| # |
CVE ID
|
CWE ID
|
# of Exploits
|
Vulnerability Type(s)
|
Publish Date
|
Update Date
|
Score
|
Gained Access Level
|
Access
|
Complexity
|
Authentication
|
Conf.
|
Integ.
|
Avail.
|
|
1 |
CVE-2007-5594 |
352 |
|
CSRF |
2007-10-19 |
2021-04-19 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
|
Drupal 5.x before 5.3 does not apply its Drupal Forms API protection against the user deletion form, which allows remote attackers to delete users via a cross-site request forgery (CSRF) attack. |
|
2 |
CVE-2007-6283 |
200 |
|
DoS +Info |
2007-12-18 |
2022-02-25 |
4.9 |
None |
Local |
Low |
Not required |
None |
None |
Complete |
|
Red Hat Enterprise Linux 5 and Fedora install the Bind /etc/rndc.key file with world-readable permissions, which allows local users to perform unauthorized named commands, such as causing a denial of service by stopping named. |
|
3 |
CVE-2008-0595 |
863 |
|
Bypass |
2008-02-29 |
2022-02-07 |
4.6 |
None |
Local |
Low |
Not required |
Partial |
Partial |
Partial |
|
dbus-daemon in D-Bus before 1.0.3, and 1.1.x before 1.1.20, recognizes send_interface attributes in allow directives in the security policy only for fully qualified method calls, which allows local users to bypass intended access restrictions via a method call with a NULL interface. |
|
4 |
CVE-2008-2944 |
415 |
|
DoS |
2008-06-30 |
2022-02-07 |
4.9 |
None |
Local |
Low |
Not required |
None |
None |
Complete |
|
Double free vulnerability in the utrace support in the Linux kernel, probably 2.6.18, in Red Hat Enterprise Linux (RHEL) 5 and Fedora Core 6 (FC6) allows local users to cause a denial of service (oops), as demonstrated by a crash when running the GNU GDB testsuite, a different vulnerability than CVE-2008-2365. |
|
5 |
CVE-2008-3218 |
79 |
|
XSS |
2008-07-18 |
2021-04-19 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
|
Multiple cross-site scripting (XSS) vulnerabilities in Drupal 6.x before 6.3 allow remote attackers to inject arbitrary web script or HTML via vectors related to (1) free tagging taxonomy terms, which are not properly handled on node preview pages, and (2) unspecified OpenID values. |
|
6 |
CVE-2008-3219 |
79 |
|
XSS |
2008-07-18 |
2021-04-15 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
|
The Drupal filter_xss_admin function in 5.x before 5.8 and 6.x before 6.3 does not "prevent use of the object HTML tag in administrator input," which has unknown impact and attack vectors, probably related to an insufficient cross-site scripting (XSS) protection mechanism. |
|
7 |
CVE-2008-3220 |
352 |
|
CSRF |
2008-07-18 |
2021-04-15 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
|
Cross-site request forgery (CSRF) vulnerability in Drupal 5.x before 5.8 and 6.x before 6.3 allows remote attackers to perform administrative actions via vectors involving deletion of "translated strings." |
|
8 |
CVE-2008-3221 |
352 |
|
CSRF |
2008-07-18 |
2021-04-15 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
|
Cross-site request forgery (CSRF) vulnerability in Drupal 6.x before 6.3 allows remote attackers to perform administrative actions via vectors involving deletion of OpenID identities. |
|
9 |
CVE-2009-1242 |
20 |
|
DoS |
2009-04-06 |
2020-08-27 |
4.9 |
None |
Local |
Low |
Not required |
None |
None |
Complete |
|
The vmx_set_msr function in arch/x86/kvm/vmx.c in the VMX implementation in the KVM subsystem in the Linux kernel before 2.6.29.1 on the i386 platform allows guest OS users to cause a denial of service (OOPS) by setting the EFER_LME (aka "Long mode enable") bit in the Extended Feature Enable Register (EFER) model-specific register, which is specific to the x86_64 platform. |
|
10 |
CVE-2009-1903 |
|
|
DoS XSS |
2009-06-03 |
2021-02-14 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
None |
Partial |
|
The PDF XSS protection feature in ModSecurity before 2.5.8 allows remote attackers to cause a denial of service (Apache httpd crash) via a request for a PDF file that does not use the GET method. |
|
11 |
CVE-2009-2472 |
79 |
|
XSS Bypass |
2009-07-22 |
2021-07-29 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
|
Mozilla Firefox before 3.0.12 does not always use XPCCrossOriginWrapper when required during object construction, which allows remote attackers to bypass the Same Origin Policy and conduct cross-site scripting (XSS) attacks via a crafted document, related to a "cross origin wrapper bypass." |
|
12 |
CVE-2009-3621 |
400 |
|
DoS |
2009-10-22 |
2020-08-12 |
4.9 |
None |
Local |
Low |
Not required |
None |
None |
Complete |
|
net/unix/af_unix.c in the Linux kernel 2.6.31.4 and earlier allows local users to cause a denial of service (system hang) by creating an abstract-namespace AF_UNIX listening socket, performing a shutdown operation on this socket, and then performing a series of connect operations to this socket. |
|
13 |
CVE-2009-3767 |
295 |
|
|
2009-10-23 |
2020-10-14 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
|
libraries/libldap/tls_o.c in OpenLDAP 2.2 and 2.4, and possibly other versions, when OpenSSL is used, does not properly handle a '\0' character in a domain name in the subject's Common Name (CN) field of an X.509 certificate, which allows man-in-the-middle attackers to spoof arbitrary SSL servers via a crafted certificate issued by a legitimate Certification Authority, a related issue to CVE-2009-2408. |
|
14 |
CVE-2009-4135 |
59 |
|
+Priv |
2009-12-11 |
2017-08-17 |
4.4 |
None |
Local |
Medium |
Not required |
Partial |
Partial |
Partial |
|
The distcheck rule in dist-check.mk in GNU coreutils 5.2.1 through 8.1 allows local users to gain privileges via a symlink attack on a file in a directory tree under /tmp. |
|
15 |
CVE-2010-0014 |
287 |
|
Bypass |
2010-01-14 |
2010-01-15 |
3.7 |
None |
Local |
High |
Not required |
Partial |
Partial |
Partial |
|
System Security Services Daemon (SSSD) before 1.0.1, when the krb5 auth_provider is configured but the KDC is unreachable, allows physically proximate attackers to authenticate, via an arbitrary password, to the screen-locking program on a workstation that has any user's Kerberos ticket-granting ticket (TGT); and might allow remote attackers to bypass intended access restrictions via vectors involving an arbitrary password in conjunction with a valid TGT. |
|
16 |
CVE-2010-0205 |
400 |
|
DoS |
2010-03-03 |
2020-08-07 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
None |
Partial |
|
The png_decompress_chunk function in pngrutil.c in libpng 1.0.x before 1.0.53, 1.2.x before 1.2.43, and 1.4.x before 1.4.1 does not properly handle compressed ancillary-chunk data that has a disproportionately large uncompressed representation, which allows remote attackers to cause a denial of service (memory and CPU consumption, and application hang) via a crafted PNG file, as demonstrated by use of the deflate compression method on data composed of many occurrences of the same character, related to a "decompression bomb" attack. |
|
17 |
CVE-2010-2008 |
77 |
|
DoS |
2010-07-13 |
2020-11-09 |
3.5 |
None |
Remote |
Medium |
??? |
None |
None |
Partial |
|
MySQL before 5.1.48 allows remote authenticated users with alter database privileges to cause a denial of service (server crash and database loss) via an ALTER DATABASE command with a #mysql50# string followed by a . (dot), .. (dot dot), ../ (dot dot slash) or similar sequence, and an UPGRADE DATA DIRECTORY NAME command, which causes MySQL to move certain directories to the server data directory. |
|
18 |
CVE-2010-2249 |
401 |
|
DoS |
2010-06-30 |
2020-08-14 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
None |
Partial |
|
Memory leak in pngrutil.c in libpng before 1.2.44, and 1.4.x before 1.4.3, allows remote attackers to cause a denial of service (memory consumption and application crash) via a PNG image containing malformed Physical Scale (aka sCAL) chunks. |
|
19 |
CVE-2010-3439 |
20 |
|
|
2019-11-12 |
2019-11-14 |
4.0 |
None |
Remote |
Low |
??? |
None |
None |
Partial |
|
It is possible to cause a DoS condition by causing the server to crash in alien-arena 7.33 by supplying various invalid parameters to the download command. |
|
20 |
CVE-2010-3442 |
190 |
|
DoS Overflow Mem. Corr. |
2010-10-04 |
2020-08-10 |
4.7 |
None |
Local |
Medium |
Not required |
None |
None |
Complete |
|
Multiple integer overflows in the snd_ctl_new function in sound/core/control.c in the Linux kernel before 2.6.36-rc5-next-20100929 allow local users to cause a denial of service (heap memory corruption) or possibly have unspecified other impact via a crafted (1) SNDRV_CTL_IOCTL_ELEM_ADD or (2) SNDRV_CTL_IOCTL_ELEM_REPLACE ioctl call. |
|
21 |
CVE-2010-3698 |
400 |
|
DoS |
2010-11-26 |
2020-08-14 |
4.9 |
None |
Local |
Low |
Not required |
None |
None |
Complete |
|
The KVM implementation in the Linux kernel before 2.6.36 does not properly reload the FS and GS segment registers, which allows host OS users to cause a denial of service (host OS crash) via a KVM_RUN ioctl call in conjunction with a modified Local Descriptor Table (LDT). |
|
22 |
CVE-2010-3874 |
787 |
|
DoS Overflow Mem. Corr. |
2010-12-29 |
2020-08-14 |
4.0 |
None |
Local |
High |
Not required |
None |
None |
Complete |
|
Heap-based buffer overflow in the bcm_connect function in net/can/bcm.c (aka the Broadcast Manager) in the Controller Area Network (CAN) implementation in the Linux kernel before 2.6.36.2 on 64-bit platforms might allow local users to cause a denial of service (memory corruption) via a connect operation. |
|
23 |
CVE-2010-4162 |
190 |
|
DoS Overflow |
2011-01-03 |
2020-08-14 |
4.7 |
None |
Local |
Medium |
Not required |
None |
None |
Complete |
|
Multiple integer overflows in fs/bio.c in the Linux kernel before 2.6.36.2 allow local users to cause a denial of service (system crash) via a crafted device ioctl to a SCSI device. |
|
24 |
CVE-2010-4169 |
416 |
|
DoS |
2010-11-22 |
2020-08-13 |
4.9 |
None |
Local |
Low |
Not required |
None |
None |
Complete |
|
Use-after-free vulnerability in mm/mprotect.c in the Linux kernel before 2.6.37-rc2 allows local users to cause a denial of service via vectors involving an mprotect system call. |
|
25 |
CVE-2010-4249 |
400 |
1
|
DoS |
2010-11-29 |
2020-08-14 |
4.9 |
None |
Local |
Low |
Not required |
None |
None |
Complete |
|
The wait_for_unix_gc function in net/unix/garbage.c in the Linux kernel before 2.6.37-rc3-next-20101125 does not properly select times for garbage collection of inflight sockets, which allows local users to cause a denial of service (system hang) via crafted use of the socketpair and sendmsg system calls for SOCK_SEQPACKET sockets. |
|
26 |
CVE-2010-4661 |
434 |
|
|
2019-11-13 |
2019-11-18 |
4.6 |
None |
Local |
Low |
Not required |
Partial |
Partial |
Partial |
|
udisks before 1.0.3 allows a local user to load arbitrary Linux kernel modules. |
|
27 |
CVE-2010-5109 |
189 |
|
DoS Overflow |
2014-05-05 |
2014-05-05 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
None |
Partial |
|
Off-by-one error in the DecompressRTF function in ytnef.c in Yerase's TNEF Stream Reader allows remote attackers to cause a denial of service (crash) via a crafted TNEF file, which triggers a buffer overflow. |
|
28 |
CVE-2011-0022 |
399 |
|
DoS |
2011-02-23 |
2011-03-31 |
4.7 |
None |
Local |
Medium |
Not required |
None |
None |
Complete |
|
The setup scripts in 389 Directory Server 1.2.x (aka Red Hat Directory Server 8.2.x), when multiple unprivileged instances are configured, use 0777 permissions for the /var/run/dirsrv directory, which allows local users to cause a denial of service (daemon outage or arbitrary process termination) by replacing PID files contained in this directory. |
|
29 |
CVE-2011-0704 |
20 |
|
DoS |
2018-05-04 |
2018-06-07 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
None |
Partial |
|
389 Directory Server 1.2.7.5, when built with mozldap, allows remote attackers to cause a denial of service (replica crash) by sending an empty modify request. |
|
30 |
CVE-2011-0762 |
400 |
1
|
DoS |
2011-03-02 |
2021-03-04 |
4.0 |
None |
Remote |
Low |
??? |
None |
None |
Partial |
|
The vsf_filename_passes_filter function in ls.c in vsftpd before 2.3.3 allows remote authenticated users to cause a denial of service (CPU consumption and process slot exhaustion) via crafted glob expressions in STAT commands in multiple FTP sessions, a different vulnerability than CVE-2010-2632. |
|
31 |
CVE-2011-1758 |
287 |
|
Bypass |
2011-05-26 |
2011-05-27 |
3.7 |
None |
Local |
High |
Not required |
Partial |
Partial |
Partial |
|
The krb5_save_ccname_done function in providers/krb5/krb5_auth.c in System Security Services Daemon (SSSD) 1.5.x before 1.5.7, when automatic ticket renewal and offline authentication are configured, uses a pathname string as a password, which allows local users to bypass Kerberos authentication by listing the /tmp directory to obtain the pathname. |
|
32 |
CVE-2011-1783 |
|
|
DoS |
2011-06-06 |
2020-10-05 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
None |
Partial |
|
The mod_dav_svn module for the Apache HTTP Server, as distributed in Apache Subversion 1.5.x and 1.6.x before 1.6.17, when the SVNPathAuthz short_circuit option is enabled, allows remote attackers to cause a denial of service (infinite loop and memory consumption) in opportunistic circumstances by requesting data. |
|
33 |
CVE-2011-2192 |
255 |
|
|
2011-07-07 |
2020-05-27 |
4.3 |
None |
Remote |
Medium |
Not required |
Partial |
None |
None |
|
The Curl_input_negotiate function in http_negotiate.c in libcurl 7.10.6 through 7.21.6, as used in curl and other products, always performs credential delegation during GSSAPI authentication, which allows remote servers to impersonate clients via GSSAPI requests. |
|
34 |
CVE-2011-2501 |
125 |
|
DoS |
2011-07-17 |
2020-08-06 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
None |
Partial |
|
The png_format_buffer function in pngerror.c in libpng 1.0.x before 1.0.55, 1.2.x before 1.2.45, 1.4.x before 1.4.8, and 1.5.x before 1.5.4 allows remote attackers to cause a denial of service (application crash) via a crafted PNG image that triggers an out-of-bounds read during the copying of error-message data. NOTE: this vulnerability exists because of a CVE-2004-0421 regression. NOTE: this is called an off-by-one error by some sources. |
|
35 |
CVE-2011-2691 |
476 |
|
DoS |
2011-07-17 |
2020-08-06 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
None |
Partial |
|
The png_err function in pngerror.c in libpng 1.0.x before 1.0.55, 1.2.x before 1.2.45, 1.4.x before 1.4.8, and 1.5.x before 1.5.4 makes a function call using a NULL pointer argument instead of an empty-string argument, which allows remote attackers to cause a denial of service (application crash) via a crafted PNG image. |
|
36 |
CVE-2011-2924 |
59 |
|
|
2019-11-19 |
2019-11-25 |
3.3 |
None |
Local |
Medium |
Not required |
None |
Partial |
Partial |
|
foomatic-rip filter v4.0.12 and prior used insecurely creates temporary files for storage of PostScript data by rendering the data when the debug mode was enabled. This flaw may be exploited by a local attacker to conduct symlink attacks by overwriting arbitrary files accessible with the privileges of the user running the foomatic-rip universal print filter. |
|
37 |
CVE-2011-4930 |
134 |
|
DoS Exec Code |
2014-02-10 |
2014-02-10 |
4.4 |
None |
Local |
Medium |
Not required |
Partial |
Partial |
Partial |
|
Multiple format string vulnerabilities in Condor 7.2.0 through 7.6.4, and possibly certain 7.7.x versions, as used in Red Hat MRG Grid and possibly other products, allow local users to cause a denial of service (condor_schedd daemon and failure to launch jobs) and possibly execute arbitrary code via format string specifiers in (1) the reason for a hold for a job that uses an XML user log, (2) the filename of a file to be transferred, and possibly other unspecified vectors. |
|
38 |
CVE-2011-5268 |
310 |
|
DoS |
2013-12-24 |
2014-01-04 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
None |
Partial |
|
connection.c in Bip before 0.8.9 does not properly close sockets, which allows remote attackers to cause a denial of service (file descriptor consumption and crash) via multiple failed SSL handshakes, a different vulnerability than CVE-2013-4550. NOTE: this issue was SPLIT from CVE-2013-4550 because it is a different type of issue. |
|
39 |
CVE-2012-0049 |
400 |
|
DoS |
2019-11-07 |
2019-11-09 |
4.0 |
None |
Remote |
Low |
??? |
None |
None |
Partial |
|
OpenTTD before 1.1.5 contains a Denial of Service (slow read attack) that prevents users from joining the server. |
|
40 |
CVE-2012-1114 |
79 |
|
XSS |
2019-12-05 |
2019-12-12 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
|
A Cross-Site Scripting (XSS) vulnerability exists in LDAP Account Manager (LAM) Pro 3.6 in the filter parameter to cmd.php in an export and exporter_id action. and the filteruid parameter to list.php. |
|
41 |
CVE-2012-1115 |
79 |
|
XSS |
2019-12-05 |
2019-12-09 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
|
A Cross-Site Scripting (XSS) vulnerability exists in LDAP Account Manager (LAM) Pro 3.6 in the export, add_value_form, and dn parameters to cmd.php. |
|
42 |
CVE-2012-1146 |
476 |
|
DoS |
2012-05-17 |
2020-07-27 |
4.9 |
None |
Local |
Low |
Not required |
None |
None |
Complete |
|
The mem_cgroup_usage_unregister_event function in mm/memcontrol.c in the Linux kernel before 3.2.10 does not properly handle multiple events that are attached to the same eventfd, which allows local users to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact by registering memory threshold events. |
|
43 |
CVE-2012-1157 |
276 |
|
|
2019-11-14 |
2019-11-18 |
4.0 |
None |
Remote |
Low |
??? |
Partial |
None |
None |
|
Moodle before 2.2.2 has a default repository capabilities issue where all repositories are viewable by all users by default |
|
44 |
CVE-2012-1158 |
200 |
|
+Info |
2019-11-14 |
2019-11-18 |
4.0 |
None |
Remote |
Low |
??? |
Partial |
None |
None |
|
Moodle before 2.2.2 has a course information leak in gradebook where users are able to see hidden grade items in export |
|
45 |
CVE-2012-1159 |
200 |
|
+Info |
2019-11-14 |
2019-11-15 |
4.0 |
None |
Remote |
Low |
??? |
Partial |
None |
None |
|
Moodle before 2.2.2: Overview report allows users to see hidden courses |
|
46 |
CVE-2012-1160 |
732 |
|
|
2019-11-14 |
2019-11-18 |
4.0 |
None |
Remote |
Low |
??? |
None |
Partial |
None |
|
Moodle before 2.2.2 has a permission issue in Forum Subscriptions where unenrolled users can subscribe/unsubscribe via mod/forum/index.php |
|
47 |
CVE-2012-1161 |
200 |
|
+Info |
2019-11-14 |
2019-11-15 |
4.0 |
None |
Remote |
Low |
??? |
Partial |
None |
None |
|
Moodle before 2.2.2: Course information leak via hidden courses being displayed in tag search results |
|
48 |
CVE-2012-1615 |
269 |
|
|
2019-12-06 |
2019-12-16 |
4.6 |
None |
Local |
Low |
Not required |
Partial |
Partial |
Partial |
|
A Privilege Escalation vulnerability exits in Fedoraproject Sectool due to an incorrect DBus file. |
|
49 |
CVE-2012-2251 |
20 |
|
Bypass |
2013-01-11 |
2017-08-29 |
4.4 |
None |
Local |
Medium |
Not required |
Partial |
Partial |
Partial |
|
rssh 2.3.2, as used by Debian, Fedora, and others, when the rsync protocol is enabled, allows local users to bypass intended restricted shell access via a (1) "-e" or (2) "--" command line option. |
|
50 |
CVE-2012-3354 |
200 |
|
+Info |
2012-11-20 |
2013-12-13 |
4.3 |
None |
Remote |
Medium |
Not required |
Partial |
None |
None |
|
doku.php in DokuWiki, as used in Fedora 16, 17, and 18, when certain PHP error levels are set, allows remote attackers to obtain sensitive information via the prefix parameter, which reveals the installation path in an error message. |
