| # |
CVE ID
|
CWE ID
|
# of Exploits
|
Vulnerability Type(s)
|
Publish Date
|
Update Date
|
Score
|
Gained Access Level
|
Access
|
Complexity
|
Authentication
|
Conf.
|
Integ.
|
Avail.
|
|
51 |
CVE-2008-4579 |
59 |
|
|
2008-10-15 |
2017-09-29 |
1.9 |
None |
Local |
Medium |
Not required |
None |
Partial |
None |
|
The (1) fence_apc and (2) fence_apc_snmp programs, as used in (a) fence 2.02.00-r1 and possibly (b) cman, when running in verbose mode, allows local users to append to arbitrary files via a symlink attack on the apclog temporary file. |
|
52 |
CVE-2008-5107 |
200 |
|
+Info |
2008-11-17 |
2017-12-04 |
1.9 |
None |
Local |
Medium |
Not required |
Partial |
None |
None |
|
The installation process for Citrix Presentation Server 4.5 and Desktop Server 1.0, when MSI logging is enabled, stores database credentials in MSI log files, which allows local users to obtain these credentials by reading the log files. |
|
53 |
CVE-2008-5700 |
399 |
|
DoS |
2008-12-22 |
2018-10-11 |
1.9 |
None |
Local |
Medium |
Not required |
None |
None |
Partial |
|
libata in the Linux kernel before 2.6.27.9 does not set minimum timeouts for SG_IO requests, which allows local users to cause a denial of service (Programmed I/O mode on drives) via multiple simultaneous invocations of an unspecified test program. |
|
54 |
CVE-2008-6561 |
200 |
|
+Priv +Info |
2009-03-31 |
2017-08-17 |
1.9 |
None |
Local |
Medium |
Not required |
Partial |
None |
None |
|
Citrix Presentation Server Client for Windows before 10.200 does not clear "credential information" from process memory in unspecified circumstances, which might allow local users to gain privileges. |
|
55 |
CVE-2008-6722 |
200 |
|
+Info |
2009-04-14 |
2009-04-29 |
1.9 |
None |
Local |
Medium |
Not required |
Partial |
None |
None |
|
Novell Access Manager 3 SP4 does not properly expire X.509 certificate sessions, which allows physically proximate attackers to obtain a logged-in session by using a victim's web-browser process that continues to send the original and valid SSL sessionID, related to inability of Apache Tomcat to clear entries from its SSL cache. |
|
56 |
CVE-2009-0142 |
362 |
|
DoS |
2009-02-12 |
2011-03-08 |
1.9 |
None |
Local |
Medium |
Not required |
None |
None |
Partial |
|
Race condition in AFP Server in Apple Mac OS X 10.5.6 allows local users to cause a denial of service (infinite loop) via unspecified vectors related to "file enumeration logic." |
|
57 |
CVE-2009-0434 |
200 |
|
+Info |
2009-02-10 |
2017-08-08 |
1.9 |
None |
Local |
Medium |
Not required |
Partial |
None |
None |
|
PerfServlet in the PMI/Performance Tools component in IBM WebSphere Application Server (WAS) 6.0.x before 6.0.2.31, 6.1.x before 6.1.0.21, and 7.0.x before 7.0.0.1, when Performance Monitoring Infrastructure (PMI) is enabled, allows local users to obtain sensitive information by reading the (1) systemout.log and (2) ffdc files. NOTE: this is probably a duplicate of CVE-2008-5413. |
|
58 |
CVE-2009-0437 |
200 |
|
+Info |
2009-02-10 |
2017-08-08 |
1.9 |
None |
Local |
Medium |
Not required |
Partial |
None |
None |
|
The Installation Factory installation process for IBM WebSphere Application Server (WAS) 6.0.2 on Windows, when WAS is registered as a Windows service, allows local users to obtain sensitive information by reading the logs/instconfigifwas6.log log file. |
|
59 |
CVE-2009-1215 |
362 |
|
|
2009-04-01 |
2017-08-17 |
1.9 |
None |
Local |
Medium |
Not required |
None |
Partial |
None |
|
Race condition in GNU screen 4.0.3 allows local users to create or overwrite arbitrary files via a symlink attack on the /tmp/screen-exchange temporary file. |
|
60 |
CVE-2009-1295 |
16 |
|
|
2009-04-30 |
2009-05-15 |
1.9 |
None |
Local |
Medium |
Not required |
None |
Partial |
None |
|
Apport before 0.108.4 on Ubuntu 8.04 LTS, before 0.119.2 on Ubuntu 8.10, and before 1.0-0ubuntu5.2 on Ubuntu 9.04 does not properly remove files from the application's crash-report directory, which allows local users to delete arbitrary files via unspecified vectors. |
|
61 |
CVE-2009-1296 |
200 |
|
+Info |
2009-06-09 |
2017-08-17 |
1.9 |
None |
Local |
Medium |
Not required |
Partial |
None |
None |
|
The eCryptfs support utilities (ecryptfs-utils) 73-0ubuntu6.1 on Ubuntu 9.04 stores the mount passphrase in installation logs, which might allow local users to obtain access to the filesystem by reading the log files from disk. NOTE: the log files are only readable by root. |
|
62 |
CVE-2009-1961 |
362 |
|
DoS |
2009-06-08 |
2012-03-19 |
1.9 |
None |
Local |
Medium |
Not required |
None |
None |
Partial |
|
The inode double locking code in fs/ocfs2/file.c in the Linux kernel 2.6.30 before 2.6.30-rc3, 2.6.27 before 2.6.27.24, 2.6.29 before 2.6.29.4, and possibly other versions down to 2.6.19 allows local users to cause a denial of service (prevention of file creation and removal) via a series of splice system calls that trigger a deadlock between the generic_file_splice_write, splice_from_pipe, and ocfs2_file_splice_write functions. |
|
63 |
CVE-2009-2012 |
|
|
DoS |
2009-06-09 |
2009-06-19 |
1.9 |
None |
Local |
Medium |
Not required |
None |
None |
Partial |
|
Unspecified vulnerability in idmap in Sun OpenSolaris snv_88 through snv_110, when a CIFS server is enabled, allows local users to cause a denial of service (idpmapd daemon crash and idmapd outage) via unknown vectors. |
|
64 |
CVE-2009-2490 |
|
|
DoS +Priv |
2009-07-16 |
2017-08-17 |
1.9 |
None |
Local |
Medium |
Not required |
None |
None |
Partial |
|
Unspecified vulnerability in the utaudiod daemon in Sun Ray Server Software (SRSS) 4.0, when Solaris Trusted Extensions is enabled, allows local users to cause a denial of service (audio outage) or possibly gain privileges via unknown vectors related to "resource leaks." |
|
65 |
CVE-2009-2911 |
264 |
|
DoS Overflow +Priv |
2009-10-22 |
2009-10-31 |
1.9 |
None |
Local |
Medium |
Not required |
None |
None |
Partial |
|
SystemTap 1.0, when the --unprivileged option is used, does not properly restrict certain data sizes, which allows local users to (1) cause a denial of service or gain privileges via a print operation with a large number of arguments that trigger a kernel stack overflow, (2) cause a denial of service via crafted DWARF expressions that trigger a kernel stack frame overflow, or (3) cause a denial of service (infinite loop) via vectors that trigger creation of large unwind tables, related to Common Information Entry (CIE) and Call Frame Instruction (CFI) records. |
|
66 |
CVE-2009-2948 |
264 |
|
|
2009-10-07 |
2018-10-30 |
1.9 |
None |
Local |
Medium |
Not required |
Partial |
None |
None |
|
mount.cifs in Samba 3.0 before 3.0.37, 3.2 before 3.2.15, 3.3 before 3.3.8 and 3.4 before 3.4.2, when mount.cifs is installed suid root, does not properly enforce permissions, which allows local users to read part of the credentials file and obtain the password by specifying the path to the credentials file and using the --verbose or -v option. |
|
67 |
CVE-2009-3432 |
|
|
|
2009-09-28 |
2017-08-17 |
1.9 |
None |
Local |
Medium |
Not required |
Partial |
None |
None |
|
Unspecified vulnerability in xscreensaver in Sun Solaris 10, and OpenSolaris before snv_112, when Xorg or Xnewt is used and RandR is enabled, allows physically proximate attackers to read a locked screen via unknown vectors related to XRandR resize events. |
|
68 |
CVE-2009-3556 |
264 |
|
|
2010-01-27 |
2017-09-19 |
1.9 |
None |
Local |
Medium |
Not required |
None |
Partial |
None |
|
A certain Red Hat configuration step for the qla2xxx driver in the Linux kernel 2.6.18 on Red Hat Enterprise Linux (RHEL) 5, when N_Port ID Virtualization (NPIV) hardware is used, sets world-writable permissions for the (1) vport_create and (2) vport_delete files under /sys/class/scsi_host/, which allows local users to make arbitrary changes to SCSI host attributes by modifying these files. |
|
69 |
CVE-2009-3746 |
16 |
|
+Info |
2009-10-22 |
2017-09-19 |
1.9 |
None |
Local |
Medium |
Not required |
Partial |
None |
None |
|
XScreenSaver in Sun Solaris 10, when the accessibility feature is enabled, allows physically proximate attackers to obtain sensitive information by reading popup windows, which are displayed even when the screen is locked, a different vulnerability than CVE-2009-1276 and CVE-2009-2711. |
|
70 |
CVE-2009-5084 |
310 |
|
+Info |
2011-08-12 |
2012-04-25 |
1.9 |
None |
Local |
Medium |
Not required |
Partial |
None |
None |
|
IBM Tivoli Federated Identity Manager (TFIM) 6.2.0 before 6.2.0.2, when com.tivoli.am.fim.infocard.delegates.InfoCardSTSDelegate tracing is enabled, creates a cleartext log entry containing a password, which might allow local users to obtain sensitive information by reading the log data. |
|
71 |
CVE-2009-5117 |
200 |
|
+Info |
2012-08-22 |
2017-08-29 |
1.9 |
None |
Local |
Medium |
Not required |
Partial |
None |
None |
|
The Web Post Protection feature in McAfee Host Data Loss Prevention (DLP) 3.x before 3.0.100.10 and 9.x before 9.0.0.422, when HTTP Capture mode is enabled, allows local users to obtain sensitive information from web traffic by reading unspecified files. |
|
72 |
CVE-2009-5152 |
362 |
|
|
2018-05-11 |
2018-06-14 |
1.9 |
None |
Local |
Medium |
Not required |
None |
Partial |
None |
|
Absolute Computrace Agent, as distributed on certain Dell Inspiron systems through 2009, has a race condition with the Dell Client Configuration Utility (DCCU), which allows privileged local users to change Computrace Agent's activation/deactivation status to the factory default via a crafted TaskResult.xml file. |
|
73 |
CVE-2010-0106 |
|
|
DoS |
2010-02-19 |
2018-10-30 |
1.9 |
None |
Local |
Medium |
Not required |
None |
None |
Partial |
|
The on-demand scanning in Symantec AntiVirus 10.0.x and 10.1.x before MR9, AntiVirus 10.2.x, and Client Security 3.0.x and 3.1.x before MR9, when Tamper protection is disabled, allows remote attackers to cause a denial of service (prevention of on-demand scanning) via "specific events" that prevent the user from having read access to unspecified resources. |
|
74 |
CVE-2010-0180 |
264 |
|
|
2010-06-28 |
2010-06-28 |
1.9 |
None |
Local |
Medium |
Not required |
Partial |
None |
None |
|
Install/Filesystem.pm in Bugzilla 3.5.1 through 3.6 and 3.7, when use_suexec is enabled, uses world-readable permissions for the localconfig files, which allows local users to read sensitive configuration fields, as demonstrated by the database password field and the site_wide_secret field. |
|
75 |
CVE-2010-0769 |
255 |
|
|
2010-04-01 |
2017-08-17 |
1.9 |
None |
Local |
Medium |
Not required |
Partial |
None |
None |
|
IBM WebSphere Application Server (WAS) 6.0 before 6.0.2.41, 6.1 before 6.1.0.31, and 7.0 before 7.0.0.9 does not properly define wsadmin scripting J2CConnectionFactory objects, which allows local users to discover a KeyRingPassword password by reading a cleartext field in the resources.xml file. |
|
76 |
CVE-2010-0792 |
59 |
|
|
2010-03-05 |
2018-10-10 |
1.9 |
None |
Local |
Medium |
Not required |
Partial |
None |
None |
|
fcrontab in fcron before 3.0.5 allows local users to read arbitrary files via a symlink attack on an unspecified file. |
|
77 |
CVE-2010-0826 |
200 |
|
+Info |
2010-04-05 |
2017-09-19 |
1.9 |
None |
Local |
Medium |
Not required |
Partial |
None |
None |
|
The Free Software Foundation (FSF) Berkeley DB NSS module (aka libnss-db) 2.2.3pre1 reads the DB_CONFIG file in the current working directory, which allows local users to obtain sensitive information via a symlink attack involving a setgid or setuid application that uses this module. |
|
78 |
CVE-2010-1160 |
59 |
|
|
2010-04-16 |
2010-06-07 |
1.9 |
None |
Local |
Medium |
Not required |
None |
Partial |
None |
|
GNU nano before 2.2.4 does not verify whether a file has been changed before it is overwritten in a file-save operation, which allows local user-assisted attackers to overwrite arbitrary files via a symlink attack on an attacker-owned file that is being edited by the victim. |
|
79 |
CVE-2010-1437 |
362 |
|
DoS Mem. Corr. |
2010-05-07 |
2018-10-10 |
1.9 |
None |
Local |
Medium |
Not required |
None |
None |
Partial |
|
Race condition in the find_keyring_by_name function in security/keys/keyring.c in the Linux kernel 2.6.34-rc5 and earlier allows local users to cause a denial of service (memory corruption and system crash) or possibly have unspecified other impact via keyctl session commands that trigger access to a dead keyring that is undergoing deletion by the key_cleanup function. |
|
80 |
CVE-2010-1446 |
264 |
|
|
2010-05-21 |
2017-08-17 |
1.9 |
None |
Local |
Medium |
Not required |
None |
Partial |
None |
|
arch/powerpc/mm/fsl_booke_mmu.c in KGDB in the Linux kernel 2.6.30 and other versions before 2.6.33, when running on PowerPC, does not properly perform a security check for access to a kernel page, which allows local users to overwrite arbitrary kernel memory, related to Fsl booke. |
|
81 |
CVE-2010-1650 |
310 |
|
+Info |
2010-05-03 |
2017-08-17 |
1.9 |
None |
Local |
Medium |
Not required |
Partial |
None |
None |
|
IBM WebSphere Application Server (WAS) 6.0.x before 6.0.2.41, 6.1.x before 6.1.0.31, and 7.0.x before 7.0.0.11, when the -trace option (aka debugging mode) is enabled, executes debugging statements that print string representations of unspecified objects, which allows attackers to obtain sensitive information by reading the trace output. |
|
82 |
CVE-2010-1651 |
310 |
|
+Info |
2010-05-03 |
2017-08-17 |
1.9 |
None |
Local |
Medium |
Not required |
Partial |
None |
None |
|
IBM WebSphere Application Server (WAS) 6.1.x before 6.1.0.31 and 7.0.x before 7.0.0.11, when Basic authentication and SIP tracing (aka full trace logging for SIP) are enabled, logs the entirety of all inbound and outbound SIP messages, which allows local users to obtain sensitive information by reading the trace log. |
|
83 |
CVE-2010-1775 |
362 |
|
Bypass |
2010-06-22 |
2017-08-17 |
1.9 |
None |
Local |
Medium |
Not required |
Partial |
None |
None |
|
Race condition in Passcode Lock in Apple iOS before 4 on the iPhone and iPod touch allows physically proximate attackers to bypass intended passcode requirements, and pair a locked device with a computer and access arbitrary data, via vectors involving the initial boot. |
|
84 |
CVE-2010-2027 |
59 |
|
|
2010-05-24 |
2018-10-10 |
1.9 |
None |
Local |
Medium |
Not required |
None |
Partial |
None |
|
Mathematica 7, when running on Linux, allows local users to overwrite arbitrary files via a symlink attack on (1) files within /tmp/MathLink/ or (2) /tmp/fonts$$.conf. |
|
85 |
CVE-2010-2192 |
59 |
|
|
2010-06-18 |
2010-06-22 |
1.9 |
None |
Local |
Medium |
Not required |
None |
Partial |
None |
|
The make_lockdir_name function in policy.c in pmount 0.9.18 allow local users to overwrite arbitrary files via a symlink attack on a file in /var/lock/. |
|
86 |
CVE-2010-2371 |
|
|
|
2010-07-13 |
2012-10-23 |
1.9 |
None |
Local |
Medium |
Not required |
Partial |
None |
None |
|
Unspecified vulnerability in the Oracle Transportation Management component in Oracle Supply Chain Products Suite 6.1.1 allows local users to affect confidentiality via unknown vectors, a different vulnerability than CVE-2010-2372. |
|
87 |
CVE-2010-2387 |
255 |
|
+Priv |
2012-12-21 |
2017-08-17 |
1.9 |
None |
Local |
Medium |
Not required |
Partial |
None |
None |
|
vicious-extensions/ve-misc.c in GNOME Display Manager (gdm) 2.20.x before 2.20.11, when GDM debug is enabled, logs the user password when it contains invalid UTF8 encoded characters, which might allow local users to gain privileges by reading the information from syslog logs. |
|
88 |
CVE-2010-2470 |
264 |
|
|
2010-06-28 |
2010-06-29 |
1.9 |
None |
Local |
Medium |
Not required |
Partial |
None |
None |
|
Install/Filesystem.pm in Bugzilla 3.5.1 through 3.6.1 and 3.7 through 3.7.1, when use_suexec is enabled, uses world-readable permissions within (1) .bzr/ and (2) data/webdot/, which allows local users to obtain potentially sensitive data by reading files in these directories, a different vulnerability than CVE-2010-0180. |
|
89 |
CVE-2010-2619 |
|
|
DoS |
2010-07-02 |
2010-07-06 |
1.9 |
None |
Local |
Medium |
Not required |
None |
None |
Partial |
|
Citrix XenServer 5.0 Update 2 and earlier, and 5.5 Update 1 and earlier, when using a pvops kernel, allows guest users to cause a denial of service in the host via unspecified vectors that trigger "incorrectly set flags." |
|
90 |
CVE-2010-2803 |
200 |
|
+Info |
2010-09-08 |
2020-08-26 |
1.9 |
None |
Local |
Medium |
Not required |
Partial |
None |
None |
|
The drm_ioctl function in drivers/gpu/drm/drm_drv.c in the Direct Rendering Manager (DRM) subsystem in the Linux kernel before 2.6.27.53, 2.6.32.x before 2.6.32.21, 2.6.34.x before 2.6.34.6, and 2.6.35.x before 2.6.35.4 allows local users to obtain potentially sensitive information from kernel memory by requesting a large memory-allocation amount. |
|
91 |
CVE-2010-3282 |
312 |
|
+Info |
2020-01-09 |
2020-01-29 |
1.9 |
None |
Local |
Medium |
Not required |
Partial |
None |
None |
|
389 Directory Server before 1.2.7.1 (aka Red Hat Directory Server 8.2) and HP-UX Directory Server before B.08.10.03, when audit logging is enabled, logs the Directory Manager password (nsslapd-rootpw) in cleartext when changing cn=config:nsslapd-rootpw, which might allow local users to obtain sensitive information by reading the log. |
|
92 |
CVE-2010-3310 |
189 |
|
DoS Mem. Corr. |
2010-09-29 |
2018-11-27 |
1.9 |
None |
Local |
Medium |
Not required |
None |
None |
Partial |
|
Multiple integer signedness errors in net/rose/af_rose.c in the Linux kernel before 2.6.36-rc5-next-20100923 allow local users to cause a denial of service (heap memory corruption) or possibly have unspecified other impact via a rose_getname function call, related to the rose_bind and rose_connect functions. |
|
93 |
CVE-2010-3431 |
|
|
+Info |
2011-01-24 |
2019-01-03 |
1.9 |
None |
Local |
Medium |
Not required |
Partial |
None |
None |
|
The privilege-dropping implementation in the (1) pam_env and (2) pam_mail modules in Linux-PAM (aka pam) 1.1.2 does not check the return value of the setfsuid system call, which might allow local users to obtain sensitive information by leveraging an unintended uid, as demonstrated by a symlink attack on the .pam_environment file in a user's home directory. NOTE: this vulnerability exists because of an incomplete fix for CVE-2010-3435. |
|
94 |
CVE-2010-3542 |
|
|
|
2010-10-14 |
2010-11-11 |
1.9 |
None |
Local |
Medium |
Not required |
Partial |
None |
None |
|
Unspecified vulnerability in Oracle Solaris 8, 9, and 10, and OpenSolaris, allows local users to affect confidentiality, related to USB. |
|
95 |
CVE-2010-3597 |
|
|
|
2011-01-19 |
2017-08-17 |
1.9 |
None |
Local |
Medium |
Not required |
None |
None |
Partial |
|
Unspecified vulnerability in the Oracle Outside In Technology component in Oracle Fusion Middleware 8.3.0 allows local users to affect availability, related to Outside In Viewer SDK. |
|
96 |
CVE-2010-3876 |
909 |
|
+Info |
2011-01-03 |
2020-08-13 |
1.9 |
None |
Local |
Medium |
Not required |
Partial |
None |
None |
|
net/packet/af_packet.c in the Linux kernel before 2.6.37-rc2 does not properly initialize certain structure members, which allows local users to obtain potentially sensitive information from kernel stack memory by leveraging the CAP_NET_RAW capability to read copies of the applicable structures. |
|
97 |
CVE-2010-3877 |
909 |
|
+Info |
2011-01-03 |
2020-08-13 |
1.9 |
None |
Local |
Medium |
Not required |
Partial |
None |
None |
|
The get_name function in net/tipc/socket.c in the Linux kernel before 2.6.37-rc2 does not initialize a certain structure, which allows local users to obtain potentially sensitive information from kernel stack memory by reading a copy of this structure. |
|
98 |
CVE-2010-4072 |
200 |
|
+Info |
2010-11-29 |
2020-08-14 |
1.9 |
None |
Local |
Medium |
Not required |
Partial |
None |
None |
|
The copy_shmid_to_user function in ipc/shm.c in the Linux kernel before 2.6.37-rc1 does not initialize a certain structure, which allows local users to obtain potentially sensitive information from kernel stack memory via vectors related to the shmctl system call and the "old shm interface." |
|
99 |
CVE-2010-4073 |
200 |
|
+Info |
2010-11-29 |
2020-08-10 |
1.9 |
None |
Local |
Medium |
Not required |
Partial |
None |
None |
|
The ipc subsystem in the Linux kernel before 2.6.37-rc1 does not initialize certain structures, which allows local users to obtain potentially sensitive information from kernel stack memory via vectors related to the (1) compat_sys_semctl, (2) compat_sys_msgctl, and (3) compat_sys_shmctl functions in ipc/compat.c; and the (4) compat_sys_mq_open and (5) compat_sys_mq_getsetattr functions in ipc/compat_mq.c. |
|
100 |
CVE-2010-4074 |
200 |
|
+Info |
2010-11-29 |
2020-08-10 |
1.9 |
None |
Local |
Medium |
Not required |
Partial |
None |
None |
|
The USB subsystem in the Linux kernel before 2.6.36-rc5 does not properly initialize certain structure members, which allows local users to obtain potentially sensitive information from kernel stack memory via vectors related to TIOCGICOUNT ioctl calls, and the (1) mos7720_ioctl function in drivers/usb/serial/mos7720.c and (2) mos7840_ioctl function in drivers/usb/serial/mos7840.c. |
