The Common Vulnerabilities and Exposures (CVE) project, maintained by the MITRE Corporation, is a list of all standardized names for vulnerabilities and security exposures.
| ID | Description | Priority | Modified date |
|---|---|---|---|
| CVE-2015-1781 | Arjun Shankar of Red Hat discovered that gethostbyname_r and related functions compute the size of an input buffer incorrectly if the passed-in buffer is misaligned. This results in a buffer overflow. | MEDIUM | Nov 30, -0001 |
| CVE-2014-9114 | Sebastian Krahmer reported a command injection flaw in blkid. This could possibly result in command execution with root privileges (for example, when running blkid on a malicious USB drive) | -- | Nov 30, -0001 |
| CVE-2014-8242 | Michael Samuel discovered that rsync was vulnerable to checksum collisions. This could prevent rsync from running and syncing files successfully, which could break various applications that use and rely on rsync. | MEDIUM | Nov 30, -0001 |
| CVE-2014-8147 | An integer overflow was found in ICU's resolveImplicitLevels function. The overflow causes an error when performing a malloc on pBiDi->insertPoints->points because insertPoints is adjacent in memory to isolates[]. | HIGH | Nov 30, -0001 |
| CVE-2014-8146 | A heap overflow was found in ICU's isolateCount which, under certain circumstances, is incremented too many times, resulting in several out of bounds writes. | HIGH | Nov 30, -0001 |
| CVE-2014-4607 | An integer overflow may occur when processing any variant of a literal run in the lzo1x_decompress_safe function. Each of these three locations is subject to an integer overflow when processing zero bytes. This exposes the code that copies literals to memory corruption. It should be noted that if the target is 64bit liblzo2, the overflow is still possible, but impractical. An overflow would require so much input data that an attack would be infeasible even in modern computers. This issue is LAZARUS.1 | -- | Nov 30, -0001 |
| CVE-2011-4347 | It was found that kvm_vm_ioctl_assign_device function did not check if the user requesting assignment was privileged or not. Together with /dev/kvm being 666, unprivileged user could assign unused pci devices, or even devices that were in use and whose resources were not properly claimed by the respective drivers. Please note that privileged access was still needed to re-program the device to for example issue DMA requests. This is typically achieved by touching files on sysfs filesystem. These files are usually not accessible to unprivileged users. As a result, local user could use this flaw to crash the system. Reference: http://thread.gmane.org/gmane.comp.emulators.kvm.devel/82043 | MEDIUM | Nov 30, -0001 |
| CVE-2011-4330 | On a corrupted file system the ->len field could be wrong leading to a buffer overflow. https://lkml.org/lkml/2011/11/9/303 Upstream commit: http://git.kernel.org/linus/bc5b8a9003132ae44559edd63a1623 | HIGH | Nov 30, -0001 |
| CVE-2011-4327 | A security flaw was found in the way ssh-keysign, a ssh helper program for host based authentication, attempted to retrieve enough entropy information on configurations that lacked a built-in entropy pool in OpenSSL (a ssh-rand-helper program would be executed to retrieve the entropy from the system environment). A local attacker could use this flaw to obtain unauthorized access to host keys via ptrace(2) process trace attached to the 'ssh-rand-helper' program. | LOW | Nov 30, -0001 |
| CVE-2011-4326 | A bug was found in the way headroom check was performed in udp6_ufo_fragment() function. A remote attacker could use this flaw to crash the system. Upstream patch: a9cf73ea7ff78f52662c8658d93c226effbbedde | HIGH | Nov 30, -0001 |
| CVE-2011-4324 | It is possible to trigger the BUG() in fs/nfs/nfs4xdr.c on a NFSv4 mount. http://git.kernel.org/linus/dc0b027dfadfcb8a5504f7d8052754bf8d501ab9. | MEDIUM | Nov 30, -0001 |
| CVE-2011-4112 | running the bridge over vlan testing,I got a kernel panic at dev_queue_xmit+0x35/0x4d0 http://git.kernel.org/linus/550fd08c2cebad61c548def135f67aba284c6162 http://git.kernel.org/linus/d8873315065f1f527c7c380402cf59b1e1d0ae36 | MEDIUM | Nov 30, -0001 |
| CVE-2011-4110 | A flaw was found in the way Linux kernel handled user-defined key types. An unprivileged local user could use this flaw to crash the system. Reference:https://lkml.org/lkml/2011/11/15/363 | LOW | Nov 30, -0001 |
| CVE-2011-2212 | It was found that virtio subsystem in qemu-kvm did not properly validate virtqueue in and out requests from the guest. A privileged guest user could use this flaw to cause buffer overflow, causing the guest to crash (denial of service) or, possibly, resulting in the privileged guest user escalating their privileges on the host. | HIGH | Nov 30, -0001 |
| CVE-2011-1573 | When calculating the INIT/INIT-ACK chunk length, we should not only account the length of parameters, but also the parameters zero padding length, such as AUTH HMACS parameter and CHUNKS parameter. Without the parameters zero padding length we may get following oops. | MEDIUM | Nov 30, -0001 |
| CVE-2008-6339 | ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2007-6339. Reason: This candidate is a duplicate of CVE-2007-6339. Notes: All CVE users should reference CVE-2007-6339 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage. | REJECT | May 1, 2008 |
| CVE-2008-3874 | Cross-site scripting (XSS) vulnerability in account.php in Lussumo Vanilla 1.1.5-rc1, 1.1.4, and earlier allows remote authenticated users to inject arbitrary web script or HTML via the Value field (aka Label ==> Value pairs). NOTE: some of these details are obtained from third party information. | LOW | Aug 29, 2008 |
| CVE-2008-3873 | The System.setClipboard method in Adobe Flash Player allows remote attackers to populate the clipboard with a URL that is difficult to delete, as exploited in the wild in August 2008. | MEDIUM | Aug 29, 2008 |
| CVE-2008-3861 | Multiple SQL injection vulnerabilities in phpMyRealty (PMR) 1.0.9 and earlier allow remote attackers to execute arbitrary SQL commands via (1) the id parameter in pages.php and (2) the price_max parameter in search.php. | HIGH | Aug 29, 2008 |
| CVE-2008-3860 | Multiple cross-site scripting (XSS) vulnerabilities (1) in the WYSIWYG editors, (2) during local group creation, (3) during HTML redirects, (4) in the HTML import, (5) in the Rich text editor, and (6) in link-page in IBM Lotus Quickr 8.1 services for Lotus Domino before Hotfix 15 allow remote attackers to inject arbitrary web script or HTML via unknown vectors, including (7) the Imported Page. NOTE: the vulnerability in the WYSIWYG editors may exist because of an incomplete fix for CVE-2008-2163. | MEDIUM | Aug 29, 2008 |
| CVE-2008-3702 | Multiple stack-based buffer overflows in the Animation GIF ActiveX control in JComSoft AniGIF.ocx 1.12 and 2.47, as used in products such as SpeedBit Download Accelerator Plus (DAP) 8.6, allow remote attackers to execute arbitrary code via a long argument to the (1) ReadGIF or (2) ReadGIF2 method. | HIGH | Aug 15, 2008 |
| CVE-2008-3701 | SQL injection vulnerability in staff/index.php in Kayako SupportSuite 3.20.02 and earlier allows remote authenticated users to execute arbitrary SQL commands via the customfieldlinkid parameter in a delcflink action. | MEDIUM | Aug 15, 2008 |
| CVE-2008-3700 | Multiple cross-site scripting (XSS) vulnerabilities in Kayako SupportSuite 3.20.02 and earlier allow remote attackers to inject arbitrary web script or HTML via (1) the sessionid parameter in a livesupport startclientchat action to visitor/index.php; (2) the filter parameter in a Unchangeds view action to index.php; or the Full Name field in a (3) account creation, (4) ticket opening, or (5) chat request operation. | MEDIUM | Aug 15, 2008 |
| CVE-2008-3480 | Stack-based buffer overflow in the Anzio Web Print Object (WePO) ActiveX control 3.2.19 and 3.2.24, as used in Anzio Print Wizard, allows remote attackers to execute arbitrary code via a long mainurl parameter. | HIGH | Aug 29, 2008 |
| CVE-2008-3283 | Multiple memory leaks in Red Hat Directory Server 7.1 before SP7, Red Hat Directory Server 8, and Fedora Directory Server 1.1.1 and earlier allow remote attackers to cause a denial of service (memory consumption) via vectors involving (1) the authentication / bind phase and (2) anonymous LDAP search requests. | HIGH | Aug 29, 2008 |
| CVE-2008-3282 | Integer overflow in the rtl_allocateMemory function in sal/rtl/source/alloc_global.c in the memory allocator in OpenOffice.org (OOo) 2.4.1, on 64-bit platforms, allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted document, related to a numeric truncation error, a different vulnerability than CVE-2008-2152. | HIGH | Aug 29, 2008 |
| CVE-2008-2930 | Red Hat Directory Server 7.1 before SP7, Red Hat Directory Server 8, and Fedora Directory Server 1.1.1 allow remote attackers to cause a denial of service (CPU consumption and search outage) via crafted LDAP search requests with patterns, related to a single-threaded regular-expression subsystem. | HIGH | Aug 29, 2008 |
| CVE-2008-2929 | Multiple cross-site scripting (XSS) vulnerabilities in the adminutil library in the Directory Server Administration Express and Directory Server Gateway (DSGW) web interface in Red Hat Directory Server 7.1 before SP7 and 8 EL4 and EL5, and Fedora Directory Server, allow remote attackers to inject arbitrary web script or HTML via input values that use % (percent) escaping. | MEDIUM | Aug 29, 2008 |
| CVE-2008-2928 | Multiple buffer overflows in the adminutil library in CGI applications in Red Hat Directory Server 7.1 before SP7 allow remote attackers to cause a denial of service (daemon crash) or possibly execute arbitrary code via a crafted Accept-Language HTTP header. | HIGH | Aug 29, 2008 |
| CVE-2008-2737 | ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2008-3558. Reason: This candidate is a duplicate of CVE-2008-3558. Notes: All CVE users should reference CVE-2008-3558 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage. | REJECT | Aug 18, 2008 |
| CVE-2008-2546 | ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2008-1805. Reason: This candidate is a reservation duplicate of CVE-2008-1805. Notes: All CVE users should reference CVE-2008-1805 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage. | REJECT | Jun 6, 2008 |
| CVE-2008-2020 | The CAPTCHA implementation as used in (1) Francisco Burzi PHP-Nuke 7.0 and 8.1, (2) my123tkShop e-Commerce-Suite (aka 123tkShop) 0.9.1, (3) phpMyBitTorrent 1.2.2, (4) TorrentFlux 2.3, (5) e107 0.7.11, (6) WebZE 0.5.9, (7) Open Media Collectors Database (aka OpenDb) 1.5.0b4, and (8) Labgab 1.1 uses a code_bg.jpg background image and the PHP ImageString function in a way that produces an insufficient number of different images, which allows remote attackers to pass the CAPTCHA test via an automated attack using a table of all possible image checksums and their corresponding digit strings. | MEDIUM | Apr 29, 2008 |
| CVE-2008-2019 | Simple Machines Forum (SMF), probably 1.1.4, relies on "randomly generated static" to hinder brute-force attacks on the WAV file (aka audio) CAPTCHA, which allows remote attackers to pass the CAPTCHA test via an automated attack that considers Hamming distances. NOTE: this issue reportedly exists because of an insufficient fix for CVE-2007-3308. | HIGH | Apr 29, 2008 |
| CVE-2008-2018 | The AssignUser function in template.class.php in PHPizabi 0.848b C1 HFP3 performs unsafe macro expansions on strings delimited by '{' and '}' characters, which allows remote authenticated users to obtain sensitive information via a comment containing a macro, as demonstrated by a "{user.password}" comment in the profile of the admin user. | MEDIUM | Apr 29, 2008 |
| CVE-2008-2017 | Directory traversal vulnerability in Chilek Content Management System (aka ChiCoMaS) 2.0.4 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the operation parameter to the default URI under install/. | HIGH | Apr 29, 2008 |
| CVE-2008-2016 | PHP remote file inclusion vulnerability in Chilek Content Management System (aka ChiCoMaS) 2.0.4 allows remote attackers to execute arbitrary PHP code via a URL in the lang parameter to the default URI under install/. NOTE: this can also be leveraged to include and execute arbitrary local files via directory traversal sequences. | HIGH | Apr 29, 2008 |
| CVE-2008-2015 | Multiple absolute path traversal vulnerabilities in certain ActiveX controls in WatchFire AppScan 7.0 allow remote attackers to create or overwrite arbitrary files via a full pathname in the argument to the (1) CompactSave and (2) SaveSession method in one control, and the (3) saveRecordedExploreToFile method in a different control. NOTE: this can be leveraged for code execution by writing to a Startup folder. | HIGH | Apr 29, 2008 |
| CVE-2008-2014 | Mozilla Firefox 3.0 beta 5 allows remote attackers to cause a denial of service (application crash) via JavaScript code that calls document.write in an infinite loop. | MEDIUM | Apr 29, 2008 |
| CVE-2008-2013 | SQL injection vulnerability in index.php in the pnFlashGames 1.5 through 2.5 module for PostNuke, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the id parameter in a display action. | MEDIUM | Apr 29, 2008 |
| CVE-2008-2012 | SQL injection vulnerability in index.php in the PostSchedule 1.0 module for PostNuke allows remote attackers to execute arbitrary SQL commands via the eid parameter in an event action. | HIGH | Apr 29, 2008 |
| CVE-2008-2011 | Cross-site scripting (XSS) vulnerability in the National Rail Enquiries Live Departure Boards gadget before 1.1 allows remote National Rail Enquiries servers or man-in-the-middle attackers to inject arbitrary web script or HTML, and execute arbitrary code, via a response body, as demonstrated by a SCRIPT element that references a vbscript: URI. | MEDIUM | Apr 29, 2008 |
| CVE-2008-2010 | Unspecified vulnerability in Apple QuickTime Player on Windows XP SP2 and Vista SP1 allows remote attackers to execute arbitrary code via a crafted QuickTime media file. NOTE: as of 20080429, the only disclosure is a vague pre-advisory with no actionable information. However, because it is from a well-known researcher, it is being assigned a CVE identifier for tracking purposes. | HIGH | Apr 29, 2008 |
| CVE-2008-1738 | Rising Antivirus 2008 before 20.38.20 allows local users to cause a denial of service (system crash) via an invalid pointer to the _CLIENT_ID structure in a call to the NtOpenProcess hooked System Service Descriptor Table (SSDT) function. | LOW | Apr 29, 2008 |
| CVE-2008-1737 | Sophos Anti-Virus 7.0.5, and other 7.x versions, when Runtime Behavioural Analysis is enabled, allows local users to cause a denial of service (reboot with the product disabled) and possibly gain privileges via a zero value in a certain length field in the ObjectAttributes argument to the NtCreateKey hooked System Service Descriptor Table (SSDT) function. | MEDIUM | Apr 29, 2008 |
| CVE-2008-1736 | Comodo Firewall Pro before 3.0 does not properly validate certain parameters to hooked System Service Descriptor Table (SSDT) functions, which allows local users to cause a denial of service (system crash) via (1) a crafted OBJECT_ATTRIBUTES structure in a call to the NtDeleteFile function, which leads to improper validation of a ZwQueryObject result; and unspecified calls to the (2) NtCreateFile and (3) NtSetThreadContext functions, different vectors than CVE-2007-0709. | HIGH | Apr 29, 2008 |
| CVE-2008-1735 | BitDefender Antivirus 2008 20080118 and earlier allows local users to cause a denial of service (system crash) via an invalid pointer to the CLIENT_ID structure in a call to the NtOpenProcess hooked System Service Descriptor Table (SSDT) function. | MEDIUM | Apr 29, 2008 |
| CVE-2008-1601 | Stack-based buffer overflow in the reboot program on IBM AIX 5.2 and 5.3 allows local users in the shutdown group to gain privileges. | HIGH | Mar 31, 2008 |
| CVE-2008-1600 | The lsmcode program on IBM AIX 5.2, 5.3, and 6.1 does not properly handle environment variables, which allows local users to gain privileges, a different vulnerability than CVE-2004-1329. | HIGH | Mar 31, 2008 |
| CVE-2008-1599 | The nddstat programs on IBM AIX 5.2, 5.3, and 6.1 do not properly handle environment variables, which allows local users to gain privileges by invoking (1) atmstat, (2) entstat, (3) fddistat, (4) hdlcstat, or (5) tokstat. | HIGH | Mar 31, 2008 |
| CVE-2008-1598 | The kernel in IBM AIX 6.1 allows local users with ProbeVue privileges to read arbitrary kernel memory and obtain sensitive information via unspecified vectors. | MEDIUM | Mar 31, 2008 |
