Total
27865 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2010-4599 | 1 Ecava | 1 Integraxor | 2011-01-10 | 6.9 MEDIUM | N/A |
| Untrusted search path vulnerability in Ecava IntegraXor 3.6.4000.0 allows local users to gain privileges via a Trojan horse dwmapi.dll file in the current working directory. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | |||||
| CVE-2010-3923 | 1 Mitsu Hiro Hi Rose | 1 Attachecase | 2010-12-30 | 6.9 MEDIUM | N/A |
| Untrusted search path vulnerability in AttacheCase before 2.70 allows local users to gain privileges via a Trojan horse executable file in the current working directory. | |||||
| CVE-2006-6404 | 1 Innovationdp | 1 Fdr\/upstrean | 2010-12-28 | 5.0 MEDIUM | N/A |
| INNOVATION Data Processing FDR/UPSTREAM 3.3.0 (GA Oct 2003) allows remote attackers to cause a denial of service (service outage) via a sequence of TCP SYN packets to many ports, as demonstrated using nmap. NOTE: the vendor's testing reportedly found that no denial of service occurred. | |||||
| CVE-2010-4551 | 1 Ibm | 1 Lotus Notes Traveler | 2010-12-16 | 4.0 MEDIUM | N/A |
| IBM Lotus Notes Traveler before 8.5.1.2 allows remote authenticated users to cause a denial of service (NULL pointer dereference and daemon crash) by omitting the Internet ID field in the person document, and then using an Apple device to (1) accept or (2) decline an invitation. | |||||
| CVE-2009-5036 | 1 Ibm | 1 Lotus Notes Traveler | 2010-12-16 | 4.0 MEDIUM | N/A |
| traveler.exe in IBM Lotus Notes Traveler before 8.0.1.3 CF1 allows remote authenticated users to cause a denial of service (daemon crash) via a malformed invitation document in a sync operation. | |||||
| CVE-2010-3369 | 1 Debian | 1 Mono-debugger | 2010-12-13 | 6.9 MEDIUM | N/A |
| The (1) mdb and (2) mdb-symbolreader scripts in mono-debugger 2.4.3, and other versions before 2.8.1, place a zero-length directory name in the LD_LIBRARY_PATH, which allows local users to gain privileges via a Trojan horse shared library in the current working directory. | |||||
| CVE-2010-3999 | 1 Gnucash | 1 Gnucash | 2010-12-09 | 6.9 MEDIUM | N/A |
| gnc-test-env in GnuCash 2.3.15 and earlier places a zero-length directory name in the LD_LIBRARY_PATH, which allows local users to gain privileges via a Trojan horse shared library in the current working directory. | |||||
| CVE-2010-3784 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2010-12-09 | 5.0 MEDIUM | N/A |
| The PMPageFormatCreateWithDataRepresentation API in Printing in Apple Mac OS X 10.5.8 and 10.6.x before 10.6.5 does not properly handle XML data, which allows attackers to cause a denial of service (NULL pointer dereference and application crash) via unspecified API calls. | |||||
| CVE-2010-1830 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2010-12-09 | 5.0 MEDIUM | N/A |
| AFP Server in Apple Mac OS X 10.5.8 and 10.6.x before 10.6.5 generates different error messages depending on whether a share exists, which allows remote attackers to enumerate valid share names via unspecified vectors. | |||||
| CVE-2010-1803 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2010-12-09 | 4.3 MEDIUM | N/A |
| Time Machine in Apple Mac OS X 10.6.x before 10.6.5 does not verify the unique identifier of its remote AFP volume, which allows remote attackers to obtain sensitive information by spoofing this volume. | |||||
| CVE-2010-0397 | 1 Php | 1 Php | 2010-12-09 | 5.0 MEDIUM | N/A |
| The xmlrpc extension in PHP 5.3.1 does not properly handle a missing methodName element in the first argument to the xmlrpc_decode_request function, which allows context-dependent attackers to cause a denial of service (NULL pointer dereference and application crash) and possibly have unspecified other impact via a crafted argument. | |||||
| CVE-2010-0105 | 1 Apple | 1 Mac Os X | 2010-12-09 | 4.9 MEDIUM | N/A |
| The hfs implementation in Apple Mac OS X 10.5.8 and 10.6.x before 10.6.5 supports hard links to directories and does not prevent certain deeply nested directory structures, which allows local users to cause a denial of service (filesystem corruption) via a crafted application that calls the mkdir and link functions, related to the fsck_hfs program in the diskdev_cmds component. | |||||
| CVE-2010-4159 | 1 Mono | 1 Mono | 2010-12-09 | 6.9 MEDIUM | N/A |
| Untrusted search path vulnerability in metadata/loader.c in Mono 2.8 and earlier allows local users to gain privileges via a Trojan horse shared library in the current working directory. | |||||
| CVE-2010-3141 | 1 Microsoft | 1 Powerpoint | 2010-11-10 | 9.3 HIGH | N/A |
| Untrusted search path vulnerability in Microsoft PowerPoint 2010 allows local users, and possibly remote attackers, to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse pptimpconv.dll that is located in the same folder as a .odp, .pot, .potm, .potx, .ppa, .pps, .ppsm, .ppsx, .ppt, .pptm, .pptx, .pwz, .sldm, or .sldx file. | |||||
| CVE-2010-3914 | 1 Vim | 1 Gvim | 2010-11-04 | 9.3 HIGH | N/A |
| Untrusted search path vulnerability in VIM Development Group GVim before 7.3.034, and possibly other versions before 7.3.46, allows local users, and possibly remote attackers, to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse User32.dll or other DLL that is located in the same folder as a .TXT file. NOTE: some of these details are obtained from third party information. | |||||
| CVE-2010-3349 | 1 Ardour | 1 Ardour | 2010-11-03 | 6.9 MEDIUM | N/A |
| Ardour 2.8.11 places a zero-length directory name in the LD_LIBRARY_PATH, which allows local users to gain privileges via a Trojan horse shared library in the current working directory. | |||||
| CVE-2010-3364 | 1 Vips | 1 Vips | 2010-11-03 | 6.9 MEDIUM | N/A |
| The vips-7.22 script in VIPS 7.22.2 places a zero-length directory name in the LD_LIBRARY_PATH, which allows local users to gain privileges via a Trojan horse shared library in the current working directory. | |||||
| CVE-2010-3357 | 1 Pedro Castro | 1 Gnome-subtitles | 2010-11-02 | 6.9 MEDIUM | N/A |
| gnome-subtitles 1.0 places a zero-length directory name in the LD_LIBRARY_PATH, which allows local users to gain privileges via a Trojan horse shared library in the current working directory. | |||||
| CVE-2010-3354 | 1 Dropbox | 1 Dropbox | 2010-11-02 | 6.9 MEDIUM | N/A |
| dropboxd in Dropbox 0.7.110 places a zero-length directory name in the LD_LIBRARY_PATH, which allows local users to gain privileges via a Trojan horse shared library in the current working directory. | |||||
| CVE-2010-3157 | 1 Kmonos | 1 Xacrett | 2010-10-27 | 9.3 HIGH | N/A |
| Untrusted search path vulnerability in XacRett before 50 allows attackers to execute arbitrary code via a Trojan horse executable file, related to the explorer.exe filename and use of Windows Explorer. | |||||