Total
27865 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2010-3998 | 1 Banshee-project | 1 Banshee | 2011-09-14 | 6.9 MEDIUM | N/A |
| The (1) banshee-1 and (2) muinshee scripts in Banshee 1.8.0 and earlier place a zero-length directory name in the LD_LIBRARY_PATH, which allows local users to gain privileges via a Trojan horse shared library in the current working directory. NOTE: Banshee might also be affected using GST_PLUGIN_PATH. | |||||
| CVE-2010-3351 | 1 Nick Copeland | 1 Bristol | 2011-09-14 | 6.9 MEDIUM | N/A |
| startBristol in Bristol 0.60.5 places a zero-length directory name in the LD_LIBRARY_PATH, which allows local users to gain privileges via a Trojan horse shared library in the current working directory. | |||||
| CVE-2011-2665 | 1 Digium | 1 Asterisk | 2011-09-06 | 5.0 MEDIUM | N/A |
| reqresp_parser.c in the SIP channel driver in Asterisk Open Source 1.8.x before 1.8.4.3 allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via a SIP packet with a Contact header that lacks a < (less than) character. | |||||
| CVE-2010-3780 | 1 Dovecot | 1 Dovecot | 2011-08-26 | 4.0 MEDIUM | N/A |
| Dovecot 1.2.x before 1.2.15 allows remote authenticated users to cause a denial of service (master process outage) by simultaneously disconnecting many (1) IMAP or (2) POP3 sessions. | |||||
| CVE-2010-0314 | 1 Apple | 1 Safari | 2011-03-17 | 5.0 MEDIUM | N/A |
| Apple Safari allows remote attackers to discover a redirect's target URL, for the session of a specific user of a web site, by placing the site's URL in the HREF attribute of a stylesheet LINK element, and then reading the document.styleSheets[0].href property value. | |||||
| CVE-2008-4237 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2011-03-07 | 10.0 HIGH | N/A |
| Managed Client in Apple Mac OS X before 10.5.6 sometimes misidentifies a system when installing per-host configuration settings, which allows context-dependent attackers to have an unspecified impact by leveraging unintended settings, as demonstrated by the screen saver lock setting. | |||||
| CVE-2008-0716 | 1 Symantec | 1 Altiris Notification Server | 2011-03-07 | 6.8 MEDIUM | N/A |
| The agent in Symantec Altiris Notification Server before 6.0 SP3 R7 allows local users to gain privileges via a "Shatter" style attack. | |||||
| CVE-2008-0663 | 1 Novell | 2 Challenge Response Client, Novell Client For Windows | 2011-03-07 | 2.1 LOW | N/A |
| Novell Challenge Response Client (LCM) 2.7.5 and earlier, as used with Novell Client for Windows 4.91 SP4, allows users with physical access to a locked system to obtain contents of the clipboard by pasting the contents into the Challenge Question field. | |||||
| CVE-2007-6680 | 1 Ibm | 1 Aix | 2011-03-07 | 2.1 LOW | N/A |
| Trusted Execution in IBM AIX 6.1 uses an incorrect pathname argument in a call to the trustchk_block_write function, which might allow local users to modify trusted files, related to an error in the support for links in the TSD_FILES_LOCK policy. | |||||
| CVE-2008-0061 | 1 Maradns | 1 Maradns | 2011-03-07 | 5.0 MEDIUM | N/A |
| MaraDNS 1.0 before 1.0.41, 1.2 before 1.2.12.08, and 1.3 before 1.3.07.04 allows remote attackers to cause a denial of service via a crafted DNS packet that prevents an authoritative name (CNAME) record from resolving, aka "improper rotation of resource records." | |||||
| CVE-2007-5793 | 1 Stonesoft | 1 Stonegate Ips | 2011-03-07 | 7.1 HIGH | N/A |
| Stonesoft StoneGate IPS before 4.0 does not properly decode Fullwidth/Halfwidth Unicode encoded data, which makes it easier for remote attackers to scan or penetrate systems and avoid detection. | |||||
| CVE-2007-6052 | 4 Ibm, Linux, Microsoft and 1 more | 4 Db2 Universal Database, Linux Kernel, Windows and 1 more | 2011-03-07 | 7.8 HIGH | N/A |
| IBM DB2 UDB 9.1 before Fixpak 4 does not properly perform vector aggregation, which might allow attackers to cause a denial of service (divide-by-zero error and DBMS crash), related to an "overflow." NOTE: the vendor description of this issue is too vague to be certain that it is security-related. | |||||
| CVE-2007-5242 | 1 Hp | 1 Openvms | 2011-03-07 | 4.3 MEDIUM | N/A |
| Unspecified vulnerability in (1) SYS$EI1000.EXE and (2) SYS$EI1000_MON.EXE in HP OpenVMS 8.3 and earlier allows remote attackers to cause a denial of service (machine crash) via an "oversize" packet, which is not properly discarded if "the device has no remaining buffers after receipt of the first buffer segment." | |||||
| CVE-2007-5380 | 1 David Hansson | 1 Ruby On Rails | 2011-03-07 | 6.8 MEDIUM | N/A |
| Session fixation vulnerability in Rails before 1.2.4, as used for Ruby on Rails, allows remote attackers to hijack web sessions via unspecified vectors related to "URL-based sessions." | |||||
| CVE-2007-4931 | 1 Hp | 1 System Management Homepage | 2011-03-07 | 2.1 LOW | N/A |
| HP System Management Homepage (SMH) for Windows, when used in conjunction with HP Version Control Agent or Version Control Repository Manager, leaves old OpenSSL software active after an OpenSSL update, which has unknown impact and attack vectors, probably related to previous vulnerabilities for OpenSSL. | |||||
| CVE-2007-4238 | 1 Ibm | 1 Aix | 2011-03-07 | 6.9 MEDIUM | N/A |
| AIX 5.2 and 5.3 install pioinit with user and group ownership of bin, which allows local users with bin or possibly printq privileges to gain root privileges by modifying pioinit. | |||||
| CVE-2007-4281 | 1 Knowledgetree | 1 Open Source | 2011-03-07 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in KnowledgeTree Open Source 3.4 and 3.4.1 allows remote attackers to inject arbitrary web script or HTML via the login field on the login page, and other unspecified vectors. | |||||
| CVE-2007-4236 | 1 Ibm | 1 Aix | 2011-03-07 | 6.9 MEDIUM | N/A |
| Buffer overflow in lpd in bos.rte.printers in AIX 5.2 and 5.3 allows local users with printq group privileges to gain root privileges. | |||||
| CVE-2007-4237 | 1 Ibm | 1 Aix | 2011-03-07 | 6.9 MEDIUM | N/A |
| Buffer overflow in the atm subset in arp in devices.common.IBM.atm.rte in AIX 5.2 and 5.3 allows local users to gain root privileges. | |||||
| CVE-2007-4495 | 1 Sun | 1 Solaris | 2011-03-07 | 4.9 MEDIUM | N/A |
| Unspecified vulnerability in the ata disk driver in Sun Solaris 10 on the x86 platform before 20070821 allows local users to cause a denial of service (system panic) via an unspecified ioctl function, aka Bug 6433124. | |||||