Lucene search
K

4425 matches found

RedHat Linux
RedHat Linux
added 2010/11/03 8:18 p.m.10 views

MySQL: crash with user variables, assignments, joins... (MySQL Bug #55564)

MySQL 5.1 before 5.1.51 and 5.5 before 5.5.6 allows remote authenticated users to cause a denial of service mysqld server crash by performing a user-variable assignment in a logical expression that is calculated and stored in a temporary table for GROUP BY, then causing the expression value to be...

4CVSS5.8AI score0.03391EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2010/11/03 8:18 p.m.8 views

MySQL: crash with LONGBLOB and union or update with subquery (MySQL Bug#54461)

MySQL 5.0 before 5.0.92, 5.1 before 5.1.51, and 5.5 before 5.5.6 allows remote authenticated users to cause a denial of service server crash via a query that uses the 1 GREATEST or 2 LEAST function with a mixed list of numeric and LONGBLOB arguments, which is not properly handled when the...

4CVSS5.9AI score0.03391EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2010/11/03 8:18 p.m.5 views

MySQL: Mysqld DoS (crash) by processing joins involving a table with a unique SET column (MySQL BZ#54575)

Oracle MySQL 5.1 before 5.1.49 and 5.0 before 5.0.92 allows remote authenticated users to cause a denial of service mysqld daemon crash via a join query that uses a table with a unique SET column...

4CVSS5.8AI score0.02337EPSS
Exploits1References4
Cvelist
Cvelist
added 2010/10/28 7:0 p.m.26 views

CVE-2010-3992

Unspecified vulnerability in HP Insight Control Server Migration before 6.2 allows remote authenticated users to gain privileges via unknown vectors...

6.4AI score0.01825EPSS
Exploits0References2
OSV
OSV
added 2010/10/28 12:0 a.m.2 views

DEBIAN-CVE-2010-3711

libpurple in Pidgin before 2.7.4 does not properly validate the return value of the purplebase64decode function, which allows remote authenticated users to cause a denial of service NULL pointer dereference and application crash via a crafted message, related to the plugins for MSN, MySpaceIM,...

4CVSS6.7AI score0.0327EPSS
Exploits1References1
Cvelist
Cvelist
added 2010/10/27 10:0 p.m.21 views

CVE-2010-3711

libpurple in Pidgin before 2.7.4 does not properly validate the return value of the purplebase64decode function, which allows remote authenticated users to cause a denial of service NULL pointer dereference and application crash via a crafted message, related to the plugins for MSN, MySpaceIM,...

7.1AI score0.0327EPSS
Exploits1References26
Prion
Prion
added 2010/10/25 8:1 p.m.20 views

Stack overflow

Stack-based buffer overflow in IBM Informix Dynamic Server IDS 7.x through 7.31, 9.x through 9.40, 10.00 before 10.00.xC10, 11.10 before 11.10.xC3, and 11.50 before 11.50.xC3 allows remote authenticated users to execute arbitrary code via long DBINFO keyword arguments in a SQL statement, aka...

8.5CVSS8.5AI score0.03942EPSS
Exploits0References4Affected Software1
UbuntuCve
UbuntuCve
added 2010/10/25 8:1 p.m.32 views

CVE-2010-3716

The beusercreation task in TYPO3 4.2.x before 4.2.15 and 4.3.x before 4.3.7 allows remote authenticated users to gain privileges via a crafted POST request that creates a user account with arbitrary group memberships...

6CVSS6AI score0.0099EPSS
Exploits0References1
CVE
CVE
added 2010/10/25 7:0 p.m.69 views

CVE-2010-3716

CVE-2010-3716 is a TYPO3 vulnerability where malicious editors with user-creation permission could escalate privileges by creating new users in arbitrary groups due to input validation weakness in the be_user_creation task. Affected: TYPO3 4.2.x pre-4.2.15 and 4.3.x pre-4.3.7. Documented in multi...

6CVSS6.5AI score0.0099EPSS
Exploits0References3Affected Software1
NVD
NVD
added 2010/10/23 8:39 p.m.22 views

CVE-2010-4053

Stack-based buffer overflow in an unspecified logging function in oninit.exe in IBM Informix Dynamic Server IDS 11.10 before 11.10.xC2W2 and 11.50 before 11.50.xC1 allows remote authenticated users to execute arbitrary code via a crafted EXPLAIN directive, aka idsdb00154125 and idsdb00154243...

9CVSS7.4AI score0.04673EPSS
Exploits0References5
NVD
NVD
added 2010/10/23 8:39 p.m.18 views

CVE-2010-3290

Unspecified vulnerability in HP Systems Insight Manager SIM before 6.2 allows remote authenticated users to gain privileges via unknown vectors...

6.5CVSS6.5AI score0.0133EPSS
Exploits0References4
OSV
OSV
added 2010/10/19 8:0 p.m.2 views

DEBIAN-CVE-2009-5012

ftpserver.py in pyftpdlib before 0.5.2 does not require the l permission for the MLST command, which allows remote authenticated users to bypass intended access restrictions and list the root directory via an FTP session...

4CVSS6.5AI score0.01031EPSS
Exploits0References1
PyPA
PyPA
added 2010/10/19 8:0 p.m.6 views

PYSEC-2010-20

Multiple directory traversal vulnerabilities in FTPServer.py in pyftpdlib before 0.2.0 allow remote authenticated users to access arbitrary files and directories via a .. dot dot in a 1 LIST, 2 STOR, or 3 RETR command...

6.5CVSS7.1AI score0.0126EPSS
Exploits0References5Affected Software1
Packet Storm
Packet Storm
added 2010/10/15 12:0 a.m.33 views

Netgear CG3100D Residential Gateway Privilege Escalation

Product: Netgear CG3100D Residential Gateway Vendor: http://www.netgear.com Discovered: August 30, 2010 Disclosed: October 14, 2010 I. DESCRIPTION The Netgear CG3100D Residential Gateway with firmware version 5.5.2 and probably other CG3000/CG3100 models with the same firmware has several bugs th...

1.4AI score
Exploits0
NVD
NVD
added 2010/10/14 6:0 p.m.14 views

CVE-2010-3536

Unspecified vulnerability in the PeopleSoft Enterprise SCM component in Oracle PeopleSoft and JDEdwards Suite 8.9 Bundle 38, 9.0 Bundle 31, and 9.1 Bundle 6 allows remote authenticated users to affect confidentiality and integrity via unknown vectors...

5.5CVSS5.4AI score0.01464EPSS
Exploits0References2
Prion
Prion
added 2010/10/14 6:0 p.m.14 views

Code injection

Unspecified vulnerability in the PeopleSoft Enterprise FMS - GL component in Oracle PeopleSoft and JDEdwards Suite 8.9 Bundle 38, 9.0 Bundle 31, and 9.1 Bundle 6 allows remote authenticated users to affect confidentiality and integrity via unknown vectors, a different vulnerability than...

5.5CVSS5.5AI score0.01464EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2010/10/14 5:0 p.m.39 views

CVE-2010-3536

CVE-2010-3536 affects PeopleSoft Enterprise SCM within Oracle PeopleSoft/JD Edwards Suite (8.9 Bundle #38, 9.0 Bundle #31, 9.1 Bundle #6). The vulnerability is described as an unspecified issue allowing remote authenticated users to affect confidentiality and integrity via unknown vectors. Oracle...

5.5CVSS5.5AI score0.01464EPSS
Exploits0References2Affected Software1
RedHat Linux
RedHat Linux
added 2010/10/14 4:9 p.m.6 views

qpid: crash when redeclaring the exchange with specified alternate_exchange

The SessionAdapter::ExchangeHandlerImpl::checkAlternate function in broker/SessionAdapter.cpp in the C++ Broker component in Apache Qpid before 0.6, as used in Red Hat Enterprise MRG before 1.3 and other products, allows remote authenticated users to cause a denial of service NULL pointer...

4CVSS5.8AI score0.04086EPSS
Exploits0References4
NVD
NVD
added 2010/10/14 2:0 a.m.22 views

CVE-2010-2417

Unspecified vulnerability in the Agile PLM component in Oracle Supply Chain Products Suite 9.3.0.0 allows remote authenticated users to affect integrity via unknown vectors...

4CVSS5.5AI score0.01301EPSS
Exploits0References2
Prion
Prion
added 2010/10/14 2:0 a.m.12 views

Buffer overflow

Unspecified vulnerability in the Siebel Core - Highly Interactive Client component in Oracle Siebel Suite 7.7.2.12, 7.8.2.14, 8.0.0.10, and 8.1.1.3 allows remote authenticated users to affect confidentiality, integrity, and availability via unknown vectors, a different vulnerability than...

6CVSS6AI score0.01506EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder