Lucene search
K

828 matches found

UbuntuCve
UbuntuCve
added 2009/06/11 3:30 p.m.34 views

CVE-2009-0198

Heap-based buffer overflow in the JBIG2 filter in Adobe Reader 7 and Acrobat 7 before 7.1.3, Adobe Reader 8 and Acrobat 8 before 8.1.6, and Adobe Reader 9 and Acrobat 9 before 9.1.2 allows remote attackers to cause a denial of service memory corruption or possibly execute arbitrary code via a...

9.3CVSS6.3AI score0.08835EPSS
Exploits0References1
UbuntuCve
UbuntuCve
added 2009/06/10 6:0 p.m.28 views

CVE-2009-1703

WebKit in Apple Safari before 4.0 does not prevent references to file: URLs within 1 audio and 2 video elements, which allows remote attackers to determine the existence of arbitrary files via a crafted HTML document...

7.1CVSS6AI score0.03013EPSS
Exploits2References1
UbuntuCve
UbuntuCve
added 2009/06/10 12:0 a.m.31 views

CVE-2009-1712

WebKit in Apple Safari before 4.0 does not prevent remote loading of local Java applets, which allows remote attackers to execute arbitrary code, gain privileges, or obtain sensitive information via an APPLET or OBJECT element...

9.3CVSS6.1AI score0.07746EPSS
Exploits2References3
UbuntuCve
UbuntuCve
added 2009/05/15 3:30 p.m.31 views

CVE-2009-0688

Multiple buffer overflows in the CMU Cyrus SASL library before 2.1.23 might allow remote attackers to execute arbitrary code or cause a denial of service application crash via strings that are used as input to the saslencode64 function in lib/saslutil.c...

7.5CVSS6.4AI score0.08206EPSS
Exploits0References2
UbuntuCve
UbuntuCve
added 2009/05/14 5:30 p.m.28 views

CVE-2009-1580

Session fixation vulnerability in SquirrelMail before 1.4.18 allows remote attackers to hijack web sessions via a crafted cookie...

5.8CVSS7.1AI score0.01855EPSS
Exploits0References1
UbuntuCve
UbuntuCve
added 2009/04/27 6:0 p.m.22 views

CVE-2009-1440

Incomplete blacklist vulnerability in DownloadListCtrl.cpp in amule 2.2.4 allows remote attackers to conduct argument injection attacks into a command for mplayer via a crafted filename...

6.8CVSS5.9AI score0.0154EPSS
Exploits1References1
UbuntuCve
UbuntuCve
added 2009/04/09 12:30 a.m.15 views

CVE-2009-1253

James Stone Tunapie 2.1 allows local users to overwrite arbitrary files via a symlink attack on an unspecified temporary file...

4.4CVSS6AI score0.00301EPSS
Exploits0References1
UbuntuCve
UbuntuCve
added 2009/03/27 4:30 p.m.32 views

CVE-2009-0591

The CMSverify function in OpenSSL 0.9.8h through 0.9.8j, when CMS is enabled, does not properly handle errors associated with malformed signed attributes, which allows remote attackers to repudiate a signature that originally appeared to be valid but was actually invalid...

2.6CVSS7.2AI score0.02735EPSS
Exploits0References2
UbuntuCve
UbuntuCve
added 2009/03/12 3:20 p.m.24 views

CVE-2009-0366

The uncompressbuffer function in src/server/simplewml.cpp in Wesnoth before r33069 allows remote attackers to cause a denial of service via a large compressed WML document...

4.3CVSS5.9AI score0.01957EPSS
Exploits0References1
UbuntuCve
UbuntuCve
added 2009/03/09 12:0 a.m.38 views

CVE-2009-0781

Cross-site scripting XSS vulnerability in jsp/cal/cal2.jsp in the calendar application in the examples web application in Apache Tomcat 4.1.0 through 4.1.39, 5.5.0 through 5.5.27, and 6.0.0 through 6.0.18 allows remote attackers to inject arbitrary web script or HTML via the time parameter, relat...

4.3CVSS6.4AI score0.09125EPSS
Exploits1References2
UbuntuCve
UbuntuCve
added 2009/02/26 4:17 p.m.27 views

CVE-2009-0522

Adobe Flash Player 9.x before 9.0.159.0 and 10.x before 10.0.22.87 on Windows allows remote attackers to trick a user into visiting an arbitrary URL via an unspecified manipulation of the "mouse pointer display," related to a "Clickjacking attack."...

4.3CVSS5.8AI score0.02701EPSS
Exploits0References2
UbuntuCve
UbuntuCve
added 2009/01/28 11:30 a.m.32 views

CVE-2008-5985

Untrusted search path vulnerability in the Python interface in Epiphany 2.22.3, and possibly other versions, allows local users to execute arbitrary code via a Trojan horse Python file in the current working directory, related to a vulnerability in the PySysSetArgv function CVE-2008-5983...

6.9CVSS5.9AI score0.0051EPSS
Exploits2References1
UbuntuCve
UbuntuCve
added 2009/01/07 5:30 p.m.29 views

CVE-2009-0021

NTP 4.2.4 before 4.2.4p5 and 4.2.5 before 4.2.5p150 does not properly check the return value from the OpenSSL EVPVerifyFinal function, which allows remote attackers to bypass validation of the certificate chain via a malformed SSL/TLS signature for DSA and ECDSA keys, a similar vulnerability to...

5CVSS5.9AI score0.03218EPSS
Exploits0References3
UbuntuCve
UbuntuCve
added 2008/11/19 5:30 p.m.38 views

CVE-2008-5161

Error handling in the SSH protocol in 1 SSH Tectia Client and Server and Connector 4.0 through 4.4.11, 5.0 through 5.2.4, and 5.3 through 5.3.8; Client and Server and ConnectSecure 6.0 through 6.0.4; Server for Linux on IBM System z 6.0.4; Server for IBM z/OS 5.5.1 and earlier, 6.0.0, and 6.0.1;...

3.7CVSS6.8AI score0.15395EPSS
Exploits1References2
UbuntuCve
UbuntuCve
added 2008/11/17 6:18 p.m.34 views

CVE-2008-5104

Ubuntu 6.06 LTS, 7.10, 8.04 LTS, and 8.10, when installed as a virtual machine by 1 python-vm-builder or 2 ubuntu-vm-builder in VMBuilder 0.9 in Ubuntu 8.10, have ! exclamation point as the default root password, which allows attackers to bypass intended login restrictions...

7.2CVSS5.9AI score0.00471EPSS
Exploits1References1
UbuntuCve
UbuntuCve
added 2008/11/07 7:36 p.m.22 views

CVE-2008-4998

postinst in twiki 4.1.2 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/twiki temporary file. NOTE: the vendor disputes this vulnerability, stating "this bug is invalid...

6.9CVSS6AI score0.00286EPSS
Exploits0References1
UbuntuCve
UbuntuCve
added 2008/11/01 12:0 a.m.29 views

CVE-2008-4868

Unspecified vulnerability in the avcodecclose function in libavcodec/utils.c in FFmpeg 0.4.9 before r14787, as used by MPlayer, has unknown impact and attack vectors, related to a free "on random pointers."...

10CVSS5.9AI score0.02303EPSS
Exploits0References1
UbuntuCve
UbuntuCve
added 2008/10/22 12:11 a.m.19 views

CVE-2008-4654

Stack-based buffer overflow in the parsemaster function in the Ty demux plugin modules/demux/ty.c in VLC Media Player 0.9.0 through 0.9.4 allows remote attackers to execute arbitrary code via a TiVo TY media file with a header containing a crafted size value...

9.3CVSS6.4AI score0.57547EPSS
Exploits8References2
UbuntuCve
UbuntuCve
added 2008/10/14 9:10 p.m.12 views

CVE-2008-4555

Stack-based buffer overflow in the pushsubg function in parser.y lib/graph/parser.c in Graphviz 2.20.2, and possibly earlier versions, allows user-assisted remote attackers to cause a denial of service memory corruption or execute arbitrary code via a DOT file with a large number of Agrapht...

8.5CVSS6.4AI score0.05061EPSS
Exploits1References1
UbuntuCve
UbuntuCve
added 2008/09/29 7:25 p.m.24 views

CVE-2008-3827

Multiple integer underflows in the Real demuxer demuxreal.c in MPlayer 1.0rc2 and earlier allow remote attackers to cause a denial of service process termination and possibly execute arbitrary code via a crafted video file that causes the streamread function to read or write arbitrary memory...

9.3CVSS6.2AI score0.10852EPSS
Exploits0References1
Rows per page
Query Builder