Security Dashboard
PAGES
ALERTS
| DATE | SEVERITY | NAME | DETAIL |
|---|---|---|---|
 2010-08-31 |
|
CVE-2010-3196 | IBM DB2 9.7 before FP2, when AUTO_REVAL is IMMEDIATE, allows remote authenticated users to cause a denial of service (loss of privileges) to a view... |
| 2010-08-30 |
|
CVE-2010-2792 | Race condition in the SPICE (aka spice-xpi) plug-in 2.2 for Firefox allows local users to obtain sensitive information, and conduct man-in-the-midd... |
| 2010-08-30 |
|
CVE-2010-2794 | The SPICE (aka spice-xpi) plug-in 2.2 for Firefox allows local users to overwrite arbitrary files via a symlink attack on an unspecified log file. |
| 2010-08-20 |
|
CVE-2008-7258 | ** DISPUTED ** The standardise function in Anibal Monsalve Salazar sSMTP 2.61 and 2.62 allows local users to cause a denial of service (applicatio... |
| 2010-08-20 |
|
CVE-2010-1172 | DBus-GLib 0.73 disregards the access flag of exported GObject properties, which allows local users to bypass intended access restrictions and possi... |
| 2010-08-20 |
|
CVE-2010-3014 | The Coda filesystem kernel module, as used in NetBSD and FreeBSD, when Coda is loaded and Venus is running with /coda mounted, allows local users t... |
| 2010-08-19 |
|
CVE-2010-2242 | Red Hat libvirt 0.2.0 through 0.8.2 creates iptables rules with improper mappings of privileged source ports, which allows guest OS users to bypass... |
| 2010-08-17 |
|
CVE-2010-2241 | The (1) setup-ds.pl and (2) setup-ds-admin.pl setup scripts for Red Hat Directory Server 8 before 8.2 use world-readable permissions when creating ... |
| 2010-08-16 |
|
CVE-2009-4269 | The password hash generation algorithm in the BUILTIN authentication functionality for Apache Derby before 10.6.1.0 performs a transformation that ... |
| 2010-08-16 |
|
CVE-2010-3022 | Cross-site scripting (XSS) vulnerability in the Performance logging module in the Devel module 5.x before 5.x-1.3 and 6.x before 6.x-1.21 for Drupa... |
| 2010-08-16 |
|
CVE-2010-3028 | The Aardvertiser component before 2.2.1 for Joomla! uses insecure permissions (777) in unspecified folders, which allows local users to modify, cre... |
| 2010-08-10 |
|
CVE-2010-2975 | Cisco Unified Wireless Network (UWN) Solution 7.x through 7.0.98.0 does not properly handle multiple SSH sessions, which allows physically proximat... |
| 2010-08-10 |
|
CVE-2010-2474 | JBoss Enterprise Service Bus (ESB) before 4.7 CP02 in JBoss Enterprise SOA Platform before 5.0.2 does not properly consider the security domain wit... |
| 2010-08-10 |
|
CVE-2010-2574 | Cross-site scripting (XSS) vulnerability in manage_proj_cat_add.php in MantisBT 1.2.2 allows remote authenticated administrators to inject arbitrar... |
| 2010-08-05 |
|
CVE-2010-2796 | Cross-site scripting (XSS) vulnerability in phpCAS before 1.1.2, when proxy mode is enabled, allows remote attackers to inject arbitrary web script... |
| 2010-08-02 |
|
CVE-2010-2539 | Buffer overflow in the msTmpFile function in maputil.c in mapserv in MapServer before 4.10.6 and 5.x before 5.6.4 allows local users to cause a den... |
| 2010-07-30 |
|
CVE-2010-2913 | The Citibank Citi Mobile app before 2.0.3 for iOS stores account data in a file, which allows local users to obtain sensitive information via vecto... |
| 2010-07-30 |
|
CVE-2010-1796 | The AutoFill feature in Apple Safari before 5.0.1 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1.1 on Mac OS X 10.4, allows remote attac... |
| 2010-07-30 |
|
CVE-2010-2751 | The nsDocShell::OnRedirectStateChange function in docshell/base/nsDocShell.cpp in Mozilla Firefox 3.5.x before 3.5.11 and 3.6.x before 3.6.7, and S... |
| 2010-07-28 |
|
CVE-2010-0213 | BIND 9.7.1 and 9.7.1-P1, when a recursive validating server has a trust anchor that is configured statically or via DNSSEC Lookaside Validation (DL... |
PAGES
