Total
263 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2010-0309 | 1 Linux | 1 Kernel | 2023-02-12 | 6.8 MEDIUM | N/A |
The pit_ioport_read function in the Programmable Interval Timer (PIT) emulation in i8254.c in KVM 83 does not properly use the pit_state data structure, which allows guest OS users to cause a denial of service (host OS crash or hang) by attempting to read the /dev/port file. | |||||
CVE-2009-1195 | 1 Apache | 1 Http Server | 2023-02-12 | 4.9 MEDIUM | N/A |
The Apache HTTP Server 2.2.11 and earlier 2.2 versions does not properly handle Options=IncludesNOEXEC in the AllowOverride directive, which allows local users to gain privileges by configuring (1) Options Includes, (2) Options +Includes, or (3) Options +IncludesNOEXEC in a .htaccess file, and then inserting an exec element in a .shtml file. | |||||
CVE-2009-1895 | 3 Canonical, Debian, Linux | 3 Ubuntu Linux, Debian Linux, Linux Kernel | 2023-02-12 | 7.2 HIGH | N/A |
The personality subsystem in the Linux kernel before 2.6.31-rc3 has a PER_CLEAR_ON_SETID setting that does not clear the ADDR_COMPAT_LAYOUT and MMAP_PAGE_ZERO flags when executing a setuid or setgid program, which makes it easier for local users to leverage the details of memory usage to (1) conduct NULL pointer dereference attacks, (2) bypass the mmap_min_addr protection mechanism, or (3) defeat address space layout randomization (ASLR). | |||||
CVE-2008-4100 | 1 Gnu | 1 Adns | 2023-02-12 | 6.4 MEDIUM | N/A |
GNU adns 1.4 and earlier uses a fixed source port and sequential transaction IDs for DNS requests, which makes it easier for remote attackers to spoof DNS responses, a different vulnerability than CVE-2008-1447. NOTE: the vendor reports that this is intended behavior and is compatible with the product's intended role in a trusted environment. | |||||
CVE-2011-4585 | 1 Moodle | 1 Moodle | 2023-02-12 | 5.0 MEDIUM | N/A |
login/change_password.php in Moodle 1.9.x before 1.9.15 does not use https for the change-password form even if the httpslogin option is enabled, which allows remote attackers to obtain credentials by sniffing the network. | |||||
CVE-2012-5613 | 3 Linux, Mariadb, Oracle | 3 Linux, Mariadb, Mysql | 2023-02-12 | 6.0 MEDIUM | N/A |
** DISPUTED ** MySQL 5.5.19 and possibly other versions, and MariaDB 5.5.28a and possibly other versions, when configured to assign the FILE privilege to users who should not have administrative privileges, allows remote authenticated users to gain privileges by leveraging the FILE privilege to create files as the MySQL administrator. NOTE: the vendor disputes this issue, stating that this is only a vulnerability when the administrator does not follow recommendations in the product's installation documentation. NOTE: it could be argued that this should not be included in CVE because it is a configuration issue. | |||||
CVE-2008-4609 | 12 Bsd, Bsdi, Cisco and 9 more | 22 Bsd, Bsd Os, Catalyst Blade Switch 3020 and 19 more | 2022-12-14 | 7.1 HIGH | N/A |
The TCP implementation in (1) Linux, (2) platforms based on BSD Unix, (3) Microsoft Windows, (4) Cisco products, and probably other operating systems allows remote attackers to cause a denial of service (connection queue exhaustion) via multiple vectors that manipulate information in the TCP state table, as demonstrated by sockstress. | |||||
CVE-2007-3759 | 1 Apple | 3 Iphone, Iphone Os, Safari | 2022-08-09 | 6.8 MEDIUM | N/A |
Safari in Apple iPhone 1.1.1, when requested to disable Javascript, does not disable it until Safari is restarted, which might leave Safari open to attacks that the user does not expect. | |||||
CVE-2022-22183 | 1 Juniper | 1 Junos Os Evolved | 2022-04-22 | 7.8 HIGH | 7.5 HIGH |
An Improper Access Control vulnerability in Juniper Networks Junos OS Evolved allows a network-based unauthenticated attacker who is able to connect to a specific open IPv4 port, which in affected releases should otherwise be unreachable, to cause the CPU to consume all resources as more traffic is sent to the port to create a Denial of Service (DoS) condition. Continued receipt and processing of these packets will create a sustained Denial of Service (DoS) condition. This issue affects: Juniper Networks Junos OS Evolved 20.4 versions prior to 20.4R3-S2-EVO; 21.1 versions prior to 21.1R3-S1-EVO; 21.2 versions prior to 21.2R3-EVO; 21.3 versions prior to 21.3R2-EVO; 21.4 versions prior to 21.4R2-EVO. This issue does not affect Junos OS. | |||||
CVE-2007-2216 | 1 Microsoft | 1 Internet Explorer | 2021-07-23 | 9.3 HIGH | N/A |
The tblinf32.dll (aka vstlbinf.dll) ActiveX control for Internet Explorer 5.01, 6 SP1, and 7 uses an incorrect IObjectsafety implementation, which allows remote attackers to execute arbitrary code by requesting the HelpString property, involving a crafted DLL file argument to the TypeLibInfoFromFile function, which overwrites the HelpStringDll property to call the DLLGetDocumentation function in another DLL file, aka "ActiveX Object Vulnerability." | |||||
CVE-1999-0766 | 1 Microsoft | 2 Internet Explorer, Java Virtual Machine | 2021-07-23 | 9.3 HIGH | N/A |
The Microsoft Java Virtual Machine allows a malicious Java applet to execute arbitrary commands outside of the sandbox environment. | |||||
CVE-1999-0858 | 1 Microsoft | 1 Internet Explorer | 2021-07-22 | 5.0 MEDIUM | N/A |
Internet Explorer 5 allows a remote attacker to modify the IE client's proxy configuration via a malicious Web Proxy Auto-Discovery (WPAD) server. | |||||
CVE-2007-3898 | 1 Microsoft | 3 Windows 2000, Windows 2003 Server, Windows Server 2003 | 2021-07-07 | 6.4 MEDIUM | N/A |
The DNS server in Microsoft Windows 2000 Server SP4, and Server 2003 SP1 and SP2, uses predictable transaction IDs when querying other DNS servers, which allows remote attackers to spoof DNS replies, poison the DNS cache, and facilitate further attack vectors. | |||||
CVE-2002-2285 | 1 Broadcom | 1 Inoculateit | 2021-04-09 | 4.3 MEDIUM | N/A |
eTrust InoculateIT 6.0 with the "Incremental Scan" option enabled may certify that a file is free of viruses before the file has been completely downloaded, which allows remote attackers to bypass virus detection. | |||||
CVE-2012-0797 | 1 Moodle | 1 Moodle | 2020-12-01 | 5.5 MEDIUM | N/A |
The webservices functionality in Moodle 2.0.x before 2.0.7, 2.1.x before 2.1.4, and 2.2.x before 2.2.1 allows remote authenticated users to bypass the deleted status and continue using a server via a token. | |||||
CVE-2012-3392 | 1 Moodle | 1 Moodle | 2020-12-01 | 5.5 MEDIUM | N/A |
mod/forum/unsubscribeall.php in Moodle 2.1.x before 2.1.7 and 2.2.x before 2.2.4 does not consider whether a forum is optional, which allows remote authenticated users to bypass forum-subscription requirements by leveraging the student role and unsubscribing from all forums. | |||||
CVE-2009-1072 | 8 Canonical, Debian, Linux and 5 more | 13 Ubuntu Linux, Debian Linux, Linux Kernel and 10 more | 2020-09-02 | 4.9 MEDIUM | N/A |
nfsd in the Linux kernel before 2.6.28.9 does not drop the CAP_MKNOD capability before handling a user request in a thread, which allows local users to create device nodes, as demonstrated on a filesystem that has been exported with the root_squash option. | |||||
CVE-2012-1909 | 1 Bitcoin | 2 Bitcoin Core, Wxbitcoin | 2020-03-18 | 5.0 MEDIUM | N/A |
The Bitcoin protocol, as used in bitcoind before 0.4.4, wxBitcoin, Bitcoin-Qt, and other programs, does not properly handle multiple transactions with the same identifier, which allows remote attackers to cause a denial of service (unspendable transaction) by leveraging the ability to create a duplicate coinbase transaction. | |||||
CVE-2010-4021 | 1 Mit | 1 Kerberos 5 | 2020-01-21 | 2.1 LOW | N/A |
The Key Distribution Center (KDC) in MIT Kerberos 5 (aka krb5) 1.7 does not properly restrict the use of TGT credentials for armoring TGS requests, which might allow remote authenticated users to impersonate a client by rewriting an inner request, aka a "KrbFastReq forgery issue." | |||||
CVE-2011-0400 | 1 Matomo | 1 Matomo | 2019-11-21 | 5.0 MEDIUM | N/A |
Cookie.php in Piwik before 1.1 does not set the secure flag for the session cookie in an https session, which makes it easier for remote attackers to capture this cookie by intercepting its transmission within an http session. |