Total
10130 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2011-0220 | 1 Apple | 1 Bonjour | 2024-11-21 | 4.9 MEDIUM | 5.5 MEDIUM |
| Apple Bonjour before 2011 allows a crash via a crafted multicast DNS packet. | |||||
| CVE-2010-4815 | 1 Coppermine-gallery | 1 Coppermine Gallery | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| Coppermine gallery before 1.4.26 has an input validation vulnerability that allows for code execution. | |||||
| CVE-2010-4660 | 1 Status | 1 Statusnet | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| Unspecified vulnerability in statusnet through 2010 due to the way addslashes are used in SQL string escapes.. | |||||
| CVE-2010-4239 | 1 Tiki | 1 Tikiwiki Cms\/groupware | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| Tiki Wiki CMS Groupware 5.2 has Local File Inclusion | |||||
| CVE-2010-3667 | 1 Typo3 | 1 Typo3 | 2024-11-21 | 5.0 MEDIUM | 5.3 MEDIUM |
| TYPO3 before 4.1.14, 4.2.x before 4.2.13, 4.3.x before 4.3.4 and 4.4.x before 4.4.1 allows Spam Abuse in the native form content element. | |||||
| CVE-2010-3439 | 3 Cor-entertainment, Debian, Fedoraproject | 3 Alien-arena, Debian Linux, Fedora | 2024-11-21 | 4.0 MEDIUM | 6.5 MEDIUM |
| It is possible to cause a DoS condition by causing the server to crash in alien-arena 7.33 by supplying various invalid parameters to the download command. | |||||
| CVE-2010-3375 | 1 Qtparted Project | 1 Qtparted | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| qtparted has insecure library loading which may allow arbitrary code execution | |||||
| CVE-2010-3373 | 2 Debian, Grsecurity | 2 Debian Linux, Paxtest | 2024-11-21 | 2.1 LOW | 5.5 MEDIUM |
| paxtest handles temporary files insecurely | |||||
| CVE-2010-3359 | 2 Debian, Gargoyle Project | 2 Debian Linux, Gargoyle | 2024-11-21 | 4.4 MEDIUM | 4.8 MEDIUM |
| If LD_LIBRARY_PATH is undefined in gargoyle-free before 2009-08-25, the variable will point to the current directory. This can allow a local user to trick another user into running gargoyle in a directory with a cracked libgarglk.so and gain access to the user's account. | |||||
| CVE-2010-3293 | 1 Mailscanner | 1 Mailscanner | 2024-11-21 | 2.1 LOW | 5.5 MEDIUM |
| mailscanner can allow local users to prevent virus signatures from being updated | |||||
| CVE-2010-2490 | 2 Debian, Mumble | 2 Debian Linux, Mumble | 2024-11-21 | 4.0 MEDIUM | 6.5 MEDIUM |
| Mumble: murmur-server has DoS due to malformed client query | |||||
| CVE-2010-2476 | 1 Syscp Project | 1 Syscp | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| syscp 1.4.2.1 allows attackers to add arbitrary paths via the documentroot of a domain by appending a colon to it and setting the open basedir path to use that domain documentroot. | |||||
| CVE-2010-2473 | 1 Drupal | 1 Drupal | 2024-11-21 | 3.5 LOW | 6.5 MEDIUM |
| Drupal 6.x before 6.16 and 5.x before version 5.22 does not properly block users under certain circumstances. A user with an open session that was blocked could maintain their session on the Drupal site despite being blocked. | |||||
| CVE-2010-2449 | 1 Gource | 1 Gource | 2024-11-21 | 5.5 MEDIUM | 6.5 MEDIUM |
| Gource through 0.26 logs to a predictable file name (/tmp/gource-$UID.tmp), enabling attackers to overwrite an arbitrary file via a symlink attack. | |||||
| CVE-2010-2447 | 1 Gitolite | 1 Gitolite | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| gitolite before 1.4.1 does not filter src/ or hooks/ from path names. | |||||
| CVE-2010-2446 | 1 Ruby-rbot | 1 Rbot | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| Rbot Reaction plugin allows command execution | |||||
| CVE-2010-2243 | 1 Linux | 1 Linux Kernel | 2024-11-21 | 7.8 HIGH | 7.5 HIGH |
| A vulnerability exists in kernel/time/clocksource.c in the Linux kernel before 2.6.34 where on non-GENERIC_TIME systems (GENERIC_TIME=n), accessing /sys/devices/system/clocksource/clocksource0/current_clocksource results in an OOPS. | |||||
| CVE-2010-2061 | 1 Rpcbind Project | 1 Rpcbind | 2024-11-21 | 7.2 HIGH | 7.8 HIGH |
| rpcbind 0.2.0 does not properly validate (1) /tmp/portmap.xdr and (2) /tmp/rpcbind.xdr, which can be created by an attacker before the daemon is started. | |||||
| CVE-2010-1678 | 1 Osgeo | 1 Mapserver | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| Mapserver 5.2, 5.4 and 5.6 before 5.6.5-2 improperly validates symbol index values during Mapfile parsing. | |||||
| CVE-2010-0748 | 3 Debian, Linux, Transmissionbt | 3 Debian Linux, Linux Kernel, Transmission | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| Transmission before 1.92 allows an attacker to cause a denial of service (crash) or possibly have other unspecified impact via a large number of tr arguments in a magnet link. | |||||