Export limit exceeded: 74790 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (74790 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2009-5050 | 1 Konversation | 1 Konversation | 2024-11-21 | 7.5 High |
| konversation before 1.2.3 allows attackers to cause a denial of service. | ||||
| CVE-2009-5045 | 2 Debian, Eclipse | 2 Debian Linux, Jetty | 2024-11-21 | 7.5 High |
| Dump Servlet information leak in jetty before 6.1.22. | ||||
| CVE-2009-5025 | 1 Pyforum Project | 1 Pyforum | 2024-11-21 | 7.5 High |
| A backdoor (aka BMSA-2009-07) was found in PyForum v1.0.3 where an attacker who knows a valid user email could force a password reset on behalf of that user. | ||||
| CVE-2009-4123 | 1 Jruby | 1 Jruby-openssl | 2024-11-21 | 7.5 High |
| The jruby-openssl gem before 0.6 for JRuby mishandles SSL certificate validation. | ||||
| CVE-2009-4011 | 1 Dtc-xen Project | 1 Dtc-xen | 2024-11-21 | 8.1 High |
| dtc-xen 0.5.x before 0.5.4 suffers from a race condition where an attacker could potentially get a bash access as xenXX user on the dom0, and then access a potentially reuse an already opened VPS console. | ||||
| CVE-2009-3723 | 2 Debian, Sangoma | 2 Debian Linux, Asterisk | 2024-11-21 | 7.5 High |
| asterisk allows calls on prohibited networks | ||||
| CVE-2009-3721 | 2 Gnome, Ytnef Project | 2 Evolution, Ytnef | 2024-11-21 | 7.8 High |
| Multiple directory traversal and buffer overflow vulnerabilities were discovered in yTNEF, and in Evolution's TNEF parser that is derived from yTNEF. A crafted email could cause these applications to write data in arbitrary locations on the filesystem, crash, or potentially execute arbitrary code when decoding attachments. | ||||
| CVE-2009-20001 | 1 Mantisbt | 1 Mantisbt | 2024-11-21 | 8.1 High |
| An issue was discovered in MantisBT before 2.24.5. It associates a unique cookie string with each user. This string is not reset upon logout (i.e., the user session is still considered valid and active), allowing an attacker who somehow gained access to a user's cookie to login as them. | ||||
| CVE-2008-7314 | 1 Mirc | 1 Mirc | 2024-11-21 | 7.5 High |
| mIRC before 6.35 allows attackers to cause a denial of service (crash) via a long nickname. | ||||
| CVE-2008-7273 | 1 Getfiregpg | 1 Iceweasel-firegpg | 2024-11-21 | 7.8 High |
| A symlink issue exists in Iceweasel-firegpg before 0.6 due to insecure tempfile handling. | ||||
| CVE-2008-7272 | 1 Getfiregpg | 1 Firegpg | 2024-11-21 | 7.5 High |
| FireGPG before 0.6 handle user’s passphrase and decrypted cleartext insecurely by writing pre-encrypted cleartext and the user's passphrase to disk which may result in the compromise of secure communication or a users’s private key. | ||||
| CVE-2008-3278 | 1 Redhat | 2 Enterprise Linux, Frysk | 2024-11-21 | 7.8 High |
| frysk packages through 2008-08-05 as shipped in Red Hat Enterprise Linux 5 are built with an insecure RPATH set in the ELF header of multiple binaries in /usr/bin/f* (e.g. fcore, fcatch, fstack, fstep, ...) shipped in the package. A local attacker can exploit this vulnerability by running arbitrary code as another user. | ||||
| CVE-2007-6758 | 1 Sencha | 1 Ext Js | 2024-11-21 | 7.5 High |
| Server-side request forgery (SSRF) vulnerability in feed-proxy.php in extjs 5.0.0. | ||||
| CVE-2007-5743 | 2 Debian, Viewvc | 2 Debian Linux, Viewvc | 2024-11-21 | 7.5 High |
| viewvc 1.0.3 allows improper access control to files in a repository when using the "forbidden" configuration option. | ||||
| CVE-2007-20001 | 1 Starwindsoftware | 1 Iscsi San | 2024-11-21 | 7.5 High |
| A flaw was found in StarWind iSCSI target. An attacker could script standard iSCSI Initiator operation(s) to exhaust the StarWind service socket, which could lead to denial of service. This affects iSCSI SAN (Windows Native) Version 3.2.2 build 2007-02-20. | ||||
| CVE-2006-4245 | 2 Archivemail Project, Debian | 2 Archivemail, Debian Linux | 2024-11-21 | 8.1 High |
| archivemail 0.6.2 uses temporary files insecurely leading to a possible race condition. | ||||
| CVE-2005-4890 | 3 Debian, Redhat, Sudo Project | 4 Debian Linux, Shadow, Enterprise Linux and 1 more | 2024-11-21 | 7.8 High |
| There is a possible tty hijacking in shadow 4.x before 4.1.5 and sudo 1.x before 1.7.4 via "su - user -c program". The user session can be escaped to the parent session by using the TIOCSTI ioctl to push characters into the input buffer to be read by the next process. | ||||
| CVE-2005-2352 | 1 Gs-gpl Project | 1 Gs-gpl | 2024-11-20 | 8.1 High |
| I race condition in Temp files was found in gs-gpl before 8.56 addons scripts. | ||||
| CVE-2005-2349 | 1 Zoo Project | 1 Zoo | 2024-11-20 | 7.5 High |
| Zoo 2.10 has Directory traversal | ||||
| CVE-2002-2439 | 1 Gnu | 1 Gcc | 2024-11-20 | 7.8 High |
| Integer overflow in the new[] operator in gcc before 4.8.0 allows attackers to have unspecified impacts. | ||||