Total
27865 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2010-3363 | 1 Roaraudio | 1 Roaraudio | 2010-10-20 | 6.9 MEDIUM | N/A |
| roarify in roaraudio 0.3 places a zero-length directory name in the LD_LIBRARY_PATH, which allows local users to gain privileges via a Trojan horse shared library in the current working directory. | |||||
| CVE-2010-3376 | 1 Root | 1 Root | 2010-10-20 | 6.9 MEDIUM | N/A |
| The (1) proofserv, (2) xrdcp, (3) xrdpwdadmin, and (4) xrd scripts in ROOT 5.18/00 place a zero-length directory name in the LD_LIBRARY_PATH, which allows local users to gain privileges via a Trojan horse shared library in the current working directory. | |||||
| CVE-2010-3377 | 1 Salome-platform | 1 Salome | 2010-10-20 | 6.9 MEDIUM | N/A |
| The (1) runSalome, (2) runTestMedCorba, (3) runLightSalome, and (4) hxx2salome scripts in SALOME 5.1.3 place a zero-length directory name in the LD_LIBRARY_PATH, which allows local users to gain privileges via a Trojan horse shared library in the current working directory. | |||||
| CVE-2010-3384 | 1 Bernhard Wymann | 1 Torcs | 2010-10-20 | 6.9 MEDIUM | N/A |
| The (1) torcs, (2) nfsperf, (3) accc, (4) texmapper, (5) trackgen, and (6) nfs2ac scripts in TORCS 1.3.1 place a zero-length directory name in the LD_LIBRARY_PATH, which allows local users to gain privileges via a Trojan horse shared library in the current working directory. | |||||
| CVE-2010-3385 | 1 Herac | 1 Tuxguitar | 2010-10-20 | 6.9 MEDIUM | N/A |
| TuxGuitar 1.2 places a zero-length directory name in the LD_LIBRARY_PATH, which allows local users to gain privileges via a Trojan horse shared library in the current working directory. | |||||
| CVE-2010-3386 | 1 Lttng | 1 Ust | 2010-10-20 | 6.9 MEDIUM | N/A |
| usttrace in LTTng Userspace Tracer (aka UST) 0.7 places a zero-length directory name in the LD_LIBRARY_PATH, which allows local users to gain privileges via a Trojan horse shared library in the current working directory. | |||||
| CVE-2010-3387 | 1 Tvdr | 1 Vdr | 2010-10-20 | 6.9 MEDIUM | N/A |
| ** DISPUTED ** vdrleaktest in Video Disk Recorder (VDR) 1.6.0 places a zero-length directory name in the LD_LIBRARY_PATH, which allows local users to gain privileges via a Trojan horse shared library in the current working directory. NOTE: a third party disputes this issue because the script erroneously uses a semicolon in a context where a colon was intended. | |||||
| CVE-2010-3393 | 1 Ecmwf | 1 Magics\+\+ | 2010-10-20 | 6.9 MEDIUM | N/A |
| magics-config in Magics++ 2.10.0 places a zero-length directory name in the LD_LIBRARY_PATH, which allows local users to gain privileges via a Trojan horse shared library in the current working directory. | |||||
| CVE-2007-6738 | 1 G.rodola | 1 Pyftpdlib | 2010-10-19 | 5.0 MEDIUM | N/A |
| pyftpdlib before 0.1.1 does not choose a random value for the port associated with the PASV command, which makes it easier for remote attackers to obtain potentially sensitive information about the number of in-progress data connections by reading the response to this command. | |||||
| CVE-2010-3980 | 1 Sap | 1 Businessobjects | 2010-10-18 | 4.0 MEDIUM | N/A |
| Dswsbobje in SAP BusinessObjects Enterprise XI 3.2 does not limit the number of CUIDs that may be requested, which allows remote authenticated users to cause a denial of service via a large numCuids value in a GenerateCuids SOAPAction to the dswsbobje/services/biplatform URI. | |||||
| CVE-2010-2369 | 1 Susie Ro | 1 Lhasa | 2010-10-18 | 6.9 MEDIUM | N/A |
| Untrusted search path vulnerability in Lhasa 0.19 and earlier allows local users to gain privileges via a Trojan horse executable file in the current working directory. | |||||
| CVE-2010-2951 | 1 Squid-cache | 1 Squid | 2010-10-12 | 5.0 MEDIUM | N/A |
| dns_internal.cc in Squid 3.1.6, when IPv6 DNS resolution is not enabled, accesses an invalid socket during an IPv4 TCP DNS query, which allows remote attackers to cause a denial of service (assertion failure and daemon exit) via vectors that trigger an IPv4 DNS response with the TC bit set. | |||||
| CVE-2010-3374 | 1 Nokia | 1 Qt Creator | 2010-10-04 | 6.9 MEDIUM | N/A |
| Qt Creator before 2.0.1 places a zero-length directory name in the LD_LIBRARY_PATH, which allows local users to gain privileges via a Trojan horse shared library in the current working directory. | |||||
| CVE-2010-3380 | 1 Llnl | 1 Slurm | 2010-09-29 | 6.9 MEDIUM | N/A |
| The (1) init.d/slurm and (2) init.d/slurmdbd scripts in SLURM before 2.1.14 place the . (dot) directory in the LD_LIBRARY_PATH, which allows local users to gain privileges via a Trojan horse shared library in the current working directory. | |||||
| CVE-2010-2830 | 1 Cisco | 2 Ios, Ios Xe | 2010-09-23 | 7.1 HIGH | N/A |
| The IGMPv3 implementation in Cisco IOS 12.2, 12.3, 12.4, and 15.0 and IOS XE 2.5.x before 2.5.2, when PIM is enabled, allows remote attackers to cause a denial of service (device reload) via a malformed IGMP packet, aka Bug ID CSCte14603. | |||||
| CVE-2010-3403 | 1 Qualcomm | 1 Extensible Diagnostic Monitor | 2010-09-16 | 9.3 HIGH | N/A |
| Untrusted search path vulnerability in Qualcomm eXtensible Diagnostic Monitor (QXDM) 03.09.19 allows local users, and possibly remote attackers, to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse mfc71enu.dll that is located in the same folder as a .isf file. | |||||
| CVE-2007-0822 | 1 Linux | 1 Linux Kernel | 2010-09-14 | 1.9 LOW | N/A |
| umount, when running with the Linux 2.6.15 kernel on Slackware Linux 10.2, allows local users to trigger a NULL dereference and application crash by invoking the program with a pathname for a USB pen drive that was mounted and then physically removed, which might allow the users to obtain sensitive information, including core file contents. | |||||
| CVE-2006-5874 | 1 Clam Anti-virus | 1 Clamav | 2010-09-14 | 5.0 MEDIUM | N/A |
| Clam AntiVirus (ClamAV) 0.88 and earlier allows remote attackers to cause a denial of service (crash) via a malformed base64-encoded MIME attachment that triggers a null pointer dereference. | |||||
| CVE-2006-3018 | 1 Php Group | 1 Php | 2010-09-14 | 7.5 HIGH | N/A |
| Unspecified vulnerability in the session extension functionality in PHP before 5.1.3 has unknown impact and attack vectors related to heap corruption. | |||||
| CVE-2010-2953 | 1 Apache | 1 Couchdb | 2010-09-14 | 6.9 MEDIUM | N/A |
| Untrusted search path vulnerability in a certain Debian GNU/Linux patch for the couchdb script in CouchDB 0.8.0 allows local users to gain privileges via a crafted shared library in the current working directory. | |||||