| Page(s) : 1 ... 217 218 219 220 221 222 223 224 225 226 [227] 228 229 230 231 232 233 234 235 236 237 ... | Result(s) : 8823 |
Alerts
| DATE | NAME | CATEGORIES | DETAIL | |
|---|---|---|---|---|
| 2.1 | 2014-06-17 | CVE-2014-4039 | cve | ppc64-diag 2.6.1 uses 0775 permissions for /tmp/diagSEsnap and does not properly restrict permissions for /tmp/diagSEsnap/snapH.tar.gz, which allows local users to obtain sensit... |
| 2.9 | 2014-06-11 | CVE-2014-3970 | cve | The pa_rtp_recv function in modules/rtp/rtp.c in the module-rtp-recv module in PulseAudio 5.0 and earlier allows remote attackers to cause a denial of service (assertion failure... |
| 3.3 | 2014-06-11 | CVE-2014-0249 | cve | The System Security Services Daemon (SSSD) 1.11.6 does not properly identify group membership when a non-POSIX group is in a group membership chain, which allows local users to ... |
| 2.1 | 2014-06-10 | CVE-2014-3873 | cve | The ktrace utility in the FreeBSD kernel 8.4 before p11, 9.1 before p14, 9.2 before p7, and 9.3-BETA1 before p1 uses an incorrect page fault kernel trace entry size, which allow... |
| 2.1 | 2014-06-09 | CVE-2013-6223 | cve | LiveZilla before 5.1.1.0 stores the admin Base64 encoded username and password in a 1click file, which allows local users to obtain access by reading the file. |
| 2.1 | 2014-06-09 | CVE-2013-2563 | cve | Mambo CMS 4.6.5 uses world-readable permissions on configuration.php, which allows local users to obtain the admin password hash by reading the file. |
| 2.1 | 2014-06-09 | CVE-2013-2562 | cve | Mambo CMS 4.6.5 stores the MySQL database password in cleartext in the document root, which allows local users to obtain sensitive information via unspecified vectors. |
| 3.6 | 2014-06-08 | CVE-2014-3038 | cve | IBM SPSS Modeler 16.0 before 16.0.0.1 on UNIX does not properly drop group privileges, which allows local users to bypass intended file-access restrictions by leveraging (1) gid... |
| 3.3 | 2014-06-08 | CVE-2014-3986 | cve | include/tests_webservers in Lynis before 1.5.5 allows local users to overwrite arbitrary files via a symlink attack on a /tmp/lynis.*.unsorted file with an easily determined name. |
| 3.3 | 2014-06-08 | CVE-2014-3982 | cve | include/tests_webservers in Lynis before 1.5.5 on AIX allows local users to overwrite arbitrary files via a symlink attack on a /tmp/lynis.##### file. |
| 3.3 | 2014-06-08 | CVE-2014-3981 | cve | acinclude.m4, as used in the configure script in PHP 5.5.13 and earlier, allows local users to overwrite arbitrary files via a symlink attack on the /tmp/phpglibccheck file. |
| 2.6 | 2014-06-06 | CVE-2014-3966 | cve | Cross-site scripting (XSS) vulnerability in Special:PasswordReset in MediaWiki before 1.19.16, 1.21.x before 1.21.10, and 1.22.x before 1.22.7, when wgRawHtml is enabled, allows... |
| 3.3 | 2014-06-05 | CVE-2014-3917 | cve | kernel/auditsc.c in the Linux kernel through 3.14.5, when CONFIG_AUDITSYSCALL is enabled with certain syscall rules, allows local users to obtain potentially sensitive single-bi... |
| 3.5 | 2014-06-04 | CVE-2014-3949 | cve | Cross-site scripting (XSS) vulnerability in the layout wizard in the Grid Elements (gridelements) extension before 1.5.1 and 2.0.x before 2.0.3 for TYPO3 allows remote authentic... |
| 1.9 | 2014-06-04 | CVE-2014-3956 | cve | The sm_close_on_exec function in conf.c in sendmail before 8.14.9 has arguments in the wrong order, and consequently skips setting expected FD_CLOEXEC flags, which allows local ... |
| 3.5 | 2014-06-03 | CVE-2014-3943 | cve | Multiple cross-site scripting (XSS) vulnerabilities in unspecified backend components in TYPO3 4.5.0 before 4.5.34, 4.7.0 before 4.7.19, 6.0.0 before 6.0.14, 6.1.0 before 6.1.9,... |
| 3.5 | 2014-06-02 | CVE-2014-3933 | cve | Cross-site scripting (XSS) vulnerability in the address components field formatter in the AddressField Tokens module 7.x-1.x before 7.x-1.4 for Drupal allows remote authenticate... |
| 2.1 | 2014-05-30 | CVE-2014-2343 | cve | Triangle MicroWorks SCADA Data Gateway before 3.00.0635 allows physically proximate attackers to cause a denial of service (excessive data processing) via a crafted DNP request ... |
| 3.5 | 2014-05-30 | CVE-2014-0925 | cve | Open redirect vulnerability in IBM Sterling Control Center 5.4.0 before 5.4.0.1 iFix 3 and 5.4.1 before 5.4.1.0 iFix 2 allows remote authenticated users to redirect users to arb... |
| 2.1 | 2014-05-30 | CVE-2014-0202 | cve | The setup script in ovirt-engine-dwh, as used in the Red Hat Enterprise Virtualization Manager data warehouse (rhevm-dwh) package before 3.3.3, stores the history database passw... |
| Page(s) : 1 ... 217 218 219 220 221 222 223 224 225 226 [227] 228 229 230 231 232 233 234 235 236 237 ... | Result(s) : 8823 |
