| Max CVSS | 10.0 | Min CVSS | 4.0 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2009-3289 | 4.4 |
The g_file_copy function in glib 2.0 sets the permissions of a target file to the permissions of a symbolic link (777), which allows user-assisted local users to modify files of other users, as demonstrated by using Nautilus to modify the permissions
|
08-02-2024 - 14:56 | 22-09-2009 - 10:30 | |
| CVE-2010-0408 | 5.0 |
The ap_proxy_ajp_request function in mod_proxy_ajp.c in mod_proxy_ajp in the Apache HTTP Server 2.2.x before 2.2.15 does not properly handle certain situations in which a client sends no request body, which allows remote attackers to cause a denial o
|
01-11-2023 - 15:32 | 05-03-2010 - 16:30 | |
| CVE-2010-0411 | 4.9 |
Multiple integer signedness errors in the (1) __get_argv and (2) __get_compat_argv functions in tapset/aux_syscalls.stp in SystemTap 1.1 allow local users to cause a denial of service (script crash, or system crash or hang) via a process with a large
|
13-02-2023 - 04:16 | 08-02-2010 - 20:30 | |
| CVE-2010-0434 | 4.3 |
The ap_read_request function in server/protocol.c in the Apache HTTP Server 2.2.x before 2.2.15, when a multithreaded MPM is used, does not properly handle headers in subrequests in certain circumstances involving a parent request that has a body, wh
|
13-02-2023 - 04:16 | 05-03-2010 - 19:30 | |
| CVE-2009-4273 | 10.0 |
stap-server in SystemTap before 1.1 allows remote attackers to execute arbitrary commands via shell metacharacters in stap command-line arguments in a request.
|
13-02-2023 - 01:18 | 26-01-2010 - 18:30 | |
| CVE-2010-0010 | 6.8 |
Integer overflow in the ap_proxy_send_fb function in proxy/proxy_util.c in mod_proxy in the Apache HTTP Server before 1.3.42 on 64-bit platforms allows remote origin servers to cause a denial of service (daemon crash) or possibly execute arbitrary co
|
06-06-2021 - 11:15 | 02-02-2010 - 16:30 | |
| CVE-2010-1320 | 4.0 |
Double free vulnerability in do_tgs_req.c in the Key Distribution Center (KDC) in MIT Kerberos 5 (aka krb5) 1.7.x and 1.8.x before 1.8.2 allows remote authenticated users to cause a denial of service (daemon crash) or possibly execute arbitrary code
|
21-01-2020 - 15:45 | 22-04-2010 - 14:30 | |
| CVE-2010-1190 | 4.3 |
thumb.php in MediaWiki before 1.15.2, when used with access-restriction mechanisms such as img_auth.php, does not check user permissions before providing scaled images, which allows remote attackers to bypass intended access restrictions and read pri
|
13-09-2013 - 06:30 | 31-03-2010 - 18:00 | |
| CVE-2010-1311 | 5.0 |
The qtm_decompress function in libclamav/mspack.c in ClamAV before 0.96 allows remote attackers to cause a denial of service (memory corruption and application crash) via a crafted CAB archive that uses the Quantum (aka .Q) compression format. NOTE:
|
31-08-2010 - 05:43 | 08-04-2010 - 17:30 | |
| CVE-2010-0098 | 10.0 |
ClamAV before 0.96 does not properly handle the (1) CAB and (2) 7z file formats, which allows remote attackers to bypass virus detection via a crafted archive that is compatible with standard archive utilities.
|
31-08-2010 - 05:41 | 08-04-2010 - 17:30 | |
| CVE-2010-1189 | 5.0 |
MediaWiki before 1.15.2 does not prevent wiki editors from linking to images from other web sites in wiki pages, which allows editors to obtain IP addresses and other information of wiki users by adding a link to an image on an attacker-controlled we
|
20-05-2010 - 05:49 | 31-03-2010 - 18:00 |