| Page(s) : 1 ... 337 338 339 340 341 342 343 344 345 346 [347] 348 349 350 351 352 353 354 355 356 357 ... | Result(s) : 8837 |
Alerts
| DATE | NAME | CATEGORIES | DETAIL | |
|---|---|---|---|---|
| 3.5 | 2007-06-14 | CVE-2007-2450 | cve | Multiple cross-site scripting (XSS) vulnerabilities in the (1) Manager and (2) Host Manager web applications in Apache Tomcat 4.0.0 through 4.0.6, 4.1.0 through 4.1.36, 5.0.0 th... |
| 2.1 | 2007-06-14 | CVE-2007-2448 | cve | Subversion 1.4.3 and earlier does not properly implement the "partial access" privilege for users who have access to changed paths but not copied paths, which allows remote auth... |
| 2.1 | 2007-06-14 | CVE-2007-3100 | cve | usr/log.c in iscsid in open-iscsi (iscsi-initiator-utils) before 2.0-865 uses a semaphore with insecure permissions (world-writable/world-readable) for managing log messages usi... |
| 2.1 | 2007-06-14 | CVE-2007-3099 | cve | usr/mgmt_ipc.c in iscsid in open-iscsi (iscsi-initiator-utils) before 2.0-865 checks the client's UID on the listening AF_LOCAL socket instead of the new connection, which ... |
| 1.9 | 2007-06-11 | CVE-2007-2873 | cve | SpamAssassin 3.1.x, 3.2.0, and 3.2.1 before 20070611, when running as root in unusual configurations using vpopmail or virtual users, allows local users to cause a denial of ser... |
| 1.2 | 2007-06-11 | CVE-2007-2453 | cve | The random number feature in Linux kernel 2.6 before 2.6.20.13, and 2.6.21.x before 2.6.21.4, (1) does not properly seed pools when there is no entropy, or (2) uses an incorrect... |
| 2.1 | 2007-06-11 | CVE-2007-2875 | cve | Integer underflow in the cpuset_tasks_read function in the Linux kernel before 2.6.20.13, and 2.6.21.x before 2.6.21.4, when the cpuset filesystem is mounted, allows local users... |
| 2.1 | 2007-06-07 | CVE-2007-3024 | cve | libclamav/others.c in ClamAV before 0.90.3 and 0.91 before 0.91rc1 uses insecure permissions for temporary files that are created by the cli_gentempstream function in clamd/clam... |
| 1.8 | 2007-06-04 | CVE-2007-2999 | cve | Microsoft Windows Server 2003, when time restrictions are in effect for user accounts, generates different error messages for failed login attempts with a valid user name than f... |
| 3.5 | 2007-05-30 | CVE-2007-2909 | cve | Cross-site scripting (XSS) vulnerability in calendar.php in Jelsoft vBulletin 3.6.x before 3.6.7 allows remote attackers to inject arbitrary web script or HTML via unspecified v... |
| 2.1 | 2007-05-29 | CVE-2007-2894 | cve | The emulated floppy disk controller in Bochs 2.3 allows local users of the guest operating system to cause a denial of service (virtual machine crash) via unspecified vectors, r... |
| 2.1 | 2007-05-24 | CVE-2007-0751 | cve | A cleanup script in crontabs in Apple Mac OS X 10.3.9 and 10.4.9 might delete filesystems that have been mounted in /tmp, which might allow local users to cause a denial of serv... |
| 2.1 | 2007-05-22 | CVE-2006-7204 | cve | The imap_body function in PHP before 4.4.4 does not implement safemode or open_basedir checks, which allows local users to read arbitrary files or list arbitrary directory conte... |
| 3.5 | 2007-05-17 | CVE-2007-2746 | cve | The viewList function in lib/WebGUI/Asset/Wobject/DataForm.pm in Plain Black WebGUI before 7.3.14 does not properly use data structures containing privilege information, which a... |
| 2.6 | 2007-05-16 | CVE-2007-2727 | cve | The mcrypt_create_iv function in ext/mcrypt/mcrypt.c in PHP before 4.4.7, 5.2.1, and possibly 5.0.x and other PHP 5 versions, calls php_rand_r with an uninitialized seed variabl... |
| 3.6 | 2007-05-15 | CVE-2007-2703 | cve | BEA WebLogic Portal 9.2 GA can corrupt a visitor entitlements role if an administrator provides a long role description, which might allow remote authenticated users to access p... |
| 3.5 | 2007-05-15 | CVE-2007-2702 | cve | Cross-site scripting (XSS) vulnerability in the GroupSpace application in BEA WebLogic Portal 9.2 GA allows remote authenticated users to inject arbitrary web script or HTML via... |
| 3.5 | 2007-05-15 | CVE-2007-2693 | cve | MySQL before 5.1.18 allows remote authenticated users without SELECT privileges to obtain sensitive information from partitioned tables via an ALTER TABLE statement. |
| 3.5 | 2007-05-15 | CVE-2007-2683 | cve | Buffer overflow in Mutt 1.4.2 might allow local users to execute arbitrary code via "&" characters in the GECOS field, which triggers the overflow during alias expansion. |
| 2.6 | 2007-05-14 | CVE-2007-1903 | cve | Cross-site scripting (XSS) vulnerability in search.php in SonicBB 1.0 allows remote attackers to inject arbitrary web script or HTML via the part parameter. |
| Page(s) : 1 ... 337 338 339 340 341 342 343 344 345 346 [347] 348 349 350 351 352 353 354 355 356 357 ... | Result(s) : 8837 |
