Lucene search
K

828 matches found

UbuntuCve
UbuntuCve
added 2010/08/20 12:0 a.m.36 views

CVE-2010-2531

The varexport function in PHP 5.2 before 5.2.14 and 5.3 before 5.3.3 flushes the output buffer to the user when certain fatal errors occur, even if displayerrors is off, which allows remote attackers to obtain sensitive information by causing the application to exceed limits for memory, execution...

4.3CVSS6.1AI score0.04996EPSS
Exploits0References2
UbuntuCve
UbuntuCve
added 2010/08/11 6:47 p.m.25 views

CVE-2010-2542

Stack-based buffer overflow in the isgitdirectory function in setup.c in Git before 1.7.2.1 allows local users to gain privileges via a long gitdir: field in a .git file in a working copy...

7.5CVSS6AI score0.02507EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2010/07/21 12:0 a.m.28 views

Fedora 12 : python-cjson-1.0.5-5.fc12 (2010-10710)

Sat Jul 3 2010 Felix Schwarz - 1.0.5-5 - CVE-2010-1666 fixed by including a patch from Ubuntu, see Launchpad 585274 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format...

6.8CVSS5.4AI score0.01665EPSS
Exploits1References3
Tenable Nessus
Tenable Nessus
added 2010/07/21 12:0 a.m.27 views

Fedora 13 : python-cjson-1.0.5-5.fc13 (2010-10728)

Sat Jul 3 2010 Felix Schwarz - 1.0.5-5 - CVE-2010-1666 fixed by including a patch from Ubuntu, see Launchpad 585274 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format...

6.8CVSS5.4AI score0.01665EPSS
Exploits1References3
UbuntuCve
UbuntuCve
added 2010/06/18 4:30 p.m.25 views

CVE-2010-1763

Unspecified vulnerability in WebKit in Apple iTunes before 9.2 on Windows has unknown impact and attack vectors, a different vulnerability than CVE-2010-1387 and CVE-2010-1769...

10CVSS5.9AI score0.02667EPSS
Exploits0References1
UbuntuCve
UbuntuCve
added 2010/06/11 6:0 p.m.22 views

CVE-2010-1402

Double free vulnerability in WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1 on Mac OS X 10.4, allows remote attackers to execute arbitrary code or cause a denial of service application crash via vectors related to an event listener in an SVG document,...

9.3CVSS7.5AI score0.08732EPSS
Exploits0References2
UbuntuCve
UbuntuCve
added 2010/06/11 6:0 p.m.44 views

CVE-2010-1404

Use-after-free vulnerability in WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1 on Mac OS X 10.4, allows remote attackers to execute arbitrary code or cause a denial of service application crash via an SVG document that contains recursive Use elements,...

9.3CVSS7.5AI score0.08732EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2010/04/26 12:0 a.m.32 views

FreeBSD : emacs -- movemail symlink race condition (5253)

The following package needs to be updated: emacs %NASLMINLEVEL 999999 @DEPRECATED@ This script has been deprecated as the VuXML entry has been cancelled. Disabled on 2011/10/02. C Tenable Network Security, Inc. This script contains information extracted from VuXML : Copyright 2003-2006 Jacques...

6.3AI score0.00327EPSS
Exploits0References7
UbuntuCve
UbuntuCve
added 2010/04/07 3:30 p.m.20 views

CVE-2010-0400

SQL injection vulnerability in lib/user.php in mahara 1.0.4 allows remote attackers to execute arbitrary SQL commands via a username...

7.5CVSS6.2AI score0.01717EPSS
Exploits0References2
UbuntuCve
UbuntuCve
added 2010/04/06 12:0 a.m.20 views

CVE-2010-1238

MoinMoin 1.7.1 allows remote attackers to bypass the textcha protection mechanism by modifying the textcha-question and textcha-answer fields to have empty values...

5CVSS5.9AI score0.01975EPSS
Exploits0References2
UbuntuCve
UbuntuCve
added 2010/03/15 2:15 p.m.38 views

CVE-2010-0049

Use-after-free vulnerability in WebKit in Apple Safari before 4.0.5 allows remote attackers to execute arbitrary code or cause a denial of service application crash via HTML elements with right-to-left RTL text directionality...

9.3CVSS6.2AI score0.10936EPSS
Exploits1References2
UbuntuCve
UbuntuCve
added 2010/02/09 12:0 a.m.25 views

CVE-2009-4640

Array index error in vorbisdec.c in FFmpeg 0.5 allows remote attackers to cause a denial of service and possibly execute arbitrary code via a crafted Vorbis file that triggers an out-of-bounds read...

4.3CVSS7.5AI score0.03997EPSS
Exploits2References2
UbuntuCve
UbuntuCve
added 2010/02/09 12:0 a.m.34 views

CVE-2009-4634

Multiple integer underflows in FFmpeg 0.5 allow remote attackers to cause a denial of service and possibly execute arbitrary code via a crafted file that 1 bypasses a validation check in vorbisdec.c and triggers a wraparound of the stack pointer, or 2 access a pointer from out-of-bounds memory in...

10CVSS7.5AI score0.0721EPSS
Exploits2References2
0day.today
0day.today
added 2010/01/06 12:0 a.m.16 views

Gnome Panel <= 2.28.0 Denial of Service PoC 0-day

Exploit for unknown platform in category dos / poc ================================================= Gnome Panel include int mainint argc, char argv FILE f; unsigned long i; printf"%s","Gnome panel = 2.28.0 denial of service by Pietro Oliva poc 0-day\n\n"; if!f=fopen".gtk-bookmarks","r"...

7AI score
Exploits0
UbuntuCve
UbuntuCve
added 2009/11/24 5:30 p.m.30 views

CVE-2009-3896

src/http/ngxhttpparse.c in nginx aka Engine X 0.1.0 through 0.4.14, 0.5.x before 0.5.38, 0.6.x before 0.6.39, 0.7.x before 0.7.62, and 0.8.x before 0.8.14 allows remote attackers to cause a denial of service NULL pointer dereference and worker process crash via a long URI...

5CVSS5.9AI score0.10181EPSS
Exploits2References1
UbuntuCve
UbuntuCve
added 2009/09/22 10:30 a.m.26 views

CVE-2009-3289

The gfilecopy function in glib 2.0 sets the permissions of a target file to the permissions of a symbolic link 777, which allows user-assisted local users to modify files of other users, as demonstrated by using Nautilus to modify the permissions of the user home directory...

7.8CVSS7.1AI score0.00359EPSS
Exploits2References3
UbuntuCve
UbuntuCve
added 2009/09/14 4:30 p.m.14 views

CVE-2009-2947

Cross-site scripting XSS vulnerability in Xapian Omega before 1.0.16 allows remote attackers to inject arbitrary web script or HTML via unspecified CGI parameter values, which are sometimes included in exception messages...

4.3CVSS6AI score0.019EPSS
Exploits0References1
UbuntuCve
UbuntuCve
added 2009/08/18 12:0 a.m.28 views

CVE-2009-2855

The strListGetItem function in src/HttpHeaderTools.c in Squid 2.7 allows remote attackers to cause a denial of service via a crafted auth header with certain comma delimiters that trigger an infinite loop of calls to the strcspn function...

5CVSS5.9AI score0.36732EPSS
Exploits1References2
UbuntuCve
UbuntuCve
added 2009/07/22 12:0 a.m.32 views

CVE-2009-2464

The nsXULTemplateQueryProcessorRDF::CheckIsSeparator function in Mozilla Firefox before 3.0.12, SeaMonkey 2.0a1pre, and Thunderbird allows remote attackers to cause a denial of service memory corruption and application crash or possibly execute arbitrary code via vectors related to loading multip...

10CVSS6.2AI score0.1323EPSS
Exploits1References2
UbuntuCve
UbuntuCve
added 2009/07/13 12:0 a.m.31 views

CVE-2009-2446

Multiple format string vulnerabilities in the dispatchcommand function in libmysqld/sqlparse.cc in mysqld in MySQL 4.0.0 through 5.0.83 allow remote authenticated users to cause a denial of service daemon crash and possibly have unspecified other impact via format string specifiers in a database...

8.5CVSS5.9AI score0.10586EPSS
Exploits2References4
Rows per page
Query Builder