| Page(s) : 1 ... 329 330 331 332 333 334 335 336 337 338 [339] 340 341 342 343 344 345 346 347 348 349 ... | Result(s) : 8834 |
Alerts
| DATE | NAME | CATEGORIES | DETAIL | |
|---|---|---|---|---|
| 2.1 | 2008-02-12 | CVE-2008-0010 | cve | The copy_from_user_mmap_sem function in fs/splice.c in the Linux kernel 2.6.22 through 2.6.24 does not validate a certain userspace pointer before dereference, which allow local... |
| 2.1 | 2008-02-12 | CVE-2008-0009 | cve | The vmsplice_to_user function in fs/splice.c in the Linux kernel 2.6.22 through 2.6.24 does not validate a certain userspace pointer before dereference, which might allow local ... |
| 3.6 | 2008-02-11 | CVE-2008-0666 | cve | Website META Language (WML) 2.0.11 allows local users to overwrite arbitrary files via a symlink attack on (1) the /tmp/pe.tmp.$$ temporary file used by wml_contrib/wmg.cgi and ... |
| 3.6 | 2008-02-11 | CVE-2008-0665 | cve | wml_backend/p1_ipp/ipp.src in Website META Language (WML) 2.0.11 allows local users to overwrite arbitrary files via a symlink attack on the ipp.$$.tmp temporary file. |
| 2.1 | 2008-02-07 | CVE-2008-0663 | cve | Novell Challenge Response Client (LCM) 2.7.5 and earlier, as used with Novell Client for Windows 4.91 SP4, allows users with physical access to a locked system to obtain content... |
| 2.1 | 2008-02-04 | CVE-2008-0580 | cve | Geert Moernaut LSrunasE and Supercrypt use an encryption key composed of an SHA1 hash of a fixed string embedded in the executable file, which makes it easier for local users to... |
| 2.1 | 2008-02-04 | CVE-2007-6340 | cve | Geert Moernaut LSrunasE 1.0 and Supercrypt 1.0 use the RC4 stream cipher without constructing a unique initialization vector (IV), which makes it easier for local users to obtai... |
| 2.6 | 2008-02-04 | CVE-2008-0179 | cve | Cross-site scripting (XSS) vulnerability in service/impl/UserLocalServiceImpl.java in Liferay Portal 4.3.6 allows remote attackers to inject arbitrary web script or HTML via the... |
| 2.1 | 2008-02-01 | CVE-2007-6696 | cve | Multiple cross-site scripting (XSS) vulnerabilities in WebCalendar 1.1.6 allow remote attackers to inject arbitrary web script or HTML via (1) an event description, (2) the quer... |
| 2.6 | 2008-01-24 | CVE-2008-0456 | cve | CRLF injection vulnerability in the mod_negotiation module in the Apache HTTP Server 2.2.6 and earlier in the 2.2.x series, 2.0.61 and earlier in the 2.0.x series, and 1.3.39 an... |
| 2.1 | 2008-01-24 | CVE-2008-0441 | cve | IBM Tivoli Business Service Manager (TBSM) 4.1.1 stores passwords in cleartext (1) after external authentication, which triggers writing the password to SM_server.log; and (2) a... |
| 2.6 | 2008-01-17 | CVE-2008-0334 | cve | Cross-site scripting (XSS) vulnerability in pm/language/spanish/preferences.php in PMachine Pro 2.4.1 allows remote attackers to inject arbitrary web script or HTML via the L_PR... |
| 2.1 | 2008-01-15 | CVE-2008-0216 | cve | The ptsname function in FreeBSD 6.0 through 7.0-PRERELEASE does not properly verify that a certain portion of a device name is associated with a pty of a user who is calling the... |
| 2.6 | 2008-01-15 | CVE-2008-0274 | cve | Cross-site scripting (XSS) vulnerability in Drupal 4.7.x and 5.x, when certain .htaccess protections are disabled, allows remote attackers to inject arbitrary web script or HTML... |
| 2.6 | 2008-01-15 | CVE-2008-0266 | cve | Cross-site request forgery (CSRF) vulnerability in admin.php in eTicket 1.5.5.2 allows remote attackers to change the administrative password and possibly perform other administ... |
| 3.6 | 2008-01-15 | CVE-2008-0001 | cve | VFS in the Linux kernel before 2.6.22.16, and 2.6.23.x before 2.6.23.14, performs tests of access mode by using the flag variable instead of the acc_mode variable, which might a... |
| 2.1 | 2008-01-10 | CVE-2007-6680 | cve | Trusted Execution in IBM AIX 6.1 uses an incorrect pathname argument in a call to the trustchk_block_write function, which might allow local users to modify trusted files, relat... |
| 3.5 | 2008-01-09 | CVE-2007-5403 | cve | Multiple cross-site scripting (XSS) vulnerabilities in Layton HelpBox 3.7.1 allow remote authenticated users to inject arbitrary web script or HTML via the (1) Forename, (2) Sur... |
| 3.5 | 2008-01-08 | CVE-2007-6421 | cve | Cross-site scripting (XSS) vulnerability in balancer-manager in mod_proxy_balancer in the Apache HTTP Server 2.2.0 through 2.2.6 allows remote attackers to inject arbitrary web ... |
| 2.1 | 2007-12-31 | CVE-2007-6595 | cve | ClamAV 0.92 allows local users to overwrite arbitrary files via a symlink attack on (1) temporary files used by the cli_gentempfd function in libclamav/others.c or on (2) .ascii... |
| Page(s) : 1 ... 329 330 331 332 333 334 335 336 337 338 [339] 340 341 342 343 344 345 346 347 348 349 ... | Result(s) : 8834 |
