CVE-2017-5332

The extract_group_icon_cursor_resource in wrestool/extract.c in icoutils before 0.31.1 can access unallocated memory, which allows local users to cause a denial of service (process crash) and execute arbitrary code via a crafted executable.

CVE-2011-3630

Hardlink before 0.1.2 suffer from multiple stack-based buffer overflow flaws because of the way directory trees with deeply nested directories are processed. A remote attacker could provide a specially-crafted directory tree, and trick the local user into consolidating it, leading to hardlink execu...

CVE-2013-5661

Cache Poisoning issue exists in DNS Response Rate Limiting.

CVE-2013-3718

evince is missing a check on number of pages which can lead to a segmentation fault

CVE-2015-8980

The plural form formula in ngettext family of calls in php-gettext before 1.0.12 allows remote attackers to execute arbitrary code.

CVE-2005-4890

There is a possible tty hijacking in shadow 4.x before 4.1.5 and sudo 1.x before 1.7.4 via "su - user -c program". The user session can be escaped to the parent session by using the TIOCSTI ioctl to push characters into the input buffer to be read by the next process.

CVE-2019-19334

In all versions of libyang before 1.0-r5, a stack-based buffer overflow was discovered in the way libyang parses YANG files with a leaf of type "identityref". An application that uses libyang to parse untrusted YANG files may be vulnerable to this flaw, which would allow an attacker to cause a deni...

CVE-2019-19624

An out-of-bounds read was discovered in OpenCV before 4.1.1. Specifically, variable coarsest_scale is assumed to be greater than or equal to finest_scale within the calc()/ocl_calc() functions in dis_flow.cpp. However, this is not true when dealing with small images, leading to an out-of-bounds rea...

CVE-2019-14826

A flaw was found in FreeIPA versions 4.5.0 and later. Session cookies were retained in the cache after logout. An attacker could abuse this flaw if they obtain previously valid session cookies and can use this to gain access to the session.

CVE-2012-6655

An issue exists AccountService 0.6.37 in the user_change_password_authorized_cb() function in user.c which could let a local users obtain encrypted passwords.

CVE-2014-3585

redhat-upgrade-tool: Does not check GPG signatures when upgrading versions

CVE-2016-4983

A postinstall script in the dovecot rpm allows local users to read the contents of newly created SSL/TLS key files.

CVE-2012-0877

PyXML: Hash table collisions CPU usage Denial of Service

CVE-2013-4251

The scipy.weave component in SciPy before 0.12.1 creates insecure temporary directories.

CVE-2019-11811

An issue was discovered in the Linux kernel before 5.0.4. There is a use-after-free upon attempted read access to /proc/ioports after the ipmi_si module is removed, related to drivers/char/ipmi/ipmi_si_intf.c, drivers/char/ipmi/ipmi_si_mem_io.c, and drivers/char/ipmi/ipmi_si_port_io.c.

CVE-2016-1000002

gdm3 3.14.2 and possibly later has an information leak before screen lock

CVE-2016-1000037

Pagure: XSS possible in file attachment endpoint

CVE-2011-1145

The SQLDriverConnect() function in unixODBC before 2.2.14p2 have a possible buffer overflow condition when specifying a large value for SAVEFILE parameter in the connection string.

CVE-2012-1156

Moodle before 2.2.2 has users' private files included in course backups

CVE-2012-1168

Moodle before 2.2.2 has a password and web services issue where when the user profile is updated the user password is reset if not specified.

CVE-2012-6136

tuned 2.10.0 creates its PID file with insecure permissions which allows local users to kill arbitrary processes.

CVE-2019-3837

It was found that the net_dma code in tcp_recvmsg() in the 2.6.32 kernel as shipped in RHEL6 is thread-unsafe. So an unprivileged multi-threaded userspace application calling recvmsg() for the same network socket in parallel executed on ioatdma-enabled hardware with net_dma enabled can leak the mem...

CVE-2010-4661

udisks before 1.0.3 allows a local user to load arbitrary Linux kernel modules.

CVE-2012-1155

Moodle has a database activity export permission issue where the export function of the database activity module exports all entries even those from groups the user does not belong to

CVE-2012-5521

quagga (ospf6d) 0.99.21 has a DoS flaw in the way the ospf6d daemon performs routes removal

CVE-2011-2897

gdk-pixbuf through 2.31.1 has GIF loader buffer overflow when initializing decompression tables due to an input validation flaw

CVE-2016-4980

A password generation weakness exists in xquest through 2016-06-13.

CVE-2010-4664

In ConsoleKit before 0.4.2, an intended security policy restriction bypass was found. This flaw allows an authenticated system user to escalate their privileges by initiating a remote VNC session.

CVE-2013-4409

An eval() vulnerability exists in Python Software Foundation Djblets 0.7.21 and Beanbag Review Board before 1.7.15 when parsing JSON requests.

CVE-2015-7810

libbluray MountManager class has a time-of-check time-of-use (TOCTOU) race when expanding JAR files

CVE-2012-5630

libuser 0.56 and 0.57 has a TOCTOU (time-of-check time-of-use) race condition when copying and removing directory trees.

CVE-2012-5644

libuser has information disclosure when moving user's home directory

CVE-2011-4967

tog-Pegasus has a package hash collision DoS vulnerability

CVE-2011-2717

The DHCPv6 client (dhcp6c) as used in the dhcpv6 project through 2011-07-25 allows remote DHCP servers to execute arbitrary commands via shell metacharacters in a hostname obtained from a DHCP message.

CVE-2011-2207

dirmngr before 2.1.0 improperly handles certain system calls, which allows remote attackers to cause a denial of service (DOS) via a specially-crafted certificate.