| Page(s) : 1 ... 396 397 398 399 400 401 402 403 404 405 [406] 407 408 409 410 411 412 413 414 415 416 ... | Result(s) : 8835 |
Alerts
| DATE | NAME | CATEGORIES | DETAIL | |
|---|---|---|---|---|
| 2.1 | 2004-09-16 | CVE-2004-1689 | cve | sudoedit (aka sudo -e) in sudo 1.6.8 opens a temporary file with root privileges, which allows local users to read arbitrary files via a symlink attack on the temporary file bef... |
| 3.7 | 2004-09-13 | CVE-2004-1683 | cve | A race condition in crrtrap for QNX RTP 6.1 allows local users to gain privileges by modifying the PATH environment variable to reference a malicious io-graphics program before ... |
| 2.1 | 2004-09-13 | CVE-2004-0838 | cve | Lexar Safe Guard for JumpDrive Secure 1.0 stores the password insecurely in memory using XOR encryption, which allows local users to read the password directly from the device a... |
| 2.1 | 2004-09-08 | CVE-2004-0851 | cve | The (1) write_list and (2) dump_curr_list functions in Net-Acct before 0.71 allows local users to overwrite arbitrary files via a symlink attack on temporary files. |
| 3.6 | 2004-08-18 | CVE-2004-0435 | cve | Certain "programming errors" in the msync system call for FreeBSD 5.2.1 and earlier, and 4.10 and earlier, do not properly handle the MS_INVALIDATE operation, which leads to cac... |
| 2.1 | 2004-08-18 | CVE-2004-0394 | cve | A "potential" buffer overflow exists in the panic() function in Linux 2.4.x, although it may not be exploitable due to the functionality of panic. |
| 2.1 | 2004-08-18 | CVE-2004-0233 | cve | Utempter allows device names that contain .. (dot dot) directory traversal sequences, which allows local users to overwrite arbitrary files via a symlink attack on device names ... |
| 2.1 | 2004-08-18 | CVE-2004-0231 | cve | Multiple vulnerabilities in Midnight Commander (mc) before 4.6.0, with unknown impact, related to "Insecure temporary file and directory creations." |
| 2.1 | 2004-08-18 | CVE-2003-0193 | cve | msxlsview.sh in xlsview for catdoc 0.91 and earlier allows local users to overwrite arbitrary files via a symlink attack on predictable temporary file names ("word$$.html"). |
| 2.1 | 2004-08-17 | CVE-2004-1718 | cve | The ZwOpenSection function in Integrity Protection Driver (IPD) 1.4 and earlier allows local users to cause a denial of service (crash) via an invalid pointer in the "oa" argument. |
| 2.1 | 2004-08-10 | CVE-2004-1713 | cve | Unknown vulnerability in HP Process Resource Manager (PRM) C.02.01[.01] and earlier, as used by HP-UX Workload Manager (WLM), allows local users to corrupt data files. |
| 2.1 | 2004-08-06 | CVE-2004-0654 | cve | Unknown vulnerability in the Basic Security Module (BSM), when configured to audit either the Administrative (ad) or the System-Wide Administration (as) audit class in Solaris 7... |
| 2.1 | 2004-08-06 | CVE-2004-0653 | cve | Solaris 9, when configured as a Kerberos client with patch 112908-12 or 115168-03 and using pam_krb5 as an "auth" module with the debug feature enabled, records passwords in pla... |
| 2.1 | 2004-08-06 | CVE-2004-0596 | cve | The Equalizer Load-balancer for serial network interfaces (eql.c) in Linux kernel 2.6.x up to 2.6.7 allows local users to cause a denial of service via a non-existent device nam... |
| 2.1 | 2004-08-06 | CVE-2004-0587 | cve | Insecure permissions for the /proc/scsi/qla2300/HbaApiNode file in Linux allows local users to cause a denial of service. |
| 2.1 | 2004-08-06 | CVE-2004-0554 | cve | Linux kernel 2.4.x and 2.6.x for x86 allows local users to cause a denial of service (system crash), possibly via an infinite loop that triggers a signal handler with a certain ... |
| 2.1 | 2004-08-06 | CVE-2004-0535 | cve | The e1000 driver for Linux kernel 2.4.26 and earlier does not properly initialize memory before using it, which allows local users to read portions of kernel memory. NOTE: this... |
| 2.1 | 2004-08-06 | CVE-2004-0137 | cve | Unknown vulnerability in init for IRIX 6.5.20 through 6.5.24 allows local users to cause a denial of service (system panic) as a result of "page invalidation issues." |
| 2.1 | 2004-08-06 | CVE-2004-0136 | cve | The mapelf32exec function call in IRIX 6.5.20 through 6.5.24 allows local users to cause a denial of service (system crash) via a "corrupted binary." |
| 2.1 | 2004-08-04 | CVE-2004-1709 | cve | Datakey Rainbow iKey2032 USB token, when using the CIP client package, does not encrypt communications between the token and the driver, which could allow local users to obtain ... |
| Page(s) : 1 ... 396 397 398 399 400 401 402 403 404 405 [406] 407 408 409 410 411 412 413 414 415 416 ... | Result(s) : 8835 |
