Total
210374 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2009-5071 | 1 Hp | 1 Palm Pre Webos | 2011-04-26 | 10.0 HIGH | N/A |
| Unspecified vulnerability in Palm Pre WebOS before 1.2.1 has unknown impact and attack vectors related to an "included contact template file." | |||||
| CVE-2010-0384 | 1 Tor | 1 Tor | 2011-04-26 | 2.1 LOW | N/A |
| Tor 0.2.2.x before 0.2.2.7-alpha, when functioning as a directory mirror, does not prevent logging of the client IP address upon detection of erroneous client behavior, which might make it easier for local users to discover the identities of clients in opportunistic circumstances by reading log files. | |||||
| CVE-2010-0562 | 1 Fetchmail | 1 Fetchmail | 2011-04-26 | 6.8 MEDIUM | N/A |
| The sdump function in sdump.c in fetchmail 6.3.11, 6.3.12, and 6.3.13, when running in verbose mode on platforms for which char is signed, allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via an SSL X.509 certificate containing non-printable characters with the high bit set, which triggers a heap-based buffer overflow during escaping. | |||||
| CVE-2010-4711 | 1 Novell | 1 Groupwise | 2011-04-26 | 10.0 HIGH | N/A |
| Double free vulnerability in the IMAP server component in GroupWise Internet Agent (GWIA) in Novell GroupWise before 8.02HP allows remote attackers to execute arbitrary code via a large parameter in a LIST command. | |||||
| CVE-2010-4712 | 1 Novell | 1 Groupwise | 2011-04-26 | 10.0 HIGH | N/A |
| Multiple stack-based buffer overflows in gwia.exe in GroupWise Internet Agent (GWIA) in Novell GroupWise before 8.02HP allow remote attackers to execute arbitrary code via a Content-Type header containing (1) multiple items separated by ; (semicolon) characters or (2) crafted string data. | |||||
| CVE-2010-4713 | 1 Novell | 1 Groupwise | 2011-04-25 | 10.0 HIGH | N/A |
| Integer signedness error in gwia.exe in GroupWise Internet Agent (GWIA) in Novell GroupWise before 8.02HP allows remote attackers to execute arbitrary code via a signed integer value in the Content-Type header. | |||||
| CVE-2010-4714 | 1 Novell | 1 Groupwise | 2011-04-25 | 10.0 HIGH | N/A |
| Multiple stack-based buffer overflows in Novell GroupWise before 8.02HP allow remote attackers to execute arbitrary code via a long HTTP Host header to (1) gwpoa.exe in the Post Office Agent, (2) gwmta.exe in the Message Transfer Agent, (3) gwia.exe in the Internet Agent, (4) the WebAccess Agent, or (5) the Monitor Agent. | |||||
| CVE-2010-4741 | 1 Moxa | 2 Device Manager, Mdm Tool | 2011-04-25 | 9.3 HIGH | N/A |
| Stack-based buffer overflow in MDMUtil.dll in MDMTool.exe in MDM Tool before 2.3 in Moxa Device Manager allows remote MDM Gateways to execute arbitrary code via crafted data in a session on TCP port 54321. | |||||
| CVE-2010-4742 | 1 Moxa | 1 Activex Sdk | 2011-04-25 | 10.0 HIGH | N/A |
| Stack-based buffer overflow in a certain ActiveX control in MediaDBPlayback.DLL 2.2.0.5 in the Moxa ActiveX SDK allows remote attackers to execute arbitrary code via a long PlayFileName property value. | |||||
| CVE-2011-1149 | 1 Google | 1 Android | 2011-04-22 | 7.2 HIGH | N/A |
| Android before 2.3 does not properly restrict access to the system property space, which allows local applications to bypass the application sandbox and gain privileges, as demonstrated by psneuter and KillingInTheNameOf, related to the use of Android shared memory (ashmem) and ASHMEM_SET_PROT_MASK. | |||||
| CVE-2011-0462 | 1 Novell | 1 Opensuse Build Service | 2011-04-21 | 4.3 MEDIUM | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in the login page in the webui component in SUSE openSUSE Build Service (OBS) before 2.1.6 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors. | |||||
| CVE-2007-6742 | 1 Ibm | 1 Tivoli Directory Server | 2011-04-21 | 6.8 MEDIUM | N/A |
| The get_filter_list function in IBM Tivoli Directory Server (TDS) 5.2 before 5.2.0.5-TIV-ITDS-LA0006 does not properly perform certain sub filter parsing, which allows remote authenticated users to cause a denial of service (infinite loop) via a malformed search filter. | |||||
| CVE-2007-6743 | 1 Ibm | 1 Tivoli Directory Server | 2011-04-21 | 4.0 MEDIUM | N/A |
| Double free vulnerability in IBM Tivoli Directory Server (TDS) 5.2 before 5.2.0.5-TIV-ITDS-LA0005 allows remote authenticated users to cause a denial of service (ABEND) via search operations that trigger recursive filter_free calls. | |||||
| CVE-2008-7287 | 1 Ibm | 1 Tivoli Directory Server | 2011-04-21 | 4.0 MEDIUM | N/A |
| Multiple memory leaks in the (1) ldap_init and (2) ldap_url_search_direct API functions in IBM Tivoli Directory Server (TDS) 5.2 before 5.2.0.5-TIV-ITDS-LA0007 allow remote authenticated users to cause a denial of service (memory consumption) by making many function calls. | |||||
| CVE-2008-7288 | 1 Ibm | 2 Aix, Tivoli Directory Server | 2011-04-21 | 5.0 MEDIUM | N/A |
| IBM Tivoli Directory Server (TDS) 5.2 before 5.2.0.5-TIV-ITDS-LA0007 on AIX allows remote attackers to cause a denial of service (server destabilization) via an anonymous DIGEST-MD5 LDAP Bind operation. | |||||
| CVE-2008-7289 | 1 Ibm | 1 Tivoli Directory Server | 2011-04-21 | 4.0 MEDIUM | N/A |
| IBM Tivoli Directory Server (TDS) 5.2 before 5.2.0.5-TIV-ITDS-LA0007 does not properly handle the simultaneous changing of multiple passwords, which makes it easier for remote authenticated users to cause a denial of service (DB2 daemon deadlock) by making password changes that trigger updates to a DB2 password-history table. | |||||
| CVE-2008-7290 | 1 Ibm | 1 Tivoli Directory Server | 2011-04-21 | 4.0 MEDIUM | N/A |
| Memory leak in the ldap_explode_rdn API function in IBM Tivoli Directory Server (TDS) 5.2 before 5.2.0.5-TIV-ITDS-LA0007 allows remote authenticated users to cause a denial of service (memory consumption) by making many function calls. | |||||
| CVE-2009-5072 | 1 Ibm | 1 Tivoli Directory Server | 2011-04-21 | 4.0 MEDIUM | N/A |
| Memory leak in the ldap_explode_dn function in IBM Tivoli Directory Server (TDS) 6.0 before 6.0.0.61 (aka 6.0.0.8-TIV-ITDS-IF0003) allows remote authenticated users to cause a denial of service (memory consumption) via an empty string argument. | |||||
| CVE-2009-5073 | 1 Ibm | 1 Tivoli Directory Server | 2011-04-21 | 4.0 MEDIUM | N/A |
| IBM Tivoli Directory Server (TDS) 6.0 before 6.0.0.59 (aka 6.0.0.8-TIV-ITDS-IF0001) allows remote authenticated users to cause a denial of service (infinite loop and daemon hang) by adding a nested group that contains the Distinguished Name (DN) of its parent entry. | |||||
| CVE-2010-4785 | 4 Ibm, Linux, Microsoft and 1 more | 4 Tivoli Directory Server, Linux Kernel, Windows and 1 more | 2011-04-21 | 4.0 MEDIUM | N/A |
| The do_extendedOp function in ibmslapd in IBM Tivoli Directory Server (TDS) 6.0 before 6.0.0.62 (aka 6.0.0.8-TIV-ITDS-IF0004) on Linux, Solaris, and Windows allows remote authenticated users to cause a denial of service (ABEND) via a malformed LDAP extended operation that triggers certain comparisons involving the NULL operation OID. | |||||