent its pages from using frames that point to pages in other domains, which makes it easier for remote attackers to conduct spoofing or phishing activities via a cross-site framing attack.
08-08-2017 - 01:31 04-08-2008 - 19:41
CVE-2008-3252 10.0
Stack-based buffer overflow in the read_article function in getarticle.c in newsx 1.6 allows remote attackers to execute arbitrary code via a news article containing a large number of lines starting with a period.
08-08-2017 - 01:31 21-07-2008 - 17:41
CVE-2008-3457 2.6
Cross-site scripting (XSS) vulnerability in setup.php in phpMyAdmin before 2.11.8 allows user-assisted remote attackers to inject arbitrary web script or HTML via crafted setup arguments. NOTE: this issue can only be exploited in limited scenarios i
08-08-2017 - 01:31 04-08-2008 - 19:41
CVE-2008-3524 4.7
rc.sysinit in initscripts before 8.76.3-1 on Fedora 9 and other Linux platforms allows local users to delete arbitrary files via a symlink attack on a file or directory under (1) /var/lock or (2) /var/run.
08-08-2017 - 01:31 29-09-2008 - 17:17
CVE-2008-3197 3.5
Cross-site request forgery (CSRF) vulnerability in phpMyAdmin before 2.11.7.1 allows remote attackers to perform unauthorized actions via a link or IMG tag to (1) the db parameter in the "Creating a Database" functionality (db_create.php), and (2) th
08-08-2017 - 01:31 16-07-2008 - 18:41
CVE-2008-3217 6.8
PowerDNS Recursor before 3.1.6 does not always use the strongest random number generator for source port selection, which makes it easier for remote attack vectors to conduct DNS cache poisoning. NOTE: this is related to incomplete integration of se
08-08-2017 - 01:31 18-07-2008 - 16:41
CVE-2008-2723 5.0
embed.php in Menalto Gallery before 2.2.5 allows remote attackers to obtain the full path via unknown vectors related to "spoofing the remote address."
08-08-2017 - 01:31 16-06-2008 - 23:41
CVE-2008-3533 10.0
Format string vulnerability in the window_error function in yelp-window.c in yelp in Gnome after 2.19.90 and before 2.24 allows remote attackers to execute arbitrary code via format string specifiers in an invalid URI on the command line, as demonstr
08-08-2017 - 01:31 18-08-2008 - 17:41
CVE-2008-2953 5.0
Linux DC++ (linuxdcpp) before 0.707 allows remote attackers to cause a denial of service (crash) via "partial file list requests" that trigger a NULL pointer dereference.
08-08-2017 - 01:31 01-07-2008 - 22:41
CVE-2008-2827 4.6
The rmtree function in lib/File/Path.pm in Perl 5.10 does not properly check permissions before performing a chmod, which allows local users to modify the permissions of arbitrary files via a symlink attack, a different vulnerability than CVE-2005-04
08-08-2017 - 01:31 23-06-2008 - 19:41
CVE-2008-2721 5.0
Unspecified vulnerability in the album-select module in Menalto Gallery before 2.2.5 allows remote attackers to obtain titles of hidden albums by attempting to add a new album to a hidden album.
08-08-2017 - 01:31 16-06-2008 - 23:41
CVE-2008-2722 7.5
Menalto Gallery before 2.2.5 allows remote attackers to bypass permissions for sub-albums via a ZIP archive.
08-08-2017 - 01:31 16-06-2008 - 23:41
CVE-2008-2713 5.0
libclamav/petite.c in ClamAV before 0.93.1 allows remote attackers to cause a denial of service via a crafted Petite file that triggers an out-of-bounds read.
08-08-2017 - 01:31 16-06-2008 - 21:41
CVE-2008-2954 7.8
client/NmdcHub.cpp in Linux DC++ (linuxdcpp) before 0.707 allows remote attackers to cause a denial of service (crash) via an empty private message, which triggers an out-of-bounds read.
08-08-2017 - 01:31 01-07-2008 - 22:41
CVE-2008-2724 5.0
Menalto Gallery before 2.2.5 does not enforce permissions for non-album items that have been protected by a password, which might allow remote attackers to bypass intended access restrictions.
08-08-2017 - 01:31 16-06-2008 - 23:41
CVE-2008-3337 6.4
PowerDNS Authoritative Server before 2.9.21.1 drops malformed queries, which might make it easier for remote attackers to poison DNS caches of other products running on other servers, a different issue than CVE-2008-1447 and CVE-2008-3217.
08-08-2017 - 01:31 08-08-2008 - 19:41
CVE-2008-3215 5.0
libclamav/petite.c in ClamAV before 0.93.3 allows remote attackers to cause a denial of service via a malformed Petite file that triggers an out-of-bounds memory access. NOTE: this issue exists because of an incomplete fix for CVE-2008-2713.
08-08-2017 - 01:31 18-07-2008 - 16:41
CVE-2008-2085 7.5
Multiple stack-based buffer overflows in the (1) get_remote_ip_media and (2) get_remote_ipv6_media functions in call.cpp in SIPp 3.1 allow remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a cra
08-08-2017 - 01:30 12-05-2008 - 16:20
CVE-2008-1532 5.0
Perlbal before 1.70, when buffered upload is enabled, allows remote attackers to cause a denial of service (crash) via a zero-byte chunked upload.
08-08-2017 - 01:30 28-03-2008 - 00:44
CVE-2008-1658 4.6
Format string vulnerability in the grant helper (polkit-grant-helper.c) in PolicyKit 0.7 and earlier allows attackers to cause a denial of service (crash) and possibly execute arbitrary code via format strings in a password.
08-08-2017 - 01:30 11-04-2008 - 10:05
CVE-2008-1568 7.5
comix 3.6.4 allows attackers to execute arbitrary commands via a filename containing shell metacharacters that are not properly sanitized when executing the rar, unrar, or jpegtran programs.
08-08-2017 - 01:30 31-03-2008 - 22:44
CVE-2008-1996 5.0
licq before 1.3.6 allows remote attackers to cause a denial of service (file-descriptor exhaustion and application crash) via a large number of connections. More information located: http://www.securityfocus.com/bid/28679/info
08-08-2017 - 01:30 28-04-2008 - 20:05
CVE-2008-2103 4.3
Cross-site scripting (XSS) vulnerability in Bugzilla 2.17.2 and later allows remote attackers to inject arbitrary web script or HTML via the id parameter to the "Format for Printing" view or "Long Format" bug list.
08-08-2017 - 01:30 07-05-2008 - 20:20
CVE-2008-1891 5.0
Directory traversal vulnerability in WEBrick in Ruby 1.8.4 and earlier, 1.8.5 before 1.8.5-p231, 1.8.6 before 1.8.6-p230, 1.8.7 before 1.8.7-p22, and 1.9.0 before 1.9.0-2, when using NTFS or FAT filesystems, allows remote attackers to read arbitrary
08-08-2017 - 01:30 18-04-2008 - 22:05
CVE-2008-2105 3.5
email_in.pl in Bugzilla 2.23.4, 3.0.x before 3.0.4, and 3.1.x before 3.1.4 allows remote authenticated users to more easily spoof the changer of a bug via a @reporter command in the body of an e-mail message, which overrides the e-mail address as nor
08-08-2017 - 01:30 07-05-2008 - 20:20
CVE-2008-1833 7.5
Heap-based buffer overflow in pe.c in libclamav in ClamAV 0.92.1 allows remote attackers to execute arbitrary code via a crafted WWPack compressed PE binary.
08-08-2017 - 01:30 16-04-2008 - 15:05
CVE-2008-1959 7.5
Stack-based buffer overflow in the get_remote_video_port_media function in call.cpp in SIPp 3.0 allows remote attackers to cause a denial of service and possibly execute arbitrary code via a crafted SIP message. NOTE: some of these details are obtai
08-08-2017 - 01:30 25-04-2008 - 19:05
CVE-2008-1804 6.8
preprocessors/spp_frag3.c in Sourcefire Snort before 2.8.1 does not properly identify packet fragments that have dissimilar TTL values, which allows remote attackers to bypass detection rules by using a different TTL for each fragment.
08-08-2017 - 01:30 22-05-2008 - 13:09
CVE-2008-2359 7.2
The default configuration of consolehelper in system-config-network before 1.5.10-1 on Fedora 8 lacks the USER=root directive, which allows local users of the workstation console to gain privileges and change the network configuration.
08-08-2017 - 01:30 02-06-2008 - 21:30
CVE-2008-1488 6.8
Stack-based buffer overflow in apc.c in Alternative PHP Cache (APC) 3.0.11 through 3.0.16 allows remote attackers to execute arbitrary code via a long filename.
08-08-2017 - 01:30 24-03-2008 - 23:44
CVE-2008-1796 4.9
Comix 3.6.4 creates temporary directories with predictable names, which allows local users to cause an unspecified denial of service.
08-08-2017 - 01:30 15-04-2008 - 17:05
CVE-2008-2232 4.6
The expand_template function in afuse.c in afuse 0.2 allows local users to gain privileges via shell metacharacters in a pathname.
08-08-2017 - 01:30 17-07-2008 - 13:41
CVE-2008-1628 4.1
Stack-based buffer overflow in the audit_log_user_command function in lib/audit_logging.c in Linux Audit before 1.7 might allow remote attackers to execute arbitrary code via a long command argument. NOTE: some of these details are obtained from thir
08-08-2017 - 01:30 02-04-2008 - 17:44
CVE-2008-2235 4.9
OpenSC before 0.11.5 uses weak permissions (ADMIN file control information of 00) for the 5015 directory on smart cards and USB crypto tokens running Siemens CardOS M4, which allows physically proximate attackers to change the PIN.
08-08-2017 - 01:30 01-08-2008 - 14:41
CVE-2008-1928 5.0
Buffer overflow in Imager 0.42 through 0.63 allows attackers to cause a denial of service (crash) via an image based fill in which the number of input channels is different from the number of output channels.
08-08-2017 - 01:30 24-04-2008 - 05:05
CVE-2008-1771 7.5
Integer overflow in the ws_getpostvars function in Firefly Media Server (formerly mt-daapd) 0.2.4.1 (0.9~r1696-1.2 on Debian) allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via an HTTP POST request wi
08-08-2017 - 01:30 16-04-2008 - 15:05
CVE-2008-1614 4.3
suPHP before 0.6.3 allows local users to gain privileges via (1) a race condition that involves multiple symlink changes to point a file owned by a different user, or (2) a symlink to the directory of a different user, which is used to determine priv
08-08-2017 - 01:30 02-04-2008 - 16:44
CVE-2008-1468 4.3
Cross-site scripting (XSS) vulnerability in namazu.cgi in Namazu before 2.0.18 allows remote attackers to inject arbitrary web script or HTML via UTF-7 encoded input, related to failure to set the charset, a different vector than CVE-2004-1318 and CV
08-08-2017 - 01:30 24-03-2008 - 21:44
CVE-2008-1836 4.3
The rfc2231 function in message.c in libclamav in ClamAV before 0.93 allows remote attackers to cause a denial of service (crash) via a crafted message that produces a string that is not null terminated, which triggers a buffer over-read.
08-08-2017 - 01:30 16-04-2008 - 16:05
CVE-2008-1475 6.4
The xml-rpc server in Roundup 1.4.4 does not check property permissions, which allows attackers to bypass restrictions and edit or read restricted properties via the (1) list, (2) display, and (3) set methods.
08-08-2017 - 01:30 24-03-2008 - 22:44
CVE-2008-1474 4.3
Multiple unspecified vulnerabilities in Roundup before 1.4.4 have unknown impact and attack vectors, some of which may be related to cross-site scripting (XSS).
08-08-2017 - 01:30 24-03-2008 - 22:44
CVE-2008-1381 7.5
ZoneMinder before 1.23.3 allows remote authenticated users, and possibly unauthenticated attackers in some installations, to execute arbitrary commands via shell metacharacters in a crafted URL. The following link contains patch information: http://w
08-08-2017 - 01:30 01-05-2008 - 19:05
CVE-2007-6336 6.8
Off-by-one error in ClamAV before 0.92 allows remote attackers to execute arbitrary code via a crafted MS-ZIP compressed CAB file.
08-08-2017 - 01:29 20-12-2007 - 01:46
CVE-2007-6703 10.0
Unspecified vulnerability in vdccm before 0.10.1 in SynCE (SynCE-dccm) might allow attackers to cause a denial of service via unspecified vectors.
08-08-2017 - 01:29 04-03-2008 - 19:44
CVE-2007-6299 7.5
Multiple SQL injection vulnerabilities in Drupal and vbDrupal 4.7.x before 4.7.9 and 5.x before 5.4 allow remote attackers to execute arbitrary SQL commands via modules that pass input to the taxonomy_select_nodes function, as demonstrated by the (1)
08-08-2017 - 01:29 10-12-2007 - 18:46
CVE-2007-6714 6.8
DBMail before 2.2.9, when using authldap with an LDAP server that supports anonymous login such as Active Directory, allows remote attackers to bypass authentication via an empty password, which causes the LDAP bind to indicate success based on anony
08-08-2017 - 01:29 17-04-2008 - 22:05
CVE-2008-0314 7.5
Heap-based buffer overflow in spin.c in libclamav in ClamAV 0.92.1 allows remote attackers to execute arbitrary code via a crafted PeSpin packed PE binary with a modified length value.
08-08-2017 - 01:29 16-04-2008 - 15:05
CVE-2008-0893 7.5
Red Hat Administration Server, as used by Red Hat Directory Server 8.0 EL4 and EL5, does not properly restrict access to CGI scripts, which allows remote attackers to perform administrative actions.
08-08-2017 - 01:29 16-04-2008 - 18:05
CVE-2008-1010 6.8
Buffer overflow in WebKit, as used in Apple Safari before 3.1, allows remote attackers to execute arbitrary code via crafted regular expressions in JavaScript.
08-08-2017 - 01:29 19-03-2008 - 00:44
CVE-2008-1102 6.8
Stack-based buffer overflow in the imb_loadhdr function in Blender 2.45 allows user-assisted remote attackers to execute arbitrary code via a .blend file that contains a crafted Radiance RGBE image.
08-08-2017 - 01:29 22-04-2008 - 04:41
CVE-2008-1100 10.0
Buffer overflow in the cli_scanpe function in libclamav (libclamav/pe.c) for ClamAV 0.92 and 0.92.1 allows remote attackers to execute arbitrary code via a crafted Upack PE file.
08-08-2017 - 01:29 14-04-2008 - 16:05
CVE-2008-0404 4.3
Cross-site scripting (XSS) vulnerability in Mantis before 1.1.1 allows remote attackers to inject arbitrary web script or HTML via vectors related to the "Most active bugs" summary.
08-08-2017 - 01:29 23-01-2008 - 12:00
CVE-2008-1184 5.0
The DNSSEC validation library (libval) library in dnssec-tools before 1.3.1 does not properly check that the signing key is the APEX trust anchor, which might allow attackers to conduct unspecified attacks.
08-08-2017 - 01:29 06-03-2008 - 00:44
CVE-2008-1149 5.1
phpMyAdmin before 2.11.5 accesses $_REQUEST to obtain some parameters instead of $_GET and $_POST, which allows attackers in the same domain to override certain variables and conduct SQL injection and Cross-Site Request Forgery (CSRF) attacks by usin
08-08-2017 - 01:29 04-03-2008 - 23:44
CVE-2008-1011 4.3
Cross-site scripting (XSS) vulnerability in WebKit, as used in Apple Safari before 3.1, allows remote attackers to inject arbitrary web script or HTML via a frame that calls a method instance in another frame.
08-08-2017 - 01:29 19-03-2008 - 00:44
CVE-2008-0299 4.3
common.py in Paramiko 1.7.1 and earlier, when using threads or forked processes, does not properly use RandomPool, which allows one session to obtain sensitive information from another session by predicting the state of the pool.
08-08-2017 - 01:29 16-01-2008 - 23:00
CVE-2008-0073 6.8
Array index error in the sdpplin_parse function in input/libreal/sdpplin.c in xine-lib 1.1.10.1 allows remote RTSP servers to execute arbitrary code via a large streamid SDP parameter.
08-08-2017 - 01:29 24-03-2008 - 22:44
CVE-2008-1066 7.5
The modifier.regex_replace.php plugin in Smarty before 2.6.19, as used by Serendipity (S9Y) and other products, allows attackers to call arbitrary PHP functions via templates, related to a '\0' character in a search string.
08-08-2017 - 01:29 28-02-2008 - 20:44
CVE-2015-5059 3.5
The "Project Documentation" feature in MantisBT 1.2.19 and earlier, when the threshold to access files ($g_view_proj_doc_threshold) is set to ANYBODY, allows remote authenticated users to download attachments linked to arbitrary private projects via
07-08-2017 - 15:10 01-08-2017 - 14:29
CVE-2007-6035 7.5
SQL injection vulnerability in graph.php in Cacti before 0.8.7a allows remote attackers to execute arbitrary SQL commands via the local_graph_id parameter.
29-07-2017 - 01:34 20-11-2007 - 11:46
CVE-2007-6018 5.8
IMP Webmail Client 4.1.5, Horde Application Framework 3.1.5, and Horde Groupware Webmail Edition 1.0.3 does not validate unspecified HTTP requests, which allows remote attackers to (1) delete arbitrary e-mail messages via a modified numeric ID or (2)
29-07-2017 - 01:33 11-01-2008 - 02:46
CVE-2007-5795 6.3
The hack-local-variables function in Emacs before 22.2, when enable-local-variables is set to :safe, does not properly search lists of unsafe or risky variables, which might allow user-assisted attackers to bypass intended restrictions and modify cri
29-07-2017 - 01:33 02-11-2007 - 22:46
CVE-2007-4826 3.5
bgpd in Quagga before 0.99.9 allows explicitly configured BGP peers to cause a denial of service (crash) via a malformed (1) OPEN message or (2) a COMMUNITY attribute, which triggers a NULL pointer dereference. NOTE: vector 2 only exists when debuggi
29-07-2017 - 01:33 12-09-2007 - 10:17
CVE-2007-5624 4.3
Cross-site scripting (XSS) vulnerability in Nagios 2.x before 2.10 allows remote attackers to inject arbitrary web script or HTML via unknown vectors to unspecified CGI scripts.
29-07-2017 - 01:33 23-10-2007 - 16:46
CVE-2007-5849 9.3
Integer underflow in the asn1_get_string function in the SNMP back end (backend/snmp.c) for CUPS 1.2 through 1.3.4 allows remote attackers to execute arbitrary code via a crafted SNMP response that triggers a stack-based buffer overflow.
29-07-2017 - 01:33 19-12-2007 - 21:46
CVE-2007-4828 4.3
Cross-site scripting (XSS) vulnerability in the API pretty-printing mode in MediaWiki 1.8.0 through 1.8.4, 1.9.0 through 1.9.3, 1.10.0 through 1.10.1, and the 1.11 development versions before 1.11.0 allows remote attackers to inject arbitrary web scr
29-07-2017 - 01:33 12-09-2007 - 19:17
CVE-2007-5963 4.7
Unspecified vulnerability in kdebase allows local users to cause a denial of service (KDM login inaccessible, or resource consumption) via unknown vectors.
29-07-2017 - 01:33 19-12-2007 - 23:46
CVE-2007-4893 4.3
wp-admin/admin-functions.php in Wordpress before 2.2.3 and Wordpress multi-user (MU) before 1.2.5a does not properly verify the unfiltered_html privilege, which allows remote attackers to conduct cross-site scripting (XSS) attacks via modified data t
29-07-2017 - 01:33 14-09-2007 - 18:17
CVE-2007-4894 7.5
Multiple SQL injection vulnerabilities in Wordpress before 2.2.3 and Wordpress multi-user (MU) before 1.2.5a allow remote attackers to execute arbitrary SQL commands via the post_type parameter to the pingback.extensions.getPingbacks method in the XM
29-07-2017 - 01:33 14-09-2007 - 18:17
CVE-2007-5977 3.5
Cross-site scripting (XSS) vulnerability in db_create.php in phpMyAdmin before 2.11.2.1 allows remote authenticated users with CREATE DATABASE privileges to inject arbitrary web script or HTML via a hex-encoded IMG element in the db parameter in a PO
29-07-2017 - 01:33 15-11-2007 - 00:46
CVE-2007-5037 6.8
Buffer overflow in the inotifytools_snprintf function in src/inotifytools.c in the inotify-tools library before 3.11 allows context-dependent attackers to execute arbitrary code via a long filename.
29-07-2017 - 01:33 24-09-2007 - 00:17
CVE-2007-5742 9.0
Directory traversal vulnerability in the WML engine preprocessor for Wesnoth 1.2.x before 1.2.8, and 1.3.x before 1.3.12, allows remote attackers to read arbitrary files via ".." sequences in unknown vectors.
29-07-2017 - 01:33 01-12-2007 - 06:46
CVE-2007-5751 2.1
Liferea before 1.4.6 uses weak permissions (0644) for the feedlist.opml backup file, which allows local users to obtain credentials.
29-07-2017 - 01:33 31-10-2007 - 17:46
CVE-2007-5712 2.6
The internationalization (i18n) framework in Django 0.91, 0.95, 0.95.1, and 0.96, and as used in other products such as PyLucid, when the USE_I18N option and the i18n component are enabled, allows remote attackers to cause a denial of service (memory
29-07-2017 - 01:33 30-10-2007 - 19:46
CVE-2007-5976 6.5
SQL injection vulnerability in db_create.php in phpMyAdmin before 2.11.2.1 allows remote authenticated users with CREATE DATABASE privileges to execute arbitrary SQL commands via the db parameter.
29-07-2017 - 01:33 15-11-2007 - 00:46
CVE-2007-4631 6.9
The DataLoader::doStart function in dataloader.cpp in QGit 1.5.6 and other versions up to 2pre1 allows local users to overwrite arbitrary files and execute arbitrary code via a symlink attack on temporary files with predictable filenames.
29-07-2017 - 01:33 31-08-2007 - 22:17
CVE-2007-4533 6.8
Format string vulnerability in the Say command in sv_main.cpp in Vavoom 1.24 and earlier allows remote attackers to execute arbitrary code via format string specifiers in a chat message, related to a call to the BroadcastPrintf function.
29-07-2017 - 01:33 25-08-2007 - 00:17
CVE-2007-4510 4.3
ClamAV before 0.91.2, as used in Kolab Server 2.0 through 2.2beta1 and other products, allows remote attackers to cause a denial of service (application crash) via (1) a crafted RTF file, which triggers a NULL dereference in the cli_scanrtf function
29-07-2017 - 01:32 23-08-2007 - 19:17
CVE-2007-4225 6.8
Visual truncation vulnerability in KDE Konqueror 3.5.7 allows remote attackers to spoof the URL address bar via an http URI with a large amount of whitespace in the user/password portion.
29-07-2017 - 01:32 08-08-2007 - 21:17
CVE-2007-3917 7.8
The multiplayer engine in Wesnoth 1.2.x before 1.2.7 and 1.3.x before 1.3.9 allows remote servers to cause a denial of service (crash) via a long message with multibyte characters that can produce an invalid UTF-8 string after it is truncated, which
29-07-2017 - 01:32 11-10-2007 - 10:17
CVE-2007-3113 6.8
Cacti 0.8.6i, and possibly other versions, allows remote authenticated users to cause a denial of service (CPU consumption) via a large value of the (1) graph_height or (2) graph_width parameter, different vectors than CVE-2007-3112.
29-07-2017 - 01:31 07-06-2007 - 21:30
CVE-2007-3112 7.8
graph_image.php in Cacti 0.8.6i, and possibly other versions, allows remote authenticated users to cause a denial of service (CPU consumption) via a large value of the (1) graph_start or (2) graph_end parameter, different vectors than CVE-2007-3113.
29-07-2017 - 01:31 07-06-2007 - 21:30
CVE-2007-2958 6.8
Format string vulnerability in the inc_put_error function in src/inc.c in Sylpheed 2.4.4, and Sylpheed-Claws (Claws Mail) 1.9.100 and 2.10.0, allows remote POP3 servers to execute arbitrary code via format string specifiers in crafted replies.
29-07-2017 - 01:31 27-08-2007 - 17:17
CVE-2007-2165 5.1
The Auth API in ProFTPD before 20070417, when multiple simultaneous authentication modules are configured, does not require that the module that checks authentication is the same as the module that retrieves authentication data, which might allow rem
29-07-2017 - 01:31 22-04-2007 - 19:19
CVE-2007-0772 7.8
The Linux kernel 2.6.13 and other versions before 2.6.20.1 allows remote attackers to cause a denial of service (oops) via a crafted NFSACL 2 ACCESS request that triggers a free of an incorrect pointer.
29-07-2017 - 01:30 20-02-2007 - 17:28
CVE-2007-0247 5.0
squid/src/ftp.c in Squid before 2.6.STABLE7 allows remote FTP servers to cause a denial of service (core dump) via crafted FTP directory listing responses, possibly related to the (1) ftpListingFinish and (2) ftpHtmlifyListEntry functions.
29-07-2017 - 01:30 16-01-2007 - 18:28
CVE-2006-6939 4.6
GNU ed before 0.3 allows local users to overwrite arbitrary files via a symlink attack on temporary files, possibly in the open_sbuf function.
29-07-2017 - 01:29 17-01-2007 - 00:28
CVE-2007-0007 3.6
gnucash 2.0.4 and earlier allows local users to overwrite arbitrary files via a symlink attack on the (1) gnucash.trace, (2) qof.trace, and (3) qof.trace.[PID] temporary files.
29-07-2017 - 01:29 20-02-2007 - 02:28
CVE-2006-5876 7.8
The soup_headers_parse function in soup-headers.c for libsoup HTTP library before 2.2.99 allows remote attackers to cause a denial of service (crash) via malformed HTTP headers, probably involving missing fields or values.
20-07-2017 - 01:34 16-01-2007 - 19:28
CVE-2006-5072 6.2
The System.CodeDom.Compiler classes in Novell Mono create temporary files with insecure permissions, which allows local users to overwrite arbitrary files or execute arbitrary code via a symlink attack.
20-07-2017 - 01:33 10-10-2006 - 04:06
CVE-2006-1296 7.5
Untrusted search path vulnerability in Beagle 0.2.2.1 might allow local users to gain privileges via a malicious beagle-info program in the current working directory, or possibly directories specified in the PATH.
20-07-2017 - 01:30 19-03-2006 - 23:02
CVE-2006-1061 7.5
Heap-based buffer overflow in cURL and libcURL 7.15.0 through 7.15.2 allows remote attackers to execute arbitrary commands via a TFTP URL (tftp://) with a valid hostname and a long path. Update to version 7.15.3.
20-07-2017 - 01:30 21-03-2006 - 01:06
CVE-2006-1524 3.6
madvise_remove in Linux kernel 2.6.16 up to 2.6.16.6 does not follow file and mmap restrictions, which allows local users to bypass IPC permissions and replace portions of readonly tmpfs files with zeroes, aka the MADV_REMOVE vulnerability. NOTE: th
20-07-2017 - 01:30 19-04-2006 - 18:18
CVE-2005-3354 5.1
Stack-based buffer overflow in the ldif_get_line function in ldif.c of Sylpheed before 2.1.6 allows user-assisted attackers to execute arbitrary code by having local users import LDIF files with long lines.
11-07-2017 - 01:33 20-11-2005 - 21:03
CVE-2004-0397 7.5
Stack-based buffer overflow during the apr_time_t data conversion in Subversion 1.0.2 and earlier allows remote attackers to execute arbitrary code via a (1) DAV2 REPORT query or (2) get-dated-rev svn-protocol command.
11-07-2017 - 01:30 07-07-2004 - 04:00
CVE-2004-0412 5.0
Mailman before 2.1.5 allows remote attackers to obtain user passwords via a crafted email request to the Mailman server.
11-07-2017 - 01:30 18-08-2004 - 04:00
CVE-2004-0749 5.0
The mod_authz_svn module in Subversion 1.0.7 and earlier does not properly restrict access to all metadata on unreadable paths, which could allow remote attackers to gain sensitive information via (1) svn log -v, (2) svn propget, or (3) svn blame, an
11-07-2017 - 01:30 23-12-2004 - 05:00
CVE-2004-0413 10.0
libsvn_ra_svn in Subversion 1.0.4 trusts the length field of (1) svn://, (2) svn+ssh://, and (3) other svn protocol URL strings, which allows remote attackers to cause a denial of service (memory consumption) and possibly execute arbitrary code via a
11-07-2017 - 01:30 06-08-2004 - 04:00
CVE-2004-1318 4.3
Cross-site scripting (XSS) vulnerability in namazu.cgi for Namazu 2.0.13 and earlier allows remote attackers to inject arbitrary HTML and web script via a query that starts with a tab ("%09") character, which prevents the rest of the query from being
11-07-2017 - 01:30 06-01-2005 - 05:00
CVE-2004-0626 5.0
The tcp_find_option function of the netfilter subsystem in Linux kernel 2.6, when using iptables and TCP options rules, allows remote attackers to cause a denial of service (CPU consumption by infinite loop) via a large option length that produces a
11-07-2017 - 01:30 06-12-2004 - 05:00
CVE-2004-0228 7.2
Integer signedness error in the cpufreq proc handler (cpufreq_procctl) in Linux kernel 2.6 allows local users to gain privileges.
11-07-2017 - 01:29 18-08-2004 - 04:00
CVE-2016-7949 7.5
Multiple buffer overflows in the (1) XvQueryAdaptors and (2) XvQueryEncodings functions in X.org libXrender before 0.9.10 allow remote X servers to trigger out-of-bounds write operations via vectors involving length fields.
01-07-2017 - 01:30 13-12-2016 - 20:59
CVE-2016-7945 5.0
Multiple integer overflows in X.org libXi before 1.7.7 allow remote X servers to cause a denial of service (out-of-bounds memory access or infinite loop) via vectors involving length fields.
01-07-2017 - 01:30 13-12-2016 - 20:59
CVE-2016-7405 7.5
The qstr method in the PDO driver in the ADOdb Library for PHP before 5.x before 5.20.7 might allow remote attackers to conduct SQL injection attacks via vectors related to incorrect quoting.
01-07-2017 - 01:30 03-10-2016 - 18:59
CVE-2016-7953 7.5
Buffer underflow in X.org libXvMC before 1.0.10 allows remote X servers to have unspecified impact via an empty string.
01-07-2017 - 01:30 13-12-2016 - 20:59
CVE-2016-7944 7.5
Integer overflow in X.org libXfixes before 5.0.3 on 32-bit platforms might allow remote X servers to gain privileges via a length value of INT_MAX, which triggers the client to stop reading data and get out of sync.
01-07-2017 - 01:30 13-12-2016 - 20:59
CVE-2016-7948 7.5
X.org libXrandr before 1.5.1 allows remote X servers to trigger out-of-bounds write operations by leveraging mishandling of reply data.
01-07-2017 - 01:30 13-12-2016 - 20:59
CVE-2016-7950 7.5
The XRenderQueryFilters function in X.org libXrender before 0.9.10 allows remote X servers to trigger out-of-bounds write operations via vectors involving filter name lengths.
01-07-2017 - 01:30 13-12-2016 - 20:59
CVE-2016-7947 7.5
Multiple integer overflows in X.org libXrandr before 1.5.1 allow remote X servers to trigger out-of-bounds write operations via a crafted response.
01-07-2017 - 01:30 13-12-2016 - 20:59
CVE-2016-7946 5.0
X.org libXi before 1.7.7 allows remote X servers to cause a denial of service (infinite loop) via vectors involving length fields.
01-07-2017 - 01:30 13-12-2016 - 20:59
CVE-2014-8503 7.5
Stack-based buffer overflow in the ihex_scan function in bfd/ihex.c in GNU binutils 2.24 and earlier allows remote attackers to cause a denial of service (crash) and possibly have other unspecified impact via a crafted ihex file.
01-07-2017 - 01:29 09-12-2014 - 23:59
CVE-2015-7511 1.9
Libgcrypt before 1.6.5 does not properly perform elliptic-point curve multiplication during decryption, which makes it easier for physically proximate attackers to extract ECDH keys by measuring electromagnetic emanations.
01-07-2017 - 01:29 19-04-2016 - 21:59
CVE-2013-7459 7.5
Heap-based buffer overflow in the ALGnew function in block_templace.c in Python Cryptography Toolkit (aka pycrypto) allows remote attackers to execute arbitrary code as demonstrated by a crafted iv parameter to cryptmsg.py.
01-07-2017 - 01:29 15-02-2017 - 15:59
CVE-2014-8990 7.5
default-rsyncssh.lua in Lsyncd 2.1.5 and earlier allows remote attackers to execute arbitrary commands via shell metacharacters in a filename.
01-07-2017 - 01:29 05-12-2014 - 16:59
CVE-2016-5140 7.5
Heap-based buffer overflow in the opj_j2k_read_SQcd_SQcc function in j2k.c in OpenJPEG, as used in PDFium in Google Chrome before 52.0.2743.116, allows remote attackers to cause a denial of service or possibly have unspecified other impact via crafte
01-07-2017 - 01:29 07-08-2016 - 19:59
CVE-2014-8737 3.6
Multiple directory traversal vulnerabilities in GNU binutils 2.24 and earlier allow local users to delete arbitrary files via a .. (dot dot) or full path name in an archive to (1) strip or (2) objcopy or create arbitrary files via (3) a .. (dot dot)
01-07-2017 - 01:29 09-12-2014 - 23:59
CVE-2016-5145 6.8
Blink, as used in Google Chrome before 52.0.2743.116, does not ensure that a taint property is preserved after a structure-clone operation on an ImageBitmap object derived from a cross-origin image, which allows remote attackers to bypass the Same Or
01-07-2017 - 01:29 07-08-2016 - 19:59
CVE-2015-8380 7.5
The pcre_exec function in pcre_exec.c in PCRE before 8.38 mishandles a // pattern with a \01 string, which allows remote attackers to cause a denial of service (heap-based buffer overflow) or possibly have unspecified other impact via a crafted regul
01-07-2017 - 01:29 02-12-2015 - 01:59
CVE-2016-5142 7.5
The Web Cryptography API (aka WebCrypto) implementation in Blink, as used in Google Chrome before 52.0.2743.116, does not properly copy data buffers, which allows remote attackers to cause a denial of service (use-after-free) or possibly have unspeci
01-07-2017 - 01:29 07-08-2016 - 19:59
CVE-2015-7814 4.7
Race condition in the relinquish_memory function in arch/arm/domain.c in Xen 4.6.x and earlier allows local domains with partial management control to cause a denial of service (host crash) via vectors involving the destruction of a domain and using
01-07-2017 - 01:29 30-10-2015 - 15:59
CVE-2014-8504 7.5
Stack-based buffer overflow in the srec_scan function in bfd/srec.c in GNU binutils 2.24 and earlier allows remote attackers to cause a denial of service (crash) and possibly have other unspecified impact via a crafted file.
01-07-2017 - 01:29 09-12-2014 - 23:59
CVE-2014-8738 5.0
The _bfd_slurp_extended_name_table function in bfd/archive.c in GNU binutils 2.24 and earlier allows remote attackers to cause a denial of service (invalid write, segmentation fault, and crash) via a crafted extended name table in an archive.
01-07-2017 - 01:29 15-01-2015 - 15:59
CVE-2015-7970 4.9
The p2m_pod_emergency_sweep function in arch/x86/mm/p2m-pod.c in Xen 3.4.x, 3.5.x, and 3.6.x is not preemptible, which allows local x86 HVM guest administrators to cause a denial of service (CPU consumption and possibly reboot) via crafted memory con
01-07-2017 - 01:29 30-10-2015 - 15:59
CVE-2016-5407 7.5
The (1) XvQueryAdaptors and (2) XvQueryEncodings functions in X.org libXv before 1.0.11 allow remote X servers to trigger out-of-bounds memory access operations via vectors involving length specifications in received data.
01-07-2017 - 01:29 13-12-2016 - 20:59
CVE-2014-8501 7.5
The _bfd_XXi_swap_aouthdr_in function in bfd/peXXigen.c in GNU binutils 2.24 and earlier allows remote attackers to cause a denial of service (out-of-bounds write) and possibly have other unspecified impact via a crafted NumberOfRvaAndSizes field in
01-07-2017 - 01:29 09-12-2014 - 23:59
CVE-2015-7981 5.0
The png_convert_to_rfc1123 function in png.c in libpng 1.0.x before 1.0.64, 1.2.x before 1.2.54, and 1.4.x before 1.4.17 allows remote attackers to obtain sensitive process memory information via crafted tIME chunk data in an image file, which trigge
01-07-2017 - 01:29 24-11-2015 - 20:59
CVE-2014-8484 5.0
The srec_scan function in bfd/srec.c in libdbfd in GNU binutils before 2.25 allows remote attackers to cause a denial of service (out-of-bounds read) via a small S-record.
01-07-2017 - 01:29 09-12-2014 - 23:59
CVE-2014-8485 7.5
The setup_group function in bfd/elf.c in libbfd in GNU binutils 2.24 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via crafted section group headers in an ELF file.
01-07-2017 - 01:29 09-12-2014 - 23:59
CVE-2016-5141 5.0
Blink, as used in Google Chrome before 52.0.2743.116, allows remote attackers to spoof the address bar via vectors involving a provisional URL for an initially empty document, related to FrameLoader.cpp and ScopedPageLoadDeferrer.cpp.
01-07-2017 - 01:29 07-08-2016 - 19:59
CVE-2016-5143 7.5
The Developer Tools (aka DevTools) subsystem in Blink, as used in Google Chrome before 52.0.2743.116, mishandles the script-path hostname, remoteBase parameter, and remoteFrontendUrl parameter, which allows remote attackers to bypass intended access
01-07-2017 - 01:29 07-08-2016 - 19:59
CVE-2016-5144 7.5
The Developer Tools (aka DevTools) subsystem in Blink, as used in Google Chrome before 52.0.2743.116, mishandles the script-path hostname, remoteBase parameter, and remoteFrontendUrl parameter, which allows remote attackers to bypass intended access
01-07-2017 - 01:29 07-08-2016 - 19:59
CVE-2014-8502 7.5
Heap-based buffer overflow in the pe_print_edata function in bfd/peXXigen.c in GNU binutils 2.24 and earlier allows remote attackers to cause a denial of service (crash) and possibly have other unspecified impact via a truncated export table in a PE
01-07-2017 - 01:29 09-12-2014 - 23:59
CVE-2016-2849 5.0
Botan before 1.10.13 and 1.11.x before 1.11.29 do not use a constant-time algorithm to perform a modular inverse on the signature nonce k, which might allow remote attackers to obtain ECDSA secret keys via a timing side-channel attack.
01-07-2017 - 01:29 13-05-2016 - 14:59
CVE-2016-2086 5.0
Node.js 0.10.x before 0.10.42, 0.12.x before 0.12.10, 4.x before 4.3.0, and 5.x before 5.6.0 allow remote attackers to conduct HTTP request smuggling attacks via a crafted Content-Length HTTP header.
01-07-2017 - 01:29 07-04-2016 - 21:59
CVE-2016-2216 4.3
The HTTP header parsing code in Node.js 0.10.x before 0.10.42, 0.11.6 through 0.11.16, 0.12.x before 0.12.10, 4.x before 4.3.0, and 5.x before 5.6.0 allows remote attackers to bypass an HTTP response-splitting protection mechanism via UTF-8 encoded U
01-07-2017 - 01:29 07-04-2016 - 21:59
CVE-2016-1684 5.1
numbers.c in libxslt before 1.1.29, as used in Google Chrome before 51.0.2704.63, mishandles the i format token for xsl:number data, which allows remote attackers to cause a denial of service (integer overflow or resource consumption) or possibly hav
01-07-2017 - 01:29 05-06-2016 - 23:59
CVE-2015-5288 6.4
The crypt function in contrib/pgcrypto in PostgreSQL before 9.0.23, 9.1.x before 9.1.19, 9.2.x before 9.2.14, 9.3.x before 9.3.10, and 9.4.x before 9.4.5 allows attackers to cause a denial of service (server crash) or read arbitrary server memory via
01-07-2017 - 01:29 26-10-2015 - 14:59
CVE-2016-2271 2.1
VMX in Xen 4.6.x and earlier, when using an Intel or Cyrix CPU, allows local HVM guest users to cause a denial of service (guest crash) via vectors related to a non-canonical RIP. <a href="http://cwe.mitre.org/data/definitions/476.html">CWE-476: NULL
01-07-2017 - 01:29 19-02-2016 - 16:59
CVE-2016-2270 4.6
Xen 4.6.x and earlier allows local guest administrators to cause a denial of service (host reboot) via vectors related to multiple mappings of MMIO pages with different cachability settings.
01-07-2017 - 01:29 19-02-2016 - 16:59
CVE-2016-2850 5.0
Botan 1.11.x before 1.11.29 does not enforce TLS policy for (1) signature algorithms and (2) ECC curves, which allows remote attackers to conduct downgrade attacks via unspecified vectors.
01-07-2017 - 01:29 13-05-2016 - 14:59
CVE-2015-3202 3.6
fusermount in FUSE before 2.9.3-15 does not properly clear the environment before invoking (1) mount or (2) umount as root, which allows local users to write to arbitrary files via a crafted LIBMOUNT_MTAB environment variable that is used by mount's
01-07-2017 - 01:29 02-07-2015 - 21:59
CVE-2016-2088 4.3
resolver.c in named in ISC BIND 9.10.x before 9.10.3-P4, when DNS cookies are enabled, allows remote attackers to cause a denial of service (INSIST assertion failure and daemon exit) via a malformed packet with more than one cookie option.
01-07-2017 - 01:29 09-03-2016 - 23:59
CVE-2015-2782 7.5
Buffer overflow in Open-source ARJ archiver 3.10.22 allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted ARJ archive.
01-07-2017 - 01:29 08-04-2015 - 18:59
CVE-2010-2642 7.6
Heap-based buffer overflow in the AFM font parser in the dvi-backend component in Evince 2.32 and earlier, teTeX 3.0, t1lib 5.1.2, and possibly other products allows remote attackers to cause a denial of service (application crash) or possibly execut
01-07-2017 - 01:29 07-01-2011 - 19:00
CVE-2015-1609 5.0
MongoDB before 2.4.13 and 2.6.x before 2.6.8 allows remote attackers to cause a denial of service via a crafted UTF-8 string in a BSON request.
01-07-2017 - 01:29 30-03-2015 - 14:59
CVE-2015-0557 5.8
Open-source ARJ archiver 3.10.22 does not properly remove leading slashes from paths, which allows remote attackers to conduct absolute path traversal attacks and write to arbitrary files via multiple leading slashes in a path in an ARJ archive.
01-07-2017 - 01:29 08-04-2015 - 18:59
CVE-2015-0556 5.8
Open-source ARJ archiver 3.10.22 allows remote attackers to conduct directory traversal attacks via a symlink attack in an ARJ archive.
01-07-2017 - 01:29 08-04-2015 - 18:59
CVE-2013-1964 6.9
Xen 4.0.x and 4.1.x incorrectly releases a grant reference when releasing a non-v1, non-transitive grant, which allows local guest administrators to cause a denial of service (host crash), obtain sensitive information, or possibly have other impacts
30-06-2017 - 01:29 21-05-2013 - 18:55
CVE-2016-3095 2.1
server/bin/pulp-gen-ca-certificate in Pulp before 2.8.2 allows local users to read the generated private key.
15-06-2017 - 14:13 08-06-2017 - 19:29
CVE-2013-2071 2.6
java/org/apache/catalina/core/AsyncContextImpl.java in Apache Tomcat 7.x before 7.0.40 does not properly handle the throwing of a RuntimeException in an AsyncListener in an application, which allows context-dependent attackers to obtain sensitive req
23-05-2017 - 01:29 01-06-2013 - 14:21
CVE-2016-5410 2.1
firewalld.py in firewalld before 0.4.3.3 allows local users to bypass authentication and modify firewall configurations via the (1) addPassthrough, (2) removePassthrough, (3) addEntry, (4) removeEntry, or (5) setEntries D-Bus API method.
25-04-2017 - 14:59 19-04-2017 - 14:59
CVE-2013-2005 6.8
X.org libXt 1.1.3 and earlier does not check the return value of the XGetWindowProperty function, which allows X servers to trigger use of an uninitialized pointer and memory corruption via vectors related to the (1) ReqCleanup, (2) HandleSelectionEv
21-04-2017 - 01:59 15-06-2013 - 20:55
CVE-2013-2003 6.8
Integer overflow in X.org libXcursor 1.1.13 and earlier allows X servers to trigger allocation of insufficient memory and a buffer overflow via vectors related to the _XcursorFileHeaderCreate function.
21-04-2017 - 01:59 15-06-2013 - 20:55
CVE-2013-2002 6.8
Buffer overflow in X.org libXt 1.1.3 and earlier allows X servers to cause a denial of service (crash) and possibly execute arbitrary code via crafted length or index values to the _XtResourceConfigurationEH function.
21-04-2017 - 01:59 15-06-2013 - 20:55
CVE-2015-1839 4.6
modules/chef.py in SaltStack before 2014.7.4 does not properly handle files in /tmp.
19-04-2017 - 19:36 13-04-2017 - 14:59
CVE-2015-1838 4.6
modules/serverdensity_device.py in SaltStack before 2014.7.4 does not properly handle files in /tmp.
19-04-2017 - 19:35 13-04-2017 - 14:59
CVE-2017-5849 4.3
tiffttopnm in netpbm 10.47.63 does not properly use the libtiff TIFFRGBAImageGet function, which allows remote attackers to cause a denial of service (out-of-bounds read and write) via a crafted tiff image file, related to transposing width and heigh
07-04-2017 - 18:03 15-03-2017 - 19:59
CVE-2017-5330 6.8
ark before 16.12.1 might allow remote attackers to execute arbitrary code via an executable in an archive, related to associated applications.
31-03-2017 - 10:52 27-03-2017 - 15:59
CVE-2016-10133 7.5
Heap-based buffer overflow in the js_stackoverflow function in jsrun.c in Artifex Software, Inc. MuJS allows attackers to have unspecified impact by leveraging an error when dropping extra arguments to lightweight functions.
27-03-2017 - 16:54 24-03-2017 - 15:59
CVE-2016-10132 5.0
regexp.c in Artifex Software, Inc. MuJS allows attackers to cause a denial of service (NULL pointer dereference and crash) via vectors related to regular expression compilation.
27-03-2017 - 16:44 24-03-2017 - 15:59
CVE-2016-8886 6.8
The jas_malloc function in libjasper/base/jas_malloc.c in JasPer before 1.900.11 allows remote attackers to have unspecified impact via a crafted file, which triggers a memory allocation failure.
27-03-2017 - 15:35 23-03-2017 - 18:59
CVE-2016-7553 2.1
The buf.pl script before 2.20 in Irssi before 0.8.20 uses weak permissions for the scrollbuffer dump file created between upgrades, which might allow local users to obtain sensitive information from private chat conversations by reading the file.
15-03-2017 - 17:31 27-02-2017 - 22:59
CVE-2016-7970 5.0
Buffer overflow in the calc_coeff function in libass/ass_blur.c in libass before 0.13.4 allows remote attackers to cause a denial of service via unspecified vectors.
04-03-2017 - 23:31 03-03-2017 - 16:59
CVE-2016-9132 7.5
In Botan 1.8.0 through 1.11.33, when decoding BER data an integer overflow could occur, which would cause an incorrect length field to be computed. Some API callers may use the returned (incorrect and attacker controlled) length field in a way which
02-03-2017 - 15:47 30-01-2017 - 22:59
CVE-2005-3179 2.1
drm.c in Linux kernel 2.6.10 to 2.6.13 creates a debug file in sysfs with world-readable and world-writable permissions, which allows local users to enable DRM debugging and obtain sensitive information.
19-02-2017 - 05:09 12-10-2005 - 13:03
CVE-2017-5357 5.0
regex.c in GNU ed before 1.14.1 allows attackers to cause a denial of service (crash) via a malformed command, which triggers an invalid free.
17-02-2017 - 17:48 17-02-2017 - 02:59
CVE-2016-6866 5.0
slock allows attackers to bypass the screen lock via vectors involving an invalid password hash, which triggers a NULL pointer dereference and crash.
17-02-2017 - 17:43 15-02-2017 - 19:59
CVE-2014-9527 5.0
HSLFSlideShow in Apache POI before 3.11 allows remote attackers to cause a denial of service (infinite loop and deadlock) via a crafted PPT file.
11-02-2017 - 02:59 06-01-2015 - 15:59
CVE-2012-0213 5.0
The UnhandledDataStructure function in hwpf/model/UnhandledDataStructure.java in Apache POI 3.8 and earlier allows remote attackers to cause a denial of service (OutOfMemoryError exception and possibly JVM destabilization) via a crafted length value
11-02-2017 - 02:59 07-08-2012 - 21:55
CVE-2016-3071 5.0
Libreswan 3.16 might allow remote attackers to cause a denial of service (daemon restart) via an IKEv2 aes_xcbc transform.
07-02-2017 - 02:59 18-04-2016 - 14:59
CVE-2016-8606 7.5
The REPL server (--listen) in GNU Guile 2.0.12 allows an attacker to execute arbitrary code via an HTTP inter-protocol attack.
18-01-2017 - 16:27 12-01-2017 - 22:59
CVE-2016-8605 5.0
The mkdir procedure of GNU Guile temporarily changed the process' umask to zero. During that time window, in a multithreaded application, other threads could end up creating files with insecure permissions. For example, mkdir without the optional mod
18-01-2017 - 15:59 12-01-2017 - 22:59
CVE-2014-3505 5.0
Double free vulnerability in d1_both.c in the DTLS implementation in OpenSSL 0.9.8 before 0.9.8zb, 1.0.0 before 1.0.0n, and 1.0.1 before 1.0.1i allows remote attackers to cause a denial of service (application crash) via crafted DTLS packets that tri
07-01-2017 - 03:00 13-08-2014 - 23:55
CVE-2013-6400 6.8
Xen 4.2.x and 4.3.x, when using Intel VT-d and a PCI device has been assigned, does not clear the flag that suppresses IOMMU TLB flushes when unspecified errors occur, which causes the TLB entries to not be flushed and allows local guest administrato
07-01-2017 - 02:59 13-12-2013 - 18:55
CVE-2013-6442 5.8
The owner_set function in smbcacls.c in smbcacls in Samba 4.0.x before 4.0.16 and 4.1.x before 4.1.6 removes an ACL during use of a --chown or --chgrp option, which allows remote attackers to bypass intended access restrictions in opportunistic circu
07-01-2017 - 02:59 14-03-2014 - 10:55
CVE-2013-4353 4.3
The ssl3_take_mac function in ssl/s3_both.c in OpenSSL 1.0.1 before 1.0.1f allows remote TLS servers to cause a denial of service (NULL pointer dereference and application crash) via a crafted Next Protocol Negotiation record in a TLS handshake.
07-01-2017 - 02:59 09-01-2014 - 01:55
CVE-2014-2653 5.8
The verify_host_key function in sshconnect.c in the client in OpenSSH 6.6 and earlier allows remote servers to trigger the skipping of SSHFP DNS RR checking by presenting an unacceptable HostCertificate.
07-01-2017 - 02:59 27-03-2014 - 10:55
CVE-2014-1546 4.3
The response function in the JSONP endpoint in WebService/Server/JSONRPC.pm in jsonrpc.cgi in Bugzilla 3.x and 4.x before 4.0.14, 4.1.x and 4.2.x before 4.2.10, 4.3.x and 4.4.x before 4.4.5, and 4.5.x before 4.5.5 accepts certain long callback values
07-01-2017 - 02:59 14-08-2014 - 11:15
CVE-2014-8989 4.6
The Linux kernel through 3.17.4 does not properly restrict dropping of supplemental group memberships in certain namespace scenarios, which allows local users to bypass intended file permissions by leveraging a POSIX ACL containing an entry for the g
03-01-2017 - 02:59 30-11-2014 - 01:59
CVE-2014-8630 6.5
Bugzilla before 4.0.16, 4.1.x and 4.2.x before 4.2.12, 4.3.x and 4.4.x before 4.4.7, and 5.x before 5.0rc1 allows remote authenticated users to execute arbitrary commands by leveraging the editcomponents privilege and triggering crafted input to a tw
03-01-2017 - 02:59 01-02-2015 - 15:59
CVE-2014-9328 7.5
ClamAV before 0.98.6 allows remote attackers to have unspecified impact via a crafted upack packer file, related to a "heap out of bounds condition."
03-01-2017 - 02:59 03-02-2015 - 16:59
CVE-2014-9721 4.3
libzmq before 4.0.6 and 4.1.x before 4.1.1 allows remote attackers to conduct downgrade attacks and bypass ZMTP v3 protocol security mechanisms via a ZMTP v2 or earlier header.
03-01-2017 - 02:59 03-06-2015 - 20:59
CVE-2014-4668 6.8
The cherokee_validator_ldap_check function in validator_ldap.c in Cherokee 1.2.103 and earlier, when LDAP is used, does not properly consider unauthenticated-bind semantics, which allows remote attackers to bypass authentication via an empty password
03-01-2017 - 02:59 02-07-2014 - 04:14
CVE-2015-1258 7.5
Google Chrome before 43.0.2357.65 relies on libvpx code that was not built with an appropriate --size-limit value, which allows remote attackers to trigger a negative value for a size field, and consequently cause a denial of service or possibly have
03-01-2017 - 02:59 20-05-2015 - 10:59
CVE-2015-0840 4.3
The dpkg-source command in Debian dpkg before 1.16.16 and 1.17.x before 1.17.25 allows remote attackers to bypass signature verification via a crafted Debian source control file (.dsc).
03-01-2017 - 02:59 13-04-2015 - 14:59
CVE-2014-3684 6.8
The tm_adopt function in lib/Libifl/tm.c in Terascale Open-Source Resource and Queue Manager (aka TORQUE Resource Manager) 5.0.x, 4.5.x, 4.2.x, and earlier does not validate that the owner of the process also owns the adopted session id, which allows
31-12-2016 - 02:59 30-10-2014 - 14:55
CVE-2015-5986 7.1
openpgpkey_61.c in named in ISC BIND 9.9.7 before 9.9.7-P3 and 9.10.x before 9.10.2-P4 allows remote attackers to cause a denial of service (REQUIRE assertion failure and daemon exit) via a crafted DNS response.
31-12-2016 - 02:59 05-09-2015 - 02:59
CVE-2013-4568 4.3
Incomplete blacklist vulnerability in Sanitizer::checkCss in MediaWiki before 1.19.9, 1.20.x before 1.20.8, and 1.21.x before 1.21.3 allows remote attackers to conduct cross-site scripting (XSS) attacks via certain non-ASCII characters in CSS, as dem
31-12-2016 - 02:59 13-12-2013 - 18:07
CVE-2015-4050 4.3
FragmentListener in the HttpKernel component in Symfony 2.3.19 through 2.3.28, 2.4.9 through 2.4.10, 2.5.4 through 2.5.11, and 2.6.0 through 2.6.7, when ESI or SSI support enabled, does not check if the _controller attribute is set, which allows remo
31-12-2016 - 02:59 02-06-2015 - 14:59
CVE-2013-4567 4.3
Incomplete blacklist vulnerability in Sanitizer::checkCss in MediaWiki before 1.19.9, 1.20.x before 1.20.8, and 1.21.x before 1.21.3 allows remote attackers to conduct cross-site scripting (XSS) attacks via a \b (backspace) character in CSS. Per: htt
31-12-2016 - 02:59 13-12-2013 - 18:07
CVE-2015-5722 7.8
buffer.c in named in ISC BIND 9.x before 9.9.7-P3 and 9.10.x before 9.10.2-P4 allows remote attackers to cause a denial of service (assertion failure and daemon exit) by creating a zone containing a malformed DNSSEC key and issuing a query for a name
31-12-2016 - 02:59 05-09-2015 - 02:59
CVE-2016-2115 4.3
Samba 3.x and 4.x before 4.2.11, 4.3.x before 4.3.8, and 4.4.x before 4.4.2 does not require SMB signing within a DCERPC session over ncacn_np, which allows man-in-the-middle attackers to spoof SMB clients by modifying the client-server data stream.
31-12-2016 - 02:59 25-04-2016 - 00:59
CVE-2015-3983 4.3
The pcs daemon (pcsd) in PCS 0.9.137 and earlier does not include the HTTPOnly flag in a Set-Cookie header, which makes it easier for remote attackers to obtain potentially sensitive information via script access to this cookie. NOTE: this issue was
31-12-2016 - 02:59 14-05-2015 - 14:59
CVE-2016-2111 4.3
The NETLOGON service in Samba 3.x and 4.x before 4.2.11, 4.3.x before 4.3.8, and 4.4.x before 4.4.2, when a domain controller is configured, allows remote attackers to spoof the computer name of a secure channel's endpoint, and obtain sensitive sessi
31-12-2016 - 02:59 25-04-2016 - 00:59
CVE-2015-3339 6.2
Race condition in the prepare_binprm function in fs/exec.c in the Linux kernel before 3.19.6 allows local users to gain privileges by executing a setuid program at a time instant when a chown to root is in progress, and the ownership is changed but t
31-12-2016 - 02:59 27-05-2015 - 10:59
CVE-2016-2113 5.8
Samba 4.x before 4.2.11, 4.3.x before 4.3.8, and 4.4.x before 4.4.2 does not verify X.509 certificates from TLS servers, which allows man-in-the-middle attackers to spoof LDAPS and HTTPS servers and obtain sensitive information via a crafted certific
31-12-2016 - 02:59 25-04-2016 - 00:59
CVE-2015-3223 5.0
The ldb_wildcard_compare function in ldb_match.c in ldb before 1.1.24, as used in the AD LDAP server in Samba 4.x before 4.1.22, 4.2.x before 4.2.7, and 4.3.x before 4.3.3, mishandles certain zero values, which allows remote attackers to cause a deni
31-12-2016 - 02:59 29-12-2015 - 22:59
CVE-2016-2110 4.3
The NTLMSSP authentication implementation in Samba 3.x and 4.x before 4.2.11, 4.3.x before 4.3.8, and 4.4.x before 4.4.2 allows man-in-the-middle attackers to perform protocol-downgrade attacks by modifying the client-server data stream to remove app
31-12-2016 - 02:59 25-04-2016 - 00:59
CVE-2016-2112 4.3
The bundled LDAP client library in Samba 3.x and 4.x before 4.2.11, 4.3.x before 4.3.8, and 4.4.x before 4.4.2 does not recognize the "client ldap sasl wrapping" setting, which allows man-in-the-middle attackers to perform LDAP protocol-downgrade att
31-12-2016 - 02:59 25-04-2016 - 00:59
CVE-2016-2114 4.3
The SMB1 protocol implementation in Samba 4.x before 4.2.11, 4.3.x before 4.3.8, and 4.4.x before 4.4.2 does not recognize the "server signing = mandatory" setting, which allows man-in-the-middle attackers to spoof SMB servers by modifying the client
31-12-2016 - 02:59 25-04-2016 - 00:59
CVE-2013-2072 7.4
Buffer overflow in the Python bindings for the xc_vcpu_setaffinity call in Xen 4.0.x, 4.1.x, and 4.2.x allows local administrators with permissions to configure VCPU affinity to cause a denial of service (memory corruption and xend toolstack crash) a
31-12-2016 - 02:59 28-08-2013 - 21:55
CVE-2015-1803 8.5
The bdfReadCharacters function in bitmap/bdfread.c in X.Org libXfont before 1.4.9 and 1.5.x before 1.5.1 does not properly handle character bitmaps it cannot read, which allows remote authenticated users to cause a denial of service (NULL pointer der
31-12-2016 - 02:59 20-03-2015 - 14:59
CVE-2015-1860 6.8
Multiple buffer overflows in gui/image/qgifhandler.cpp in the QtBase module in Qt before 4.8.7 and 5.x before 5.4.2 allow remote attackers to cause a denial of service (segmentation fault) and possibly execute arbitrary code via a crafted GIF image.
31-12-2016 - 02:59 12-05-2015 - 19:59
CVE-2013-2031 4.3
MediaWiki before 1.19.6 and 1.20.x before 1.20.5 allows remote attackers to conduct cross-site scripting (XSS) attacks, as demonstrated by a CDATA section containing valid UTF-7 encoded sequences in a SVG file, which is then incorrectly interpreted a
31-12-2016 - 02:59 18-11-2013 - 02:55
CVE-2015-1859 6.8
Multiple buffer overflows in plugins/imageformats/ico/qicohandler.cpp in the QtBase module in Qt before 4.8.7 and 5.x before 5.4.2 allow remote attackers to cause a denial of service (segmentation fault and crash) and possibly execute arbitrary code
31-12-2016 - 02:59 12-05-2015 - 19:59
CVE-2015-1804 8.5
The bdfReadCharacters function in bitmap/bdfread.c in X.Org libXfont before 1.4.9 and 1.5.x before 1.5.1 does not properly perform type conversion for metrics values, which allows remote authenticated users to cause a denial of service (out-of-bounds
31-12-2016 - 02:59 20-03-2015 - 14:59
CVE-2015-2206 5.0
libraries/select_lang.lib.php in phpMyAdmin 4.0.x before 4.0.10.9, 4.2.x before 4.2.13.2, and 4.3.x before 4.3.11.1 includes invalid language values in unknown-language error responses that contain a CSRF token and may be sent with HTTP compression,
28-12-2016 - 02:59 09-03-2015 - 17:59
CVE-2015-1868 7.8
The label decompression functionality in PowerDNS Recursor 3.5.x, 3.6.x before 3.6.3, and 3.7.x before 3.7.2 and Authoritative (Auth) Server 3.2.x, 3.3.x before 3.3.2, and 3.4.x before 3.4.4 allows remote attackers to cause a denial of service (CPU c
28-12-2016 - 02:59 18-05-2015 - 15:59
CVE-2016-7966 7.5
Through a malicious URL that contained a quote character it was possible to inject HTML code in KMail's plaintext viewer. Due to the parser used on the URL it was not possible to include the equal sign (=) or a space into the injected HTML, which gre
27-12-2016 - 18:42 23-12-2016 - 22:59
CVE-2015-6660 6.8
The Form API in Drupal 6.x before 6.37 and 7.x before 7.39 does not properly validate the form token, which allows remote attackers to conduct CSRF attacks that upload files in a different user's account via vectors related to "file upload value call
24-12-2016 - 02:59 24-08-2015 - 14:59
CVE-2015-6251 5.0
Double free vulnerability in GnuTLS before 3.3.17 and 3.4.x before 3.4.4 allows remote attackers to cause a denial of service via a long DistinguishedName (DN) entry in a certificate. <a href="http://cwe.mitre.org/data/definitions/415.html">CWE-415:
24-12-2016 - 02:59 24-08-2015 - 14:59
CVE-2015-6241 4.3
The proto_tree_add_bytes_item function in epan/proto.c in the protocol-tree implementation in Wireshark 1.12.x before 1.12.7 does not properly terminate a data structure after a failure to locate a number within a string, which allows remote attacker
24-12-2016 - 02:59 24-08-2015 - 23:59
CVE-2015-6665 4.3
Cross-site scripting (XSS) vulnerability in the Ajax handler in Drupal 7.x before 7.39 and the Ctools module 6.x-1.x before 6.x-1.14 for Drupal allows remote attackers to inject arbitrary web script or HTML via vectors involving a whitelisted HTML el
24-12-2016 - 02:59 24-08-2015 - 14:59
CVE-2015-6661 5.0
Drupal 6.x before 6.37 and 7.x before 7.39 allows remote attackers to obtain sensitive node titles by reading the menu.
24-12-2016 - 02:59 24-08-2015 - 14:59
CVE-2015-6242 4.3
The wmem_block_split_free_chunk function in epan/wmem/wmem_allocator_block.c in the wmem block allocator in the memory manager in Wireshark 1.12.x before 1.12.7 does not properly consider a certain case of multiple realloc operations that restore a m
24-12-2016 - 02:59 24-08-2015 - 23:59
CVE-2015-6659 7.5
SQL injection vulnerability in the SQL comment filtering system in the Database API in Drupal 7.x before 7.39 allows remote attackers to execute arbitrary SQL commands via an SQL comment.
24-12-2016 - 02:59 24-08-2015 - 14:59
CVE-2015-6658 4.3
Cross-site scripting (XSS) vulnerability in the Autocomplete system in Drupal 6.x before 6.37 and 7.x before 7.39 allows remote attackers to inject arbitrary web script or HTML via a crafted URL, related to uploading files.
24-12-2016 - 02:59 24-08-2015 - 14:59
CVE-2015-6247 4.3
The dissect_openflow_tablemod_v5 function in epan/dissectors/packet-openflow_v5.c in the OpenFlow dissector in Wireshark 1.12.x before 1.12.7 does not validate a certain offset value, which allows remote attackers to cause a denial of service (infini
24-12-2016 - 02:59 24-08-2015 - 23:59
CVE-2015-6249 4.3
The dissect_wccp2r1_address_table_info function in epan/dissectors/packet-wccp.c in the WCCP dissector in Wireshark 1.12.x before 1.12.7 does not prevent the conflicting use of a table for both IPv4 and IPv6 addresses, which allows remote attackers t
24-12-2016 - 02:59 24-08-2015 - 23:59
CVE-2015-3200 5.0
mod_auth in lighttpd before 1.4.36 allows remote attackers to inject arbitrary log entries via a basic HTTP authentication string without a colon character, as demonstrated by a string containing a NULL and new line character.
24-12-2016 - 02:59 09-06-2015 - 14:59
CVE-2015-5964 5.0
The (1) contrib.sessions.backends.base.SessionBase.flush and (2) cache_db.SessionStore.flush functions in Django 1.7.x before 1.7.10, 1.4.x before 1.4.22, and possibly other versions create empty sessions in certain circumstances, which allows remote
24-12-2016 - 02:59 24-08-2015 - 14:59
CVE-2015-4037 1.9
The slirp_smb function in net/slirp.c in QEMU 2.3.0 and earlier creates temporary files with predictable names, which allows local users to cause a denial of service (instantiation failure) by creating /tmp/qemu-smb.*-* files before the program.
24-12-2016 - 02:59 26-08-2015 - 19:59
CVE-2015-5161 6.8
The Zend_Xml_Security::scan in ZendXml before 1.0.1 and Zend Framework before 1.12.14, 2.x before 2.4.6, and 2.5.x before 2.5.2, when running under PHP-FPM in a threaded environment, allows remote attackers to bypass security checks and conduct XML e
24-12-2016 - 02:59 25-08-2015 - 17:59
CVE-2015-2775 7.6
Directory traversal vulnerability in GNU Mailman before 2.1.20, when not using a static alias, allows remote attackers to execute arbitrary files via a .. (dot dot) in a list name.
24-12-2016 - 02:59 13-04-2015 - 14:59
CVE-2015-6830 5.0
libraries/plugins/auth/AuthenticationCookie.class.php in phpMyAdmin 4.3.x before 4.3.13.2 and 4.4.x before 4.4.14.1 allows remote attackers to bypass a multiple-reCaptcha protection mechanism against brute-force credential guessing by providing a cor
22-12-2016 - 03:00 14-09-2015 - 01:59
CVE-2015-6506 4.3
Cross-site scripting (XSS) vulnerability in the cryptography interface in Request Tracker (RT) before 4.2.12 allows remote attackers to inject arbitrary web script or HTML via a crafted public key.
22-12-2016 - 03:00 03-09-2015 - 14:59
CVE-2015-6581 7.5
Double free vulnerability in the opj_j2k_copy_default_tcp_and_create_tcd function in j2k.c in OpenJPEG before r3002, as used in PDFium in Google Chrome before 45.0.2454.85, allows remote attackers to execute arbitrary code or cause a denial of servic
22-12-2016 - 03:00 03-09-2015 - 22:59
CVE-2015-5475 4.3
Multiple cross-site scripting (XSS) vulnerabilities in Request Tracker (RT) 4.x before 4.2.12 allow remote attackers to inject arbitrary web script or HTML via vectors related to the (1) user and (2) group rights management pages.
22-12-2016 - 03:00 14-08-2015 - 18:59
CVE-2013-6487 7.5
Integer overflow in libpurple/protocols/gg/lib/http.c in the Gadu-Gadu (gg) parser in Pidgin before 2.10.8 allows remote attackers to have an unspecified impact via a large Content-Length value, which triggers a buffer overflow.
22-12-2016 - 02:59 06-02-2014 - 17:00
CVE-2014-9275 7.5
UnRTF allows remote attackers to cause a denial of service (out-of-bounds memory access and crash) and possibly execute arbitrary code via a crafted RTF file.
22-12-2016 - 02:59 09-12-2014 - 23:59
CVE-2014-9274 7.5
UnRTF allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code as demonstrated by a file containing the string "{\cb-999999999".
22-12-2016 - 02:59 09-12-2014 - 23:59
CVE-2015-5198 7.2
libvdpau before 1.1.1, when used in a setuid or setgid application, allows local users to gain privileges via unspecified vectors, related to the VDPAU_DRIVER_PATH environment variable.
22-12-2016 - 02:59 08-09-2015 - 15:59
CVE-2013-4479 6.8
lib/sup/message_chunks.rb in Sup before 0.13.2.1 and 0.14.x before 0.14.1.1 allows remote attackers to execute arbitrary commands via shell metacharacters in the content_type of an email attachment.
22-12-2016 - 02:59 07-12-2013 - 20:55
CVE-2015-3308 7.5
Double free vulnerability in lib/x509/x509_ext.c in GnuTLS before 3.3.14 allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted CRL distribution point. <a href="http://cwe.mitre.org/data/definitio
22-12-2016 - 02:59 02-09-2015 - 14:59
CVE-2015-5199 7.2
Directory traversal vulnerability in dlopen in libvdpau before 1.1.1 allows local users to gain privileges via the VDPAU_DRIVER environment variable.
22-12-2016 - 02:59 08-09-2015 - 15:59
CVE-2015-4499 7.5
Util.pm in Bugzilla 2.x, 3.x, and 4.x before 4.2.15, 4.3.x and 4.4.x before 4.4.10, and 5.x before 5.0.1 mishandles long e-mail addresses during account registration, which allows remote attackers to obtain the default privileges for an arbitrary dom
22-12-2016 - 02:59 14-09-2015 - 01:59
CVE-2015-5200 6.3
The trace functionality in libvdpau before 1.1.1, when used in a setuid or setgid application, allows local users to write to arbitrary files via unspecified vectors.
22-12-2016 - 02:59 08-09-2015 - 15:59
CVE-2014-1575 7.5
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 33.0 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via vectors related to improper
22-12-2016 - 02:59 15-10-2014 - 10:55
CVE-2014-1584 4.3
The Public Key Pinning (PKP) implementation in Mozilla Firefox before 33.0 skips pinning checks upon an unspecified issuer-verification error, which makes it easier for remote attackers to bypass an intended pinning configuration and spoof a web site
22-12-2016 - 02:59 15-10-2014 - 10:55
CVE-2014-1582 4.3
The Public Key Pinning (PKP) implementation in Mozilla Firefox before 33.0 does not properly consider the connection-coalescing behavior of SPDY and HTTP/2 in the case of a shared IP address, which allows man-in-the-middle attackers to bypass an inte
22-12-2016 - 02:59 15-10-2014 - 10:55
CVE-2015-1802 8.5
The bdfReadProperties function in bitmap/bdfread.c in X.Org libXfont before 1.4.9 and 1.5.x before 1.5.1 allows remote authenticated users to cause a denial of service (out-of-bounds write and crash) or possibly execute arbitrary code via a (1) negat
22-12-2016 - 02:59 20-03-2015 - 14:59
CVE-2014-1580 5.0
Mozilla Firefox before 33.0 does not properly initialize memory for GIF images, which allows remote attackers to obtain sensitive information from process memory via a crafted web page that triggers a sequence of rendering operations for truncated GI
22-12-2016 - 02:59 15-10-2014 - 10:55
CVE-2015-0220 4.3
The django.util.http.is_safe_url function in Django before 1.4.18, 1.6.x before 1.6.10, and 1.7.x before 1.7.3 does not properly handle leading whitespaces, which allows remote attackers to conduct cross-site scripting (XSS) attacks via a crafted URL
22-12-2016 - 02:59 16-01-2015 - 16:59
CVE-2015-0222 5.0
ModelMultipleChoiceField in Django 1.6.x before 1.6.10 and 1.7.x before 1.7.3, when show_hidden_initial is set to True, allows remote attackers to cause a denial of service by submitting duplicate values, which triggers a large number of SQL queries.
22-12-2016 - 02:59 16-01-2015 - 16:59
CVE-2015-0221 5.0
The django.views.static.serve view in Django before 1.4.18, 1.6.x before 1.6.10, and 1.7.x before 1.7.3 reads files an entire line at a time, which allows remote attackers to cause a denial of service (memory consumption) via a long line in a file.
22-12-2016 - 02:59 16-01-2015 - 16:59
CVE-2015-0219 5.0
Django before 1.4.18, 1.6.x before 1.6.10, and 1.7.x before 1.7.3 allows remote attackers to spoof WSGI headers by using an _ (underscore) character instead of a - (dash) character in an HTTP header, as demonstrated by an X-Auth_User header.
22-12-2016 - 02:59 16-01-2015 - 16:59
CVE-2016-7952 5.0
X.org libXtst before 1.2.3 allows remote X servers to cause a denial of service (infinite loop) via a reply in the (1) XRecordStartOfData, (2) XRecordEndOfData, or (3) XRecordClientDied category without a client sequence and with attached data.
15-12-2016 - 02:44 13-12-2016 - 20:59
CVE-2015-6524 5.0
The LDAPLoginModule implementation in the Java Authentication and Authorization Service (JAAS) in Apache ActiveMQ 5.x before 5.10.1 allows wildcard operators in usernames, which allows remote attackers to obtain credentials via a brute force attack.
09-12-2016 - 14:29 24-08-2015 - 14:59
CVE-2015-6749 4.3
Buffer overflow in the aiff_open function in oggenc/audio.c in vorbis-tools 1.4.0 and earlier allows remote attackers to cause a denial of service (crash) via a crafted AIFF file.
08-12-2016 - 03:13 21-09-2015 - 19:59
CVE-2011-3581 6.8
Heap-based buffer overflow in the ldns_rr_new_frm_str_internal function in ldns before 1.6.11 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a Resource Record (RR) with an unknown type containing
08-12-2016 - 03:02 04-11-2011 - 21:55
CVE-2013-0249 7.5
Stack-based buffer overflow in the Curl_sasl_create_digest_md5_message function in lib/curl_sasl.c in curl and libcurl 7.26.0 through 7.28.1, when negotiating SASL DIGEST-MD5 authentication, allows remote attackers to cause a denial of service (crash
08-12-2016 - 03:02 08-03-2013 - 22:55
CVE-2010-4352 2.1
Stack consumption vulnerability in D-Bus (aka DBus) before 1.4.1 allows local users to cause a denial of service (daemon crash) via a message containing many nested variants.
08-12-2016 - 03:01 30-12-2010 - 19:00
CVE-2010-4410 4.3
CRLF injection vulnerability in the header function in (1) CGI.pm before 3.50 and (2) Simple.pm in CGI::Simple 1.112 and earlier allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via vectors related
08-12-2016 - 03:01 06-12-2010 - 20:13
CVE-2009-4901 2.1
The MSGFunctionDemarshall function in winscard_svc.c in the PC/SC Smart Card daemon (aka PCSCD) in MUSCLE PCSC-Lite before 1.5.4 might allow local users to cause a denial of service (daemon crash) via crafted SCARD_SET_ATTRIB message data, which is i
08-12-2016 - 03:01 18-06-2010 - 16:30
CVE-2010-2761 4.3
The multipart_init function in (1) CGI.pm before 3.50 and (2) Simple.pm in CGI::Simple 1.112 and earlier uses a hardcoded value of the MIME boundary string in multipart/x-mixed-replace content, which allows remote attackers to inject arbitrary HTTP h
08-12-2016 - 03:01 06-12-2010 - 20:12
CVE-2010-0407 6.8
Multiple buffer overflows in the MSGFunctionDemarshall function in winscard_svc.c in the PC/SC Smart Card daemon (aka PCSCD) in MUSCLE PCSC-Lite before 1.5.4 allow local users to gain privileges via crafted message data, which is improperly demarshal
08-12-2016 - 03:01 18-06-2010 - 16:30
CVE-2016-1900 4.3
CRLF injection vulnerability in the cgit_print_http_headers function in ui-shared.c in CGit before 0.12 allows remote attackers with permission to write to a repository to inject arbitrary HTTP headers and conduct HTTP response splitting attacks or c
07-12-2016 - 18:33 20-01-2016 - 16:59
CVE-2016-1901 7.5
Integer overflow in the authenticate_post function in CGit before 0.12 allows remote attackers to have unspecified impact via a large value in the Content-Length HTTP header, which triggers a buffer overflow.
07-12-2016 - 18:33 20-01-2016 - 16:59
CVE-2016-1899 4.3
CRLF injection vulnerability in the ui-blob handler in CGit before 0.12 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks or cross-site scripting (XSS) attacks via CRLF sequences in the mimetype para
07-12-2016 - 18:33 20-01-2016 - 16:59
CVE-2015-8688 5.8
Gajim before 0.16.5 allows remote attackers to modify the roster and intercept messages via a crafted roster-push IQ stanza.
07-12-2016 - 18:29 15-01-2016 - 19:59
CVE-2015-8373 7.1
The kea-dhcp4 and kea-dhcp6 servers 0.9.2 and 1.0.0-beta in ISC Kea, when certain debugging settings are used, allow remote attackers to cause a denial of service (daemon crash) via a malformed packet.
07-12-2016 - 18:27 22-12-2015 - 23:59
CVE-2015-8213 5.0
The get_format function in utils/formats.py in Django before 1.7.x before 1.7.11, 1.8.x before 1.8.7, and 1.9.x before 1.9rc2 might allow remote attackers to obtain sensitive application secrets via a settings key in place of a date/time format setti
07-12-2016 - 18:26 07-12-2015 - 20:59
CVE-2015-8125 7.5
Symfony 2.3.x before 2.3.35, 2.6.x before 2.6.12, and 2.7.x before 2.7.7 might allow remote attackers to have unspecified impact via a timing attack involving the (1) Symfony/Component/Security/Http/RememberMe/PersistentTokenBasedRememberMeServices o
07-12-2016 - 18:26 07-12-2015 - 20:59
CVE-2015-7873 5.0
The redirection feature in url.php in phpMyAdmin 4.4.x before 4.4.15.1 and 4.5.x before 4.5.1 allows remote attackers to spoof content via the url parameter.
07-12-2016 - 18:25 28-10-2015 - 10:59
CVE-2015-7337 6.8
The editor in IPython Notebook before 3.2.2 and Jupyter Notebook 4.0.x before 4.0.5 allows remote attackers to execute arbitrary JavaScript code via a crafted file, which triggers a redirect to files/, related to MIME types.
07-12-2016 - 18:23 29-09-2015 - 19:59
CVE-2015-6736 5.0
The Quiz extension for MediaWiki allows remote attackers to cause a denial of service via regex metacharacters in a regular expression.
07-12-2016 - 18:21 01-09-2015 - 14:59
CVE-2015-6732 4.3
Multiple cross-site scripting (XSS) vulnerabilities in the SemanticForms extension for MediaWiki allow remote attackers to inject arbitrary web script or HTML via the (1) wpSummary parameter to Special:FormEdit, the (2) "Template label (optional)" fi
07-12-2016 - 18:21 01-09-2015 - 14:59
CVE-2015-6735 5.0
The reset functionality in the TimedMediaHandler extension for MediaWiki does not create a new transcode, which allows remote attackers to cause a denial of service (transcode deletion) by resetting a transcode.
07-12-2016 - 18:21 01-09-2015 - 14:59
CVE-2015-6734 4.3
Cross-site scripting (XSS) vulnerability in contrib/cssgen.php in the GeSHi, as used in the SyntaxHighlight_GeSHi extension and MediaWiki before 1.23.10, 1.24.x before 1.24.3, and 1.25.x before 1.25.2, allows remote attackers to inject arbitrary web
07-12-2016 - 18:21 01-09-2015 - 14:59
CVE-2015-6731 4.3
Multiple cross-site scripting (XSS) vulnerabilities in the SemanticForms extension for MediaWiki allow remote attackers to inject arbitrary web script or HTML via a (1) section_*, (2) template_*, (3) label_*, or (4) new_template parameter to Special:
07-12-2016 - 18:21 01-09-2015 - 14:59
CVE-2015-6733 5.0
GeSHi, as used in the SyntaxHighlight_GeSHi extension and MediaWiki before 1.23.10, 1.24.x before 1.24.3, and 1.25.x before 1.25.2, allows remote attackers to cause a denial of service (resource consumption) via unspecified vectors.
07-12-2016 - 18:21 01-09-2015 - 14:59
CVE-2015-6728 7.5
The ApiBase::getWatchlistUser function in MediaWiki before 1.23.10, 1.24.x before 1.24.3, and 1.25.x before 1.25.2 does not perform token comparison in constant time, which allows remote attackers to guess the watchlist token and bypass CSRF protecti
07-12-2016 - 18:21 01-09-2015 - 14:59
CVE-2015-6737 4.3
Cross-site scripting (XSS) vulnerability in the Widgets extension for MediaWiki allows remote attackers to inject arbitrary web script or HTML via vectors involving base64 encoded content.
07-12-2016 - 18:21 01-09-2015 - 14:59
CVE-2015-6729 4.3
Cross-site scripting (XSS) vulnerability in thumb.php in MediaWiki before 1.23.10, 1.24.x before 1.24.3, and 1.25.x before 1.25.2 allows remote attackers to inject arbitrary web script or HTML via the rel404 parameter, which is not properly handled i
07-12-2016 - 18:21 01-09-2015 - 14:59
CVE-2015-6730 4.3
Cross-site scripting (XSS) vulnerability in thumb.php in MediaWiki before 1.23.10, 1.24.x before 1.24.3, and 1.25.x before 1.25.2 allows remote attackers to inject arbitrary web script or HTML via the f parameter, which is not properly handled in an
07-12-2016 - 18:21 01-09-2015 - 14:59
CVE-2015-5602 7.2
sudoedit in Sudo before 1.8.15 allows local users to gain privileges via a symlink attack on a file whose full path is defined using multiple wildcards in /etc/sudoers, as demonstrated by "/home/*/*/file.txt."
07-12-2016 - 18:17 17-11-2015 - 15:59
CVE-2015-5667 2.6
Cross-site scripting (XSS) vulnerability in the HTML-Scrubber module before 0.15 for Perl, when the comment feature is enabled, allows remote attackers to inject arbitrary web script or HTML via a crafted comment.
07-12-2016 - 18:17 31-10-2015 - 04:59
CVE-2015-5311 5.0
PowerDNS (aka pdns) Authoritative Server 3.4.4 before 3.4.7 allows remote attackers to cause a denial of service (assertion failure and server crash) via crafted query packets.
07-12-2016 - 18:16 17-11-2015 - 15:59
CVE-2015-5281 2.6
The grub2 package before 2.02-0.29 in Red Hat Enterprise Linux (RHEL) 7, when used on UEFI systems, allows local users to bypass intended Secure Boot restrictions and execute non-verified code via a crafted (1) multiboot or (2) multiboot2 module in t
07-12-2016 - 18:16 24-11-2015 - 20:59
CVE-2015-5301 5.5
providers/saml2/admin.py in the Identity Provider (IdP) server in Ipsilon 0.1.0 before 1.0.2 and 1.1.x before 1.1.1 does not properly check permissions, which allows remote authenticated users to cause a denial of service by deleting a SAML2 Service
07-12-2016 - 18:16 17-11-2015 - 15:59
CVE-2015-2924 3.3
The receive_ra function in rdisc/nm-lndp-rdisc.c in the Neighbor Discovery (ND) protocol implementation in the IPv6 stack in NetworkManager 1.x allows remote attackers to reconfigure a hop-limit setting via a small hop_limit value in a Router Adverti
07-12-2016 - 18:10 16-11-2015 - 21:59
CVE-2015-1463 5.0
ClamAV before 0.98.6 allows remote attackers to cause a denial of service (crash) via a crafted petite packer file, related to an "incorrect compiler optimization."
07-12-2016 - 18:09 03-02-2015 - 16:59
CVE-2015-1462 7.5
ClamAV before 0.98.6 allows remote attackers to have unspecified impact via a crafted upx packer file, related to a "heap out of bounds condition."
07-12-2016 - 18:09 03-02-2015 - 16:59
CVE-2015-1461 7.5
ClamAV before 0.98.6 allows remote attackers to have unspecified impact via a crafted (1) Yoda's crypter or (2) mew packer file, related to a "heap out of bounds condition."
07-12-2016 - 18:09 03-02-2015 - 16:59
CVE-2014-8651 7.2
The KDE Clock KCM policykit helper in kde-workspace before 4.11.14 and plasma-desktop before 5.1.1 allows local users to gain privileges via a crafted ntpUtility (ntp utility name) argument.
07-12-2016 - 03:01 06-12-2014 - 21:59
CVE-2012-2150 5.0
xfs_metadump in xfsprogs before 3.2.4 does not properly obfuscate file data, which allows remote attackers to obtain sensitive information by reading a generated image.
07-12-2016 - 03:00 25-08-2015 - 17:59
CVE-2016-1983 5.0
The client_host function in parsers.c in Privoxy before 3.0.24 allows remote attackers to cause a denial of service (invalid read and crash) via an empty HTTP Host header.
06-12-2016 - 03:07 27-01-2016 - 20:59
CVE-2016-1982 5.0
The remove_chunked_transfer_coding function in filters.c in Privoxy before 3.0.24 allows remote attackers to cause a denial of service (invalid read and crash) via crafted chunk-encoded content.
06-12-2016 - 03:07 27-01-2016 - 20:59
CVE-2016-1567 6.8
chrony before 1.31.2 and 2.x before 2.2.1 do not verify peer associations of symmetric keys when authenticating packets, which might allow remote attackers to conduct impersonation attacks via an arbitrary trusted key, aka a "skeleton key."
06-12-2016 - 03:07 26-01-2016 - 19:59
CVE-2016-1569 4.0
FireBird 2.5.5 allows remote authenticated users to cause a denial of service (daemon crash) by using service manager to invoke the gbak utility with an invalid parameter.
06-12-2016 - 03:07 13-01-2016 - 15:59
CVE-2016-0756 5.0
The generate_dialback function in the mod_dialback module in Prosody before 0.9.10 does not properly separate fields when generating dialback keys, which allows remote attackers to spoof XMPP network domains via a crafted stream id and domain name th
06-12-2016 - 03:05 29-01-2016 - 20:59
CVE-2016-0723 5.6
Race condition in the tty_ioctl function in drivers/tty/tty_io.c in the Linux kernel through 4.4.1 allows local users to obtain sensitive information from kernel memory or cause a denial of service (use-after-free and system crash) by making a TIOCGE
06-12-2016 - 03:05 08-02-2016 - 03:59
CVE-2015-8748 5.0
Radicale before 1.1 allows remote authenticated users to bypass owner_write and owner_only limitations via regex metacharacters in the user name, as demonstrated by ".*".
06-12-2016 - 03:04 03-02-2016 - 18:59
CVE-2015-8747 7.5
The multifilesystem storage backend in Radicale before 1.1 allows remote attackers to read or write to arbitrary files via a crafted component name.
06-12-2016 - 03:04 03-02-2016 - 18:59
CVE-2015-8476 5.0
Multiple CRLF injection vulnerabilities in PHPMailer before 5.2.14 allow attackers to inject arbitrary SMTP commands via CRLF sequences in an (1) email address to the validateAddress function in class.phpmailer.php or (2) SMTP command to the sendComm
06-12-2016 - 03:03 16-12-2015 - 21:59
CVE-2015-3439 4.3
Cross-site scripting (XSS) vulnerability in the Ephox (formerly Moxiecode) plupload.flash.swf shim 2.1.2 in Plupload, as used in WordPress 3.9.x, 4.0.x, and 4.1.x before 4.1.2 and other products, allows remote attackers to execute same-origin JavaScr
06-12-2016 - 03:01 05-08-2015 - 10:59
CVE-2015-3440 4.3
Cross-site scripting (XSS) vulnerability in wp-includes/wp-db.php in WordPress before 4.2.1 allows remote attackers to inject arbitrary web script or HTML via a long comment that is improperly stored because of limitations on the MySQL TEXT data type
06-12-2016 - 03:01 03-08-2015 - 14:59
CVE-2015-3438 4.3
Multiple cross-site scripting (XSS) vulnerabilities in WordPress before 4.1.2, when MySQL is used without strict mode, allow remote attackers to inject arbitrary web script or HTML via a (1) four-byte UTF-8 character or (2) invalid character that rea
06-12-2016 - 03:00 05-08-2015 - 01:59
CVE-2015-3436 6.6
provider/server/ECServer.cpp in Zarafa Collaboration Platform (ZCP) before 7.1.13 and 7.2.x before 7.2.1 allows local users to write to arbitrary files via a symlink attack on /tmp/zarafa-upgrade-lock.
06-12-2016 - 03:00 09-06-2015 - 14:59
CVE-2014-0350 6.4
The Poco::Net::X509Certificate::verify method in the NetSSL library in POCO C++ Libraries before 1.4.6p4 allows man-in-the-middle attackers to spoof SSL servers via crafted DNS PTR records that are requested during comparison of a server name to a wi
06-12-2016 - 02:59 26-04-2014 - 01:55
CVE-2016-3960 7.2
Integer overflow in the x86 shadow pagetable code in Xen allows local guest OS users to cause a denial of service (host crash) or possibly gain privileges by shadowing a superpage mapping. <a href="http://cwe.mitre.org/data/definitions/476.html">CWE-
03-12-2016 - 03:27 19-04-2016 - 14:59
CVE-2016-3144 3.5
Cross-site scripting (XSS) vulnerability in the Block Class module 7.x-2.x before 7.x-2.2 for Drupal allows remote authenticated users with the "Administer block classes" permission to inject arbitrary web script or HTML via a class name.
03-12-2016 - 03:26 15-04-2016 - 15:59
CVE-2016-3116 5.5
CRLF injection vulnerability in Dropbear SSH before 2016.72 allows remote authenticated users to bypass intended shell-command restrictions via crafted X11 forwarding data. <a href="https://cwe.mitre.org/data/definitions/93.html">CWE-93: Improper Neu
03-12-2016 - 03:26 22-03-2016 - 10:59
CVE-2016-3158 1.7
The xrstor function in arch/x86/xstate.c in Xen 4.x does not properly handle writes to the hardware FSW.ES bit when running on AMD64 processors, which allows local guest OS users to obtain sensitive register content information from another guest by
03-12-2016 - 03:26 13-04-2016 - 16:59
CVE-2016-2561 3.5
Multiple cross-site scripting (XSS) vulnerabilities in phpMyAdmin 4.4.x before 4.4.15.5 and 4.5.x before 4.5.5.1 allow remote authenticated users to inject arbitrary web script or HTML via (1) normalization.php or (2) js/normalization.js in the datab
03-12-2016 - 03:25 01-03-2016 - 11:59
CVE-2016-2560 4.3
Multiple cross-site scripting (XSS) vulnerabilities in phpMyAdmin 4.0.x before 4.0.10.15, 4.4.x before 4.4.15.5, and 4.5.x before 4.5.5.1 allow remote attackers to inject arbitrary web script or HTML via (1) a crafted Host HTTP header, related to lib
03-12-2016 - 03:25 01-03-2016 - 11:59
CVE-2016-2511 4.3
Cross-site scripting (XSS) vulnerability in WebSVN 2.3.3 and earlier allows remote attackers to inject arbitrary web script or HTML via the path parameter to log.php.
03-12-2016 - 03:25 07-04-2016 - 21:59
CVE-2016-2562 5.8
The checkHTTP function in libraries/Config.class.php in phpMyAdmin 4.5.x before 4.5.5.1 does not verify X.509 certificates from api.github.com SSL servers, which allows man-in-the-middle attackers to spoof these servers and obtain sensitive informati
03-12-2016 - 03:25 01-03-2016 - 11:59
CVE-2016-2559 3.5
Cross-site scripting (XSS) vulnerability in the format function in libraries/sql-parser/src/Utils/Error.php in the SQL parser in phpMyAdmin 4.5.x before 4.5.5.1 allows remote authenticated users to inject arbitrary web script or HTML via a crafted qu
03-12-2016 - 03:25 01-03-2016 - 11:59
CVE-2016-1621 10.0
libvpx in mediaserver in Android 4.x before 4.4.4, 5.x before 5.1.1 LMY49H, and 6.0 before 2016-03-01 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted media file, related to libwebm/mkvp
03-12-2016 - 03:21 12-03-2016 - 21:59
CVE-2015-5370 4.3
Samba 3.x and 4.x before 4.2.11, 4.3.x before 4.3.8, and 4.4.x before 4.4.2 does not properly implement the DCE-RPC layer, which allows remote attackers to perform protocol-downgrade attacks, cause a denial of service (application crash or CPU consum
03-12-2016 - 03:11 25-04-2016 - 00:59
CVE-2015-3234 4.3
The OpenID module in Drupal 6.x before 6.36 and 7.x before 7.38 allows remote attackers to log into other users' accounts by leveraging an OpenID identity from certain providers, as demonstrated by the Verisign, LiveJournal, and StackExchange provide
03-12-2016 - 03:09 22-06-2015 - 19:59
CVE-2015-3232 5.8
Open redirect vulnerability in the Field UI module in Drupal 7.x before 7.38 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the destinations parameter. <a href="http://cwe.mitre.org/data/def
03-12-2016 - 03:09 22-06-2015 - 19:59
CVE-2015-3233 5.8
Open redirect vulnerability in the Overlay module in Drupal 7.x before 7.38 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vectors. <a href="http://cwe.mitre.org/data/definitions/601.html
03-12-2016 - 03:09 22-06-2015 - 19:59
CVE-2015-3231 4.0
The Render cache system in Drupal 7.x before 7.38, when used to cache content by user role, allows remote authenticated users to obtain private content viewed by user 1 by reading the cache.
03-12-2016 - 03:09 22-06-2015 - 19:59
CVE-2015-3224 4.3
request.rb in Web Console before 2.1.3, as used with Ruby on Rails 3.x and 4.x, does not properly restrict the use of X-Forwarded-For headers in determining a client's IP address, which allows remote attackers to bypass the whitelisted_ips protection
03-12-2016 - 03:08 26-07-2015 - 22:59
CVE-2015-3010 2.1
ceph-deploy before 1.5.23 uses weak permissions (644) for ceph/ceph.client.admin.keyring, which allows local users to obtain sensitive information by reading the file.
03-12-2016 - 03:07 16-06-2015 - 16:59
CVE-2015-2779 5.0
Stack consumption vulnerability in the message splitting functionality in Quassel before 0.12-rc1 allows remote attackers to cause a denial of service (uncontrolled recursion) via a crafted massage.
03-12-2016 - 03:06 10-04-2015 - 15:00
CVE-2015-2704 5.0
realmd allows remote attackers to inject arbitrary configurations in to sssd.conf and smb.conf via a newline character in an LDAP response.
03-12-2016 - 03:05 18-05-2015 - 15:59
CVE-2014-9093 7.5
LibreOffice before 4.3.5 allows remote attackers to cause a denial of service (invalid write operation and crash) and possibly execute arbitrary code via a crafted RTF file.
03-12-2016 - 03:02 26-11-2014 - 15:59
CVE-2014-2972 4.6
expand.c in Exim before 4.83 expands mathematical comparisons twice, which allows local users to gain privileges and execute arbitrary commands via a crafted lookup value.
03-12-2016 - 03:01 04-09-2014 - 17:55
CVE-2012-2091 9.3
Multiple buffer overflows in FlightGear 2.6 and earlier and SimGear 2.6 and earlier allow user-assisted remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a (1) long string in a rotor tag of an aircraft xml
03-12-2016 - 02:59 17-06-2012 - 03:41
CVE-2015-8466 5.8
Swift3 before 1.9 allows remote attackers to conduct replay attacks via an Authorization request that lacks a Date header.
01-12-2016 - 03:01 13-01-2016 - 15:59
CVE-2016-1927 5.0
The suggestPassword function in js/functions.js in phpMyAdmin 4.0.x before 4.0.10.13, 4.4.x before 4.4.15.3, and 4.5.x before 4.5.4 relies on the Math.random JavaScript function, which makes it easier for remote attackers to guess passwords via a bru
28-11-2016 - 20:02 20-02-2016 - 01:59
CVE-2015-5723 7.2
Doctrine Annotations before 1.2.7, Cache before 1.3.2 and 1.4.x before 1.4.2, Common before 2.4.3 and 2.5.x before 2.5.1, ORM before 2.4.8 or 2.5.x before 2.5.1, MongoDB ODM before 1.0.2, and MongoDB ODM Bundle before 3.0.1 use world-writable permiss
28-11-2016 - 19:35 07-06-2016 - 14:06
CVE-2014-1572 5.0
The confirm_create_account function in the account-creation feature in token.cgi in Bugzilla 2.x through 4.0.x before 4.0.15, 4.1.x and 4.2.x before 4.2.11, 4.3.x and 4.4.x before 4.4.6, and 4.5.x before 4.5.6 does not specify a scalar context for th
28-11-2016 - 19:10 13-10-2014 - 01:55
CVE-2014-1573 4.3
Bugzilla 2.x through 4.0.x before 4.0.15, 4.1.x and 4.2.x before 4.2.11, 4.3.x and 4.4.x before 4.4.6, and 4.5.x before 4.5.6 does not ensure that a scalar context is used for certain CGI parameters, which allows remote attackers to conduct cross-sit
28-11-2016 - 19:10 13-10-2014 - 01:55
CVE-2013-1981 6.8
Multiple integer overflows in X.org libX11 1.5.99.901 (1.6 RC1) and earlier allow X servers to trigger allocation of insufficient memory and a buffer overflow via vectors related to the (1) XQueryFont, (2) _XF86BigfontQueryFont, (3) XListFontsWithInf
28-11-2016 - 19:08 15-06-2013 - 19:55
CVE-2012-2653 10.0
arpwatch 2.1a15, as used by Red Hat, Debian, Fedora, and possibly others, does not properly drop supplementary groups, which might allow attackers to gain root privileges by leveraging other vulnerabilities in the daemon.
28-11-2016 - 19:08 12-07-2012 - 20:55
CVE-2010-4651 5.8
Directory traversal vulnerability in util.c in GNU patch 2.6.1 and earlier allows user-assisted remote attackers to create or overwrite arbitrary files via a filename that is specified with a .. (dot dot) or full pathname, a related issue to CVE-2010
28-11-2016 - 19:07 11-03-2011 - 22:55
CVE-2014-1527 5.0
Mozilla Firefox before 29.0 on Android allows remote attackers to spoof the address bar via crafted JavaScript code that uses DOM events to prevent the reemergence of the actual address bar after scrolling has taken it off of the screen.
17-11-2016 - 12:33 30-04-2014 - 10:49
CVE-2015-0856 4.6
daemon/Greeter.cpp in sddm before 0.13.0 does not properly disable the KDE crash handler, which allows local users to gain privileges by crashing a greeter when using certain themes, as demonstrated by the plasma-workspace breeze theme.
17-11-2016 - 12:31 24-11-2015 - 20:59
CVE-2012-2738 4.0
The VteTerminal in gnome-terminal (vte) before 0.32.2 allows remote authenticated users to cause a denial of service (long loop and CPU consumption) via an escape sequence with a large repeat count value.
26-10-2016 - 01:59 22-07-2012 - 16:55
CVE-2013-2032 5.0
MediaWiki before 1.19.6 and 1.20.x before 1.20.5 does not allow extensions to prevent password changes without using both Special:PasswordReset and Special:ChangePassword, which allows remote attackers to bypass the intended restrictions of an extens
18-10-2016 - 15:11 18-11-2013 - 02:55
CVE-2013-6630 5.0
The get_dht function in jdmarker.c in libjpeg-turbo through 1.3.0, as used in Google Chrome before 31.0.1650.48 and other products, does not set all elements of a certain Huffman value array during the reading of segments that follow Define Huffman T
04-10-2016 - 01:59 19-11-2013 - 04:50
CVE-2007-6720 4.3
libmikmod 3.1.9 through 3.2.0, as used by MikMod, SDL-mixer, and possibly other products, relies on the channel count of the last loaded song, rather than the currently playing song, for certain playback calculations, which allows user-assisted attac
04-10-2016 - 01:59 20-01-2009 - 16:30
CVE-2012-2673 5.0
Multiple integer overflows in the (1) GC_generic_malloc and (2) calloc functions in malloc.c, and the (3) GC_generic_malloc_ignore_off_page function in mallocx.c in Boehm-Demers-Weiser GC (libgc) before 7.2 make it easier for context-dependent attack
29-09-2016 - 01:59 25-07-2012 - 19:55
CVE-2013-1944 5.0
The tailMatch function in cookie.c in cURL and libcurl before 7.30.0 does not properly match the path domain when sending cookies, which allows remote attackers to steal cookies via a matching suffix in the domain of a URL. Per http://www.ubuntu.com/
09-09-2016 - 01:59 29-04-2013 - 22:55
CVE-2014-9472 7.1
The email gateway in RT (aka Request Tracker) 3.0.0 through 4.x before 4.0.23 and 4.2.x before 4.2.10 allows remote attackers to cause a denial of service (CPU and disk consumption) via a crafted email.
23-08-2016 - 17:45 09-03-2015 - 14:59
CVE-2015-1051 5.8
Open redirect vulnerability in the Context UI module in the Context module 7.x-3.x before 7.x-3.6 for Drupal allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the destination parameter. <a href
23-08-2016 - 17:28 15-01-2015 - 15:59
CVE-2011-4619 5.0
The Server Gated Cryptography (SGC) implementation in OpenSSL before 0.9.8s and 1.x before 1.0.0f does not properly handle handshake restarts, which allows remote attackers to cause a denial of service (CPU consumption) via unspecified vectors.
23-08-2016 - 02:04 06-01-2012 - 01:55
CVE-2011-4576 5.0
The SSL 3.0 implementation in OpenSSL before 0.9.8s and 1.x before 1.0.0f does not properly initialize data structures for block cipher padding, which might allow remote attackers to obtain sensitive information by decrypting the padding data sent by
23-08-2016 - 02:04 06-01-2012 - 01:55
CVE-2011-4108 4.3
The DTLS implementation in OpenSSL before 0.9.8s and 1.x before 1.0.0f performs a MAC check only if certain padding is valid, which makes it easier for remote attackers to recover plaintext via a padding oracle attack.
23-08-2016 - 02:04 06-01-2012 - 01:55
CVE-2010-3710 4.3
Stack consumption vulnerability in the filter_var function in PHP 5.2.x through 5.2.14 and 5.3.x through 5.3.3, when FILTER_VALIDATE_EMAIL mode is used, allows remote attackers to cause a denial of service (memory consumption and application crash) v
23-08-2016 - 02:02 25-10-2010 - 20:01
CVE-2016-2044 5.0
libraries/sql-parser/autoload.php in the SQL parser in phpMyAdmin 4.5.x before 4.5.4 allows remote attackers to obtain sensitive information via a crafted request, which reveals the full path in an error message.
17-08-2016 - 19:37 20-02-2016 - 01:59
CVE-2016-2045 3.5
Cross-site scripting (XSS) vulnerability in the SQL editor in phpMyAdmin 4.5.x before 4.5.4 allows remote authenticated users to inject arbitrary web script or HTML via a SQL query that triggers JSON data in a response.
02-08-2016 - 18:42 20-02-2016 - 01:59
CVE-2015-0844 5.0
The WML/Lua API in Battle for Wesnoth 1.7.x through 1.11.x and 1.12.x before 1.12.2 allows remote attackers to read arbitrary files via a crafted (1) campaign or (2) map file.
28-06-2016 - 18:21 14-04-2015 - 18:59
CVE-2011-1944 9.3
Integer overflow in xpath.c in libxml2 2.6.x through 2.6.32 and 2.7.x through 2.7.8, and libxml 1.8.16 and earlier, allows context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted XML file tha
17-06-2016 - 01:59 02-09-2011 - 16:55
CVE-2016-4021 7.8
The read_binary function in buffer.c in pgpdump before 0.30 allows context-dependent attackers to cause a denial of service (infinite loop and CPU consumption) via crafted input, as demonstrated by the \xa3\x03 string.
15-06-2016 - 18:45 26-05-2016 - 14:59
CVE-2016-1231 4.3
Directory traversal vulnerability in the HTTP file-serving module (mod_http_files) in Prosody 0.9.x before 0.9.9 allows remote attackers to read arbitrary files via a .. (dot dot) in an unspecified path.
15-06-2016 - 16:48 12-01-2016 - 20:59
CVE-2007-4629 7.5
Buffer overflow in the processLine function in maptemplate.c in MapServer before 4.10.3 allows attackers to cause a denial of service and possibly execute arbitrary code via a mapfile with a long layer name, group name, or metadata entry name.
15-06-2016 - 16:28 31-08-2007 - 01:17
CVE-2015-7827 5.0
Botan before 1.10.13 and 1.11.x before 1.11.22 make it easier for remote attackers to conduct million-message attacks by measuring time differences, related to decoding of PKCS#1 padding.
09-06-2016 - 18:00 13-05-2016 - 14:59
CVE-2016-1232 5.0
The mod_dialback module in Prosody before 0.9.9 does not properly generate random values for the secret token for server-to-server dialback authentication, which makes it easier for attackers to spoof servers via a brute force attack. <a href="https:
09-06-2016 - 11:39 12-01-2016 - 20:59
CVE-2014-1610 6.0
MediaWiki 1.22.x before 1.22.2, 1.21.x before 1.21.5, and 1.19.x before 1.19.11, when DjVu or PDF file upload support is enabled, allows remote attackers to execute arbitrary commands via shell metacharacters in (1) the page parameter to includes/med
25-05-2016 - 15:01 30-01-2014 - 23:55
CVE-2015-8106 9.3
Format string vulnerability in the CmdKeywords function in funct1.c in latex2rtf before 2.3.10 allows remote attackers to execute arbitrary code via format string specifiers in the \keywords command in a crafted TeX file.
18-05-2016 - 21:45 18-04-2016 - 14:59
CVE-2016-2146 5.0
The am_read_post_data function in mod_auth_mellon before 0.11.1 does not limit the amount of data read, which allows remote attackers to cause a denial of service (worker process crash, web server deadlock, or memory consumption) via a large amount o
25-04-2016 - 13:58 15-04-2016 - 14:59
CVE-2016-2145 5.0
The am_read_post_data function in mod_auth_mellon before 0.11.1 does not check if the ap_get_client_block function returns an error, which allows remote attackers to cause a denial of service (segmentation fault and process crash) via a crafted POST
25-04-2016 - 13:54 15-04-2016 - 14:59
CVE-2015-3146 5.0
The (1) SSH_MSG_NEWKEYS and (2) SSH_MSG_KEXDH_REPLY packet handlers in package_cb.c in libssh before 0.6.5 do not properly validate state, which allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via a crafted S
20-04-2016 - 15:07 13-04-2016 - 17:59
CVE-2014-9465 5.0
senddocument.php in Zarafa WebApp before 2.0 beta 3 and WebAccess in Zarafa Collaboration Platform (ZCP) 7.x before 7.1.12 beta 1 and 7.2.x before 7.2.0 beta 1 allows remote attackers to cause a denial of service (/tmp disk consumption) by uploading
07-04-2016 - 21:09 19-02-2015 - 15:59
CVE-2014-1571 4.0
Bugzilla 2.x through 4.0.x before 4.0.15, 4.1.x and 4.2.x before 4.2.11, 4.3.x and 4.4.x before 4.4.6, and 4.5.x before 4.5.6 allows remote authenticated users to obtain sensitive private-comment information by leveraging a role as a flag recipient,
07-04-2016 - 20:57 13-10-2014 - 01:55
CVE-2014-1517 4.0
The login form in Bugzilla 2.x, 3.x, 4.x before 4.4.3, and 4.5.x before 4.5.3 does not properly handle a correctly authenticated but unintended login attempt, which makes it easier for remote authenticated users to obtain sensitive information by arr
04-04-2016 - 17:41 20-04-2014 - 01:55
CVE-2010-0213 2.6
BIND 9.7.1 and 9.7.1-P1, when a recursive validating server has a trust anchor that is configured statically or via DNSSEC Lookaside Validation (DLV), allows remote attackers to cause a denial of service (infinite loop) via a query for an RRSIG recor
04-04-2016 - 15:50 28-07-2010 - 12:48
CVE-2010-3615 5.0
named in ISC BIND 9.7.2-P2 does not check all intended locations for allow-query ACLs, which might allow remote attackers to make successful requests for private DNS records via the standard DNS query mechanism. Per: http://www.isc.org/announcement/g
04-04-2016 - 15:45 06-12-2010 - 13:44
CVE-2015-8400 4.3
The HTTPS fallback implementation in Shell In A Box (aka shellinabox) before 2.19 makes it easier for remote attackers to conduct DNS rebinding attacks via the "/plain" URL.
20-01-2016 - 14:15 12-01-2016 - 19:59
CVE-2015-6566 7.2
zarafa-autorespond in Zarafa Collaboration Platform (ZCP) before 7.2.1 allows local users to gain privileges via a symlink attack on /tmp/zarafa-vacation-*.
13-01-2016 - 13:02 11-01-2016 - 15:59
CVE-2012-4437 4.3
Cross-site scripting (XSS) vulnerability in the SmartyException class in Smarty (aka smarty-php) before 3.1.12 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors that trigger a Smarty exception.
16-11-2015 - 19:39 01-10-2012 - 03:26
CVE-2014-0103 2.1
WebAccess in Zarafa before 7.1.10 and WebApp before 1.6 stores credentials in cleartext, which allows local Apache users to obtain sensitive information by reading the PHP session files.
04-11-2015 - 17:35 29-07-2014 - 14:55
CVE-2015-1165 5.0
RT (aka Request Tracker) 3.8.8 through 4.x before 4.0.23 and 4.2.x before 4.2.10 allows remote attackers to obtain sensitive RSS feed URLs and ticket data via unspecified vectors.
28-10-2015 - 02:16 09-03-2015 - 14:59
CVE-2015-1464 6.4
RT (aka Request Tracker) before 4.0.23 and 4.2.x before 4.2.10 allows remote attackers to hijack sessions via an RSS feed URL.
28-10-2015 - 02:15 09-03-2015 - 14:59
CVE-2013-2021 4.3
pdf.c in ClamAV 0.97.1 through 0.97.7 allows remote attackers to cause a denial of service (out-of-bounds-read) via a crafted length value in an encrypted PDF file. Per http://www.ubuntu.com/usn/USN-1816-1/ "A security issue affects these releases of
28-09-2015 - 16:33 13-05-2013 - 23:55
CVE-2013-2020 5.0
Integer underflow in the cli_scanpe function in pe.c in ClamAV before 0.97.8 allows remote attackers to cause a denial of service (crash) via a skewed offset larger than the size of the PE section in a UPX packed executable, which triggers an out-of-
28-09-2015 - 16:31 13-05-2013 - 23:55
CVE-2013-4442 5.0
Password Generator (aka Pwgen) before 2.07 uses weak pseudo generated numbers when /dev/urandom is unavailable, which makes it easier for context-dependent attackers to guess the numbers.
10-09-2015 - 15:27 19-12-2014 - 15:59
CVE-2013-4440 5.0
Password Generator (aka Pwgen) before 2.07 generates weak non-tty passwords, which makes it easier for context-dependent attackers to guess the password via a brute-force attack.
10-09-2015 - 15:26 19-12-2014 - 15:59
CVE-2013-2130 4.0
ZNC 1.0 allows remote authenticated users to cause a denial of service (NULL pointer reference and crash) via a crafted request to the (1) editnetwork, (2) editchan, (3) addchan, or (4) delchan page in modules/webadmin.cpp. Per: http://cwe.mitre.org/
10-09-2015 - 15:24 05-06-2014 - 20:55
CVE-2014-8488 4.3
Cross-site scripting (XSS) vulnerability in the administrator panel in Yourls 1.7 allows remote attackers to inject arbitrary web script or HTML via a URL that is processed by the Shorten functionality.
03-09-2015 - 14:57 10-12-2014 - 01:59
CVE-2011-2687 7.5
Drupal 7.x before 7.3 allows remote attackers to bypass intended node_access restrictions via vectors related to a listing that shows nodes but lacks a JOIN clause for the node table.
03-09-2015 - 14:21 27-07-2011 - 02:55
CVE-2015-6727 5.0
The Special:DeletedContributions page in MediaWiki before 1.23.10, 1.24.x before 1.24.3, and 1.25.x before 1.25.2 allows remote attackers to determine if an IP is autoblocked via the "Change block" text.
02-09-2015 - 17:19 01-09-2015 - 14:59
CVE-2013-7444 5.0
The Special:Contributions page in MediaWiki before 1.22.0 allows remote attackers to determine if an IP is autoblocked via the "Change block" text.
02-09-2015 - 16:30 01-09-2015 - 14:59
CVE-2014-9050 5.0
Heap-based buffer overflow in the cli_scanpe function in libclamav/pe.c in ClamAV before 0.98.5 allows remote attackers to cause a denial of service (crash) via a crafted y0da Crypter PE file.
30-04-2015 - 02:01 01-12-2014 - 15:59
CVE-2014-9258 6.5
SQL injection vulnerability in ajax/getDropdownValue.php in GLPI before 0.85.1 allows remote authenticated users to execute arbitrary SQL commands via the condition parameter.
18-04-2015 - 01:59 19-12-2014 - 15:59
CVE-2014-9447 6.4
Directory traversal vulnerability in the read_long_names function in libelf/elf_begin.c in elfutils 0.152 and 0.161 allows remote attackers to write to arbitrary files to the root directory via a / (slash) in a crafted archive, as demonstrated using
18-04-2015 - 01:59 02-01-2015 - 20:59
CVE-2014-9706 7.5
The build_index_from_tree function in index.py in Dulwich before 0.9.9 allows remote attackers to execute arbitrary code via a commit with a directory path starting with .git/, which is not properly handled when checking out a working tree.
15-04-2015 - 02:02 31-03-2015 - 14:59
CVE-2014-1832 2.1
Phusion Passenger 4.0.37 allows local users to write to certain files and directories via a symlink attack on (1) control_process.pid or a (2) generation-* file. NOTE: this vulnerability exists because of an incomplete fix for CVE-2014-1831. <a href
20-02-2015 - 23:58 19-02-2015 - 15:59
CVE-2014-1831 2.1
Phusion Passenger before 4.0.37 allows local users to write to certain files and directories via a symlink attack on (1) control_process.pid or a (2) generation-* file. <a href="http://cwe.mitre.org/data/definitions/61.html">CWE-61: UNIX Symbolic Lin
20-02-2015 - 23:56 19-02-2015 - 15:59
CVE-2014-7850 4.3
Cross-site scripting (XSS) vulnerability in the Web UI in FreeIPA 4.x before 4.1.2 allows remote attackers to inject arbitrary web script or HTML via vectors related to breadcrumb navigation.
17-02-2015 - 14:36 28-11-2014 - 15:59
CVE-2010-2055 7.2
Ghostscript 8.71 and earlier reads initialization files from the current working directory, which allows local users to execute arbitrary PostScript commands via a Trojan horse file, related to improper support for the -P- option to the gs program, a
09-01-2015 - 23:44 22-07-2010 - 05:43
CVE-2014-6407 7.5
Docker before 1.3.2 allows remote attackers to write to arbitrary files and execute arbitrary code via a (1) symlink or (2) hard link attack in an image archive in a (a) pull or (b) load operation.
15-12-2014 - 19:36 12-12-2014 - 15:59
CVE-2014-6408 5.0
Docker 1.3.0 through 1.3.1 allows remote attackers to modify the default run profile of image containers and possibly bypass the container by applying unspecified security options to an image.
15-12-2014 - 19:36 12-12-2014 - 15:59
CVE-2014-9351 6.4
engine/server/server.cpp in Teeworlds 0.6.x before 0.6.3 allows remote attackers to read memory and cause a denial of service (crash) via unspecified vectors.
10-12-2014 - 16:56 09-12-2014 - 23:59
CVE-2013-6494 2.1
fedup 0.9.0 in Fedora 19, 20, and 21 uses a temporary directory with a static name for its download cache, which allows local users to cause a denial of service (prevention of system updates).
02-12-2014 - 13:25 02-12-2014 - 01:59
CVE-2014-4909 6.8
Integer overflow in the tr_bitfieldEnsureNthBitAlloced function in bitfield.c in Transmission before 2.84 allows remote attackers to cause a denial of service and possibly execute arbitrary code via a crafted peer message, which triggers an out-of-bo
14-11-2014 - 03:06 29-07-2014 - 14:55
CVE-2011-2713 4.3
oowriter in OpenOffice.org 3.3.0 and LibreOffice before 3.4.3 allows user-assisted remote attackers to cause a denial of service (crash) via a crafted DOC file that triggers an out-of-bounds read in the DOC sprm parser.
24-10-2014 - 06:19 21-10-2011 - 18:55
CVE-2010-3860 5.0
IcedTea 1.7.x before 1.7.6, 1.8.x before 1.8.3, and 1.9.x before 1.9.2, as based on OpenJDK 6, declares multiple sensitive variables as public, which allows remote attackers to obtain sensitive information including (1) user.name, (2) user.home, and
04-10-2014 - 04:29 08-12-2010 - 20:00
CVE-2012-5619 2.1
The Sleuth Kit (TSK) 4.0.1 does not properly handle "." (dotfile) file system entries in FAT file systems and other file systems for which . is not a reserved name, which allows local users to hide activities it more difficult to conduct forensics ac
30-09-2014 - 17:47 29-09-2014 - 22:55
CVE-2014-5269 5.0
Plack::App::File in Plack before 1.0031 removes trailing slash characters from paths, which allows remote attackers to bypass the whitelist of generated files and obtain sensitive information via a crafted path, related to Plack::Middleware::Static.
08-09-2014 - 14:47 04-09-2014 - 17:55
CVE-2014-2707 8.3
cups-browsed in cups-filters 1.0.41 before 1.0.51 allows remote IPP printers to execute arbitrary commands via shell metacharacters in the (1) model or (2) PDL, related to "System V interface scripts generated for queues."
26-06-2014 - 04:49 17-04-2014 - 14:55
CVE-2012-5572 5.0
CRLF injection vulnerability in the cookie method (lib/Dancer/Cookie.pm) in Dancer before 1.3114 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via a cookie name, a different vulnerability than CV
24-06-2014 - 17:07 30-05-2014 - 14:55
CVE-2012-5560 2.1
The default configuration in mate-settings-daemon 1.5.3 allows local users to change the timezone for the system via a crafted D-Bus call.
24-06-2014 - 16:27 30-05-2014 - 14:55
CVE-2012-3522 4.3
Cross-site scripting (XSS) vulnerability in contrib/langwiz.php in GeSHi before 1.0.8.11 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
13-06-2014 - 15:48 13-06-2014 - 14:55
CVE-2012-3521 5.0
Multiple directory traversal vulnerabilities in the cssgen contrib module in GeSHi before 1.0.8.11 allow remote attackers to read arbitrary files via a .. (dot dot) in the (1) geshi-path or (2) geshi-lang-path parameter.
13-06-2014 - 15:31 13-06-2014 - 14:55
CVE-2013-7386 5.0
Format string vulnerability in the PROJECT::write_account_file function in client/cs_account.cpp in BOINC, possibly 7.2.33, allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via format string specifiers i
03-06-2014 - 14:56 02-06-2014 - 15:55
CVE-2012-5649 6.8
Apache CouchDB before 1.0.4, 1.1.x before 1.1.2, and 1.2.x before 1.2.1 allows remote attackers to execute arbitrary code via a JSONP callback, related to Adobe Flash.
30-05-2014 - 00:16 23-05-2014 - 14:55
CVE-2011-3598 4.3
Multiple cross-site scripting (XSS) vulnerabilities in phpPgAdmin before 5.0.3 allow remote attackers to inject arbitrary web script or HTML via (1) a web page title, related to classes/Misc.php; or the (2) return_url or (3) return_desc parameter to
16-05-2014 - 03:56 08-10-2011 - 02:52
CVE-2013-5572 3.5
Zabbix 2.0.5 allows remote authenticated users to discover the LDAP bind password by leveraging management-console access and reading the ldap_bind_password value in the HTML source code.
10-05-2014 - 03:58 01-10-2013 - 03:48
CVE-2012-0219 6.2
Heap-based buffer overflow in the xioscan_readline function in xio-readline.c in socat 1.4.0.0 through 1.7.2.0 and 2.0.0-b1 through 2.0.0-b4 allows local users to execute arbitrary code via the READLINE address.
10-05-2014 - 03:39 21-06-2012 - 15:55
CVE-2014-1685 5.5
The Frontend in Zabbix before 1.8.20rc2, 2.0.x before 2.0.11rc2, and 2.2.x before 2.2.2rc1 allows remote "Zabbix Admin" users to modify the media of arbitrary users via unspecified vectors.
09-05-2014 - 16:46 08-05-2014 - 14:29
CVE-2014-1682 4.0
The API in Zabbix before 1.8.20rc1, 2.0.x before 2.0.11rc1, and 2.2.x before 2.2.2rc1 allows remote authenticated users to spoof arbitrary users via the user name in a user.login request.
09-05-2014 - 16:41 08-05-2014 - 14:29
CVE-2010-5109 4.3
Off-by-one error in the DecompressRTF function in ytnef.c in Yerase's TNEF Stream Reader allows remote attackers to cause a denial of service (crash) via a crafted TNEF file, which triggers a buffer overflow.
05-05-2014 - 17:19 05-05-2014 - 17:06
CVE-2013-2006 2.1
OpenStack Identity (Keystone) Grizzly 2013.1.1, when DEBUG mode logging is enabled, logs the (1) admin_token and (2) LDAP password in plaintext, which allows local users to obtain sensitive by reading the log file.
05-05-2014 - 05:21 21-05-2013 - 18:55
CVE-2013-2030 2.1
keystone/middleware/auth_token.py in OpenStack Nova Folsom, Grizzly, and Havana uses an insecure temporary directory for storing signing certificates, which allows local users to spoof servers by pre-creating this directory, which is reused by Nova,
05-05-2014 - 05:21 27-12-2013 - 01:55
CVE-2014-2289 3.5
res/res_pjsip_exten_state.c in the PJSIP channel driver in Asterisk Open Source 12.x before 12.1.0 allows remote authenticated users to cause a denial of service (crash) via a SUBSCRIBE request without any Accept headers, which triggers an invalid po
21-04-2014 - 17:50 18-04-2014 - 22:14
CVE-2014-2288 4.3
The PJSIP channel driver in Asterisk Open Source 12.x before 12.1.1, when qualify_frequency "is enabled on an AOR and the remote SIP server challenges for authentication of the resulting OPTIONS request," allows remote attackers to cause a denial of
21-04-2014 - 17:50 18-04-2014 - 22:14
CVE-2014-2287 3.5
channels/chan_sip.c in Asterisk Open Source 1.8.x before 1.8.26.1, 11.8.x before 11.8.1, and 12.1.x before 12.1.1, and Certified Asterisk 1.8.15 before 1.8.15-cert5 and 11.6 before 11.6-cert2, when chan_sip has a certain configuration, allows remote
21-04-2014 - 17:37 18-04-2014 - 22:14
CVE-2014-2286 7.5
main/http.c in Asterisk Open Source 1.8.x before 1.8.26.1, 11.8.x before 11.8.1, and 12.1.x before 12.1.1, and Certified Asterisk 1.8.x before 1.8.15-cert5 and 11.6 before 11.6-cert2, allows remote attackers to cause a denial of service (stack consum
21-04-2014 - 17:20 18-04-2014 - 22:14
CVE-2013-1918 4.7
Certain page table manipulation operations in Xen 4.1.x, 4.2.x, and earlier are not preemptible, which allows local PV kernels to cause a denial of service via vectors related to "deep page table traversal."
19-04-2014 - 04:34 13-05-2013 - 23:55
CVE-2013-1919 4.7
Xen 4.2.x and 4.1.x does not properly restrict access to IRQs, which allows local stub domain clients to gain access to IRQs and cause a denial of service via vectors related to "passed-through IRQs or PCI devices."
19-04-2014 - 04:34 13-05-2013 - 23:55
CVE-2013-1917 1.9
Xen 3.1 through 4.x, when running 64-bit hosts on Intel CPUs, does not clear the NT flag when using an IRET after a SYSENTER instruction, which allows PV guest users to cause a denial of service (hypervisor crash) by triggering a #GP fault, which is
19-04-2014 - 04:34 13-05-2013 - 23:55
CVE-2014-0036 6.8
The rbovirt gem before 0.0.24 for Ruby uses the rest-client gem with SSL verification disabled, which allows remote attackers to conduct man-in-the-middle attacks via unspecified vectors.
18-04-2014 - 13:48 17-04-2014 - 14:55
CVE-2012-2095 6.9
The SetWiredProperty function in the D-Bus interface in WICD before 1.7.2 allows local users to write arbitrary configuration settings and gain privileges via a crafted property name in a dbus message.
08-04-2014 - 14:52 07-04-2014 - 15:55
CVE-2011-4577 4.3
OpenSSL before 0.9.8s and 1.x before 1.0.0f, when RFC 3779 support is enabled, allows remote attackers to cause a denial of service (assertion failure) via an X.509 certificate containing certificate-extension data associated with (1) IP address bloc
26-03-2014 - 04:25 06-01-2012 - 01:55
CVE-2011-3207 5.0
crypto/x509/x509_vfy.c in OpenSSL 1.0.x before 1.0.0e does not initialize certain structure members, which makes it easier for remote attackers to bypass CRL validation by using a nextUpdate value corresponding to a time in the past.
26-03-2014 - 04:22 22-09-2011 - 10:55
CVE-2014-1438 4.7
The restore_fpu_checking function in arch/x86/include/asm/fpu-internal.h in the Linux kernel before 3.12.8 on the AMD K7 and K8 platforms does not clear pending exceptions before proceeding to an EMMS instruction, which allows local users to cause a
16-03-2014 - 04:45 18-01-2014 - 22:55
CVE-2013-4564 5.0
Libreswan 3.6 allows remote attackers to cause a denial of service (crash) via a small length value and (1) no version or (2) an invalid major number in an IKE packet.
25-02-2014 - 18:02 07-01-2014 - 17:04
CVE-2014-0039 4.4
Untrusted search path vulnerability in fwsnort before 1.6.4, when not running as root, allows local users to execute arbitrary code via a Trojan horse fwsnort.conf in the current working directory. Per: http://cwe.mitre.org/data/definitions/426.html
21-02-2014 - 05:06 08-02-2014 - 00:55
CVE-2011-0192 9.3
Buffer overflow in Fax4Decode in LibTIFF 3.9.4 and possibly other versions, as used in ImageIO in Apple iTunes before 10.2 on Windows and other products, allows remote attackers to execute arbitrary code or cause a denial of service (application cras
21-02-2014 - 04:39 03-03-2011 - 20:00
CVE-2010-4336 5.0
The cu_rrd_create_file function (src/utils_rrdcreate.c) in collectd 4.x before 4.9.4 and before 4.10.2 allow remote attackers to cause a denial of service (assertion failure) via a packet with a timestamp whose value is 10 or less, as demonstrated by
21-02-2014 - 04:36 17-12-2010 - 19:00
CVE-2012-4466 5.0
Ruby 1.8.7 before patchlevel 371, 1.9.3 before patchlevel 286, and 2.0 before revision r37068 allows context-dependent attackers to bypass safe-level restrictions and modify untainted strings via the name_err_mesg_to_str API function, which marks the
12-02-2014 - 04:39 25-04-2013 - 23:55
CVE-2010-4411 4.3
Unspecified vulnerability in CGI.pm 3.50 and earlier allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via unknown vectors. NOTE: this issue exists because of an incomplete fix for CVE-2010-2761.
12-02-2014 - 04:24 06-12-2010 - 20:13
CVE-2012-5854 7.5
Heap-based buffer overflow in WeeChat 0.3.6 through 0.3.9 allows remote attackers to cause a denial of service (crash or hang) and possibly execute arbitrary code via crafted IRC colors that are not properly decoded.
07-02-2014 - 04:43 19-11-2012 - 12:10
CVE-2012-5534 7.5
The hook_process function in the plugin API for WeeChat 0.3.0 through 0.3.9.1 allows remote attackers to execute arbitrary commands via shell metacharacters in a command from a plugin, related to "shell expansion."
07-02-2014 - 04:43 03-12-2012 - 21:55
CVE-2013-1790 6.8
poppler/Stream.cc in poppler before 0.22.1 allows context-dependent attackers to have an unspecified impact via vectors that trigger a read of uninitialized memory by the CCITTFaxStream::lookChar function.
28-01-2014 - 04:51 09-04-2013 - 20:55
CVE-2013-1788 6.8
poppler before 0.22.1 allows context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code via vectors that trigger an "invalid memory access" in (1) splash/Splash.cc, (2) poppler/Function.cc, and (3) poppler/St
28-01-2014 - 04:51 09-04-2013 - 20:55
CVE-2013-4550 5.1
Bip before 0.8.9, when running as a daemon, writes SSL handshake errors to an unexpected file descriptor that was previously associated with stderr before stderr has been closed, which allows remote attackers to write to other sockets and have an uns
04-01-2014 - 04:48 24-12-2013 - 18:55
CVE-2013-3230 4.9
The l2tp_ip6_recvmsg function in net/l2tp/l2tp_ip6.c in the Linux kernel before 3.9-rc7 does not initialize a certain structure member, which allows local users to obtain sensitive information from kernel stack memory via a crafted recvmsg or recvfro
04-01-2014 - 04:47 22-04-2013 - 11:41
CVE-2013-3233 4.9
The llcp_sock_recvmsg function in net/nfc/llcp/sock.c in the Linux kernel before 3.9-rc7 does not initialize a certain length variable and a certain data structure, which allows local users to obtain sensitive information from kernel stack memory via
04-01-2014 - 04:47 22-04-2013 - 11:41
CVE-2011-5268 4.3
connection.c in Bip before 0.8.9 does not properly close sockets, which allows remote attackers to cause a denial of service (file descriptor consumption and crash) via multiple failed SSL handshakes, a different vulnerability than CVE-2013-4550. NO
04-01-2014 - 04:35 24-12-2013 - 19:55
CVE-2013-4339 7.5
WordPress before 3.6.1 does not properly validate URLs before use in an HTTP redirect, which allows remote attackers to bypass intended redirection restrictions via a crafted string.
31-12-2013 - 04:25 12-09-2013 - 13:30
CVE-2013-4569 4.3
The CleanChanges extension for MediaWiki before 1.19.9, 1.20.x before 1.20.8, and 1.21.x before 1.21.3, when "Group changes by page in recent changes and watchlist" is enabled, allows remote attackers to obtain sensitive information (revision-deleted
16-12-2013 - 15:54 13-12-2013 - 18:07
CVE-2012-5394 6.8
Cross-site request forgery (CSRF) vulnerability in the CentralAuth extension for MediaWiki before 1.19.9, 1.20.x before 1.20.8, and 1.21.x before 1.21.3 allows remote attackers to hijack the authentication of users for requests that login via vectors
16-12-2013 - 15:24 13-12-2013 - 18:07
CVE-2013-1812 4.3
The ruby-openid gem before 2.2.2 for Ruby allows remote OpenID providers to cause a denial of service (CPU consumption) via (1) a large XRDS document or (2) an XML Entity Expansion (XEE) attack.
13-12-2013 - 16:12 12-12-2013 - 18:55
CVE-2012-3354 4.3
doku.php in DokuWiki, as used in Fedora 16, 17, and 18, when certain PHP error levels are set, allows remote attackers to obtain sensitive information via the prefix parameter, which reveals the installation path in an error message.
13-12-2013 - 05:02 20-11-2012 - 00:55
CVE-2012-1193 6.4
The resolver in PowerDNS Recursor (aka pdns_recursor) 3.3 overwrites cached server names and TTL values in NS records during the processing of a response to an A record query, which allows remote attackers to trigger continued resolvability of revoke
13-12-2013 - 04:57 17-02-2012 - 22:55
CVE-2012-0806 6.5
Buffer overflow in Bip 0.8.8 and earlier might allow remote authenticated users to execute arbitrary code via vectors involving a series of TCP connections that triggers use of many open file descriptors.
13-12-2013 - 04:56 27-01-2012 - 00:55
CVE-2011-3727 5.0
DokuWiki 2009-12-25c allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by lib/tpl/index.php and certain other files.
13-12-2013 - 04:52 23-09-2011 - 23:55
CVE-2011-0524 2.1
Multiple buffer overflows in the NMEA parser (nmea-gen.c) in gypsy 0.8 allow local users to cause a denial of service (crash) via unspecified vectors related to the sprintf function.
13-12-2013 - 04:46 13-08-2012 - 20:55
CVE-2011-0523 1.9
gypsy 0.8 does not properly restrict the files that can be read while running with root privileges, which allows local users to read otherwise restricted files via unspecified vectors.
13-12-2013 - 04:46 13-08-2012 - 20:55
CVE-2013-4446 6.8
The _json_decode function in plugins/context_reaction_block.inc in the Context module 6.x-2.x before 6.x-3.2 and 7.x-3.x before 7.x-3.0 for Drupal, when using a version of PHP that does not support the json_decode function, allows remote attackers to
09-12-2013 - 17:38 07-12-2013 - 20:55
CVE-2013-4445 4.9
The json rendering functionality in the Context module 6.x-2.x before 6.x-3.2 and 7.x-3.x before 7.x-3.0 for Drupal uses Drupal's token scheme to restrict access to blocks, which makes it easier for remote authenticated users to guess the access toke
09-12-2013 - 17:36 07-12-2013 - 20:55
CVE-2013-0252 5.0
boost::locale::utf::utf_traits in the Boost.Locale library in Boost 1.48 through 1.52 does not properly detect certain invalid UTF-8 sequences, which might allow remote attackers to bypass input validation protection mechanisms via crafted trailing b
05-12-2013 - 05:22 12-03-2013 - 22:55
CVE-2013-1986 6.8
Multiple integer overflows in X.org libXrandr 1.4.0 and earlier allow X servers to trigger allocation of insufficient memory and a buffer overflow via vectors related to the (1) XRRQueryOutputProperty and (2) XRRQueryProviderProperty functions.
01-12-2013 - 04:27 15-06-2013 - 19:55
CVE-2013-1997 6.8
Multiple buffer overflows in X.org libX11 1.5.99.901 (1.6 RC1) and earlier allow X servers to cause a denial of service (crash) and possibly execute arbitrary code via crafted length or index values to the (1) XAllocColorCells, (2) _XkbReadGetDeviceI
01-12-2013 - 04:27 15-06-2013 - 20:55
CVE-2013-1985 6.8
Integer overflow in X.org libXinerama 1.1.2 and earlier allows X servers to trigger allocation of insufficient memory and a buffer overflow via vectors related to the XineramaQueryScreens function.
01-12-2013 - 04:27 15-06-2013 - 19:55
CVE-2013-1983 6.8
Integer overflow in X.org libXfixes 5.0 and earlier allows X servers to trigger allocation of insufficient memory and a buffer overflow via vectors related to the XFixesGetCursorImage function.
01-12-2013 - 04:27 15-06-2013 - 19:55
CVE-2013-1899 6.5
Argument injection vulnerability in PostgreSQL 9.2.x before 9.2.4, 9.1.x before 9.1.9, and 9.0.x before 9.0.13 allows remote attackers to cause a denial of service (file corruption), and allows remote authenticated users to modify configuration setti
01-12-2013 - 04:27 04-04-2013 - 17:55
CVE-2013-1747 5.0
channel.c in ngIRCd 20 and 20.1 allows remote attackers to cause a denial of service (assertion failure and crash) via a KICK command for a user who is not on the associated channel.
01-12-2013 - 04:27 28-03-2013 - 23:55
CVE-2013-1912 5.1
Buffer overflow in HAProxy 1.4 through 1.4.22 and 1.5-dev through 1.5-dev17, when HTTP keep-alive is enabled, using HTTP keywords in TCP inspection rules, and running with rewrite rules that appends to requests, allows remote attackers to cause a den
01-12-2013 - 04:27 10-04-2013 - 15:55
CVE-2013-1901 4.0
PostgreSQL 9.2.x before 9.2.4 and 9.1.x before 9.1.9 does not properly check REPLICATION privileges, which allows remote authenticated users to bypass intended backup restrictions by calling the (1) pg_start_backup or (2) pg_stop_backup functions. Pe
01-12-2013 - 04:27 04-04-2013 - 17:55
CVE-2013-1922 3.3
qemu-nbd in QEMU, as used in Xen 4.2.x, determines the format of a raw disk image based on the header, which allows local guest OS administrators to read arbitrary files on the host by modifying the header to identify a different format, which is use
01-12-2013 - 04:27 13-05-2013 - 23:55
CVE-2013-1428 6.5
Stack-based buffer overflow in the receive_tcppacket function in net_packet.c in tinc before 1.0.21 and 1.1 before 1.1pre7 allows remote authenticated peers to cause a denial of service (crash) or possibly execute arbitrary code via a large TCP packe
01-12-2013 - 04:26 26-04-2013 - 16:55
CVE-2013-1991 6.8
Multiple integer overflows in X.org libXxf86dga 1.1.3 and earlier allow X servers to trigger allocation of insufficient memory and a buffer overflow via vectors related to the (1) XDGAQueryModes and (2) XDGASetMode functions.
25-11-2013 - 04:32 15-06-2013 - 19:55
CVE-2013-1992 6.8
Multiple integer overflows in X.org libdmx 1.1.2 and earlier allow X servers to trigger allocation of insufficient memory and a buffer overflow via vectors related to the (1) DMXGetScreenAttributes, (2) DMXGetWindowAttributes, and (3) DMXGetInputAttr
25-11-2013 - 04:32 15-06-2013 - 19:55
CVE-2013-1990 6.8
Multiple integer overflows in X.org libXvMC 1.0.7 and earlier allow X servers to trigger allocation of insufficient memory and a buffer overflow via vectors related to the (1) XvMCListSurfaceTypes and (2) XvMCListSubpictureTypes functions.
25-11-2013 - 04:32 15-06-2013 - 19:55
CVE-2013-1989 6.8
Multiple integer overflows in X.org libXv 1.0.7 and earlier allow X servers to trigger allocation of insufficient memory and a buffer overflow via vectors related to the (1) XvQueryPortAttributes, (2) XvListImageFormats, and (3) XvCreateImage functio
25-11-2013 - 04:32 15-06-2013 - 19:55
CVE-2013-2001 6.8
Buffer overflow in X.org libXxf86vm 1.1.2 and earlier allows X servers to cause a denial of service (crash) and possibly execute arbitrary code via crafted length or index values to the XF86VidModeGetGammaRamp function.
25-11-2013 - 04:32 15-06-2013 - 20:55
CVE-2013-1999 6.8
Buffer overflow in X.org libXvMC 1.0.7 and earlier allows X servers to cause a denial of service (crash) and possibly execute arbitrary code via crafted length or index values to the XvMCGetDRInfo function.
25-11-2013 - 04:32 15-06-2013 - 20:55
CVE-2013-1988 6.8
Multiple integer overflows in X.org libXRes 1.0.6 and earlier allow X servers to trigger allocation of insufficient memory and a buffer overflow via vectors related to the (1) XResQueryClients and (2) XResQueryClientResources functions.
25-11-2013 - 04:32 15-06-2013 - 19:55
CVE-2013-2000 6.8
Multiple buffer overflows in X.org libXxf86dga 1.1.3 and earlier allow X servers to cause a denial of service (crash) and possibly execute arbitrary code via crafted length or index values to the (1) XDGAQueryModes and (2) XDGASetMode functions.
25-11-2013 - 04:32 15-06-2013 - 20:55
CVE-2013-2066 6.8
Buffer overflow in X.org libXv 1.0.7 and earlier allows X servers to cause a denial of service (crash) and possibly execute arbitrary code via crafted length or index values to the XvQueryPortAttributes function.
25-11-2013 - 04:32 15-06-2013 - 20:55
CVE-2012-2684 7.5
Multiple SQL injection vulnerabilities in the get_sample_filters_by_signature function in Cumin before 0.1.5444, as used in Red Hat Enterprise Messaging, Realtime, and Grid (MRG) 2.0, allow remote attackers to execute arbitrary SQL commands via the (
25-11-2013 - 04:25 28-09-2012 - 17:55
CVE-2013-3239 4.6
phpMyAdmin 3.5.x before 3.5.8 and 4.x before 4.0.0-rc3, when a SaveDir directory is configured, allows remote authenticated users to execute arbitrary code by using a double extension in the filename of an export file, leading to interpretation of th
19-11-2013 - 04:48 26-04-2013 - 03:34
CVE-2013-3238 6.0
phpMyAdmin 3.5.x before 3.5.8 and 4.x before 4.0.0-rc3 allows remote authenticated users to execute arbitrary code via a /e\x00 sequence, which is not properly handled before making a preg_replace function call within the "Replace table prefix" featu
19-11-2013 - 04:48 26-04-2013 - 03:34
CVE-2013-5915 4.3
The RSA-CRT implementation in PolarSSL before 1.2.9 does not properly perform Montgomery multiplication, which might allow remote attackers to conduct a timing side-channel attack and retrieve RSA private keys.
31-10-2013 - 03:35 04-10-2013 - 17:55
CVE-2013-4623 4.3
The x509parse_crt function in x509.h in PolarSSL 1.1.x before 1.1.7 and 1.2.x before 1.2.8 does not properly parse certificate messages during the SSL/TLS handshake, which allows remote attackers to cause a denial of service (infinite loop and CPU co
31-10-2013 - 03:35 30-09-2013 - 22:55
CVE-2012-3418 5.0
libpcp in Performance Co-Pilot (PCP) before 3.6.5 allows remote attackers to cause a denial of service and possibly execute arbitrary code via (1) a PDU with the numcreds field value greater than the number of actual elements to the __pmDecodeCreds f
08-10-2013 - 19:24 27-08-2012 - 23:55
CVE-2012-2139 5.0
Directory traversal vulnerability in lib/mail/network/delivery_methods/file_delivery.rb in the Mail gem before 2.4.4 for Ruby allows remote attackers to read arbitrary files via a .. (dot dot) in the to parameter.
07-10-2013 - 16:18 18-07-2012 - 18:55
CVE-2013-1727 4.0
Mozilla Firefox before 24.0 on Android allows attackers to bypass the Same Origin Policy, and consequently conduct cross-site scripting (XSS) attacks or obtain password or cookie information, by using a symlink in conjunction with a file: URL for a l
03-10-2013 - 03:38 18-09-2013 - 10:08
CVE-2013-1729 2.6
The WebGL implementation in Mozilla Firefox before 24.0, when NVIDIA graphics drivers are used on Mac OS X, allows remote attackers to obtain desktop-screenshot data by reading from a CANVAS element.
03-10-2013 - 03:38 18-09-2013 - 10:08
CVE-2013-1731 6.8
Untrusted search path vulnerability in the GL tracing functionality in Mozilla Firefox before 24.0 on Android allows attackers to execute arbitrary code via a Trojan horse .so file in a world-writable directory.
03-10-2013 - 03:38 18-09-2013 - 10:08
CVE-2013-5580 4.3
The (1) Conn_StartLogin and (2) cb_Read_Resolver_Result functions in conn.c in ngIRCd 18 through 20.2, when the configuration option NoticeAuth is enabled, does not properly handle the return code for the Handle_Write function, which allows remote at
02-10-2013 - 17:18 01-10-2013 - 19:55
CVE-2013-4338 7.5
wp-includes/functions.php in WordPress before 3.6.1 does not properly determine whether data has been serialized, which allows remote attackers to execute arbitrary code by triggering erroneous PHP unserialize operations.
02-10-2013 - 04:29 12-09-2013 - 13:28
CVE-2013-4340 3.5
wp-admin/includes/post.php in WordPress before 3.6.1 allows remote authenticated users to spoof the authorship of a post by leveraging the Author role and providing a modified user_ID parameter.
02-10-2013 - 04:29 12-09-2013 - 13:30
CVE-2012-2671 7.5
The Rack::Cache rubygem 0.3.0 through 1.1 caches Set-Cookie and other sensitive headers, which allows attackers to obtain sensitive cookie information, hijack web sessions, or have other unspecified impact by accessing the cache.
28-08-2013 - 06:47 17-06-2012 - 03:41
CVE-2012-4464 5.0
Ruby 1.9.3 before patchlevel 286 and 2.0 before revision r37068 allows context-dependent attackers to bypass safe-level restrictions and modify untainted strings via the (1) exc_to_s or (2) name_err_to_s API function, which marks the string as tainte
27-08-2013 - 03:27 25-04-2013 - 23:55
CVE-2012-1122 3.6
bug_actiongroup.php in MantisBT before 1.2.9 does not properly check the report_bug_threshold permission of the receiving project when moving a bug report, which allows remote authenticated users with the report_bug_threshold and move_bug_threshold p
27-08-2013 - 03:21 29-06-2012 - 19:55
CVE-2012-1118 4.3
The access_has_bug_level function in core/access_api.php in MantisBT before 1.2.9 does not properly restrict access when the private_bug_view_threshold is set to an array, which allows remote attackers to bypass intended restrictions and perform cert
27-08-2013 - 03:21 29-06-2012 - 19:55
CVE-2011-2938 4.3
Multiple cross-site scripting (XSS) vulnerabilities in filter_api.php in MantisBT before 1.2.7 allow remote attackers to inject arbitrary web script or HTML via a parameter, as demonstrated by the project_id parameter to search.php.
27-08-2013 - 03:15 21-09-2011 - 16:55
CVE-2010-4350 5.1
Directory traversal vulnerability in admin/upgrade_unattended.php in MantisBT before 1.2.4 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the db_type parameter, related to an unsafe call by MantisBT to a fu
27-08-2013 - 03:07 03-01-2011 - 20:00
CVE-2010-4348 4.3
Cross-site scripting (XSS) vulnerability in admin/upgrade_unattended.php in MantisBT before 1.2.4 allows remote attackers to inject arbitrary web script or HTML via the db_type parameter, related to an unsafe call by MantisBT to a function in the ADO
27-08-2013 - 03:06 03-01-2011 - 20:00
CVE-2010-3763 4.3
Cross-site scripting (XSS) vulnerability in core/summary_api.php in MantisBT before 1.2.3 allows remote attackers to inject arbitrary web script or HTML via the Summary field, a different vector than CVE-2010-3303.
27-08-2013 - 03:05 05-10-2010 - 22:00
CVE-2010-3303 3.5
Multiple cross-site scripting (XSS) vulnerabilities in MantisBT before 1.2.3 allow remote authenticated administrators to inject arbitrary web script or HTML via (1) a plugin name, related to manage_plugin_uninstall.php; (2) an enumeration value or (
27-08-2013 - 03:04 05-10-2010 - 22:00
CVE-2012-4922 5.0
The tor_timegm function in common/util.c in Tor before 0.2.2.39, and 0.2.3.x before 0.2.3.22-rc, does not properly validate time values, which allows remote attackers to cause a denial of service (assertion failure and daemon exit) via a malformed di
22-08-2013 - 03:59 14-09-2012 - 18:55
CVE-2012-4419 5.0
The compare_tor_addr_to_addr_policy function in or/policies.c in Tor before 0.2.2.39, and 0.2.3.x before 0.2.3.21-rc, allows remote attackers to cause a denial of service (assertion failure and daemon exit) via a zero-valued port field that is not pr
22-08-2013 - 03:58 14-09-2012 - 18:55
CVE-2012-3517 5.0
Use-after-free vulnerability in dns.c in Tor before 0.2.2.38 might allow remote attackers to cause a denial of service (daemon crash) via vectors related to failed DNS requests.
22-08-2013 - 03:56 26-08-2012 - 03:17
CVE-2012-0957 4.9
The override_release function in kernel/sys.c in the Linux kernel before 3.4.16 allows local users to obtain sensitive information from kernel stack memory via a uname system call in conjunction with a UNAME26 personality.
22-08-2013 - 03:51 21-12-2012 - 11:47
CVE-2012-0283 4.3
Cross-site scripting (XSS) vulnerability in the tpl_mediaFileList function in inc/template.php in DokuWiki before 2012-01-25b allows remote attackers to inject arbitrary web script or HTML via the ns parameter in a medialist action to lib/exe/ajax.ph
22-08-2013 - 03:50 13-07-2012 - 21:55
CVE-2011-1005 5.0
The safe-level feature in Ruby 1.8.6 through 1.8.6-420, 1.8.7 through 1.8.7-330, and 1.8.8dev allows context-dependent attackers to modify strings via the Exception#to_s method, as demonstrated by changing an intended pathname.
13-08-2013 - 17:00 02-03-2011 - 20:00
CVE-2012-4552 6.8
Stack-based buffer overflow in the error function in ssg/ssgParser.cxx in PLIB 1.8.5 allows remote attackers to execute arbitrary code via a crafted 3d model file that triggers a long error message, as demonstrated by a .ase file.
26-06-2013 - 03:14 18-11-2012 - 23:55
CVE-2013-1940 2.1
X.Org X server before 1.13.4 and 1.4.x before 1.14.1 does not properly restrict access to input events when adding a new hot-plug device, which might allow physically proximate attackers to obtain sensitive information, as demonstrated by reading pas
21-06-2013 - 03:17 13-05-2013 - 23:55
CVE-2007-6746 5.8
telepathy-idle before 0.1.15 does not verify (1) that the issuer is a trusted CA, (2) that the server hostname matches a domain name in the subject's Common Name (CN), or (3) the expiration date of the X.509 certificate, which allows man-in-the-middl
21-06-2013 - 02:26 21-05-2013 - 18:55
CVE-2010-1411 6.8
Multiple integer overflows in the Fax3SetupState function in tif_fax3.c in the FAX3 decoder in LibTIFF before 3.9.3, as used in ImageIO in Apple Mac OS X 10.5.8 and Mac OS X 10.6 before 10.6.4, allow remote attackers to execute arbitrary code or caus
15-05-2013 - 03:08 17-06-2010 - 16:30
CVE-2013-1897 2.6
The do_search function in ldap/servers/slapd/search.c in 389 Directory Server 1.2.x before 1.2.11.20 and 1.3.x before 1.3.0.5 does not properly restrict access to entries when the nsslapd-allow-anonymous-access configuration is set to rootdse and the
14-05-2013 - 04:00 13-05-2013 - 23:55
CVE-2012-4522 5.0
The rb_get_path_check function in file.c in Ruby 1.9.3 before patchlevel 286 and Ruby 2.0.0 before r37163 allows context-dependent attackers to create files in unexpected locations or with unexpected names via a NUL byte in a file path.
04-05-2013 - 03:20 24-11-2012 - 20:55
CVE-2012-4520 6.4
The django.http.HttpRequest.get_host function in Django 1.3.x before 1.3.4 and 1.4.x before 1.4.2 allows remote attackers to generate and display arbitrary URLs via crafted username and password Host header values.
04-05-2013 - 03:20 18-11-2012 - 23:55
CVE-2012-2655 4.0
PostgreSQL 8.3.x before 8.3.19, 8.4.x before 8.4.12, 9.0.x before 9.0.8, and 9.1.x before 9.1.4 allows remote authenticated users to cause a denial of service (server crash) by adding the (1) SECURITY DEFINER or (2) SET attributes to a procedural lan
19-04-2013 - 03:22 18-07-2012 - 23:55
CVE-2012-2389 2.1
hostapd 0.7.3, and possibly other versions before 1.0, uses 0644 permissions for /etc/hostapd/hostapd.conf, which might allow local users to obtain sensitive information such as credentials.
19-04-2013 - 03:21 21-06-2012 - 15:55
CVE-2009-1284 5.0
Buffer overflow in BibTeX 0.99 allows context-dependent attackers to cause a denial of service (memory corruption and crash) via a long .bib bibliography file.
19-04-2013 - 02:49 09-04-2009 - 16:27
CVE-2013-1789 4.3
splash/Splash.cc in poppler before 0.22.1 allows context-dependent attackers to cause a denial of service (NULL pointer dereference and crash) via vectors related to the (1) Splash::arbitraryTransformMask, (2) Splash::blitMask, and (3) Splash::scaleM
10-04-2013 - 04:00 09-04-2013 - 20:55
CVE-2012-3512 7.2
Munin before 2.0.6 stores plugin state files that run as root in the same group-writable directory as non-root plugins, which allows local users to execute arbitrary code by replacing a state file, as demonstrated using the smart_ plugin.
05-04-2013 - 03:12 21-11-2012 - 23:55
CVE-2012-3482 5.8
Fetchmail 5.0.8 through 6.3.21, when using NTLM authentication in debug mode, allows remote NTLM servers to (1) cause a denial of service (crash and delayed delivery of inbound mail) via a crafted NTLM response that triggers an out-of-bounds read in
05-04-2013 - 03:12 21-12-2012 - 05:46
CVE-2012-3457 2.1
PNP4Nagios 0.6 through 0.6.16 uses world-readable permissions for process_perfdata.cfg, which allows local users to obtain the Gearman shared secret by reading the file.
05-04-2013 - 03:12 12-08-2012 - 00:55
CVE-2011-4616 4.3
Cross-site scripting (XSS) vulnerability in the HTML-Template-Pro module before 0.9507 for Perl allows remote attackers to inject arbitrary web script or HTML via template parameters, related to improper handling of > (greater than) and < (less than)
05-04-2013 - 03:06 06-01-2012 - 04:01
CVE-2011-1595 4.3
Directory traversal vulnerability in the disk_create function in disk.c in rdesktop before 1.7.0, when disk redirection is enabled, allows remote RDP servers to read or overwrite arbitrary files via a .. (dot dot) in a pathname.
05-04-2013 - 03:01 24-05-2011 - 23:55
CVE-2012-4409 6.8
Stack-based buffer overflow in the check_file_head function in extra.c in mcrypt 2.6.8 and earlier allows user-assisted remote attackers to execute arbitrary code via an encrypted file with a crafted header containing long salt data that is not prope
02-04-2013 - 03:20 21-11-2012 - 23:55
CVE-2011-2709 6.2
libgssapi and libgssglue before 0.4 do not properly check privileges, which allows local users to load untrusted configuration files and execute arbitrary code via the GSSAPI_MECH_CONF environment variable, as demonstrated using mount.nfs.
02-03-2013 - 04:33 21-06-2012 - 15:55
CVE-2012-5564 3.3
android-tools 4.1.1 in Android Debug Bridge (ADB) allows local users to overwrite arbitrary files via a symlink attack on /tmp/adb.log.
19-02-2013 - 05:00 14-02-2013 - 22:55
CVE-2011-4312 4.3
Multiple cross-site scripting (XSS) vulnerabilities in the commenting system in Review Board before 1.5.7 and 1.6.x before 1.6.3 allow remote attackers to inject arbitrary web script or HTML via vectors involving the (1) diff viewer or (2) screenshot
14-02-2013 - 04:46 24-11-2011 - 04:01
CVE-2010-2494 5.0
Multiple buffer underflows in the base64 decoder in base64.c in (1) bogofilter and (2) bogolexer in bogofilter before 1.2.2 allow remote attackers to cause a denial of service (heap memory corruption and application crash) via an e-mail message with
14-02-2013 - 04:31 08-07-2010 - 18:30
CVE-2010-1766 7.5
Off-by-one error in the WebSocketHandshake::readServerHandshake function in websockets/WebSocketHandshake.cpp in WebCore in WebKit before r56380, as used in Qt and other products, allows remote websockets servers to cause a denial of service (memory
07-02-2013 - 05:00 22-07-2010 - 05:42
CVE-2012-3420 5.0
Multiple memory leaks in Performance Co-Pilot (PCP) before 3.6.5 allow remote attackers to cause a denial of service (memory consumption or daemon crash) via a large number of PDUs with (1) a crafted context number to the DoFetch function in pmcd/src
07-02-2013 - 04:57 27-08-2012 - 23:55
CVE-2012-3421 5.0
The pduread function in pdu.c in libpcp in Performance Co-Pilot (PCP) before 3.6.5 does not properly time out connections, which allows remote attackers to cause a denial of service (pmcd hang) by sending individual bytes of a PDU separately, related
07-02-2013 - 04:57 27-08-2012 - 23:55
CVE-2012-3419 5.0
Performance Co-Pilot (PCP) before 3.6.5 exports some of the /proc file system, which allows attackers to obtain sensitive information such as proc/pid/maps and command line arguments.
07-02-2013 - 04:57 27-08-2012 - 23:55
CVE-2011-2728 4.3
The bsd_glob function in the File::Glob module for Perl before 5.14.2 allows context-dependent attackers to cause a denial of service (crash) via a glob expression with the GLOB_ALTDIRFUNC flag, which triggers an uninitialized pointer dereference.
29-01-2013 - 05:00 21-12-2012 - 05:46
CVE-2011-1485 6.9
Race condition in the pkexec utility and polkitd daemon in PolicyKit (aka polkit) 0.96 allows local users to gain privileges by executing a setuid program from pkexec, related to the use of the effective user ID instead of the real user ID.
19-12-2012 - 04:39 31-05-2011 - 20:55
CVE-2011-4780 4.3
Multiple cross-site scripting (XSS) vulnerabilities in libraries/display_export.lib.php in phpMyAdmin 3.4.x before 3.4.9 allow remote attackers to inject arbitrary web script or HTML via crafted URL parameters, related to the export panels in the (1)
06-11-2012 - 05:04 22-12-2011 - 20:55
CVE-2011-4634 4.3
Multiple cross-site scripting (XSS) vulnerabilities in phpMyAdmin 3.4.x before 3.4.8 allow remote attackers to inject arbitrary web script or HTML via (1) a crafted database name, related to the Database Synchronize panel; (2) a crafted database name
06-11-2012 - 05:04 22-12-2011 - 20:55
CVE-2011-4528 5.0
Unbound before 1.4.13p2 attempts to free unallocated memory during processing of duplicate CNAME records in a signed zone, which allows remote DNS servers to cause a denial of service (daemon crash) via a crafted response. Per: http://unbound.nlnetla
06-11-2012 - 05:03 20-12-2011 - 11:55
CVE-2011-3181 4.3
Multiple cross-site scripting (XSS) vulnerabilities in the Tracking feature in phpMyAdmin 3.3.x before 3.3.10.4 and 3.4.x before 3.4.4 allow remote attackers to inject arbitrary web script or HTML via a (1) table name, (2) column name, or (3) index n
06-11-2012 - 05:00 29-08-2011 - 17:55
CVE-2010-2451 10.0
Multiple format string vulnerabilities in the DCC functionality in KVIrc 3.4 and 4.0 have unspecified impact and remote attack vectors.
06-11-2012 - 04:42 29-06-2010 - 18:30
CVE-2010-2452 9.3
Directory traversal vulnerability in the DCC functionality in KVIrc 3.4 and 4.0 allows remote attackers to overwrite arbitrary files via unknown vectors.
06-11-2012 - 04:42 29-06-2010 - 18:30
CVE-2007-6389 2.1
The notify feature in GNOME screensaver (gnome-screensaver) 2.20.0 might allow local users to read the clipboard contents and X selection data for a locked session by using ctrl-V.
31-10-2012 - 02:48 17-12-2007 - 18:46
CVE-2012-2140 7.5
The Mail gem before 2.4.3 for Ruby allows remote attackers to execute arbitrary commands via shell metacharacters in a (1) sendmail or (2) exim delivery.
30-10-2012 - 04:03 18-07-2012 - 18:55
CVE-2009-1720 7.5
Multiple integer overflows in OpenEXR 1.2.2 and 1.6.1 allow context-dependent attackers to cause a denial of service (application crash) or possibly execute arbitrary code via unspecified vectors that trigger heap-based buffer overflows, related to (
23-10-2012 - 03:06 31-07-2009 - 19:00
CVE-2009-1523 5.0
Directory traversal vulnerability in the HTTP server in Mort Bay Jetty 5.1.14, 6.x before 6.1.17, and 7.x through 7.0.0.M2 allows remote attackers to access arbitrary files via directory traversal sequences in the URI.
23-10-2012 - 03:06 05-05-2009 - 17:30
CVE-2012-4342 4.3
Multiple cross-site scripting (XSS) vulnerabilities in Gallery 3 before 3.0.4 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors.
09-10-2012 - 04:00 15-08-2012 - 21:55
CVE-2012-4415 7.5
Stack-based buffer overflow in the guac_client_plugin_open function in libguac in Guacamole before 0.6.3 allows remote attackers to cause a denial of service (crash) or execute arbitrary code via a long protocol name.
01-10-2012 - 04:00 01-10-2012 - 03:26
CVE-2011-3146 6.8
librsvg before 2.34.1 uses the node name to identify the type of node, which allows context-dependent attackers to cause a denial of service (NULL pointer dereference) and possibly execute arbitrary code via a SVG file with a node with the element na
13-09-2012 - 04:00 05-09-2012 - 23:55
CVE-2012-3292 7.6
The GridFTP in Globus Toolkit (GT) before 5.2.2, when certain autoconf macros are defined, does not properly check the return value from the getpwnam_r function, which might allow remote attackers to gain privileges by logging in with a user that doe
07-09-2012 - 04:30 07-06-2012 - 20:55
CVE-2012-3361 5.5
virt/disk/api.py in OpenStack Compute (Nova) Folsom (2012.2), Essex (2012.1), and Diablo (2011.3) allows remote authenticated users to overwrite arbitrary files via a symlink attack on a file in an image.
17-08-2012 - 03:53 22-07-2012 - 16:55
CVE-2012-3360 5.5
Directory traversal vulnerability in virt/disk/api.py in OpenStack Compute (Nova) Folsom (2012.2) and Essex (2012.1), when used over libvirt-based hypervisors, allows remote authenticated users to write arbitrary files to the disk image via a .. (dot
17-08-2012 - 03:53 22-07-2012 - 16:55
CVE-2012-4343 7.5
Multiple unspecified vulnerabilities in Gallery 3 before 3.0.4 allow attackers to execute arbitrary PHP code via unknown vectors.
16-08-2012 - 04:00 15-08-2012 - 21:55
CVE-2012-1174 3.3
The rm_rf_children function in util.c in the systemd-logind login manager in systemd before 44, when logging out, allows local users to delete arbitrary files via a symlink attack on unspecified files, related to "particular records related with user
14-08-2012 - 03:35 12-07-2012 - 20:55
CVE-2012-0466 4.0
template/en/default/list/list.js.tmpl in Bugzilla 2.x and 3.x before 3.6.9, 3.7.x and 4.0.x before 4.0.6, and 4.1.x and 4.2.x before 4.2.1 does not properly handle multiple logins, which allows remote attackers to conduct cross-site scripting (XSS) a
14-08-2012 - 03:34 27-04-2012 - 20:55
CVE-2012-0465 4.3
Bugzilla 3.5.x and 3.6.x before 3.6.9, 3.7.x and 4.0.x before 4.0.6, and 4.1.x and 4.2.x before 4.2.1, when the inbound_proxies option is enabled, does not properly validate the X-Forwarded-For HTTP header, which allows remote attackers to bypass the
14-08-2012 - 03:34 27-04-2012 - 20:55
CVE-2012-3413 4.3
The HTMLQuoteColorer::process function in messageviewer/htmlquotecolorer.cpp in KDE PIM 4.6 through 4.8 does not disable JavaScript, Java, and Plugins, which allows remote attackers to inject arbitrary web script or HTML via a crafted email.
08-08-2012 - 04:00 07-08-2012 - 20:55
CVE-2012-3998 7.5
Multiple SQL injection vulnerabilities in Sticky Notes before 0.2.27052012.5 allow remote attackers to execute arbitrary SQL commands via the (1) paste id in admin/modules/mod_pastes.php or (2) show.php, (3) user id to admin/modules/mod_users.php, (4
19-07-2012 - 04:00 12-07-2012 - 21:55
CVE-2012-3997 4.3
Multiple cross-site scripting (XSS) vulnerabilities in Sticky Notes before 0.2.27052012.5 allow remote attackers to inject arbitrary web script or HTML via the (1) paste_user or (2) paste_lang parameter to (a) list.php or (b) show.php.
19-07-2012 - 04:00 12-07-2012 - 21:55
CVE-2010-2491 4.3
Cross-site scripting (XSS) vulnerability in cgi/client.py in Roundup before 1.4.14 allows remote attackers to inject arbitrary web script or HTML via the template argument to the /issue program.
31-05-2012 - 04:00 24-09-2010 - 19:00
CVE-2011-2190 2.1
The generate_admin_password function in Cherokee before 1.2.99 uses time and PID values for seeding of a random number generator, which makes it easier for local users to determine admin passwords via a brute-force attack.
14-05-2012 - 04:00 07-10-2011 - 02:51
CVE-2011-1159 2.1
acpid.c in acpid before 2.0.9 does not properly handle a situation in which a process has connected to acpid.socket but is not reading any data, which allows local users to cause a denial of service (daemon hang) via a crafted application that perfor
14-05-2012 - 04:00 05-10-2011 - 02:56
CVE-2011-1004 6.3
The FileUtils.remove_entry_secure method in Ruby 1.8.6 through 1.8.6-420, 1.8.7 through 1.8.7-330, 1.8.8dev, 1.9.1 through 1.9.1-430, 1.9.2 through 1.9.2-136, and 1.9.3dev allows local users to delete arbitrary files via a symlink attack.
12-05-2012 - 03:36 02-03-2011 - 20:00
CVE-2009-4410 4.9
The fuse_ioctl_copy_user function in the ioctl handler in fs/fuse/file.c in the Linux kernel 2.6.29-rc1 through 2.6.30.y uses the wrong variable in an argument to the kunmap function, which allows local users to cause a denial of service (panic) via
19-03-2012 - 04:00 24-12-2009 - 16:30
CVE-2011-2720 5.0
The autocompletion functionality in GLPI before 0.80.2 does not blacklist certain username and password fields, which allows remote attackers to obtain sensitive information via a crafted POST request.
16-02-2012 - 04:15 05-08-2011 - 21:55
CVE-2011-2524 5.0
Directory traversal vulnerability in soup-uri.c in SoupServer in libsoup before 2.35.4 allows remote attackers to read arbitrary files via a %2e%2e (encoded dot dot) in a URI.
02-02-2012 - 04:06 31-08-2011 - 23:55
CVE-2011-4617 1.2
virtualenv.py in virtualenv before 1.5 allows local users to overwrite arbitrary files via a symlink attack on a certain file in /tmp/.
01-02-2012 - 04:12 31-12-2011 - 01:55
CVE-2011-5027 4.3
Cross-site scripting (XSS) vulnerability in ZABBIX before 1.8.10 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors related to the profiler.
01-02-2012 - 04:12 29-12-2011 - 22:55
CVE-2010-3071 5.0
bip before 0.8.6 allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via an empty USER command.
27-01-2012 - 17:43 14-10-2010 - 05:57
CVE-2011-3341 7.5
Multiple off-by-one errors in order_cmd.cpp in OpenTTD before 1.1.3 allow remote attackers to cause a denial of service (daemon crash) or possibly execute arbitrary code via a crafted CMD_INSERT_ORDER command.
19-01-2012 - 03:59 08-09-2011 - 18:55
CVE-2011-3343 4.6
Multiple buffer overflows in OpenTTD before 1.1.3 allow local users to cause a denial of service (daemon crash) or possibly gain privileges via (1) a crafted BMP file with RLE compression or (2) crafted dimensions in a BMP file.
19-01-2012 - 03:59 08-09-2011 - 18:55
CVE-2011-3364 6.9
Incomplete blacklist vulnerability in the svEscape function in settings/plugins/ifcfg-rh/shvar.c in the ifcfg-rh plug-in for GNOME NetworkManager 0.9.1, 0.9.0, 0.8.1, and possibly other versions, when PolicyKit is configured to allow users to create
19-01-2012 - 03:59 04-11-2011 - 21:55
CVE-2011-3342 7.5
Multiple buffer overflows in OpenTTD before 1.1.3 allow remote attackers to cause a denial of service (daemon crash) or possibly execute arbitrary code via vectors related to (1) NAME, (2) PLYR, (3) CHTS, or (4) AIPL (aka AI config) chunk loading fro
19-01-2012 - 03:59 08-09-2011 - 18:55
CVE-2011-2705 5.0
The SecureRandom.random_bytes function in lib/securerandom.rb in Ruby before 1.8.7-p352 and 1.9.x before 1.9.2-p290 relies on PID values for initialization, which makes it easier for context-dependent attackers to predict the result string by leverag
19-01-2012 - 03:58 05-08-2011 - 21:55
CVE-2011-2176 2.1
GNOME NetworkManager before 0.8.6 does not properly enforce the auth_admin element in PolicyKit, which allows local users to bypass intended wireless network sharing restrictions via unspecified vectors.
19-01-2012 - 03:57 02-09-2011 - 23:55
CVE-2010-2641 7.6
Array index error in the VF font parser in the dvi-backend component in Evince 2.32 and earlier allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted font in conjunction with a DVI f
19-01-2012 - 03:49 07-01-2011 - 19:00
CVE-2010-2640 7.6
Array index error in the PK font parser in the dvi-backend component in Evince 2.32 and earlier allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted font in conjunction with a DVI f
19-01-2012 - 03:49 07-01-2011 - 19:00
CVE-2010-2643 7.6
Integer overflow in the TFM font parser in the dvi-backend component in Evince 2.32 and earlier allows remote attackers to execute arbitrary code via a crafted font in conjunction with a DVI file that is processed by the thumbnailer.
19-01-2012 - 03:49 07-01-2011 - 19:00
CVE-2011-4064 4.3
Cross-site scripting (XSS) vulnerability in the setup interface in phpMyAdmin 3.4.x before 3.4.6 allows remote attackers to inject arbitrary web script or HTML via a crafted value.
15-12-2011 - 03:57 01-11-2011 - 19:55
CVE-2011-4349 4.6
Multiple SQL injection vulnerabilities in (1) cd-mapping-db.c and (2) cd-device-db.c in colord before 0.1.15 allow local users to execute arbitrary SQL commands via vectors related to color devices and (a) device id, (b) property, or (c) profile id.
12-12-2011 - 05:00 10-12-2011 - 17:55
CVE-2011-2191 6.8
Cross-site request forgery (CSRF) vulnerability in Cherokee-admin in Cherokee before 1.2.99 allows remote attackers to hijack the authentication of administrators for requests that insert cross-site scripting (XSS) sequences, as demonstrated by a cra
24-11-2011 - 03:58 07-10-2011 - 02:51
CVE-2011-3646 5.0
phpmyadmin.css.php in phpMyAdmin 3.4.x before 3.4.6 allows remote attackers to obtain sensitive information via an array-typed js_frame parameter to phpmyadmin.css.php, which reveals the installation path in an error message.
21-11-2011 - 05:00 17-11-2011 - 19:55
CVE-2011-1898 7.4
Xen 4.1 before 4.1.1 and 4.0 before 4.0.2, when using PCI passthrough on Intel VT-d chipsets that do not have interrupt remapping, allows guest OS users to gain host OS privileges by "using DMA to generate MSI interrupts by writing to the interrupt i
26-10-2011 - 02:58 12-08-2011 - 18:55
CVE-2007-4974 7.5
Heap-based buffer overflow in the flac_buffer_copy function in libsndfile 1.0.17 and earlier might allow remote attackers to execute arbitrary code via a FLAC file with crafted PCM data containing a block with a size that exceeds the previous block s
18-10-2011 - 04:00 19-09-2007 - 17:17
CVE-2008-0225 6.4
Heap-based buffer overflow in the rmff_dump_cont function in input/libreal/rmff.c in xine-lib 1.1.9 and earlier allows remote attackers to execute arbitrary code via the SDP Abstract attribute in an RTSP session, related to the rmff_dump_header funct
17-10-2011 - 04:00 10-01-2008 - 23:46
CVE-2010-4334 4.0
The IO::Socket::SSL module 1.35 for Perl, when verify_mode is not VERIFY_NONE, fails open to VERIFY_NONE instead of throwing an error when a ca_file/ca_path cannot be verified, which allows remote attackers to bypass intended certificate restrictions
14-10-2011 - 02:48 14-01-2011 - 01:00
CVE-2011-3200 5.0
Stack-based buffer overflow in the parseLegacySyslogMsg function in tools/syslogd.c in rsyslogd in rsyslog 4.6.x before 4.6.8 and 5.2.0 through 5.8.4 might allow remote attackers to cause a denial of service (application exit) via a long TAG in a leg
23-09-2011 - 03:34 06-09-2011 - 16:55
CVE-2011-3211 9.3
The server in Bcfg2 1.1.2 and earlier, and 1.2 prerelease, allows remote attackers to execute arbitrary commands via shell metacharacters in data received from a client.
23-09-2011 - 03:34 16-09-2011 - 12:35
CVE-2011-1498 4.3
Apache HttpClient 4.x before 4.1.1 in Apache HttpComponents, when used with an authenticating proxy server, sends the Proxy-Authorization header to the origin server, which allows remote web servers to obtain sensitive information by logging this hea
22-09-2011 - 03:30 07-07-2011 - 21:55
CVE-2010-4221 10.0
Multiple stack-based buffer overflows in the pr_netio_telnet_gets function in netio.c in ProFTPD before 1.3.3c allow remote attackers to execute arbitrary code via vectors involving a TELNET IAC escape character to a (1) FTP or (2) FTPS server.
15-09-2011 - 03:18 09-11-2010 - 21:00
CVE-2010-3867 7.1
Multiple directory traversal vulnerabilities in the mod_site_misc module in ProFTPD before 1.3.3c allow remote authenticated users to create directories, delete directories, create symlinks, and modify file timestamps via directory traversal sequence
15-09-2011 - 03:17 09-11-2010 - 21:00
CVE-2010-3998 6.9
The (1) banshee-1 and (2) muinshee scripts in Banshee 1.8.0 and earlier place a zero-length directory name in the LD_LIBRARY_PATH, which allows local users to gain privileges via a Trojan horse shared library in the current working directory. NOTE:
15-09-2011 - 03:17 06-11-2010 - 00:00
CVE-2010-3351 6.9
startBristol in Bristol 0.60.5 places a zero-length directory name in the LD_LIBRARY_PATH, which allows local users to gain privileges via a Trojan horse shared library in the current working directory.
15-09-2011 - 03:16 20-10-2010 - 18:00
CVE-2011-2201 4.3
The Data::FormValidator module 4.66 and earlier for Perl, when untaint_all_constraints is enabled, does not properly preserve the taint attribute of data, which might allow remote attackers to bypass the taint protection mechanism via form input.
14-09-2011 - 16:05 14-09-2011 - 16:05
CVE-2011-2665 5.0
reqresp_parser.c in the SIP channel driver in Asterisk Open Source 1.8.x before 1.8.4.3 allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via a SIP packet with a Contact header that lacks a < (less than)
07-09-2011 - 03:17 06-07-2011 - 19:55
CVE-2011-1599 9.0
manager.c in the Manager Interface in Asterisk Open Source 1.4.x before 1.4.40.1, 1.6.1.x before 1.6.1.25, 1.6.2.x before 1.6.2.17.3, and 1.8.x before 1.8.3.3 and Asterisk Business Edition C.x.x before C.3.6.4 does not properly check for the system p
07-09-2011 - 03:16 27-04-2011 - 00:55
CVE-2011-1709 7.2
GNOME Display Manager (gdm) before 2.32.2, when glib 2.28 is used, enables execution of a web browser with the uid of the gdm account, which allows local users to gain privileges via vectors involving the x-scheme-handler/http MIME type.
07-09-2011 - 03:16 14-06-2011 - 17:55
CVE-2011-1507 5.0
Asterisk Open Source 1.4.x before 1.4.40.1, 1.6.1.x before 1.6.1.25, 1.6.2.x before 1.6.2.17.3, and 1.8.x before 1.8.3.3 and Asterisk Business Edition C.x.x before C.3.6.4 do not restrict the number of unauthenticated sessions to certain interfaces,
07-09-2011 - 03:16 27-04-2011 - 00:55
CVE-2011-1137 5.0
Integer overflow in the mod_sftp (aka SFTP) module in ProFTPD 1.3.3d and earlier allows remote attackers to cause a denial of service (memory consumption leading to OOM kill) via a malformed SSH message.
07-09-2011 - 03:15 11-03-2011 - 17:55
CVE-2011-1022 2.1
The cgre_receive_netlink_msg function in daemon/cgrulesengd.c in cgrulesengd in the Control Group Configuration Library (aka libcgroup or libcg) before 0.37.1 does not verify that netlink messages originated in the kernel, which allows local users to
07-09-2011 - 03:15 22-03-2011 - 17:55
CVE-2010-2787 4.3
api.php in MediaWiki before 1.15.5 does not prevent use of public caching headers for private data, which allows remote attackers to bypass intended access restrictions and obtain sensitive information by retrieving documents from an HTTP proxy cache
07-09-2011 - 03:10 27-04-2011 - 00:55
CVE-2010-2788 2.6
Cross-site scripting (XSS) vulnerability in profileinfo.php in MediaWiki before 1.15.5, when wgEnableProfileInfo is enabled, allows remote attackers to inject arbitrary web script or HTML via the filter parameter.
07-09-2011 - 03:10 27-04-2011 - 00:55
CVE-2010-4259 6.8
Stack-based buffer overflow in FontForge 20100501 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a long CHARSET_REGISTRY header in a BDF font file.
27-08-2011 - 03:45 07-12-2010 - 13:53
CVE-2010-3851 4.7
libguestfs before 1.5.23, as used in virt-v2v, virt-inspector 1.5.3 and earlier, and possibly other products, when a raw-format disk image is used, allows local guest OS administrators to read files from the host via a crafted (1) qcow2, (2) VMDK, or
27-08-2011 - 03:44 04-11-2010 - 18:00
CVE-2011-1147 6.8
Multiple stack-based and heap-based buffer overflows in the (1) decode_open_type and (2) udptl_rx_packet functions in main/udptl.c in Asterisk Open Source 1.4.x before 1.4.39.2, 1.6.1.x before 1.6.1.22, 1.6.2.x before 1.6.2.16.2, and 1.8 before 1.8.2
24-08-2011 - 03:16 15-03-2011 - 17:55
CVE-2007-6350 8.5
scponly 4.6 and earlier allows remote authenticated users to bypass intended restrictions and execute code by invoking dangerous subcommands including (1) unison, (2) rsync, (3) svn, and (4) svnserve, as originally demonstrated by creating a Subversi
08-08-2011 - 04:00 14-12-2007 - 20:46
CVE-2011-2185 4.4
Fabric before 1.1.0 allows local users to overwrite arbitrary files via a symlink attack on (1) a /tmp/fab.*.tar file or (2) certain other files in the top level of /tmp/.
02-08-2011 - 04:00 27-07-2011 - 02:55
CVE-2010-3694 6.8
Cross-site request forgery (CSRF) vulnerability in the Horde Application Framework before 3.3.9 allows remote attackers to hijack the authentication of unspecified victims for requests to a preference form.
12-07-2011 - 02:39 09-11-2010 - 21:00
CVE-2010-3077 4.3
Cross-site scripting (XSS) vulnerability in util/icon_browser.php in the Horde Application Framework before 3.3.9 allows remote attackers to inject arbitrary web script or HTML via the subdir parameter.
12-07-2011 - 02:38 09-11-2010 - 21:00
CVE-2011-1924 5.0
Buffer overflow in the policy_summarize function in or/policies.c in Tor before 0.2.1.30 allows remote attackers to cause a denial of service (directory authority crash) via a crafted policy that triggers creation of a long port list.
30-06-2011 - 04:00 14-06-2011 - 17:55
CVE-2011-1766 5.8
includes/User.php in MediaWiki before 1.16.5, when wgBlockDisablesLogin is enabled, does not clear certain cached data after verification of an auth token fails, which allows remote attackers to bypass authentication by creating crafted wikiUserID an
16-06-2011 - 02:56 23-05-2011 - 22:55
CVE-2010-4156 5.0
The mb_strcut function in Libmbfl 1.1.0, as used in PHP 5.3.x through 5.3.3, allows context-dependent attackers to obtain potentially sensitive information via a large value of the third parameter (aka the length parameter).
04-05-2011 - 02:52 10-11-2010 - 03:00
CVE-2011-1154 6.9
The shred_file function in logrotate.c in logrotate 3.7.9 and earlier might allow context-dependent attackers to execute arbitrary commands via shell metacharacters in a log filename, as demonstrated by a filename that is automatically constructed on
21-04-2011 - 02:33 30-03-2011 - 22:55
CVE-2011-1155 1.9
The writeState function in logrotate.c in logrotate 3.7.9 and earlier might allow context-dependent attackers to cause a denial of service (rotation outage) via a (1) \n (newline) or (2) \ (backslash) character in a log filename, as demonstrated by a
21-04-2011 - 02:33 30-03-2011 - 22:55
CVE-2011-1401 3.5
ikiwiki before 3.20110328 does not ascertain whether the htmlscrubber plugin is enabled during processing of the "meta stylesheet" directive, which allows remote authenticated users to conduct cross-site scripting (XSS) attacks via crafted Cascading
20-04-2011 - 04:00 11-04-2011 - 18:55
CVE-2010-3902 5.0
OpenConnect before 2.26 places the webvpn cookie value in the debugging output, which might allow remote attackers to obtain sensitive information by reading this output, as demonstrated by output posted to the public openconnect-devel mailing list.
09-04-2011 - 03:29 14-10-2010 - 05:58
CVE-2008-7219 10.0
Horde Kronolith H3 2.1 before 2.1.7 and 2.2 before 2.2-RC2; Nag H3 2.1 before 2.1.4 and 2.2 before 2.2-RC2; Mnemo H3 2.1 before 2.1.2 and H3 2.2 before 2.2-RC2; Groupware 1.0 before 1.0.3 and 1.1 before 1.1-RC2; and Groupware Webmail Edition 1.0 befo
05-04-2011 - 04:00 13-09-2009 - 22:30
CVE-2010-4479 7.5
Unspecified vulnerability in pdf.c in libclamav in ClamAV before 0.96.5 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted PDF document, aka "bb #2380," a different vulnerability
24-03-2011 - 02:54 07-12-2010 - 13:53
CVE-2010-4652 6.8
Heap-based buffer overflow in the sql_prepare_where function (contrib/mod_sql.c) in ProFTPD before 1.3.3d, when mod_sql is enabled, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted usernam
18-03-2011 - 02:56 02-02-2011 - 01:00
CVE-2008-2307 9.3
Unspecified vulnerability in WebKit in Apple Safari before 3.1.2, as distributed in Mac OS X before 10.5.4, and standalone for Windows and Mac OS X 10.4, allows remote attackers to cause a denial of service (application crash) or execute arbitrary co
15-03-2011 - 04:00 23-06-2008 - 20:41
CVE-2011-0432 7.5
Multiple SQL injection vulnerabilities in the get_userinfo method in the MySQLAuthHandler class in DAVServer/mysqlauth.py in PyWebDAV before 0.9.4.1 allow remote attackers to execute arbitrary SQL commands via the (1) user or (2) pw argument. NOTE:
15-03-2011 - 04:00 14-03-2011 - 19:55
CVE-2011-0696 6.8
Django 1.1.x before 1.1.4 and 1.2.x before 1.2.5 does not properly validate HTTP requests that contain an X-Requested-With header, which makes it easier for remote attackers to conduct cross-site request forgery (CSRF) attacks via forged AJAX request
11-03-2011 - 03:51 14-02-2011 - 21:00
CVE-2011-0697 4.3
Cross-site scripting (XSS) vulnerability in Django 1.1.x before 1.1.4 and 1.2.x before 1.2.5 might allow remote attackers to inject arbitrary web script or HTML via a filename associated with a file upload.
11-03-2011 - 03:51 14-02-2011 - 21:00
CVE-2009-0414 10.0
Unspecified vulnerability in Tor before 0.2.0.33 has unspecified impact and remote attack vectors that trigger heap corruption.
08-03-2011 - 03:18 03-02-2009 - 23:30
CVE-2008-5187 7.5
The load function in the XPM loader for imlib2 1.4.2, and possibly other versions, allows attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted XPM file that triggers a "pointer arithmetic error" and a heap-
08-03-2011 - 03:14 21-11-2008 - 02:30
CVE-2008-4314 8.5
smbd in Samba 3.0.29 through 3.2.4 might allow remote attackers to read arbitrary memory and cause a denial of service via crafted (1) trans, (2) trans2, and (3) nttrans requests, related to a "cut&paste error" that causes an improper bounds check to
08-03-2011 - 03:12 01-12-2008 - 15:30
CVE-2008-3829 5.0
Unspecified vulnerability in the condor_ schedd daemon in Condor before 7.0.5 allows attackers to cause a denial of service (crash) via unknown vectors.
08-03-2011 - 03:11 08-10-2008 - 22:00
CVE-2008-3909 5.8
The administration application in Django 0.91, 0.95, and 0.96 stores unauthenticated HTTP POST requests and processes them after successful authentication occurs, which allows remote attackers to conduct cross-site request forgery (CSRF) attacks and
08-03-2011 - 03:11 04-09-2008 - 17:41
CVE-2008-3828 4.6
Stack-based buffer overflow in the condor_ schedd daemon in Condor before 7.0.5 allows attackers to cause a denial of service (crash) and possibly execute arbitrary code via unknown vectors.
08-03-2011 - 03:11 08-10-2008 - 22:00
CVE-2008-3826 4.6
Unspecified vulnerability in Condor before 7.0.5 allows attackers to execute jobs as other users via unknown vectors.
08-03-2011 - 03:11 08-10-2008 - 22:00
CVE-2008-3830 7.2
Condor before 7.0.5 does not properly handle when the configuration specifies overlapping netmasks in allow or deny rules, which causes the rule to be ignored and allows attackers to bypass intended access restrictions.
08-03-2011 - 03:11 08-10-2008 - 22:00
CVE-2008-1389 5.0
libclamav/chmunpack.c in the chm-parser in ClamAV before 0.94 allows remote attackers to cause a denial of service (application crash) via a malformed CHM file, related to an "invalid memory access."
08-03-2011 - 03:07 04-09-2008 - 16:41
CVE-2008-0807 4.9
lib/Driver/sql.php in Turba 2 (turba2) Contact Manager H3 2.1.x before 2.1.7 and 2.2.x before 2.2-RC3, as used in products such as Horde Groupware before 1.0.4 and Horde Groupware Webmail Edition before 1.0.5, does not properly check access rights, w
08-03-2011 - 03:05 19-02-2008 - 01:00
CVE-2008-0664 6.4
The XML-RPC implementation (xmlrpc.php) in WordPress before 2.3.3, when registration is enabled, allows remote attackers to edit posts of other blog users via unknown vectors.
08-03-2011 - 03:05 08-02-2008 - 02:00
CVE-2008-0668 9.3
The excel_read_HLINK function in plugins/excel/ms-excel-read.c in Gnome Office Gnumeric before 1.8.1 allows user-assisted remote attackers to execute arbitrary code via a crafted XLS file containing XLS HLINK opcodes, possibly because of an integer s
08-03-2011 - 03:05 11-02-2008 - 21:00
CVE-2008-0932 7.5
diatheke.pl in The SWORD Project Diatheke 1.5.9 and earlier allows remote attackers to execute arbitrary commands via shell metacharacters in the range parameter.
08-03-2011 - 03:05 25-02-2008 - 21:44
CVE-2008-0646 7.8
The bdecode_recursive function in include/libtorrent/bencode.hpp in Rasterbar Software libtorrent before 0.12.1, as used in Deluge before 0.5.8.3 and other products, allows context-dependent attackers to cause a denial of service (stack exhaustion an
08-03-2011 - 03:05 07-02-2008 - 21:00
CVE-2007-6337 10.0
Unspecified vulnerability in the bzip2 decompression algorithm in nsis/bzlib_private.h in ClamAV before 0.92 has unknown impact and remote attack vectors.
08-03-2011 - 03:02 31-12-2007 - 19:46
CVE-2007-5934 4.3
The LOB functionality in PEAR MDB2 before 2.5.0a1 interprets a request to store a URL string as a request to retrieve and store the contents of the URL, which might allow remote attackers to use MDB2 as an indirect proxy or obtain sensitive informati
08-03-2011 - 03:01 13-11-2007 - 22:46
CVE-2007-5623 5.0
Buffer overflow in the check_snmp function in Nagios Plugins (nagios-plugins) 1.4.10 allows remote attackers to cause a denial of service (crash) via crafted snmpget replies.
08-03-2011 - 03:01 23-10-2007 - 16:46
CVE-2007-5965 4.3
QSslSocket in Trolltech Qt 4.3.0 through 4.3.2 does not properly verify SSL certificates, which might make it easier for remote attackers to trick a user into accepting an invalid server certificate for a spoofed service, or trick a service into acce
08-03-2011 - 03:01 08-01-2008 - 01:46
CVE-2007-5198 6.8
Buffer overflow in the redir function in check_http.c in Nagios Plugins before 1.4.10, when running with the -f (follow) option, allows remote web servers to execute arbitrary code via Location header responses (redirects) with a large number of lead
08-03-2011 - 03:00 04-10-2007 - 17:17
CVE-2007-4650 6.4
Multiple unspecified vulnerabilities in Gallery before 2.2.3 allow attackers to (1) rename items, (2) read and modify item properties, or (3) lock and replace items via unknown vectors in (a) the WebDAV module; and (4) edit unspecified data files usi
08-03-2011 - 02:58 04-09-2007 - 17:17
CVE-2007-4542 4.3
Multiple cross-site scripting (XSS) vulnerabilities in MapServer before 4.10.3 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors involving the (1) processLine function in maptemplate.c and the (2) writeError functi
08-03-2011 - 02:58 27-08-2007 - 21:17
CVE-2007-2874 5.8
Buffer overflow in the wpa_printf function in the debugging code in wpa_supplicant in the Fedora NetworkManager package before 0.6.5-3.fc7 allows user-assisted remote attackers to execute arbitrary code via malformed frames on a WPA2 network. NOTE:
08-03-2011 - 02:55 27-07-2007 - 21:30
CVE-2006-6870 5.0
The consume_labels function in avahi-core/dns.c in Avahi before 0.6.16 allows remote attackers to cause a denial of service (infinite loop) via a crafted compressed DNS response with a label that points to itself. This vulnerability is addressed in t
08-03-2011 - 02:47 31-12-2006 - 05:00
CVE-2007-5708 7.1
slapo-pcache (overlays/pcache.c) in slapd in OpenLDAP before 2.3.39, when running as a proxy-caching server, allocates memory using a malloc variant instead of calloc, which prevents an array from being initialized properly and might allow attackers
07-03-2011 - 05:00 30-10-2007 - 19:46
CVE-2006-3127 7.8
Memory leak in Network Security Services (NSS) 3.11, as used in Sun Java Enterprise System 2003Q4 through 2005Q1 and Java System Directory Server 5.2, allows remote attackers to cause a denial of service (memory consumption) by performing a large num
07-03-2011 - 05:00 21-06-2006 - 23:02
CVE-2010-2244 4.3
The AvahiDnsPacket function in avahi-core/socket.c in avahi-daemon in Avahi 0.6.16 and 0.6.25 allows remote attackers to cause a denial of service (assertion failure and daemon exit) via a DNS packet with an invalid checksum followed by a DNS packet
07-03-2011 - 05:00 08-07-2010 - 12:54
CVE-2008-0318 10.0
Integer overflow in the cli_scanpe function in libclamav in ClamAV before 0.92.1, as used in clamd, allows remote attackers to cause a denial of service and possibly execute arbitrary code via a crafted Petite packed PE file, which triggers a heap-ba
07-03-2011 - 05:00 12-02-2008 - 20:00
CVE-2010-4523 7.2
Multiple stack-based buffer overflows in libopensc in OpenSC 0.11.13 and earlier allow physically proximate attackers to execute arbitrary code via a long serial-number field on a smart card, related to (1) card-acos5.c, (2) card-atrust-acos.c, and (
17-02-2011 - 07:01 07-01-2011 - 20:00
CVE-2010-4209 4.3
Cross-site scripting (XSS) vulnerability in the Flash component infrastructure in YUI 2.8.0 through 2.8.1, as used in Bugzilla 3.7.1 through 3.7.3 and 4.1, allows remote attackers to inject arbitrary web script or HTML via vectors related to swfstore
05-02-2011 - 07:00 07-11-2010 - 22:00
CVE-2010-4208 4.3
Cross-site scripting (XSS) vulnerability in the Flash component infrastructure in YUI 2.5.0 through 2.8.1, as used in Bugzilla, Moodle, and other products, allows remote attackers to inject arbitrary web script or HTML via vectors related to uploader
05-02-2011 - 07:00 07-11-2010 - 22:00
CVE-2010-4207 4.3
Cross-site scripting (XSS) vulnerability in the Flash component infrastructure in YUI 2.4.0 through 2.8.1, as used in Bugzilla, Moodle, and other products, allows remote attackers to inject arbitrary web script or HTML via vectors related to charts/a
05-02-2011 - 07:00 07-11-2010 - 22:00
CVE-2010-4329 4.3
Cross-site scripting (XSS) vulnerability in the PMA_linkOrButton function in libraries/common.lib.php in the database (db) search script in phpMyAdmin 2.11.x before 2.11.11.1 and 3.x before 3.3.8.1 allows remote attackers to inject arbitrary web scri
28-01-2011 - 05:00 02-12-2010 - 16:22
CVE-2010-3056 4.3
Multiple cross-site scripting (XSS) vulnerabilities in phpMyAdmin 2.11.x before 2.11.10.1 and 3.x before 3.3.5.1 allow remote attackers to inject arbitrary web script or HTML via vectors related to (1) db_search.php, (2) db_sql.php, (3) db_structure.
28-01-2011 - 05:00 24-08-2010 - 20:00
CVE-2010-3703 4.3
The PostScriptFunction::PostScriptFunction function in poppler/Function.cc in the PDF parser in poppler 0.8.7 and possibly other versions up to 0.15.1, and possibly other products, allows context-dependent attackers to cause a denial of service (cras
22-01-2011 - 06:43 05-11-2010 - 18:00
CVE-2010-1676 10.0
Heap-based buffer overflow in Tor before 0.2.1.28 and 0.2.2.x before 0.2.2.20-alpha allows remote attackers to cause a denial of service (daemon crash) or possibly execute arbitrary code via unspecified vectors.
22-01-2011 - 06:39 22-12-2010 - 01:00
CVE-2010-4262 6.8
Stack-based buffer overflow in Xfig 3.2.4 and 3.2.5 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a FIG image with a crafted color definition.
20-01-2011 - 06:46 17-12-2010 - 19:00
CVE-2010-4534 4.0
The administrative interface in django.contrib.admin in Django before 1.1.3, 1.2.x before 1.2.4, and 1.3.x before 1.3 beta 1 does not properly restrict use of the query string to perform certain object filtering, which allows remote authenticated use
20-01-2011 - 06:46 10-01-2011 - 20:00
CVE-2010-4535 5.0
The password reset functionality in django.contrib.auth in Django before 1.1.3, 1.2.x before 1.2.4, and 1.3.x before 1.3 beta 1 does not validate the length of a string representing a base36 timestamp, which allows remote attackers to cause a denial
20-01-2011 - 06:46 10-01-2011 - 20:00
CVE-2010-3616 5.0
ISC DHCP server 4.2 before 4.2.0-P2, when configured to use failover partnerships, allows remote attackers to cause a denial of service (communications-interrupted state and DHCP client service loss) by connecting to a port that is only intended for
19-01-2011 - 07:00 17-12-2010 - 19:00
CVE-2010-0682 4.0
WordPress 2.9 before 2.9.2 allows remote authenticated users to read trash posts from other authors via a direct request with a modified p parameter.
19-01-2011 - 06:55 23-02-2010 - 20:30
CVE-2010-3074 2.1
SSL_Cipher.cpp in EncFS before 1.7.0 uses an improper combination of an AES cipher and a CBC cipher mode for encrypted filesystems, which allows local users to obtain sensitive information via a watermark attack.
14-01-2011 - 06:46 17-09-2010 - 18:00
CVE-2010-3072 5.0
The string-comparison functions in String.cci in Squid 3.x before 3.1.8 and 3.2.x before 3.2.0.2 allow remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via a crafted request. Per: http://cwe.mitre.org/data/def
14-01-2011 - 06:46 20-09-2010 - 21:00
CVE-2010-3073 2.1
SSL_Cipher.cpp in EncFS before 1.7.0 does not properly handle integer data sizes when constructing headers intended for randomization of initialization vectors, which makes it easier for local users to obtain sensitive information by defeating crypto
14-01-2011 - 06:46 17-09-2010 - 18:00
CVE-2010-4521 4.3
Cross-site scripting (XSS) vulnerability in the Views module 6.x before 6.x-2.12 for Drupal allows remote attackers to inject arbitrary web script or HTML via a page path.
11-01-2011 - 06:46 23-12-2010 - 18:00
CVE-2009-2175 4.3
Stack-based buffer overflow in the flattenIncrementally function in flatten.c in xcftools 1.0.4, as reachable from the (1) xcf2pnm and (2) xcf2png utilities, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary
04-01-2011 - 05:00 23-06-2009 - 21:30
CVE-2010-3172 2.6
CRLF injection vulnerability in Bugzilla before 3.2.9, 3.4.x before 3.4.9, 3.6.x before 3.6.3, and 4.0.x before 4.0rc1, when Server Push is enabled in a web browser, allows remote attackers to inject arbitrary HTTP headers and content, and conduct HT
16-12-2010 - 05:00 05-11-2010 - 17:00
CVE-2010-3999 6.9
gnc-test-env in GnuCash 2.3.15 and earlier places a zero-length directory name in the LD_LIBRARY_PATH, which allows local users to gain privileges via a Trojan horse shared library in the current working directory.
10-12-2010 - 06:46 05-11-2010 - 17:00
CVE-2010-3798 6.8
Heap-based buffer overflow in xar in Apple Mac OS X 10.6.x before 10.6.5 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted xar archive.
10-12-2010 - 06:45 16-11-2010 - 22:00
CVE-2010-3349 6.9
Ardour 2.8.11 places a zero-length directory name in the LD_LIBRARY_PATH, which allows local users to gain privileges via a Trojan horse shared library in the current working directory.
03-11-2010 - 18:24 20-10-2010 - 18:00
CVE-2010-3357 6.9
gnome-subtitles 1.0 places a zero-length directory name in the LD_LIBRARY_PATH, which allows local users to gain privileges via a Trojan horse shared library in the current working directory.
03-11-2010 - 06:00 20-10-2010 - 18:00
CVE-2010-2536 4.3
Multiple cross-site scripting (XSS) vulnerabilities in rekonq 0.5 and earlier allow remote attackers to inject arbitrary web script or HTML via (1) a URL associated with a nonexistent domain name, related to webpage.cpp, aka a "universal XSS" issue;
03-11-2010 - 05:59 02-08-2010 - 21:00
CVE-2010-2242 2.1
Red Hat libvirt 0.2.0 through 0.8.2 creates iptables rules with improper mappings of privileged source ports, which allows guest OS users to bypass intended access restrictions by leveraging IP address and source-port values, as demonstrated by copyi
30-10-2010 - 05:41 19-08-2010 - 18:00
CVE-2010-2239 4.4
Red Hat libvirt, possibly 0.6.0 through 0.8.2, creates new images without setting the user-defined backing-store format, which allows guest OS users to read arbitrary files on the host OS via unspecified vectors.
30-10-2010 - 05:41 19-08-2010 - 18:00
CVE-2010-2237 4.4
Red Hat libvirt, possibly 0.6.1 through 0.8.2, looks up disk backing stores without referring to the user-defined main disk format, which might allow guest OS users to read arbitrary files on the host OS, and possibly have unspecified other impact, v
30-10-2010 - 05:41 19-08-2010 - 18:00
CVE-2010-2238 4.4
Red Hat libvirt, possibly 0.7.2 through 0.8.2, recurses into disk-image backing stores without extracting the defined disk backing-store format, which might allow guest OS users to read arbitrary files on the host OS, and possibly have unspecified ot
30-10-2010 - 04:00 19-08-2010 - 18:00
CVE-2010-3075 5.0
EncFS before 1.7.0 encrypts multiple blocks by means of the CFB cipher mode with the same initialization vector, which makes it easier for local users to obtain sensitive information via calculations involving recovery of XORed data, as demonstrated
20-09-2010 - 04:00 17-09-2010 - 18:00
CVE-2010-2785 6.5
The IRC Protocol component in KVIrc 3.x and 4.x before r4693 does not properly handle \ (backslash) characters, which allows remote authenticated users to execute arbitrary CTCP commands via vectors involving \r and \40 sequences, a different vulnera
09-09-2010 - 05:43 02-08-2010 - 20:40
CVE-2010-2074 6.8
istream.c in w3m 0.5.2 and possibly other versions, when ssl_verify_server is enabled, does not properly handle a '\0' character in a domain name in the (1) subject's Common Name or (2) Subject Alternative Name field of an X.509 certificate, which al
09-09-2010 - 05:42 16-06-2010 - 20:30
CVE-2010-2757 6.5
The sudo feature in Bugzilla 2.22rc1 through 3.2.7, 3.3.1 through 3.4.7, 3.5.1 through 3.6.1, and 3.7 through 3.7.2 does not properly send impersonation notifications, which makes it easier for remote authenticated users to impersonate other users wi
08-09-2010 - 05:48 16-08-2010 - 15:14
CVE-2010-2756 5.0
Search.pm in Bugzilla 2.19.1 through 3.2.7, 3.3.1 through 3.4.7, 3.5.1 through 3.6.1, and 3.7 through 3.7.2 allows remote attackers to determine the group memberships of arbitrary users via vectors involving the Search interface, boolean charts, and
08-09-2010 - 05:48 16-08-2010 - 15:14
CVE-2010-2759 4.0
Bugzilla 2.23.1 through 3.2.7, 3.3.1 through 3.4.7, 3.5.1 through 3.6.1, and 3.7 through 3.7.2, when PostgreSQL is used, does not properly handle large integers in (1) bug and (2) attachment phrases, which allows remote authenticated users to cause a
08-09-2010 - 05:48 16-08-2010 - 15:14
CVE-2010-2758 5.0
Bugzilla 2.17.1 through 3.2.7, 3.3.1 through 3.4.7, 3.5.1 through 3.6.1, and 3.7 through 3.7.2 generates different error messages depending on whether a product exists, which makes it easier for remote attackers to guess product names via unspecified
08-09-2010 - 05:48 16-08-2010 - 15:14
CVE-2008-4325 5.8
lib/viewvc.py in ViewVC 1.0.5 uses the content-type parameter in the HTTP request for the Content-Type header in the HTTP response, which allows remote attackers to cause content to be misinterpreted by the browser via a content-type parameter that i
30-08-2010 - 04:00 30-09-2008 - 16:13
CVE-2010-2812 5.0
Client.cpp in ZNC 0.092 allows remote attackers to cause a denial of service (exception and daemon crash) via a PING command that lacks an argument.
18-08-2010 - 04:00 17-08-2010 - 22:00
CVE-2010-2934 5.0
Multiple unspecified vulnerabilities in ZNC 0.092 allow remote attackers to cause a denial of service (exception and daemon crash) via unknown vectors related to "unsafe substr() calls."
18-08-2010 - 04:00 17-08-2010 - 22:00
CVE-2009-4902 6.8
Buffer overflow in the MSGFunctionDemarshall function in winscard_svc.c in the PC/SC Smart Card daemon (aka PCSCD) in MUSCLE PCSC-Lite 1.5.4 and earlier might allow local users to gain privileges via crafted SCARD_CONTROL message data, which is impro
12-08-2010 - 14:22 18-06-2010 - 16:30
CVE-2010-0639 5.0
The htcpHandleTstRequest function in htcp.c in Squid 2.x before 2.6.STABLE24 and 2.7 before 2.7.STABLE8, and htcp.cc in 3.0 before 3.0.STABLE24, allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via craf
02-08-2010 - 04:00 15-02-2010 - 18:30
CVE-2010-1647 4.3
Cross-site scripting (XSS) vulnerability in MediaWiki 1.15 before 1.15.4 and 1.16 before 1.16 beta 3 allows remote attackers to inject arbitrary web script or HTML via crafted Cascading Style Sheets (CSS) strings that are processed as script by Inter
30-07-2010 - 05:48 08-06-2010 - 00:30
CVE-2010-1648 6.8
Cross-site request forgery (CSRF) vulnerability in the login interface in MediaWiki 1.15 before 1.15.4 and 1.16 before 1.16 beta 3 allows remote attackers to hijack the authentication of users for requests that (1) create accounts or (2) reset passwo
30-07-2010 - 05:48 08-06-2010 - 00:30
CVE-2010-2056 3.3
GNU gv before 3.7.0 allows local users to overwrite arbitrary files via a symlink attack on a temporary file.
22-07-2010 - 05:43 22-07-2010 - 05:43
CVE-2010-2448 3.5
znc.cpp in ZNC before 0.092 allows remote authenticated users to cause a denial of service (crash) by requesting traffic statistics when there is an active unauthenticated connection, which triggers a NULL pointer dereference, as demonstrated using (
12-07-2010 - 17:30 12-07-2010 - 17:30
CVE-2010-1916 7.5
The dynamic configuration feature in Xinha WYSIWYG editor 0.96 Beta 2 and earlier, as used in Serendipity 1.5.2 and earlier, allows remote attackers to bypass intended access restrictions and modify the configuration of arbitrary plugins via (1) craf
13-06-2010 - 19:18 12-05-2010 - 11:46
CVE-2009-2260 5.0
stardict 3.0.1, when Enable Net Dict is configured, sends the contents of the clipboard to a dictionary server, which allows remote attackers to obtain sensitive information by sniffing the network.
13-06-2010 - 19:11 30-06-2009 - 10:30
CVE-2010-1151 6.8
Race condition in the mod_auth_shadow module for the Apache HTTP Server allows remote attackers to bypass authentication, and read and possibly modify data, via vectors related to improper interaction with an external helper application for validatio
27-05-2010 - 05:49 20-04-2010 - 16:30
CVE-2010-0744 5.8
aMSN (aka Alvaro's Messenger) 0.98.3 and earlier, when SSL is used, does not verify that the server hostname matches a domain name in the subject's Common Name (CN) field or a Subject Alternative Name field of the X.509 certificate, which allows man-
14-05-2010 - 05:49 20-04-2010 - 15:30
CVE-2010-1147 6.0
Stack-based buffer overflow in Open Direct Connect Hub (aka Open DC Hub or OpenDCHub) 0.8.1 allows remote authenticated users to execute arbitrary code via a long MyINFO message.
08-05-2010 - 05:57 06-04-2010 - 16:30
CVE-2009-2459 10.0
Multiple unspecified vulnerabilities in mimeTeX, when downloaded before 20090713, have unknown impact and attack vectors related to the (1) \environ, (2) \input, and (3) \counter TeX directives.
20-04-2010 - 05:39 14-07-2009 - 20:30
CVE-2010-1149 2.1
probers/udisks-dm-export.c in udisks before 1.0.1 exports UDISKS_DM_TARGETS_PARAMS information to udev even for a crypt UDISKS_DM_TARGETS_TYPE, which allows local users to discover encryption keys by (1) running a certain udevadm command or (2) readi
13-04-2010 - 04:00 12-04-2010 - 18:30
CVE-2009-4007 5.0
Unspecified vulnerability in the NormaliseTrainConsist function in src/train_cmd.cpp in OpenTTD before 0.7.5-RC1 allows remote attackers to cause a denial of service (daemon crash) via certain game actions involving a wagon and a dual-headed engine.
26-03-2010 - 05:34 28-12-2009 - 19:30
CVE-2010-0414 7.2
gnome-screensaver before 2.28.2 allows physically proximate attackers to bypass screen locking and access an unattended workstation by moving the mouse position to an external monitor and then disconnecting that monitor.
26-02-2010 - 07:11 11-02-2010 - 20:30
CVE-2010-0005 7.5
query.py in the query interface in ViewVC before 1.1.3 does not reject configurations that specify an unsupported authorizer for a root, which might allow remote attackers to bypass intended access restrictions via a query.
02-02-2010 - 05:00 29-01-2010 - 18:30
CVE-2009-3727 5.0
Asterisk Open Source 1.2.x before 1.2.35, 1.4.x before 1.4.26.3, 1.6.0.x before 1.6.0.17, and 1.6.1.x before 1.6.1.9; Business Edition A.x.x, B.x.x before B.2.5.12, C.2.x.x before C.2.4.5, and C.3.x.x before C.3.2.2; AsteriskNOW 1.5; and s800i 1.3.x
23-12-2009 - 06:58 10-11-2009 - 18:30
CVE-2009-2415 10.0
Multiple integer overflows in memcached 1.1.12 and 1.2.2 allow remote attackers to execute arbitrary code via vectors involving length attributes that trigger heap-based buffer overflows.
19-12-2009 - 06:56 10-08-2009 - 18:30
CVE-2009-3369 8.5
CgiUserConfigEdit in BackupPC 3.1.0, when SSH keys and Rsync are in use in a multi-user environment, does not restrict users from the ClientNameAlias function, which allows remote authenticated users to read and write sensitive files by modifying Cli
31-10-2009 - 06:22 24-09-2009 - 16:30
CVE-2009-2911 1.9
SystemTap 1.0, when the --unprivileged option is used, does not properly restrict certain data sizes, which allows local users to (1) cause a denial of service or gain privileges via a print operation with a large number of arguments that trigger a k
31-10-2009 - 06:22 22-10-2009 - 16:30
CVE-2008-5250 3.5
Cross-site scripting (XSS) vulnerability in MediaWiki before 1.6.11, 1.12.x before 1.12.2, and 1.13.x before 1.13.3, when Internet Explorer is used and uploads are enabled, or an SVG scripting browser is used and SVG uploads are enabled, allows remot
14-10-2009 - 05:17 19-12-2008 - 17:30
CVE-2008-5252 5.8
Cross-site request forgery (CSRF) vulnerability in the Special:Import feature in MediaWiki 1.3.0 through 1.6.10, 1.12.x before 1.12.2, and 1.13.x before 1.13.3 allows remote attackers to perform unspecified actions as authenticated users via unknown
14-10-2009 - 05:17 19-12-2008 - 17:30
CVE-2008-5249 4.3
Cross-site scripting (XSS) vulnerability in MediaWiki 1.13.0 through 1.13.2 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
14-10-2009 - 05:17 19-12-2008 - 17:30
CVE-2009-2937 4.3
Cross-site scripting (XSS) vulnerability in Planet 2.0 and Planet Venus allows remote attackers to inject arbitrary web script or HTML via the SRC attribute of an IMG element in a feed.
18-09-2009 - 10:30 18-09-2009 - 10:30
CVE-2009-1769 5.0
The web interface in Open Computer and Software Inventory Next Generation (OCS Inventory NG) 1.01 generates different error messages depending on whether a username is valid, which allows remote attackers to enumerate valid usernames.
09-09-2009 - 04:00 22-05-2009 - 18:30
CVE-2009-2662 10.0
The browser engine in Mozilla Firefox 3.5.x before 3.5.2 allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via vectors related to the TraceRecorder::snapshot function in
04-09-2009 - 05:28 04-08-2009 - 16:30
CVE-2009-2665 10.0
The nsDocument::SetScriptGlobalObject function in content/base/src/nsDocument.cpp in Mozilla Firefox 3.5.x before 3.5.2, when certain add-ons are enabled, does not properly handle a Link HTTP header, which allows remote attackers to execute arbitrary
04-09-2009 - 05:28 04-08-2009 - 16:30
CVE-2009-0179 4.3
libmikmod 3.1.11 through 3.2.0, as used by MikMod and possibly other products, allows user-assisted attackers to cause a denial of service (application crash) by loading an XM file.
02-09-2009 - 05:20 20-01-2009 - 16:30
CVE-2009-2737 5.5
The EditCSVAction function in cgi/actions.py in Roundup 1.2 before 1.2.1, 1.4 through 1.4.6, and possibly other versions does not properly check permissions, which allows remote authenticated users with edit or create privileges for a class to modify
26-08-2009 - 05:25 11-08-2009 - 10:30
CVE-2009-1896 10.0
The Java Web Start framework in IcedTea in OpenJDK before 1.6.0.0-20.b16.fc10 on Fedora 10, and before 1.6.0.0-27.b16.fc11 on Fedora 11, trusts an entire application when at least one of the listed jar files is trusted, which allows context-dependent
26-08-2009 - 05:24 10-08-2009 - 18:30
CVE-2009-2959 4.3
Cross-site scripting (XSS) vulnerability in the waterfall web status view (status/web/waterfall.py) in Buildbot 0.7.6 through 0.7.11p1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
25-08-2009 - 17:30 25-08-2009 - 17:30
CVE-2008-5703 6.2
gpsdrive (aka gpsdrive-scripts) 2.10~pre4 allows local users to overwrite arbitrary files via a symlink attack on the (a) /tmp/.smswatch or (b) /tmp/gpsdrivepos temporary file, related to (1) examples/gpssmswatch and (2) src/splash.c, different vecto
19-08-2009 - 05:22 22-12-2008 - 15:30
CVE-2008-5380 6.9
gpsdrive (aka gpsdrive-scripts) 2.09 allows local users to overwrite arbitrary files via a symlink attack on an (a) /tmp/geo#####, a (b) /tmp/geocaching.loc, a (c) /tmp/geo#####.*, or a (d) /tmp/geo.* temporary file, related to the (1) geo-code and (
19-08-2009 - 05:21 08-12-2008 - 23:30
CVE-2009-2658 7.5
Directory traversal vulnerability in ZNC before 0.072 allows remote attackers to overwrite arbitrary files via a crafted DCC SEND request.
12-08-2009 - 05:30 04-08-2009 - 16:30
CVE-2009-2659 5.0
The Admin media handler in core/servers/basehttp.py in Django 1.0 and 0.96 does not properly map URL requests to expected "static media files," which allows remote attackers to conduct directory traversal attacks and read arbitrary files via a crafte
12-08-2009 - 05:30 04-08-2009 - 16:30
CVE-2009-2478 5.0
Mozilla Firefox 3.5 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via unspecified vectors, related to a "flash bug."
07-08-2009 - 05:22 16-07-2009 - 15:30
CVE-2009-2284 4.3
Cross-site scripting (XSS) vulnerability in phpMyAdmin before 3.2.0.1 allows remote attackers to inject arbitrary web script or HTML via a crafted SQL bookmark.
07-08-2009 - 04:00 01-07-2009 - 13:00
CVE-2007-2807 6.8
Stack-based buffer overflow in mod/server.mod/servrmsg.c in Eggdrop 1.6.18, and possibly earlier, allows user-assisted, remote IRC servers to execute arbitrary code via a long private message.
10-07-2009 - 05:05 22-05-2007 - 19:30
CVE-2009-2174 5.0
GUPnP 0.12.7 allows remote attackers to cause a denial of service (crash) via an empty (1) subscription or (2) control message.
24-06-2009 - 18:52 23-06-2009 - 21:30
CVE-2009-1753 3.3
Coccinelle 0.1.7 allows local users to overwrite arbitrary files via a symlink attack on an unspecified "result file."
23-06-2009 - 05:33 22-05-2009 - 11:53
CVE-2007-5615 5.0
CRLF injection vulnerability in Mortbay Jetty before 6.1.6rc0 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via unspecified vectors.
10-06-2009 - 05:09 05-12-2007 - 11:46
CVE-2007-5613 4.3
Cross-site scripting (XSS) vulnerability in Dump Servlet in Mortbay Jetty before 6.1.6rc1 allows remote attackers to inject arbitrary web script or HTML via unspecified parameters and cookies.
10-06-2009 - 05:09 05-12-2007 - 11:46
CVE-2007-5614 7.5
Mortbay Jetty before 6.1.6rc1 does not properly handle "certain quote sequences" in HTML cookie parameters, which allows remote attackers to hijack browser sessions via unspecified vectors.
10-06-2009 - 05:09 05-12-2007 - 11:46
CVE-2009-1576 4.3
Unspecified vulnerability in Drupal 5.x before 5.17 and 6.x before 6.11, as used in vbDrupal before 5.17.0, allows user-assisted remote attackers to obtain sensitive information by tricking victims into visiting the front page of the site with a craf
20-05-2009 - 05:36 06-05-2009 - 17:30
CVE-2009-1273 5.0
pam_ssh 1.92 and possibly other versions, as used when PAM is compiled with USE=ssh, generates different error messages depending on whether the username is valid or invalid, which makes it easier for remote attackers to enumerate usernames.
13-05-2009 - 05:27 08-04-2009 - 18:30
CVE-2009-1285 7.5
Static code injection vulnerability in the getConfigFile function in setup/lib/ConfigFile.class.php in phpMyAdmin 3.x before 3.1.3.2 allows remote attackers to inject arbitrary PHP code into configuration files.
28-04-2009 - 05:39 16-04-2009 - 15:12
CVE-2009-0318 6.9
Untrusted search path vulnerability in the GObject Python interpreter wrapper in Gnumeric allows local users to execute arbitrary code via a Trojan horse Python file in the current working directory, related to a vulnerability in the PySys_SetArgv fu
16-04-2009 - 05:37 28-01-2009 - 11:30
CVE-2008-5718 9.3
The papd daemon in Netatalk before 2.0.4-beta2, when using certain variables in a pipe command for the print file, allows remote attackers to execute arbitrary commands via shell metacharacters in a print request, as demonstrated using a crafted Titl
02-04-2009 - 04:00 26-12-2008 - 17:30
CVE-2009-0486 7.5
Bugzilla 3.2.1, 3.0.7, and 3.3.2, when running under mod_perl, calls the srand function at startup time, which causes Apache children to have the same seed and produce insufficiently random numbers for random tokens, which allows remote attackers to
25-03-2009 - 05:50 09-02-2009 - 17:30
CVE-2009-0482 5.8
Cross-site request forgery (CSRF) vulnerability in Bugzilla before 3.2 before 3.2.1, 3.3 before 3.3.2, and other versions before 3.2 allows remote attackers to perform bug updating activities as other users via a link or IMG tag to process_bug.cgi.
25-03-2009 - 05:50 09-02-2009 - 17:30
CVE-2009-0485 5.8
Cross-site request forgery (CSRF) vulnerability in Bugzilla 2.17 to 2.22.7, 3.0 before 3.0.7, 3.2 before 3.2.1, and 3.3 before 3.3.2 allows remote attackers to delete unused flag types via a link or IMG tag to editflagtypes.cgi.
25-03-2009 - 05:50 09-02-2009 - 17:30
CVE-2009-0483 5.8
Cross-site request forgery (CSRF) vulnerability in Bugzilla 2.22 before 2.22.7, 3.0 before 3.0.7, 3.2 before 3.2.1, and 3.3 before 3.3.2 allows remote attackers to delete keywords and user preferences via a link or IMG tag to (1) editkeywords.cgi or
25-03-2009 - 05:50 09-02-2009 - 17:30
CVE-2009-0484 5.8
Cross-site request forgery (CSRF) vulnerability in Bugzilla 3.0 before 3.0.7, 3.2 before 3.2.1, and 3.3 before 3.3.2 allows remote attackers to delete shared or saved searches via a link or IMG tag to buglist.cgi.
25-03-2009 - 05:50 09-02-2009 - 17:30
CVE-2009-0481 3.5
Bugzilla 2.x before 2.22.7, 3.0 before 3.0.7, 3.2 before 3.2.1, and 3.3 before 3.3.2 allows remote authenticated users to conduct cross-site scripting (XSS) and related attacks by uploading HTML and JavaScript attachments that are rendered by web bro
25-03-2009 - 05:50 09-02-2009 - 17:30
CVE-2008-5843 4.6
Multiple untrusted search path vulnerabilities in pdfjam allow local users to gain privileges via a Trojan horse program in (1) the current working directory or (2) /var/tmp, related to the (a) pdf90, (b) pdfjoin, and (c) pdfnup scripts.
20-03-2009 - 05:52 05-01-2009 - 20:30
CVE-2009-0126 5.0
The decrypt_public function in lib/crypt.cpp in the client in Berkeley Open Infrastructure for Network Computing (BOINC) 6.2.14 and 6.4.5 does not check the return value from the OpenSSL RSA_public_decrypt function, which allows remote attackers to b
06-03-2009 - 06:49 15-01-2009 - 17:30
CVE-2008-5262 7.5
Multiple stack-based buffer overflows in the iGetHdrHeader function in src-IL/src/il_hdr.c in DevIL 1.7.4 allow context-dependent attackers to execute arbitrary code via a crafted Radiance RGBE file.
06-03-2009 - 06:46 13-01-2009 - 17:00
CVE-2008-5688 4.3
MediaWiki 1.8.1, and other versions before 1.13.3, when the wgShowExceptionDetails variable is enabled, sometimes provides the full installation path in a debugging message, which might allow remote attackers to obtain sensitive information via unspe
18-02-2009 - 05:00 19-12-2008 - 17:30
CVE-2008-4575 5.0
Buffer overflow in the DoCommand function in jhead before 2.84 might allow context-dependent attackers to cause a denial of service (crash) via (1) a long -cmd argument and (2) unspecified vectors related to "a bunch of potential string overflows."
10-02-2009 - 06:55 15-10-2008 - 20:07
CVE-2009-0124 5.0
The tqsl_verifyDataBlock function in openssl_cert.cpp in American Radio Relay League (ARRL) tqsllib 2.0 does not properly check the return value from the OpenSSL EVP_VerifyFinal function, which allows remote attackers to bypass validation of the cert
06-02-2009 - 07:05 15-01-2009 - 17:30
CVE-2008-5148 6.9
sch2eaglepos.sh in geda-gnetlist 1.4.0 allows local users to overwrite arbitrary files via a symlink attack on a /tmp/##### temporary file.
03-12-2008 - 06:46 18-11-2008 - 16:00
CVE-2007-6611 4.3
Cross-site scripting (XSS) vulnerability in view.php in Mantis before 1.1.0 allows remote attackers to inject arbitrary web script or HTML via a filename, related to bug_report.php.
15-11-2008 - 07:05 03-01-2008 - 22:46
CVE-2005-0926 5.1
Buffer overflow in Sylpheed before 1.0.4 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via attachments with MIME-encoded file names.
10-09-2008 - 19:37 02-05-2005 - 04:00
CVE-2008-0806 3.6
wyrd 1.4.3b allows local users to overwrite arbitrary files via a symlink attack on the wyrd-tmp.[USERID] temporary file.
05-09-2008 - 21:36 19-02-2008 - 00:00
CVE-2007-6415 8.5
scponly 4.6 and earlier allows remote authenticated users to bypass intended restrictions and execute arbitrary code by invoking scp, as implemented by OpenSSH, with the -F and -o options.
05-09-2008 - 21:33 25-01-2008 - 00:00
CVE-2007-6210 2.1
zabbix_agentd 1.1.4 in ZABBIX before 1.4.3 runs "UserParameter" scripts with gid 0, which might allow local users to gain privileges.
05-09-2008 - 21:32 04-12-2007 - 01:46
CVE-2007-5585 5.0
xscreensaver 5.03 and earlier, when running without xscreensaver-gl-extras (GL extras) installed, crashes when /usr/bin/xscreensaver-gl-helper does not exist and a user attempts to unlock the screen, which allows attackers with physical access to gai
05-09-2008 - 21:31 19-10-2007 - 20:17
CVE-2007-5159 4.6
The ntfs-3g package before 1.913-2.fc7 in Fedora 7, and an ntfs-3g package in Ubuntu 7.10/Gutsy, assign incorrect permissions (setuid root) to mount.ntfs-3g, which allows local users with fuse group membership to read from and write to arbitrary bloc
05-09-2008 - 21:30 01-10-2007 - 05:17
CVE-2007-4535 4.3
The VStr::Resize function in str.cpp in Vavoom 1.24 and earlier allows remote attackers to cause a denial of service (daemon crash) via a string with a negative NewLen value within a certain UDP packet that triggers an assertion error.
05-09-2008 - 21:28 25-08-2007 - 00:17
CVE-2007-4534 7.5
Buffer overflow in the VThinker::BroadcastPrintf function in p_thinker.cpp in Vavoom 1.24 and earlier allows remote attackers to execute arbitrary code via (1) a long string in a chat message and possibly (2) a long name field.
05-09-2008 - 21:28 25-08-2007 - 00:17
CVE-2006-3742 10.0
The KDE PAM configuration shipped with Fedora Core 5 causes KDM passwords to be cached, which allows attackers to login without a password by attempting to log in multiple times.
05-09-2008 - 21:07 06-09-2006 - 20:04
CVE-2005-0011 10.0
Multiple vulnerabilities in fliccd, when installed setuid root as part of the kdeedu Kstars support for Instrument Neutral Distributed Interface (INDI) in KDE 3.3 to 3.3.2, allow local users and remote attackers to execute arbitrary code via stack-ba
05-09-2008 - 20:45 02-05-2005 - 04:00
Back to Top Mark selected
Back to Top