Max CVSS 10.0 Min CVSS 1.2 Total Count2
IDCVSSSummaryLast (major) updatePublished
CVE-2016-2183 5.0
The DES and Triple DES ciphers, as used in the TLS, SSH, and IPSec protocols and other protocols and products, have a birthday bound of approximately four billion blocks, which makes it easier for remote attackers to obtain cleartext data via a birth
28-07-2022 - 11:27 01-09-2016 - 00:59
CVE-2019-20907 5.0
In Lib/tarfile.py in Python through 3.8.3, an attacker is able to craft a TAR archive leading to an infinite loop when opened by tarfile.open, because _proc_pax lacks header validation.
28-07-2022 - 11:16 13-07-2020 - 13:15
CVE-2019-9636 5.0
Python 2.7.x through 2.7.16 and 3.x through 3.7.2 is affected by: Improper Handling of Unicode Encoding (with an incorrect netloc) during NFKC normalization. The impact is: Information disclosure (credentials, cookies, etc. that are cached against a
25-07-2022 - 18:15 08-03-2019 - 21:29
CVE-2020-7595 5.0
xmlStringLenDecodeEntities in parser.c in libxml2 2.9.10 has an infinite loop in a certain end-of-file situation.
25-07-2022 - 18:15 21-01-2020 - 23:15
CVE-2019-10160 5.0
A security regression of CVE-2019-9636 was discovered in python since commit d537ab0ff9767ef024f26246899728f0116b1ec3 affecting versions 2.7, 3.5, 3.6, 3.7 and from v3.8.0a4 through v3.8.0b1, which still allows an attacker to exploit CVE-2019-9636 by
05-07-2022 - 18:55 07-06-2019 - 18:29
CVE-2019-9948 6.4
urllib in Python 2.x through 2.7.16 supports the local_file: scheme, which makes it easier for remote attackers to bypass protection mechanisms that blacklist file: URIs, as demonstrated by triggering a urllib.urlopen('local_file:///etc/passwd') call
30-06-2022 - 17:14 23-03-2019 - 18:29
CVE-2020-1472 9.3
An elevation of privilege vulnerability exists when an attacker establishes a vulnerable Netlogon secure channel connection to a domain controller, using the Netlogon Remote Protocol (MS-NRPC), aka 'Netlogon Elevation of Privilege Vulnerability'.
26-04-2022 - 17:06 17-08-2020 - 19:15
CVE-2019-17185 5.0
In FreeRADIUS 3.0.x before 3.0.20, the EAP-pwd module used a global OpenSSL BN_CTX instance to handle all handshakes. This mean multiple threads use the same BN_CTX instance concurrently, resulting in crashes when concurrent EAP-pwd handshakes are in
22-04-2022 - 19:04 21-03-2020 - 01:15
CVE-2019-6454 4.9
An issue was discovered in sd-bus in systemd 239. bus_process_object() in libsystemd/sd-bus/bus-objects.c allocates a variable-length stack buffer for temporarily storing the object path of incoming D-Bus messages. An unprivileged local user can expl
20-02-2022 - 06:08 21-03-2019 - 16:01
CVE-2018-16888 1.9
It was discovered systemd does not correctly check the content of PIDFile files before using it to kill processes. When a service is run from an unprivileged user (e.g. User field set in the service file), a local attacker who is able to write to the
31-01-2022 - 18:37 14-01-2019 - 22:29
CVE-2018-16865 4.6
An allocation of memory without limits, that could result in the stack clashing with another memory region, was discovered in systemd-journald when many entries are sent to the journal socket. A local attacker, or a remote one if systemd-journal-remo
31-01-2022 - 18:34 11-01-2019 - 21:29
CVE-2018-1049 4.3
In systemd prior to 234 a race condition exists between .mount and .automount units such that automount requests from kernel may not be serviced by systemd resulting in kernel holding the mountpoint and any processes that try to use said mount will h
31-01-2022 - 18:26 16-02-2018 - 21:29
CVE-2019-20386 2.1
An issue was discovered in button_open in login/logind-button.c in systemd before 243. When executing the udevadm trigger command, a memory leak may occur.
28-01-2022 - 21:27 21-01-2020 - 06:15
CVE-2019-3816 5.0
Openwsman, versions up to and including 2.6.9, are vulnerable to arbitrary file disclosure because the working directory of openwsmand daemon was set to root directory. A remote, unauthenticated attacker can exploit this vulnerability by sending a sp
02-11-2021 - 20:17 14-03-2019 - 22:29
CVE-2020-8492 7.1
Python 2.7 through 2.7.17, 3.5 through 3.5.9, 3.6 through 3.6.10, 3.7 through 3.7.6, and 3.8 through 3.8.1 allows an HTTP server to conduct Regular Expression Denial of Service (ReDoS) attacks against a client because of urllib.request.AbstractBasicA
16-09-2021 - 15:46 30-01-2020 - 19:15
CVE-2018-3639 2.1
Systems with microprocessors utilizing speculative execution and speculative execution of memory reads before the addresses of all prior memory writes are known may allow unauthorized disclosure of information to an attacker with local user access vi
13-08-2021 - 15:26 22-05-2018 - 12:29
CVE-2018-10915 6.0
A vulnerability was found in libpq, the default PostgreSQL client library where libpq failed to properly reset its internal state between connections. If an affected version of libpq was used with "host" or "hostaddr" connection parameters from untru
04-08-2021 - 17:14 09-08-2018 - 20:29
CVE-2019-14907 2.6
All samba versions 4.9.x before 4.9.18, 4.10.x before 4.10.12 and 4.11.x before 4.11.5 have an issue where if it is set with "log level = 3" (or above) then the string obtained from the client, after a failed character conversion, is printed. Such st
29-05-2021 - 13:15 21-01-2020 - 18:15
CVE-2019-10218 4.3
A flaw was found in the samba client, all samba versions before samba 4.11.2, 4.10.10 and 4.9.15, where a malicious server can supply a pathname to the client with separators. This could allow the client to access files and folders outside of the SMB
29-05-2021 - 13:15 06-11-2019 - 10:15
CVE-2012-2677 5.0
Integer overflow in the ordered_malloc function in boost/pool/pool.hpp in Boost Pool before 3.9 makes it easier for context-dependent attackers to perform memory-related attacks such as buffer overflows via a large memory chunk size value, which caus
26-05-2021 - 10:15 25-07-2012 - 19:55
CVE-2019-16935 4.3
The documentation XML-RPC server in Python through 2.7.16, 3.x through 3.6.9, and 3.7.x through 3.7.4 has XSS via the server_title field. This occurs in Lib/DocXMLRPCServer.py in Python 2.x, and in Lib/xmlrpc/server.py in Python 3.x. If set_server_ti
17-04-2021 - 22:15 28-09-2019 - 02:15
CVE-2019-10161 7.2
It was discovered that libvirtd before versions 4.10.1 and 5.4.1 would permit read-only clients to use the virDomainSaveImageGetXMLDesc() API, specifying an arbitrary path which would be accessed with the permissions of the libvirtd process. An attac
25-03-2021 - 14:09 30-07-2019 - 23:15
CVE-2020-12663 5.0
Unbound before 1.10.1 has an infinite loop via malformed DNS answers received from upstream servers.
17-02-2021 - 20:58 19-05-2020 - 14:15
CVE-2018-1050 3.3
All versions of Samba from 4.0.0 onwards are vulnerable to a denial of service attack when the RPC spoolss service is configured to be run as an external daemon. Missing input sanitization checks on some of the input parameters to spoolss RPC calls c
04-12-2020 - 18:15 13-03-2018 - 16:29
CVE-2020-10772 5.0
An incomplete fix for CVE-2020-12662 was shipped for Unbound in Red Hat Enterprise Linux 7, as part of erratum RHSA-2020:2414. Vulnerable versions of Unbound could still amplify an incoming query into a large number of queries directed to a target, e
03-12-2020 - 21:14 27-11-2020 - 18:15
CVE-2019-3815 2.1
A memory leak was discovered in the backport of fixes for CVE-2018-16864 in Red Hat Enterprise Linux. Function dispatch_message_real() in journald-server.c does not free the memory allocated by set_iovec_field_free() to store the `_CMDLINE=` entry. A
13-11-2020 - 16:15 28-01-2019 - 15:29
CVE-2013-0170 6.8
Use-after-free vulnerability in the virNetMessageFree function in rpc/virnetserverclient.c in libvirt 1.0.x before 1.0.2, 0.10.2 before 0.10.2.3, 0.9.11 before 0.9.11.9, and 0.9.6 before 0.9.6.4 allows remote attackers to cause a denial of service (c
22-10-2020 - 15:40 08-02-2013 - 20:55
CVE-2017-9800 7.5
A maliciously constructed svn+ssh:// URL would cause Subversion clients before 1.8.19, 1.9.x before 1.9.7, and 1.10.0.x through 1.10.0-alpha3 to run an arbitrary shell command. Such a URL could be generated by a malicious server, by a malicious user
20-10-2020 - 22:15 11-08-2017 - 21:29
CVE-2019-3833 5.0
Openwsman, versions up to and including 2.6.9, are vulnerable to infinite loop in process_connection() when parsing specially crafted HTTP requests. A remote, unauthenticated attacker can exploit this vulnerability by sending malicious HTTP request t
19-10-2020 - 17:58 14-03-2019 - 22:29
CVE-2018-5748 5.0
qemu/qemu_monitor.c in libvirt allows attackers to cause a denial of service (memory consumption) via a large QEMU reply.
15-10-2020 - 13:28 25-01-2018 - 16:29
CVE-2019-10161 7.2
It was discovered that libvirtd before versions 4.10.1 and 5.4.1 would permit read-only clients to use the virDomainSaveImageGetXMLDesc() API, specifying an arbitrary path which would be accessed with the permissions of the libvirtd process. An attac
30-09-2020 - 14:47 30-07-2019 - 23:15
CVE-2020-1472 9.3
An elevation of privilege vulnerability exists when an attacker establishes a vulnerable Netlogon secure channel connection to a domain controller, using the Netlogon Remote Protocol (MS-NRPC), aka 'Netlogon Elevation of Privilege Vulnerability'.
28-09-2020 - 13:48 17-08-2020 - 19:15
CVE-2018-14567 4.3
libxml2 2.9.8, if --with-lzma is used, allows remote attackers to cause a denial of service (infinite loop) via a crafted XML file that triggers LZMA_MEMLIMIT_ERROR, as demonstrated by xmllint, a different vulnerability than CVE-2015-8035 and CVE-201
10-09-2020 - 01:15 16-08-2018 - 20:29
CVE-2020-15862 7.2
Net-SNMP through 5.7.3 has Improper Privilege Management because SNMP WRITE access to the EXTEND MIB provides the ability to run arbitrary commands as root.
04-09-2020 - 14:58 20-08-2020 - 01:17
CVE-2019-18197 5.1
In xsltCopyText in transform.c in libxslt 1.1.33, a pointer variable isn't reset under certain circumstances. If the relevant memory area happened to be freed and reused in a certain way, a bounds check could fail and memory outside a buffer could be
24-08-2020 - 17:37 18-10-2019 - 21:15
CVE-2019-16056 5.0
An issue was discovered in Python through 2.7.16, 3.x through 3.5.7, 3.6.x through 3.6.9, and 3.7.x through 3.7.4. The email module wrongly parses email addresses that contain multiple @ characters. An application that uses the email module and imple
24-08-2020 - 17:37 06-09-2019 - 18:15
CVE-2019-11091 4.7
Microarchitectural Data Sampling Uncacheable Memory (MDSUM): Uncacheable memory on some microprocessors utilizing speculative execution may allow an authenticated user to potentially enable information disclosure via a side channel with local access.
24-08-2020 - 17:37 30-05-2019 - 16:29
CVE-2018-1000116 7.5
NET-SNMP version 5.7.2 contains a heap corruption vulnerability in the UDP protocol handler that can result in command execution.
24-08-2020 - 17:37 07-03-2018 - 14:29
CVE-2013-0783 9.3
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 19.0, Firefox ESR 17.x before 17.0.3, Thunderbird before 17.0.3, Thunderbird ESR 17.x before 17.0.3, and SeaMonkey before 2.16 allow remote attackers to cause a deni
06-08-2020 - 17:24 19-02-2013 - 23:55
CVE-2012-3411 5.0
Dnsmasq before 2.63test1, when used with certain libvirt configurations, replies to requests from prohibited interfaces, which allows remote attackers to cause a denial of service (traffic amplification) via a spoofed DNS query.
27-05-2020 - 18:18 05-03-2013 - 21:38
CVE-2011-2834 6.8
Double free vulnerability in libxml2, as used in Google Chrome before 14.0.835.163, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to XPath handling.
08-05-2020 - 18:12 19-09-2011 - 12:02
CVE-2011-3919 7.5
Heap-based buffer overflow in libxml2, as used in Google Chrome before 16.0.912.75, allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors.
07-05-2020 - 19:05 07-01-2012 - 11:55
CVE-2015-8710 7.5
The htmlParseComment function in HTMLparser.c in libxml2 allows attackers to obtain sensitive information, cause a denial of service (out-of-bounds heap memory access and application crash), or possibly have unspecified other impact via an unclosed H
26-02-2020 - 19:19 11-04-2016 - 21:59
CVE-2015-0244 7.5
PostgreSQL before 9.0.19, 9.1.x before 9.1.15, 9.2.x before 9.2.10, 9.3.x before 9.3.6, and 9.4.x before 9.4.1 does not properly handle errors while reading a protocol message, which allows remote attackers to conduct SQL injection attacks via crafte
31-01-2020 - 20:18 27-01-2020 - 16:15
CVE-2016-5404 4.0
The cert_revoke command in FreeIPA does not check for the "revoke certificate" permission, which allows remote authenticated users to revoke arbitrary certificates by leveraging the "retrieve certificate" permission.
27-12-2019 - 16:08 07-09-2016 - 20:59
CVE-2015-1819 5.0
The xmlreader in libxml allows remote attackers to cause a denial of service (memory consumption) via crafted XML data, related to an XML Entity Expansion (XEE) attack.
27-12-2019 - 16:08 14-08-2015 - 18:59
CVE-2015-3167 5.0
contrib/pgcrypto in PostgreSQL before 9.0.20, 9.1.x before 9.1.16, 9.2.x before 9.2.11, 9.3.x before 9.3.7, and 9.4.x before 9.4.2 uses different error responses when an incorrect key is used, which makes it easier for attackers to obtain the key via
22-11-2019 - 15:18 20-11-2019 - 21:15
CVE-2014-9365 5.8
The HTTP clients in the (1) httplib, (2) urllib, (3) urllib2, and (4) xmlrpclib libraries in CPython (aka Python) 2.x before 2.7.9 and 3.x before 3.4.3, when accessing an HTTPS URL, do not (a) check the certificate against a trust store or verify tha
25-10-2019 - 11:53 12-12-2014 - 11:59
CVE-2014-7185 6.4
Integer overflow in bufferobject.c in Python before 2.7.8 allows context-dependent attackers to obtain sensitive information from process memory via a large size and offset in a "buffer" function.
25-10-2019 - 11:53 08-10-2014 - 17:55
CVE-2013-4238 4.3
The ssl.match_hostname function in the SSL module in Python 2.6 through 3.4 does not properly handle a '\0' character in a domain name in the Subject Alternative Name field of an X.509 certificate, which allows man-in-the-middle attackers to spoof ar
25-10-2019 - 11:53 18-08-2013 - 02:52
CVE-2011-1521 6.4
The urllib and urllib2 modules in Python 2.x before 2.7.2 and 3.x before 3.2.1 process Location headers that specify redirection to file: URLs, which makes it easier for remote attackers to obtain sensitive information or cause a denial of service (r
25-10-2019 - 11:53 24-05-2011 - 23:55
CVE-2012-1150 5.0
Python before 2.6.8, 2.7.x before 2.7.3, 3.x before 3.1.5, and 3.2.x before 3.2.3 computes hash values without restricting the ability to trigger hash collisions predictably, which allows context-dependent attackers to cause a denial of service (CPU
25-10-2019 - 11:53 05-10-2012 - 21:55
CVE-2018-18066 5.0
snmp_oid_compare in snmplib/snmp_api.c in Net-SNMP before 5.8 has a NULL Pointer Exception bug that can be used by an unauthenticated attacker to remotely cause the instance to crash via a crafted UDP packet, resulting in Denial of Service.
16-10-2019 - 18:15 08-10-2018 - 18:29
CVE-2018-1139 4.3
A flaw was found in the way samba before 4.7.9 and 4.8.4 allowed the use of weak NTLMv1 authentication even when NTLMv1 was explicitly disabled. A man-in-the-middle attacker could use this flaw to read the credential and other details passed between
09-10-2019 - 23:38 22-08-2018 - 14:29
CVE-2018-10873 6.5
A vulnerability was discovered in SPICE before version 0.14.1 where the generated code used for demarshalling messages lacked sufficient bounds checks. A malicious client or server, after authentication, could send specially crafted messages to its p
09-10-2019 - 23:33 17-08-2018 - 12:29
CVE-2017-7546 7.5
PostgreSQL versions before 9.2.22, 9.3.18, 9.4.13, 9.5.8 and 9.6.4 are vulnerable to incorrect authentication flaw allowing remote attackers to gain access to database accounts with an empty password.
09-10-2019 - 23:29 16-08-2017 - 18:29
CVE-2017-2619 6.0
Samba before versions 4.6.1, 4.5.7 and 4.4.11 are vulnerable to a malicious client using a symlink race to allow access to areas of the server file system not exported under the share definition.
09-10-2019 - 23:26 12-03-2018 - 15:29
CVE-2017-15097 7.2
Privilege escalation flaws were found in the Red Hat initialization scripts of PostgreSQL. An attacker with access to the postgres user account could use these flaws to obtain root access on the server machine.
09-10-2019 - 23:24 27-07-2018 - 20:29
CVE-2017-15101 7.5
A missing patch for a stack-based buffer overflow in findTable() was found in Red Hat version of liblouis before 2.5.4. An attacker could cause a denial of service condition or potentially even arbitrary code execution.
09-10-2019 - 23:24 27-07-2018 - 20:29
CVE-2017-12163 4.8
An information leak flaw was found in the way SMB1 protocol was implemented by Samba before 4.4.16, 4.5.x before 4.5.14, and 4.6.x before 4.6.8. A malicious client could use this flaw to dump server memory contents to a file on the samba share or to
09-10-2019 - 23:22 26-07-2018 - 16:29
CVE-2011-3145 7.5
When mount.ecrpytfs_private before version 87-0ubuntu1.2 calls setreuid() it doesn't also set the effective group id. So when it creates the new version, mtab.tmp, it's created with the group id of the user running mount.ecryptfs_private.
09-10-2019 - 23:03 22-04-2019 - 16:29
CVE-2017-7547 4.0
PostgreSQL versions before 9.2.22, 9.3.18, 9.4.13, 9.5.8 and 9.6.4 are vulnerable to authorization flaw allowing remote authenticated attackers to retrieve passwords from the user mappings defined by the foreign server owners without actually having
03-10-2019 - 00:03 16-08-2017 - 18:29
CVE-2017-9461 6.8
smbd in Samba before 4.4.10 and 4.5.x before 4.5.6 has a denial of service vulnerability (fd_open_atomic infinite loop with high CPU usage and memory consumption) due to wrongly handling dangling symlinks.
03-10-2019 - 00:03 06-06-2017 - 21:29
CVE-2018-1061 5.0
python before versions 2.7.15, 3.4.9, 3.5.6rc1, 3.6.5rc1 and 3.7.0 is vulnerable to catastrophic backtracking in the difflib.IS_LINE_JUNK method. An attacker could use this flaw to cause denial of service.
03-10-2019 - 00:03 19-06-2018 - 12:29
CVE-2017-10987 5.0
An FR-GV-304 issue in FreeRADIUS 3.x before 3.0.15 allows "DHCP - Buffer over-read in fr_dhcp_decode_suboptions()" and a denial of service.
03-10-2019 - 00:03 17-07-2017 - 17:29
CVE-2016-2118 6.8
The MS-SAMR and MS-LSAD protocol implementations in Samba 3.x and 4.x before 4.2.11, 4.3.x before 4.3.8, and 4.4.x before 4.4.2 mishandle DCERPC connections, which allows man-in-the-middle attackers to perform protocol-downgrade attacks and impersona
27-09-2019 - 17:17 12-04-2016 - 23:59
CVE-2018-11782 4.0
In Apache Subversion versions up to and including 1.9.10, 1.10.4, 1.12.0, Subversion's svnserve server process may exit when a well-formed read-only request produces a particular answer. This can lead to disruption for users of the server.
27-09-2019 - 15:33 26-09-2019 - 16:15
CVE-2018-6790 5.0
An issue was discovered in KDE Plasma Workspace before 5.12.0. dataengines/notifications/notificationsengine.cpp allows remote attackers to discover client IP addresses via a URL in a notification, as demonstrated by the src attribute of an IMG eleme
06-08-2019 - 17:15 07-02-2018 - 02:29
CVE-2018-10893 6.5
Multiple integer overflow and buffer overflow issues were discovered in spice-client's handling of LZ compressed frames. A malicious server could cause the client to crash or, potentially, execute arbitrary code.
06-08-2019 - 17:15 11-09-2018 - 15:29
CVE-2013-4324 4.6
spice-gtk 0.14, and possibly other versions, invokes the polkit authority using the insecure polkit_unix_process_new API function, which allows local users to bypass intended access restrictions by leveraging a PolkitUnixProcess PolkitSubject race co
17-06-2019 - 13:55 03-10-2013 - 21:55
CVE-2019-3880 5.5
A flaw was found in the way samba implemented an RPC endpoint emulating the Windows registry service API. An unprivileged attacker could use this flaw to create a new registry hive file anywhere they have unix permissions which could lead to creation
27-05-2019 - 08:29 09-04-2019 - 16:29
CVE-2019-11235 7.5
FreeRADIUS before 3.0.19 mishandles the "each participant verifies that the received scalar is within a range, and that the received group element is a valid point on the curve being used" protection mechanism, aka a "Dragonblood" issue, a similar is
13-05-2019 - 18:29 22-04-2019 - 11:29
CVE-2018-13988 4.3
Poppler through 0.62 contains an out of bounds read vulnerability due to an incorrect memory access that is not mapped in its memory space, as demonstrated by pdfunite. This can result in memory corruption and denial of service. This may be exploitab
25-04-2019 - 14:16 25-07-2018 - 23:29
CVE-2013-4311 4.6
libvirt 1.0.5.x before 1.0.5.6, 0.10.2.x before 0.10.2.8, and 0.9.12.x before 0.9.12.2 allows local users to bypass intended access restrictions by leveraging a PolkitUnixProcess PolkitSubject race condition in pkcheck via a (1) setuid process or (2)
22-04-2019 - 17:48 03-10-2013 - 21:55
CVE-2012-4546 4.3
The default configuration for IPA servers in Red Hat Enterprise Linux 6, when revoking a certificate from an Identity Management replica, does not properly update another Identity Management replica, which causes inconsistent Certificate Revocation L
22-04-2019 - 17:48 03-04-2013 - 00:55
CVE-2014-3560 7.9
NetBIOS name services daemon (nmbd) in Samba 4.0.x before 4.0.21 and 4.1.x before 4.1.11 allows remote attackers to execute arbitrary code via unspecified vectors that modify heap memory, involving a sizeof operation on an incorrect variable in the u
22-04-2019 - 17:48 06-08-2014 - 18:55
CVE-2014-5177 1.2
libvirt 1.0.0 through 1.2.x before 1.2.5, when fine grained access control is enabled, allows local users to read arbitrary files via a crafted XML document containing an XML external entity declaration in conjunction with an entity reference to the
22-04-2019 - 17:48 03-08-2014 - 18:55
CVE-2011-1011 6.9
The seunshare_mount function in sandbox/seunshare.c in seunshare in certain Red Hat packages of policycoreutils 2.0.83 and earlier in Red Hat Enterprise Linux (RHEL) 6 and earlier, and Fedora 14 and earlier, mounts a new directory on top of /tmp with
22-04-2019 - 17:48 24-02-2011 - 21:00
CVE-2014-0179 1.9
libvirt 0.7.5 through 1.2.x before 1.2.5 allows local users to cause a denial of service (read block and hang) via a crafted XML document containing an XML external entity declaration in conjunction with an entity reference to the (1) virConnectCompa
22-04-2019 - 17:48 03-08-2014 - 18:55
CVE-2014-0249 3.3
The System Security Services Daemon (SSSD) 1.11.6 does not properly identify group membership when a non-POSIX group is in a group membership chain, which allows local users to bypass access restrictions via unspecified vectors.
22-04-2019 - 17:48 11-06-2014 - 14:55
CVE-2015-0240 10.0
The Netlogon server implementation in smbd in Samba 3.5.x and 3.6.x before 3.6.25, 4.0.x before 4.0.25, 4.1.x before 4.1.17, and 4.2.x before 4.2.0rc5 performs a free operation on an uninitialized stack pointer, which allows remote attackers to execu
22-04-2019 - 17:48 24-02-2015 - 01:59
CVE-2016-5699 4.3
CRLF injection vulnerability in the HTTPConnection.putheader function in urllib2 and urllib in CPython (aka Python) before 2.7.10 and 3.x before 3.4.4 allows remote attackers to inject arbitrary HTTP headers via CRLF sequences in a URL.
09-02-2019 - 11:29 02-09-2016 - 14:59
CVE-2016-5636 10.0
Integer overflow in the get_data function in zipimport.c in CPython (aka Python) before 2.7.12, 3.x before 3.4.5, and 3.5.x before 3.5.2 allows remote attackers to have unspecified impact via a negative data size value, which triggers a heap-based bu
09-02-2019 - 11:29 02-09-2016 - 14:59
CVE-2014-3215 6.9
seunshare in policycoreutils 2.2.5 is owned by root with 4755 permissions, and executes programs in a way that changes the relationship between the setuid system call and the getresuid saved set-user-ID value, which makes it easier for local users to
03-01-2019 - 17:08 08-05-2014 - 10:55
CVE-2014-8118 10.0
Integer overflow in RPM 4.12 and earlier allows remote attackers to execute arbitrary code via a crafted CPIO header in the payload section of an RPM file, which triggers a stack-based buffer overflow.
29-11-2018 - 11:29 16-12-2014 - 18:59
CVE-2013-6435 7.6
Race condition in RPM 4.11.1 and earlier allows remote attackers to execute arbitrary code via a crafted RPM file whose installation extracts the contents to temporary files before validating the signature, as demonstrated by installing a file in the
29-11-2018 - 11:29 16-12-2014 - 18:59
CVE-2013-7336 1.9
The qemuMigrationWaitForSpice function in qemu/qemu_migration.c in libvirt before 1.1.3 does not properly enter a monitor when performing seamless SPICE migration, which allows local users to cause a denial of service (NULL pointer dereference and li
30-10-2018 - 16:27 07-05-2014 - 10:55
CVE-2013-4124 5.0
Integer overflow in the read_nttrans_ea_list function in nttrans.c in smbd in Samba 3.x before 3.5.22, 3.6.x before 3.6.17, and 4.x before 4.0.8 allows remote attackers to cause a denial of service (memory consumption) via a malformed packet.
30-10-2018 - 16:27 06-08-2013 - 02:56
CVE-2013-0338 4.3
libxml2 2.9.0 and earlier allows context-dependent attackers to cause a denial of service (CPU and memory consumption) via an XML file containing an entity declaration with long replacement text and many references to this entity, aka "internal entit
30-10-2018 - 16:27 25-04-2013 - 23:55
CVE-2012-1182 10.0
The RPC code generator in Samba 3.x before 3.4.16, 3.5.x before 3.5.14, and 3.6.x before 3.6.4 does not implement validation of an array length in a manner consistent with validation of array memory allocation, which allows remote attackers to execut
30-10-2018 - 16:25 10-04-2012 - 21:55
CVE-2017-7494 10.0
Samba since version 3.5.0 and before 4.6.4, 4.5.10 and 4.4.14 is vulnerable to remote code execution vulnerability, allowing a malicious client to upload a shared library to a writable share, and then cause the server to load and execute it.
21-10-2018 - 10:29 30-05-2017 - 18:29
CVE-2017-15275 5.0
Samba before 4.7.3 might allow remote attackers to obtain sensitive information by leveraging failure of the server to clear allocated heap memory.
21-10-2018 - 10:29 27-11-2017 - 22:29
CVE-2016-2119 6.8
libcli/smb/smbXcli_base.c in Samba 4.x before 4.2.14, 4.3.x before 4.3.11, and 4.4.x before 4.4.5 allows man-in-the-middle attackers to bypass a client-signing protection mechanism, and consequently spoof SMB2 and SMB3 servers, via the (1) SMB2_SESSI
21-10-2018 - 10:29 07-07-2016 - 15:59
CVE-2014-3493 2.7
The push_ascii function in smbd in Samba 3.6.x before 3.6.24, 4.0.x before 4.0.19, and 4.1.x before 4.1.9 allows remote authenticated users to cause a denial of service (memory corruption and daemon crash) via an attempt to read a Unicode pathname wi
09-10-2018 - 19:44 23-06-2014 - 14:55
CVE-2012-4505 10.0
Heap-based buffer overflow in the px_pac_reload function in lib/pac.c in libproxy 0.2.x and 0.3.x allows remote servers to have an unspecified impact via a crafted Content-Length size in an HTTP response header for a proxy.pac file request, a differe
13-08-2018 - 21:47 11-11-2012 - 13:00
CVE-2012-6662 4.3
Cross-site scripting (XSS) vulnerability in the default content option in jquery.ui.tooltip.js in the Tooltip widget in jQuery UI before 1.10.0 allows remote attackers to inject arbitrary web script or HTML via the title attribute, which is not prope
14-07-2018 - 01:29 24-11-2014 - 16:59
CVE-2015-3246 7.2
libuser before 0.56.13-8 and 0.60 before 0.60-7, as used in the userhelper program in the usermode package, directly modifies /etc/passwd, which allows local users to cause a denial of service (inconsistent file state) by causing an error during the
20-05-2018 - 01:29 11-08-2015 - 14:59
CVE-2016-2126 4.0
Samba version 4.0.0 up to 4.5.2 is vulnerable to privilege elevation due to incorrect handling of the PAC (Privilege Attribute Certificate) checksum. A remote, authenticated, attacker can cause the winbindd process to crash using a legitimate Kerbero
11-05-2018 - 01:29 11-05-2017 - 14:29
CVE-2018-1063 3.3
Context relabeling of filesystems is vulnerable to symbolic link attack, allowing a local, unprivileged malicious entity to change the SELinux context of an arbitrary file to a context with few restrictions. This only happens when the relabeling proc
12-04-2018 - 01:29 02-03-2018 - 15:29
CVE-2015-3315 7.2
Automatic Bug Reporting Tool (ABRT) allows local users to read, change the ownership of, or have other unspecified impact on arbitrary files via a symlink attack on (1) /var/tmp/abrt/*/maps, (2) /tmp/jvm-*/hs_error.log, (3) /proc/*/exe, (4) /etc/os-r
19-02-2018 - 02:29 26-06-2017 - 15:29
CVE-2016-4449 5.8
XML external entity (XXE) vulnerability in the xmlStringLenDecodeEntities function in parser.c in libxml2 before 2.9.4, when not in validating mode, allows context-dependent attackers to read arbitrary files or cause a denial of service (resource con
18-01-2018 - 18:18 09-06-2016 - 16:59
CVE-2012-0815 6.8
The headerVerifyInfo function in lib/header.c in RPM before 4.9.1.3 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a negative value in a region offset of a package header, which is not properly ha
18-01-2018 - 02:29 04-06-2012 - 20:55
CVE-2017-9148 7.5
The TLS session cache in FreeRADIUS 2.1.1 through 2.1.7, 3.0.x before 3.0.14, 3.1.x before 2017-02-04, and 4.0.x before 2017-02-04 fails to reliably prevent resumption of an unauthenticated session, which allows remote attackers (such as malicious 80
05-01-2018 - 02:31 29-05-2017 - 17:29
CVE-2017-5885 7.5
Multiple integer overflows in the (1) vnc_connection_server_message and (2) vnc_color_map_set functions in gtk-vnc before 0.7.0 allow remote servers to cause a denial of service (crash) or possibly execute arbitrary code via vectors involving SetColo
05-01-2018 - 02:31 28-02-2017 - 18:59
CVE-2017-7486 5.0
PostgreSQL versions 8.4 - 9.6 are vulnerable to information leak in pg_user_mappings view which discloses foreign server passwords to any user having USAGE privilege on the associated foreign server.
05-01-2018 - 02:31 12-05-2017 - 19:29
CVE-2016-7545 7.2
SELinux policycoreutils allows local users to execute arbitrary commands outside of the sandbox via a crafted TIOCSTI ioctl call.
05-01-2018 - 02:31 19-01-2017 - 20:59
CVE-2016-5424 4.6
PostgreSQL before 9.1.23, 9.2.x before 9.2.18, 9.3.x before 9.3.14, 9.4.x before 9.4.9, and 9.5.x before 9.5.4 might allow remote authenticated users with the CREATEDB or CREATEROLE role to gain superuser privileges via a (1) " (double quote), (2) \
05-01-2018 - 02:31 09-12-2016 - 23:59
CVE-2017-10983 5.0
An FR-GV-206 issue in FreeRADIUS 2.x before 2.2.10 and 3.x before 3.0.15 allows "DHCP - Read overflow when decoding option 63" and a denial of service.
05-01-2018 - 02:31 17-07-2017 - 17:29
CVE-2014-2015 7.5
Stack-based buffer overflow in the normify function in the rlm_pap module (modules/rlm_pap/rlm_pap.c) in FreeRADIUS 2.x, possibly 2.2.3 and earlier, and 3.x, possibly 3.0.1 and earlier, might allow attackers to cause a denial of service (crash) and p
05-01-2018 - 02:29 02-11-2014 - 00:55
CVE-2014-0066 4.0
The chkpass extension in PostgreSQL before 8.4.20, 9.0.x before 9.0.16, 9.1.x before 9.1.12, 9.2.x before 9.2.7, and 9.3.x before 9.3.3 does not properly check the return value of the crypt library function, which allows remote authenticated users to
16-12-2017 - 02:29 31-03-2014 - 14:58
CVE-2016-0773 5.0
PostgreSQL before 9.1.20, 9.2.x before 9.2.15, 9.3.x before 9.3.11, 9.4.x before 9.4.6, and 9.5.x before 9.5.1 allows remote attackers to cause a denial of service (infinite loop or buffer overflow and crash) via a large Unicode character range in a
09-12-2017 - 02:29 17-02-2016 - 15:59
CVE-2017-13744 4.3
There is an illegal address access in the function _lou_getALine() in compileTranslationTable.c:343 in Liblouis 3.2.0.
02-12-2017 - 02:29 29-08-2017 - 06:29
CVE-2013-1900 8.5
PostgreSQL 9.2.x before 9.2.4, 9.1.x before 9.1.9, 9.0.x before 9.0.13, and 8.4.x before 8.4.17, when using OpenSSL, generates insufficiently random numbers, which might allow remote authenticated users to have an unspecified impact via vectors relat
20-10-2017 - 01:29 04-04-2013 - 17:55
CVE-2012-2893 6.8
Double free vulnerability in libxslt, as used in Google Chrome before 22.0.1229.79, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to XSL transforms.
19-09-2017 - 01:35 26-09-2012 - 10:56
CVE-2010-3433 6.0
The PL/perl and PL/Tcl implementations in PostgreSQL 7.4 before 7.4.30, 8.0 before 8.0.26, 8.1 before 8.1.22, 8.2 before 8.2.18, 8.3 before 8.3.12, 8.4 before 8.4.5, and 9.0 before 9.0.1 do not properly protect script execution by a different SQL use
19-09-2017 - 01:31 06-10-2010 - 17:00
CVE-2014-0191 4.3
The xmlParserHandlePEReference function in parser.c in libxml2 before 2.9.2, as used in Web Listener in Oracle HTTP Server in Oracle Fusion Middleware 11.1.1.7.0, 12.1.2.0, and 12.1.3.0 and other products, loads external parameter entities regardless
29-08-2017 - 01:34 21-01-2015 - 14:59
CVE-2013-1962 5.0
The remoteDispatchStoragePoolListAllVolumes function in the storage pool manager in libvirt 1.0.5 allows remote attackers to cause a denial of service (file descriptor consumption) via a large number of requests "to list all volumes for the particula
29-08-2017 - 01:33 29-05-2013 - 00:55
CVE-2012-6151 4.3
Net-SNMP 5.7.1 and earlier, when AgentX is registering to handle a MIB and processing GETNEXT requests, allows remote attackers to cause a denial of service (crash or infinite loop, CPU consumption, and hang) by causing the AgentX subagent to timeout
29-08-2017 - 01:32 13-12-2013 - 18:55
CVE-2012-5134 6.8
Heap-based buffer underflow in the xmlParseAttValueComplex function in parser.c in libxml2 2.9.0 and earlier, as used in Google Chrome before 23.0.1271.91 and other products, allows remote attackers to cause a denial of service or possibly execute ar
29-08-2017 - 01:32 28-11-2012 - 01:55
CVE-2012-3547 6.8
Stack-based buffer overflow in the cbtls_verify function in FreeRADIUS 2.1.10 through 2.1.12, when using TLS-based EAP methods, allows remote attackers to cause a denial of service (server crash) and possibly execute arbitrary code via a long "not af
29-08-2017 - 01:31 18-09-2012 - 17:55
CVE-2012-2141 3.5
Array index error in the handle_nsExtendOutput2Table function in agent/mibgroup/agent/extend.c in Net-SNMP 5.7.1 allows remote authenticated users to cause a denial of service (out-of-bounds read and snmpd crash) via an SNMP GET request for an entry
29-08-2017 - 01:31 14-08-2012 - 22:55
CVE-2012-1106 1.9
The C handler plug-in in Automatic Bug Reporting Tool (ABRT), possibly 2.0.8 and earlier, does not properly set the group (GID) permissions on core dump files for setuid programs when the sysctl fs.suid_dumpable option is set to 2, which allows local
29-08-2017 - 01:31 03-07-2012 - 16:40
CVE-2011-2483 5.0
crypt_blowfish before 1.1, as used in PHP before 5.3.7 on certain platforms, PostgreSQL before 8.4.9, and other products, does not properly handle 8-bit characters, which makes it easier for context-dependent attackers to determine a cleartext passwo
29-08-2017 - 01:29 25-08-2011 - 14:22
CVE-2011-2511 4.0
Integer overflow in libvirt before 0.9.3 allows remote authenticated users to cause a denial of service (libvirtd crash) and possibly execute arbitrary code via a crafted VirDomainGetVcpus RPC call that triggers memory corruption.
29-08-2017 - 01:29 10-08-2011 - 20:55
CVE-2010-4015 6.5
Buffer overflow in the gettoken function in contrib/intarray/_int_bool.c in the intarray array module in PostgreSQL 9.0.x before 9.0.3, 8.4.x before 8.4.7, 8.3.x before 8.3.14, and 8.2.x before 8.2.20 allows remote authenticated users to cause a deni
17-08-2017 - 01:33 02-02-2011 - 01:00
CVE-2011-1146 6.9
libvirt.c in the API in Red Hat libvirt 0.8.8 does not properly restrict operations in a read-only connection, which allows remote attackers to cause a denial of service (host OS crash) or possibly execute arbitrary code via a (1) virNodeDeviceDettac
17-08-2017 - 01:33 15-03-2011 - 17:55
CVE-2011-0002 6.4
libuser before 0.57 uses a cleartext password value of (1) !! or (2) x for new LDAP user accounts, which makes it easier for remote attackers to obtain access by specifying one of these values.
17-08-2017 - 01:33 22-01-2011 - 22:00
CVE-2016-7796 4.9
The manager_dispatch_notify_fd function in systemd allows local users to cause a denial of service (system hang) via a zero-length message received over a notify socket, which causes an error to be returned and the notification handler to be disabled
28-07-2017 - 01:29 13-10-2016 - 14:59
CVE-2016-7795 4.9
The manager_invoke_notify_message function in systemd 231 and earlier allows local users to cause a denial of service (assertion failure and PID 1 hang) via a zero-length message received over a notify socket.
28-07-2017 - 01:29 13-10-2016 - 14:59
CVE-2015-3187 4.0
The svn_repos_trace_node_locations function in Apache Subversion before 1.7.21 and 1.8.x before 1.8.14, when path-based authorization is used, allows remote authenticated users to obtain sensitive path information by reading the history of a node tha
01-07-2017 - 01:29 12-08-2015 - 14:59
CVE-2015-5288 6.4
The crypt function in contrib/pgcrypto in PostgreSQL before 9.0.23, 9.1.x before 9.1.19, 9.2.x before 9.2.14, 9.3.x before 9.3.10, and 9.4.x before 9.4.5 allows attackers to cause a denial of service (server crash) or read arbitrary server memory via
01-07-2017 - 01:29 26-10-2015 - 14:59
CVE-2015-5289 6.4
Multiple stack-based buffer overflows in json parsing in PostgreSQL before 9.3.x before 9.3.10 and 9.4.x before 9.4.5 allow attackers to cause a denial of service (server crash) via unspecified vectors, which are not properly handled in (1) json or (
01-07-2017 - 01:29 26-10-2015 - 14:59
CVE-2013-6442 5.8
The owner_set function in smbcacls.c in smbcacls in Samba 4.0.x before 4.0.16 and 4.1.x before 4.1.6 removes an ACL during use of a --chown or --chgrp option, which allows remote attackers to bypass intended access restrictions in opportunistic circu
07-01-2017 - 02:59 14-03-2014 - 10:55
CVE-2013-4408 8.3
Heap-based buffer overflow in the dcerpc_read_ncacn_packet_done function in librpc/rpc/dcerpc_util.c in winbindd in Samba 3.x before 3.6.22, 4.0.x before 4.0.13, and 4.1.x before 4.1.3 allows remote AD domain controllers to execute arbitrary code via
07-01-2017 - 02:59 10-12-2013 - 06:14
CVE-2014-7823 5.0
The virDomainGetXMLDesc API in Libvirt before 1.2.11 allows remote read-only users to obtain the VNC password by using the VIR_DOMAIN_XML_MIGRATABLE flag, which triggers the use of the VIR_DOMAIN_XML_SECURE flag.
03-01-2017 - 02:59 13-11-2014 - 21:32
CVE-2014-8108 5.0
The mod_dav_svn Apache HTTPD server module in Apache Subversion 1.7.x before 1.7.19 and 1.8.x before 1.8.11 allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via a request for a URI that triggers a lookup for a
03-01-2017 - 02:59 18-12-2014 - 15:59
CVE-2015-7540 5.0
The LDAP server in the AD domain controller in Samba 4.x before 4.1.22 does not check return values to ensure successful ASN.1 memory allocation, which allows remote attackers to cause a denial of service (memory consumption and daemon crash) via cra
31-12-2016 - 02:59 29-12-2015 - 22:59
CVE-2015-5330 5.0
ldb before 1.1.24, as used in the AD LDAP server in Samba 4.x before 4.1.22, 4.2.x before 4.2.7, and 4.3.x before 4.3.3, mishandles string lengths, which allows remote attackers to obtain sensitive information from daemon heap memory by sending craft
31-12-2016 - 02:59 29-12-2015 - 22:59
CVE-2015-1827 5.0
The get_user_grouplist function in the extdom plug-in in FreeIPA before 4.1.4 does not properly reallocate memory when processing user accounts, which allows remote attackers to cause a denial of service (crash) via a group list request for a user th
31-12-2016 - 02:59 30-03-2015 - 14:59
CVE-2014-3565 5.0
snmplib/mib.c in net-snmp 5.7.0 and earlier, when the -OQ option is used, allows remote attackers to cause a denial of service (snmptrapd crash) via a crafted SNMP trap message, which triggers a conversion to the variable type designated in the MIB f
24-12-2016 - 02:59 07-10-2014 - 14:55
CVE-2014-3660 5.0
parser.c in libxml2 before 2.9.2 does not properly prevent entity expansion even when entity substitution has been disabled, which allows context-dependent attackers to cause a denial of service (CPU consumption) via a crafted XML document containing
08-12-2016 - 03:05 04-11-2014 - 16:55
CVE-2011-3378 9.3
RPM 4.4.x through 4.9.x, probably before 4.9.1.2, allows remote attackers to cause a denial of service (memory corruption) and possibly execute arbitrary code via an rpm package with crafted headers and offsets that are not properly handled when a pa
08-12-2016 - 03:02 24-12-2011 - 19:55
CVE-2012-0868 6.8
CRLF injection vulnerability in pg_dump in PostgreSQL 8.3.x before 8.3.18, 8.4.x before 8.4.11, 9.0.x before 9.0.7, and 9.1.x before 9.1.3 allows user-assisted remote attackers to execute arbitrary SQL commands via a crafted file containing object na
08-12-2016 - 03:02 18-07-2012 - 23:55
CVE-2015-5302 5.0
libreport 2.0.7 before 2.6.3 only saves changes to the first file when editing a crash report, which allows remote attackers to obtain sensitive information via unspecified vectors related to the (1) backtrace, (2) cmdline, (3) environ, (4) open_fds,
07-12-2016 - 18:16 07-12-2015 - 18:59
CVE-2015-5292 6.8
Memory leak in the Privilege Attribute Certificate (PAC) responder plugin (sssd_pac_plugin.so) in System Security Services Daemon (SSSD) 1.10 before 1.13.1 allows remote authenticated users to cause a denial of service (memory consumption) via a larg
07-12-2016 - 18:16 29-10-2015 - 16:59
CVE-2015-7560 4.0
The SMB1 implementation in smbd in Samba 3.x and 4.x before 4.1.23, 4.2.x before 4.2.9, 4.3.x before 4.3.6, and 4.4.x before 4.4.0rc4 allows remote authenticated users to modify arbitrary ACLs by using a UNIX SMB1 call to create a symlink, and then u
03-12-2016 - 03:13 13-03-2016 - 22:59
CVE-2014-8602 4.3
iterator.c in NLnet Labs Unbound before 1.5.1 does not limit delegation chaining, which allows remote attackers to cause a denial of service (memory and CPU consumption) via a large or infinite number of referrals.
28-11-2016 - 19:13 11-12-2014 - 02:59
CVE-2013-7439 7.5
Multiple off-by-one errors in the (1) MakeBigReq and (2) SetReqLen macros in include/X11/Xlibint.h in X11R6.x and libX11 before 1.6.0 allow remote attackers to have unspecified impact via a crafted request, which triggers a buffer overflow.
18-10-2016 - 03:43 16-04-2015 - 14:59
CVE-2014-1447 3.3
Race condition in the virNetServerClientStartKeepAlive function in libvirt before 1.2.1 allows remote attackers to cause a denial of service (libvirtd crash) by closing a connection before a keepalive response is sent.
03-01-2015 - 01:44 24-01-2014 - 18:55
CVE-2014-3657 5.0
The virDomainListPopulate function in conf/domain_conf.c in libvirt before 1.2.9 does not clean up the lock on the list of domains, which allows remote attackers to cause a denial of service (deadlock) via a NULL value in the second parameter in the
19-11-2014 - 03:01 06-10-2014 - 14:55
CVE-2014-2284 5.0
The Linux implementation of the ICMP-MIB in Net-SNMP 5.5 before 5.5.2.1, 5.6.x before 5.6.2.1, and 5.7.x before 5.7.2.1 does not properly validate input, which allows remote attackers to cause a denial of service via unspecified vectors.
13-09-2014 - 05:25 24-03-2014 - 16:43
CVE-2012-2807 6.8
Multiple integer overflows in libxml2, as used in Google Chrome before 20.0.1132.43 and other products, on 64-bit Linux platforms allow remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors.
28-01-2014 - 04:45 27-06-2012 - 10:18
CVE-2012-0841 5.0
libxml2 before 2.8.0 computes hash values without restricting the ability to trigger hash collisions predictably, which allows context-dependent attackers to cause a denial of service (CPU consumption) via crafted XML data.
28-01-2014 - 04:42 21-12-2012 - 05:46
CVE-2012-3489 4.0
The xml_parse function in the libxml2 support in the core server component in PostgreSQL 8.3 before 8.3.20, 8.4 before 8.4.13, 9.0 before 9.0.9, and 9.1 before 9.1.5 allows remote authenticated users to determine the existence of arbitrary files or U
10-10-2013 - 19:23 03-10-2012 - 21:55
CVE-2013-0287 4.9
The Simple Access Provider in System Security Services Daemon (SSSD) 1.9.0 through 1.9.4, when the Active Directory provider is used, does not properly enforce the simple_deny_groups option, which allows remote authenticated users to bypass intended
15-05-2013 - 03:34 21-03-2013 - 16:55
CVE-2012-2655 4.0
PostgreSQL 8.3.x before 8.3.19, 8.4.x before 8.4.12, 9.0.x before 9.0.8, and 9.1.x before 9.1.4 allows remote authenticated users to cause a denial of service (server crash) by adding the (1) SECURITY DEFINER or (2) SET attributes to a procedural lan
19-04-2013 - 03:22 18-07-2012 - 23:55
CVE-2012-3445 3.5
The virTypedParameterArrayClear function in libvirt 0.9.13 does not properly handle virDomain* API calls with typed parameters, which might allow remote authenticated users to cause a denial of service (libvirtd crash) via an RPC command with nparams
22-03-2013 - 03:11 07-08-2012 - 21:55
CVE-2011-4966 6.0
modules/rlm_unix/rlm_unix.c in FreeRADIUS before 2.2.0, when unix mode is enabled for user authentication, does not properly check the password expiration in /etc/shadow, which allows remote authenticated users to authenticate using an expired passwo
19-03-2013 - 12:35 12-03-2013 - 23:55
CVE-2012-5660 6.9
abrt-action-install-debuginfo in Automatic Bug Reporting Tool (ABRT) 2.0.9 and earlier allows local users to set world-writable permissions for arbitrary files and possibly gain privileges via a symlink attack on "the directories used to store inform
19-03-2013 - 04:00 12-03-2013 - 23:55
CVE-2012-4423 5.0
The virNetServerProgramDispatchCall function in libvirt before 0.10.2 allows remote attackers to cause a denial of service (NULL pointer dereference and segmentation fault) via an RPC call with (1) an event as the RPC number or (2) an RPC number whos
08-03-2013 - 04:09 19-11-2012 - 12:10
CVE-2013-0220 5.0
The (1) sss_autofs_cmd_getautomntent and (2) sss_autofs_cmd_getautomntbyname function in responder/autofs/autofssrv_cmd.c and the (3) ssh_cmd_parse_request function in responder/ssh/sshsrv_cmd.c in System Security Services Daemon (SSSD) before 1.9.4
27-02-2013 - 19:50 24-02-2013 - 19:55
CVE-2012-5484 7.9
The client in FreeIPA 2.x and 3.x before 3.1.2 does not properly obtain the Certification Authority (CA) certificate from the server, which allows man-in-the-middle attackers to spoof a join procedure via a crafted certificate.
07-02-2013 - 05:01 27-01-2013 - 18:55
CVE-2012-2693 3.7
libvirt, possibly before 0.9.12, does not properly assign USB devices to virtual machines when multiple devices have the same vendor and product ID, which might cause the wrong device to be associated with a guest and might allow local users to acces
15-01-2013 - 04:30 17-06-2012 - 03:41
CVE-2012-4425 6.9
libgio, when used in setuid or other privileged programs in spice-gtk and possibly other products, allows local users to gain privileges and execute arbitrary code via the DBUS_SYSTEM_BUS_ADDRESS environment variable. NOTE: it could be argued that t
31-10-2012 - 04:04 18-09-2012 - 17:55
CVE-2011-3636 6.8
Cross-site request forgery (CSRF) vulnerability in the management interface in FreeIPA before 2.1.4 allows remote attackers to hijack the authentication of administrators for requests that make configuration changes.
05-03-2012 - 05:00 08-12-2011 - 11:55
CVE-2011-1486 3.3
libvirtd in libvirt before 0.9.0 does not use thread-safe error reporting, which allows remote attackers to cause a denial of service (crash) by causing multiple threads to report errors at the same time.
12-08-2011 - 02:44 31-05-2011 - 20:55
Back to Top Mark selected
Back to Top