Click to open the Alert Filter

 
Year Month
Severity
Categories
Search by Alert Name
Page(s) : 1 2 3 4 5 6 [7] 8 9 10 11 12 13 14 15 16 17 ...Result(s) : 66990

Alerts Feed Alerts

DateNameCategoriesDetail
7.22014-11-16CVE-2013-0347cve The Gentoo init script for webfs uses world-readable permissions for /var/log/webfsd.log, which allows local users to have unspecified impact by reading the file.
2.12014-11-15CVE-2014-3209cve The ldns-keygen tool in ldns 1.6.x uses the current umask to set the privileges of the private key, which might allow local users to obtain the private key by reading the file.
3.32014-11-15CVE-2014-2667cve Race condition in the _get_masked_mode function in Lib/os.py in Python 3.2 through 3.5, when exist_ok is set to true and multiple threads are used, might allow local users to by...
52014-11-15CVE-2014-2268cve views/Index.php in the Install module in vTiger 6.0 before Security Patch 2 does not properly restrict access, which allows remote attackers to re-install the application via a ...
52014-11-15CVE-2013-3737cve The MobileUI (aka RT-Extension-MobileUI) extension before 1.04 in Request Tracker (RT) 4.0.0 before 4.0.13, when using the file-based session store (Apache::Session::File) and c...
62014-11-15CVE-2012-2301cve The Ubercart module 6.x-2.x before 6.x-2.8 for Drupal allows remote authenticated users with the "administer product classes" permission to execute arbitrary PHP code via unspec...
6.42014-11-15CVE-2014-8566cve The mod_auth_mellon module before 0.8.1 allows remote attackers to obtain sensitive information or cause a denial of service (segmentation fault) via unspecified vectors related...
N/A2014-11-15CVE-2014-8565cve ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2014-8518. Reason: This candidate is a duplicate of CVE-2014-8518. Notes: All CVE users should reference CVE-2...
4.62014-11-15CVE-2014-5388cve Off-by-one error in the pci_read function in the ACPI PCI hotplug interface (hw/acpi/pcihp.c) in QEMU allows local guest users to obtain sensitive information and have other uns...
4.32014-11-15CVE-2014-3502cve Apache Cordova Android before 3.5.1 allows remote attackers to open and send data to arbitrary applications via a URL with a crafted URI scheme for an Android intent.
4.32014-11-15CVE-2014-3501cve Apache Cordova Android before 3.5.1 allows remote attackers to bypass the HTTP whitelist and connect to arbitrary servers by using JavaScript to open WebSocket connections throu...
6.42014-11-15CVE-2014-3500cve Apache Cordova Android before 3.5.1 allows remote attackers to change the start page via a crafted intent URL.
7.52014-11-15CVE-2014-3158cve Integer overflow in the getword function in options.c in pppd in Paul's PPP Package (ppp) before 2.4.7 allows attackers to "access privileged options" via a long word in an...
6.42014-11-15CVE-2014-2684cve The GenericConsumer class in the Consumer component in ZendOpenId before 2.0.2 and the Zend_OpenId_Consumer class in Zend Framework 1 before 1.12.4 does not verify that the open...
52014-11-15CVE-2014-2683cve Zend Framework 1 (ZF1) before 1.12.4, Zend Framework 2 before 2.1.6 and 2.2.x before 2.2.6, ZendOpenId, ZendRest, ZendService_AudioScrobbler, ZendService_Nirvanix, ZendService_S...
6.82014-11-15CVE-2014-2682cve Zend Framework 1 (ZF1) before 1.12.4, Zend Framework 2 before 2.1.6 and 2.2.x before 2.2.6, ZendOpenId, ZendRest, ZendService_AudioScrobbler, ZendService_Nirvanix, ZendService_S...
6.42014-11-15CVE-2014-2681cve Zend Framework 1 (ZF1) before 1.12.4, Zend Framework 2 before 2.1.6 and 2.2.x before 2.2.6, ZendOpenId, ZendRest, ZendService_AudioScrobbler, ZendService_Nirvanix, ZendService_S...
52014-11-15CVE-2014-4975cve Off-by-one error in the encodes function in pack.c in Ruby 1.9.3 and earlier, and 2.x through 2.1.2, when using certain format string specifiers, allows context-dependent attack...
4.32014-11-15CVE-2014-3707cve The curl_easy_duphandle function in libcurl 7.17.1 through 7.38.0, when running with the CURLOPT_COPYPOSTFIELDS option, does not properly copy HTTP POST data for an easy handle,...
7.12014-11-14CVE-2014-7998cve Cisco IOS on Aironet access points, when "dot11 aaa authenticator" debugging is enabled, allows remote attackers to cause a denial of service via a malformed EAP packet, aka Bug...
Page(s) : 1 2 3 4 5 6 [7] 8 9 10 11 12 13 14 15 16 17 ...Result(s) : 66990