Total
12273 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2010-3439 | 3 Cor-entertainment, Debian, Fedoraproject | 3 Alien-arena, Debian Linux, Fedora | 2024-11-21 | 6.5 Medium |
| It is possible to cause a DoS condition by causing the server to crash in alien-arena 7.33 by supplying various invalid parameters to the download command. | ||||
| CVE-2010-3375 | 1 Qtparted Project | 1 Qtparted | 2024-11-21 | 9.8 Critical |
| qtparted has insecure library loading which may allow arbitrary code execution | ||||
| CVE-2010-3373 | 2 Debian, Grsecurity | 2 Debian Linux, Paxtest | 2024-11-21 | 5.5 Medium |
| paxtest handles temporary files insecurely | ||||
| CVE-2010-3359 | 2 Debian, Gargoyle Project | 2 Debian Linux, Gargoyle | 2024-11-21 | 4.8 Medium |
| If LD_LIBRARY_PATH is undefined in gargoyle-free before 2009-08-25, the variable will point to the current directory. This can allow a local user to trick another user into running gargoyle in a directory with a cracked libgarglk.so and gain access to the user's account. | ||||
| CVE-2010-3293 | 1 Mailscanner | 1 Mailscanner | 2024-11-21 | 5.5 Medium |
| mailscanner can allow local users to prevent virus signatures from being updated | ||||
| CVE-2010-2490 | 2 Debian, Mumble | 2 Debian Linux, Mumble | 2024-11-21 | 6.5 Medium |
| Mumble: murmur-server has DoS due to malformed client query | ||||
| CVE-2010-2476 | 1 Syscp Project | 1 Syscp | 2024-11-21 | 9.8 Critical |
| syscp 1.4.2.1 allows attackers to add arbitrary paths via the documentroot of a domain by appending a colon to it and setting the open basedir path to use that domain documentroot. | ||||
| CVE-2010-2473 | 1 Drupal | 1 Drupal | 2024-11-21 | 6.5 Medium |
| Drupal 6.x before 6.16 and 5.x before version 5.22 does not properly block users under certain circumstances. A user with an open session that was blocked could maintain their session on the Drupal site despite being blocked. | ||||
| CVE-2010-2449 | 1 Gource | 1 Gource | 2024-11-21 | 6.5 Medium |
| Gource through 0.26 logs to a predictable file name (/tmp/gource-$UID.tmp), enabling attackers to overwrite an arbitrary file via a symlink attack. | ||||
| CVE-2010-2447 | 1 Gitolite | 1 Gitolite | 2024-11-21 | 9.8 Critical |
| gitolite before 1.4.1 does not filter src/ or hooks/ from path names. | ||||
| CVE-2010-2446 | 1 Ruby-rbot | 1 Rbot | 2024-11-21 | 9.8 Critical |
| Rbot Reaction plugin allows command execution | ||||
| CVE-2010-2243 | 1 Linux | 1 Linux Kernel | 2024-11-21 | 7.5 High |
| A vulnerability exists in kernel/time/clocksource.c in the Linux kernel before 2.6.34 where on non-GENERIC_TIME systems (GENERIC_TIME=n), accessing /sys/devices/system/clocksource/clocksource0/current_clocksource results in an OOPS. | ||||
| CVE-2010-2061 | 1 Rpcbind Project | 1 Rpcbind | 2024-11-21 | 7.8 High |
| rpcbind 0.2.0 does not properly validate (1) /tmp/portmap.xdr and (2) /tmp/rpcbind.xdr, which can be created by an attacker before the daemon is started. | ||||
| CVE-2010-1678 | 1 Osgeo | 1 Mapserver | 2024-11-21 | 7.5 High |
| Mapserver 5.2, 5.4 and 5.6 before 5.6.5-2 improperly validates symbol index values during Mapfile parsing. | ||||
| CVE-2010-0748 | 3 Debian, Linux, Transmissionbt | 3 Debian Linux, Linux Kernel, Transmission | 2024-11-21 | 9.8 Critical |
| Transmission before 1.92 allows an attacker to cause a denial of service (crash) or possibly have other unspecified impact via a large number of tr arguments in a magnet link. | ||||
| CVE-2009-5158 | 1 Sumo | 1 Google Analyticator | 2024-11-21 | N/A |
| The google-analyticator plugin before 5.2.1 for WordPress has insufficient HTML sanitization for Google Analytics API text. | ||||
| CVE-2009-5155 | 2 Gnu, Netapp | 4 Glibc, Cloud Backup, Ontap Select Deploy Administration Utility and 1 more | 2024-11-21 | N/A |
| In the GNU C Library (aka glibc or libc6) before 2.28, parse_reg_exp in posix/regcomp.c misparses alternatives, which allows attackers to cause a denial of service (assertion failure and application exit) or trigger an incorrect result by attempting a regular-expression match. | ||||
| CVE-2009-5050 | 1 Konversation | 1 Konversation | 2024-11-21 | 7.5 High |
| konversation before 1.2.3 allows attackers to cause a denial of service. | ||||
| CVE-2009-5004 | 2 Apache, Redhat | 2 Qpid-cpp, Enterprise Mrg | 2024-11-21 | 6.5 Medium |
| qpid-cpp 1.0 crashes when a large message is sent and the Digest-MD5 mechanism with a security layer is in use . | ||||
| CVE-2009-3614 | 2 Debian, Noping | 2 Debian Linux, Liboping | 2024-11-21 | 3.3 Low |
| liboping 1.3.2 allows users reading arbitrary files upon the local system. | ||||