CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

securityvulns•added 2006/11/08 12:0 a.m.•44 views

Apple MacOS X Xcode OpenBase SQL privilege escalation

On executing tar from suid root application TAROPTIONS environment variable is not unset, making it possible to execute any application with root privileges. External application are executed with relative path. Dynamic libraries are loaded with relative path. Symbolic links problem...

4.2AI score

Exploits0References1Affected Software1

Tenable Nessus•added 2006/11/06 12:0 a.m.•8 views

Solaris 9 (sparc) : 115738-06

GNOME 2.0.2: Base GUI Libraries Patch. Date this patch was last updated by Sun : Mar/07/08 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text in this plugin was extracted from the Oracle SunOS Patch Updates. include'deprecatednasllevel.inc'; include'compat.inc'; if...

Tenable Nessus•added 2006/11/06 12:0 a.m.•9 views

Solaris 9 (sparc) : 114686-03

GNOME 2.0.0: Base GUI Libraries. Date this patch was last updated by Sun : Jun/13/05 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text in this plugin was extracted from the Oracle SunOS Patch Updates. include'deprecatednasllevel.inc'; include'compat.inc'; if description...

Tenable Nessus•added 2006/11/06 12:0 a.m.•10 views

Solaris 8 (x86) : 117766-05

Mozilla 1.4x86: Base Libraries patch. Date this patch was last updated by Sun : Jul/05/05 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text in this plugin was extracted from the Oracle SunOS Patch Updates. include'deprecatednasllevel.inc'; include'compat.inc'; if descripti...

6.9AI score

Tenable Nessus•added 2006/11/06 12:0 a.m.•12 views

Solaris 9 (x86) : 121092-01

GNOME 2.6.0x86: Base GUI Libraries Patch. Date this patch was last updated by Sun : Mar/15/06 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text in this plugin was extracted from the Oracle SunOS Patch Updates. include'deprecatednasllevel.inc'; include'compat.inc'; if...

Tenable Nessus•added 2006/11/06 12:0 a.m.•19 views

Solaris 9 (x86) : 117768-05

6.9AI score

Tenable Nessus•added 2006/11/06 12:0 a.m.•15 views

Solaris 8 (x86) : 114645-04

GNOME 2.0.0x86: Base GUI Libraries. Date this patch was last updated by Sun : Sep/08/08 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text in this plugin was extracted from the Oracle SunOS Patch Updates. include'deprecatednasllevel.inc'; include'compat.inc'; if description...

Tenable Nessus•added 2006/11/06 12:0 a.m.•13 views

Solaris 9 (sparc) : 117767-05

Mozilla 1.4: Base Libraries patch. Date this patch was last updated by Sun : Jul/05/05 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text in this plugin was extracted from the Oracle SunOS Patch Updates. include'deprecatednasllevel.inc'; include'compat.inc'; if description...

6.9AI score

Tenable Nessus•added 2006/10/31 12:0 a.m.•29 views

Debian DSA-1200-1 : qt-x11-free - integer overflow

An integer overflow has been found in the pixmap handling routines in the Qt GUI libraries. This could allow an attacker to cause a denial of service and possibly execute arbitrary code by providing a specially crafted image file and inducing the victim to view it in an application based on Qt...

6.8CVSS6AI score0.04146EPSS

Exploits0References3

OSV•added 2006/10/30 12:0 a.m.•15 views

DSA-1200-1 qt-x11-free - integer overflow

Bulletin has no description...

6.8CVSS5.9AI score0.04146EPSS

NVD•added 2006/10/26 5:7 p.m.•10 views

CVE-2006-5549

PHP remote file inclusion vulnerability in libraries/amfphp/amf-core/custom/CachedGateway.php in Adobe PHP SDK allows remote attackers to execute arbitrary PHP code via the AMFPHPBASE parameter. NOTE: this issue has been disputed by a third-party researcher who states that AMFPHPBASE is a constan...

7.5CVSS7.5AI score0.0298EPSS

Exploits0References4

Cvelist•added 2006/10/26 5:0 p.m.•22 views

CVE-2006-5549

7.5AI score0.0298EPSS

Exploits0References4

Cent OS•added 2006/10/18 10:37 a.m.•60 views

kdelibs security update

CentOS Errata and Security Advisory CESA-2006:0720 Updated kdelibs packages that correct an integer overflow flaw are now available. This update has been rated as having critical security impact by the Red Hat Security Response Team. The kdelibs package provides libraries for the K Desktop...

6.8CVSS6.2AI score0.04146EPSS

Exploits0References9

Tenable Nessus•added 2006/10/14 12:0 a.m.•21 views

Debian DSA-1164-1 : sendmail - programming error

A programming error has been discovered in sendmail, an alternative mail transport agent for Debian, that could allow a remote attacker to crash the sendmail process by sending a specially crafted email message. Please note that in order to install this update you also need libsasl2 library from...

7.5CVSS5.3AI score0.04328EPSS

Exploits0References3

OSV•added 2006/10/03 4:3 a.m.•1 views

DEBIAN-CVE-2006-5117

phpMyAdmin before 2.9.1-rc1 has a libraries directory under the web document root with insufficient access control, which allows remote attackers to obtain sensitive information via direct requests for certain files...

5CVSS6.7AI score0.0135EPSS

Debian CVE•added 2006/10/02 8:0 p.m.•32 views

CVE-2006-5117

5CVSS6AI score0.0135EPSS

Debian CVE•added 2006/10/02 8:0 p.m.•33 views

CVE-2006-5116

Multiple cross-site request forgery CSRF vulnerabilities in phpMyAdmin before 2.9.1-rc1 allow remote attackers to perform unauthorized actions as another user by 1 directly setting a token in the URL though dynamic variable evaluation and 2 unsetting arbitrary variables via the REQUEST array,...

5.1CVSS6.7AI score0.02021EPSS