1190 matches found
CVE-2019-11579
dhcp.c in dhcpcd before 7.2.1 contains a 1-byte read overflow with DHO_OPTSOVERLOADED.
CVE-2010-3299
The encrypt/decrypt functions in Ruby on Rails 2.3 are vulnerable to padding oracle attacks.
CVE-2011-0529
Weborf before 0.12.5 is affected by a Denial of Service (DOS) due to malformed fields in HTTP.
CVE-2011-1028
The $smarty.template variable in Smarty3 allows attackers to possibly execute arbitrary PHP code via the sysplugins/smarty_internal_compile_private_special_variable.php file.
CVE-2013-1910
yum does not properly handle bad metadata, which allows an attacker to cause a denial of service and possibly have other unspecified impact via a Trojan horse file in the metadata of a remote repository.
CVE-2013-2106
webauth before 4.6.1 has authentication credential disclosure
CVE-2013-1811
An access control issue in MantisBT before 1.2.13 allows users with "Reporter" permissions to change any issue to "New".
CVE-2016-1000108
yaws before 2.0.4 does not attempt to address RFC 3875 section 4.1.18 namespace conflicts and therefore does not protect CGI applications from the presence of untrusted client data in the HTTP_PROXY environment variable, which might allow remote attackers to redirect a CGI application's outbound HT...
CVE-2019-11766
dhcp6.c in dhcpcd before 6.11.7 and 7.x before 7.2.2 has a buffer over-read in the D6_OPTION_PD_EXCLUDE feature.
CVE-2010-4532
offlineimap before 6.3.2 does not check for SSL server certificate validation when "ssl = yes" option is specified which can allow man-in-the-middle attacks.
CVE-2012-2350
pam_shield before 0.9.4: Default configuration does not perform protective action
CVE-2008-7291
gri before 2.12.18 generates temporary files in an insecure way.
CVE-2010-3359
If LD_LIBRARY_PATH is undefined in gargoyle-free before 2009-08-25, the variable will point to the current directory. This can allow a local user to trick another user into running gargoyle in a directory with a cracked libgarglk.so and gain access to the user's account.
CVE-2007-5743
viewvc 1.0.3 allows improper access control to files in a repository when using the "forbidden" configuration option.
CVE-2009-5043
burn allows file names to escape via mishandled quotation marks
CVE-2012-6111
gnome-keyring does not discard stored secrets when using gnome_keyring_lock_all_sync function
CVE-2013-0326
OpenStack nova base images permissions are world readable
CVE-2013-1429
Lintian before 2.5.12 allows remote attackers to gather information about the "host" system using crafted symlinks.
CVE-2013-2745
An SQL Injection vulnerability exists in MiniDLNA prior to 1.1.0
CVE-2006-4245
archivemail 0.6.2 uses temporary files insecurely leading to a possible race condition.
CVE-2011-2515
PackageKit 0.6.17 allows installation of unsigned RPM packages as though they were signed which may allow installation of non-trusted packages and execution of arbitrary code.
CVE-2012-2248
An issue was discovered in dhclient 4.3.1-6 due to an embedded path variable.
CVE-2010-2450
The keygen.sh script in Shibboleth SP 2.0 (located in /usr/local/etc/shibboleth by default) uses OpenSSL to create a DES private key which is placed in sp-key.pm. It relies on the root umask (default 22) instead of chmoding the resulting file itself, so the generated private key is world readable b...
CVE-2011-1588
Thunar before 1.3.1 could crash when copy and pasting a file name with % format characters due to a format string error.
CVE-2011-3618
atop: symlink attack possible due to insecure tempfile handling
CVE-2012-4384
letodms has multiple XSS issues: Reflected XSS in Login Page, Stored XSS in Document Owner/User name, Stored XSS in Calendar
CVE-2011-1136
In tesseract 2.03 and 2.04, an attacker can rewrite an arbitrary user file by guessing the PID and creating a link to the user's file.
CVE-2011-2207
dirmngr before 2.1.0 improperly handles certain system calls, which allows remote attackers to cause a denial of service (DOS) via a specially-crafted certificate.
CVE-2010-3373
paxtest handles temporary files insecurely
CVE-2010-4533
offlineimap before 6.3.4 added support for SSL server certificate validation but it is still possible to use SSL v2 protocol, which is a flawed protocol with multiple security deficiencies.
CVE-2010-5108
Trac 0.11.6 does not properly check workflow permissions before modifying a ticket. This can be exploited by an attacker to change the status and resolution of tickets without having proper permissions.
CVE-2012-0051
Tahoe-LAFS 1.9.0 fails to ensure integrity which allows remote attackers to corrupt mutable files or directories upon retrieval.
CVE-2012-6639
An privilege elevation vulnerability exists in Cloud-init before 0.7.0 when requests to an untrusted system are submitted for EC2 instance data.
CVE-2013-1425
ldap-git-backup before 1.0.4 exposes password hashes due to incorrect directory permissions.
CVE-2010-4817
pithos before 0.3.5 allows overwrite of arbitrary files via symlinks.
CVE-2011-1070
v86d before 0.1.10 do not verify if received netlink messages are sent by the kernel. This could allow unprivileged users to manipulate the video mode and potentially other consequences.
CVE-2013-4584
Perdition before 2.2 may have weak security when handling outbound connections, caused by an error in the STARTTLS IMAP and POP server. ssl_outgoing_ciphers not being applied to STARTTLS connections
CVE-2011-4931
gpw generates shorter passwords than required
CVE-2012-4385
letodms 3.3.6 has CSRF via change password
CVE-2013-1809
Gambas before 3.4.0 allows remote attackers to move or manipulate directory contents or perform symlink attacks due to the creation of insecure temporary directories.