| Page(s) : 1 ... 228 229 230 231 232 233 234 235 236 237 [238] 239 240 241 242 243 244 245 246 247 248 ... | Result(s) : 8823 |
Alerts
| DATE | NAME | CATEGORIES | DETAIL | |
|---|---|---|---|---|
| 1.9 | 2014-02-04 | CVE-2014-0019 | cve | Stack-based buffer overflow in socat 1.3.0.0 through 1.7.2.2 and 2.0.0-b1 through 2.0.0-b6 allows local users to cause a denial of service (segmentation fault) via a long server... |
| 3.5 | 2014-02-04 | CVE-2013-6033 | cve | Multiple cross-site scripting (XSS) vulnerabilities on Lexmark W840 through LS.HA.P252, T64x before LS.ST.P344, C935dn through LC.JO.P091, C920 through LS.TA.P152, C53x through ... |
| 2.1 | 2014-02-02 | CVE-2012-3427 | cve | EC2 Amazon Machine Image (AMI) in JBoss Enterprise Application Platform (EAP) 5.1.2 uses 755 permissions for /var/cache/jboss-ec2-eap/, which allows local users to read sensitiv... |
| 2.1 | 2014-02-02 | CVE-2011-4327 | cve | ssh-keysign.c in ssh-keysign in OpenSSH before 5.8p2 on certain platforms executes ssh-rand-helper with unintended open file descriptors, which allows local users to obtain sens... |
| 2.1 | 2014-02-01 | CVE-2013-4331 | cve | Light Display Manager (aka LightDM) 1.4.x before 1.4.3, 1.6.x before 1.6.2, and 1.7.x before 1.7.14 uses 0664 permissions for the temporary .Xauthority file, which allows local ... |
| 3.5 | 2014-02-01 | CVE-2014-0832 | cve | Multiple cross-site scripting (XSS) vulnerabilities in configuration-details screens in the OAC component in IBM Financial Transaction Manager (FTM) 2.0 before 2.0.0.3 allow rem... |
| 2.1 | 2014-01-31 | CVE-2013-4383 | cve | Cross-site scripting (XSS) vulnerability in the jQuery Countdown module 7.x-1.x before 7.x-1.1 for Drupal allows remote authenticated users with the "access administration pages... |
| 3.5 | 2014-01-30 | CVE-2013-0177 | cve | Multiple cross-site scripting (XSS) vulnerabilities in widget/screen/ModelScreenWidget.java in Apache Open For Business Project (aka OFBiz) 10.04.x before 10.04.05, 11.04.01, an... |
| 3.3 | 2014-01-27 | CVE-2014-1640 | cve | axiom-test.sh in axiom 20100701-1.1 uses tempfile to create a safe temporary file but appends a suffix to the original filename and writes to this new filename, which allows loc... |
| 3.3 | 2014-01-27 | CVE-2014-1639 | cve | syncevo/installcheck-local.sh in syncevolution before 1.3.99.7 uses mktemp to create a safe temporary file but appends a suffix to the original filename and writes to this new f... |
| 3.3 | 2014-01-27 | CVE-2014-1638 | cve | (1) debian/postrm and (2) debian/localepurge.config in localepurge before 0.7.3.2 use tempfile to create a safe temporary file but appends a suffix to the original filename and ... |
| 3.3 | 2014-01-27 | CVE-2014-1624 | cve | Race condition in the xdg.BaseDirectory.get_runtime_dir function in python-xdg 0.25 allows local users to overwrite arbitrary files by pre-creating /tmp/pyxdg-runtime-dir-fallba... |
| 2.1 | 2014-01-27 | CVE-2014-1604 | cve | The parser cache functionality in parsergenerator.py in RPLY (aka python-rply) before 0.7.1 allows local users to spoof cache data by pre-creating a temporary rply-*.json file w... |
| 2.1 | 2014-01-27 | CVE-2014-0647 | cve | The Starbucks 2.6.1 application for iOS stores sensitive information in plaintext in the Crashlytics log file (/Library/Caches/com.crashlytics.data/com.starbucks.mystarbucks/ses... |
| 3.3 | 2014-01-25 | CVE-2014-0027 | cve | The play_wave_from_socket function in audio/auserver.c in Flite 1.4 allows local users to modify arbitrary files via a symlink attack on /tmp/awb.wav. NOTE: some of these detai... |
| 1.2 | 2014-01-25 | CVE-2013-6891 | cve | lppasswd in CUPS before 1.7.1, when running with setuid privileges, allows local users to read portions of arbitrary files via a modified HOME environment variable and a symlink... |
| 3.6 | 2014-01-25 | CVE-2013-5364 | cve | Secunia CSI Agent 6.0.0.15017 and earlier, 6.0.1.1007 and earlier, and 7.0.0.21 and earlier, when running on Red Hat Linux, uses world-readable and world-writable permissions fo... |
| 3.3 | 2014-01-24 | CVE-2014-1447 | cve | Race condition in the virNetServerClientStartKeepAlive function in libvirt before 1.2.1 allows remote attackers to cause a denial of service (libvirtd crash) by closing a connec... |
| 3.2 | 2014-01-24 | CVE-2013-2192 | cve | The RPC protocol implementation in Apache Hadoop 2.x before 2.0.6-alpha, 0.23.x before 0.23.9, and 1.x before 1.2.1, when the Kerberos security features are enabled, allows man-... |
| 2.1 | 2014-01-24 | CVE-2013-1853 | cve | Almanah Diary 0.9.0 and 0.10.0 does not encrypt the database when closed, which allows local users to obtain sensitive information by reading the database. |
| Page(s) : 1 ... 228 229 230 231 232 233 234 235 236 237 [238] 239 240 241 242 243 244 245 246 247 248 ... | Result(s) : 8823 |
