| # |
CVE ID
|
CWE ID
|
# of Exploits
|
Vulnerability Type(s)
|
Publish Date
|
Update Date
|
Score
|
Gained Access Level
|
Access
|
Complexity
|
Authentication
|
Conf.
|
Integ.
|
Avail.
|
|
1 |
CVE-2001-1593 |
59 |
|
|
2014-04-05 |
2014-05-01 |
2.1 |
None |
Local |
Low |
Not required |
None |
Partial |
None |
|
The tempname_ensure function in lib/routines.h in a2ps 4.14 and earlier, as used by the spy_user function and possibly other functions, allows local users to modify arbitrary files via a symlink attack on a temporary file. |
|
2 |
CVE-2008-3277 |
22 |
|
+Priv Dir. Trav. |
2014-04-15 |
2019-04-22 |
4.4 |
None |
Local |
Medium |
Not required |
Partial |
Partial |
Partial |
|
Untrusted search path vulnerability in a certain Red Hat build script for the ibmssh executable in ibutils packages before ibutils-1.5.7-2.el6 in Red Hat Enterprise Linux (RHEL) 6 and ibutils-1.2-11.2.el5 in Red Hat Enterprise Linux (RHEL) 5 allows local users to gain privileges via a Trojan Horse program in refix/lib/, related to an incorrect RPATH setting in the ELF header. |
|
3 |
CVE-2009-5141 |
134 |
1
|
DoS |
2014-04-01 |
2014-04-01 |
4.0 |
None |
Remote |
Low |
??? |
None |
None |
Partial |
|
Format string vulnerability in War FTP Daemon (warftpd) 1.82 RC 12 allows remote authenticated users to cause a denial of service (crash) via format string specifiers in a LIST command. |
|
4 |
CVE-2010-2236 |
20 |
|
Exec Code |
2014-04-15 |
2022-02-03 |
6.0 |
None |
Remote |
Medium |
??? |
Partial |
Partial |
Partial |
|
The monitoring probe display in spacewalk-java before 2.1.148-1 and Red Hat Network (RHN) Satellite 4.0.0 through 4.2.0 and 5.1.0 through 5.3.0, and Proxy 5.3.0, allows remote authenticated users with permissions to administer monitoring probes to execute arbitrary code via unspecified vectors, related to backticks. |
|
5 |
CVE-2010-5105 |
59 |
|
|
2014-04-27 |
2015-11-05 |
3.3 |
None |
Local |
Medium |
Not required |
None |
Partial |
Partial |
|
The undo save quit routine in the kernel in Blender 2.5, 2.63a, and earlier allows local users to overwrite arbitrary files via a symlink attack on the quit.blend temporary file. NOTE: this issue might be a regression of CVE-2008-1103. |
|
6 |
CVE-2010-5298 |
362 |
|
DoS |
2014-04-14 |
2018-10-10 |
4.0 |
None |
Remote |
High |
Not required |
None |
Partial |
Partial |
|
Race condition in the ssl3_read_bytes function in s3_pkt.c in OpenSSL through 1.0.1g, when SSL_MODE_RELEASE_BUFFERS is enabled, allows remote attackers to inject data across sessions or cause a denial of service (use-after-free and parsing error) via an SSL connection in a multithreaded environment. |
|
7 |
CVE-2011-0460 |
59 |
|
|
2014-04-16 |
2018-10-30 |
6.3 |
None |
Local |
Medium |
Not required |
None |
Complete |
Complete |
|
The init script in kbd, possibly 1.14.1 and earlier, allows local users to overwrite arbitrary files via a symlink attack on /dev/shm/defkeymap.map. |
|
8 |
CVE-2011-0993 |
264 |
|
+Info |
2014-04-16 |
2017-08-17 |
2.1 |
None |
Local |
Low |
Not required |
Partial |
None |
None |
|
SUSE Lifecycle Management Server before 1.1 uses world readable postgres credentials, which allows local users to obtain sensitive information via unspecified vectors. |
|
9 |
CVE-2011-3152 |
310 |
|
Dir. Trav. Bypass |
2014-04-27 |
2017-08-29 |
6.4 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
None |
|
DistUpgrade/DistUpgradeFetcherCore.py in Update Manager before 1:0.87.31.1, 1:0.134.x before 1:0.134.11.1, 1:0.142.x before 1:0.142.23.1, 1:0.150.x before 1:0.150.5.1, and 1:0.152.x before 1:0.152.25.5 on Ubuntu 8.04 through 11.10 does not verify the GPG signature before extracting an upgrade tarball, which allows man-in-the-middle attackers to (1) create or overwrite arbitrary files via a directory traversal attack using a crafted tar file, or (2) bypass authentication via a crafted meta-release file. |
|
10 |
CVE-2011-3154 |
59 |
|
|
2014-04-17 |
2014-05-05 |
1.9 |
None |
Local |
Medium |
Not required |
Partial |
None |
None |
|
DistUpgrade/DistUpgradeViewKDE.py in Update Manager before 1:0.87.31.1, 1:0.134.x before 1:0.134.11.1, 1:0.142.x before 1:0.142.23.1, 1:0.150.x before 1:0.150.5.1, and 1:0.152.x before 1:0.152.25.5 does not properly create temporary files, which allows local users to obtain the XAUTHORITY file content for a user via a symlink attack on the temporary file. |
|
11 |
CVE-2011-3180 |
|
|
Exec Code |
2014-04-16 |
2014-04-17 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
kiwi before 4.98.08, as used in SUSE Studio Onsite 1.2 before 1.2.1 and SUSE Studio Extension for System z 1.2 before 1.2.1, allows attackers to execute arbitrary commands via shell metacharacters in the path of an overlay file, related to chown. |
|
12 |
CVE-2011-3346 |
119 |
|
DoS Overflow |
2014-04-01 |
2014-04-01 |
4.0 |
None |
Local |
High |
Not required |
None |
None |
Complete |
|
Buffer overflow in hw/scsi-disk.c in the SCSI subsystem in QEMU before 0.15.2, as used by Xen, might allow local guest users with permission to access the CD-ROM to cause a denial of service (guest crash) via a crafted SAI READ CAPACITY SCSI command. NOTE: this is only a vulnerability when root has manually modified certain permissions or ACLs. |
|
13 |
CVE-2011-3602 |
22 |
|
Dir. Trav. |
2014-04-27 |
2014-04-28 |
6.4 |
None |
Remote |
Low |
Not required |
None |
Partial |
Partial |
|
Directory traversal vulnerability in device-linux.c in the router advertisement daemon (radvd) before 1.8.2 allows local users to overwrite arbitrary files, and remote attackers to overwrite certain files, via a .. (dot dot) in an interface name. NOTE: this can be leveraged with a symlink to overwrite arbitrary files. |
|
14 |
CVE-2011-3603 |
20 |
|
|
2014-04-27 |
2014-04-28 |
4.4 |
None |
Local |
Medium |
Not required |
Partial |
Partial |
Partial |
|
The router advertisement daemon (radvd) before 1.8.2 does not properly handle errors in the privsep_init function, which causes the radvd daemon to run as root and has an unspecified impact. |
|
15 |
CVE-2011-3628 |
|
|
+Priv |
2014-04-15 |
2014-04-16 |
6.9 |
None |
Local |
Medium |
Not required |
Complete |
Complete |
Complete |
|
Untrusted search path vulnerability in pam_motd (aka the MOTD module) in libpam-modules before 1.1.3-2ubuntu2.1 on Ubuntu 11.10, before 1.1.2-2ubuntu8.4 on Ubuntu 11.04, before 1.1.1-4ubuntu2.4 on Ubuntu 10.10, before 1.1.1-2ubuntu5.4 on Ubuntu 10.04 LTS, and before 0.99.7.1-5ubuntu6.5 on Ubuntu 8.04 LTS, when using certain configurations such as "session optional pam_motd.so", allows local users to gain privileges by modifying the PATH environment variable to reference a malicious command, as demonstrated via uname. |
|
16 |
CVE-2011-4089 |
264 |
1
|
Exec Code |
2014-04-16 |
2014-04-17 |
4.6 |
None |
Local |
Low |
Not required |
Partial |
Partial |
Partial |
|
The bzexe command in bzip2 1.0.5 and earlier generates compressed executables that do not properly handle temporary files during extraction, which allows local users to execute arbitrary code by precreating a temporary directory. |
|
17 |
CVE-2011-4192 |
|
|
Exec Code |
2014-04-16 |
2014-04-17 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
kiwi before 4.85.1, as used in SUSE Studio Onsite 1.2 before 1.2.1 and SUSE Studio Extension for System z 1.2 before 1.2.1, allows attackers to execute arbitrary commands as demonstrated by "double quotes in kiwi_oemtitle of .profile." |
|
18 |
CVE-2011-4193 |
79 |
|
XSS |
2014-04-16 |
2014-04-17 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
|
Cross-site scripting (XSS) vulnerability in the overlay files tab in SUSE Studio Onsite 1.2 before 1.2.1 and SUSE Studio Extension for System z 1.2 before 1.2.1 allows remote attackers to inject arbitrary web script or HTML via a crafted application, related to cloning. |
|
19 |
CVE-2011-4195 |
|
|
Exec Code |
2014-04-16 |
2014-04-17 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
kiwi before 4.98.05, as used in SUSE Studio Onsite 1.2 before 1.2.1 and SUSE Studio Extension for System z 1.2 before 1.2.1, allows attackers to execute arbitrary commands via shell metacharacters in an image name. |
|
20 |
CVE-2011-4406 |
264 |
|
|
2014-04-16 |
2014-04-17 |
3.6 |
None |
Local |
Low |
Not required |
None |
Partial |
Partial |
|
The Ubuntu AccountsService package before 0.6.14-1git1ubuntu1.1 does not properly drop privileges when changing language settings, which allows local users to modify arbitrary files via unspecified vectors. |
|
21 |
CVE-2011-4573 |
264 |
|
|
2014-04-01 |
2014-04-01 |
3.5 |
None |
Remote |
Medium |
??? |
None |
Partial |
None |
|
Red Hat JBoss Operations Network (JON) before 2.4.2 does not properly enforce "modify resource" permissions for remote authenticated users when deleting a plug-in configuration update from the group connection properties history, which prevents such activities from being recorded in the audit trail. |
|
22 |
CVE-2011-4958 |
79 |
|
XSS |
2014-04-08 |
2018-10-09 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
|
Cross-site scripting (XSS) vulnerability in the process function in SSViewer.php in SilverStripe before 2.3.13 and 2.4.x before 2.4.6 allows remote attackers to inject arbitrary web script or HTML via the QUERY_STRING to template placeholders, as demonstrated by a request to (1) admin/reports/, (2) admin/comments/, (3) admin/, (4) admin/show/, (5) admin/assets/, and (6) admin/security/. |
|
23 |
CVE-2011-5277 |
89 |
1
|
Exec Code Sql |
2014-04-08 |
2017-08-29 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
Multiple SQL injection vulnerabilities in signature.php in the Advanced Forum Signatures (aka afsignatures) plugin 2.0.4 for MyBB allow remote attackers to execute arbitrary SQL commands via the (1) afs_type, (2) afs_background, (3) afs_showonline, (4) afs_bar_left, (5) afs_bar_center, (6) afs_full_line1, (7) afs_full_line2, (8) afs_full_line3, (9) afs_full_line4, (10) afs_full_line5, or (11) afs_full_line6 parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. |
|
24 |
CVE-2011-5278 |
89 |
1
|
Exec Code Sql |
2014-04-08 |
2017-08-29 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
SQL injection vulnerability in signature.php in Advanced Forum Signatures plugin (aka afsignatures) 2.0.4 for MyBB allows remote attackers to execute arbitrary SQL commands via the afs_bar_right parameter. |
|
25 |
CVE-2011-5279 |
|
|
|
2014-04-23 |
2020-11-23 |
5.0 |
None |
Remote |
Low |
Not required |
None |
Partial |
None |
|
CRLF injection vulnerability in the CGI implementation in Microsoft Internet Information Services (IIS) 4.x and 5.x on Windows NT and Windows 2000 allows remote attackers to modify arbitrary uppercase environment variables via a \n (newline) character in an HTTP header. |
|
26 |
CVE-2012-0032 |
264 |
|
|
2014-04-01 |
2014-04-01 |
3.7 |
None |
Local |
High |
Not required |
Partial |
Partial |
Partial |
|
Red Hat JBoss Operations Network (JON) before 3.0.1 uses 0777 permissions for the root directory when installing a remote client, which allows local users to read or modify subdirectories and files within the root directory, as demonstrated by obtaining JON credentials. |
|
27 |
CVE-2012-0033 |
399 |
|
DoS |
2014-04-08 |
2016-12-08 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
The CBounceDCCMod::OnPrivCTCP function in bouncedcc.cpp in the bouncedcc module in ZNC 0.200 and 0.202 allows remote attackers to cause a denial of service (crash) via a crafted DCC RESUME request. |
|
28 |
CVE-2012-0214 |
264 |
|
|
2014-04-15 |
2014-04-16 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
|
The pkgAcqMetaClearSig::Failed method in apt-pkg/acquire-item.cc in Advanced Package Tool (APT) 0.8.11 through 0.8.15.10 and 0.8.16 before 0.8.16~exp13, when updating from repositories that use InRelease files, allows man-in-the-middle attackers to install arbitrary packages by preventing a user from downloading the new InRelease file, which leaves the original InRelease file active and makes it more difficult to detect that the Packages file is modified and unsigned. |
|
29 |
CVE-2012-0360 |
399 |
|
DoS |
2014-04-23 |
2014-04-23 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
Memory leak in Cisco IOS before 15.1(1)SY, when IKEv2 debugging is enabled, allows remote attackers to cause a denial of service (memory consumption) via crafted packets, aka Bug ID CSCtn22376. |
|
30 |
CVE-2012-0871 |
59 |
|
|
2014-04-18 |
2022-01-28 |
6.3 |
None |
Local |
Medium |
Not required |
None |
Complete |
Complete |
|
The session_link_x11_socket function in login/logind-session.c in systemd-logind in systemd, possibly 37 and earlier, allows local users to create or overwrite arbitrary files via a symlink attack on the X11 user directory in /run/user/. |
|
31 |
CVE-2012-1317 |
119 |
|
DoS Overflow |
2014-04-23 |
2014-04-23 |
5.4 |
None |
Remote |
High |
Not required |
None |
None |
Complete |
|
The multicast implementation in Cisco IOS before 15.1(1)SY allows remote attackers to cause a denial of service (Route Processor crash) by sending packets at a high rate, aka Bug ID CSCts37717. |
|
32 |
CVE-2012-1366 |
20 |
|
DoS |
2014-04-23 |
2021-10-05 |
6.1 |
None |
Local Network |
Low |
Not required |
None |
None |
Complete |
|
Cisco IOS before 15.1(1)SY on ASR 1000 devices, when Multicast Listener Discovery (MLD) tracking is enabled for IPv6, allows remote attackers to cause a denial of service (device reload) via crafted MLD packets, aka Bug ID CSCtz28544. |
|
33 |
CVE-2012-1561 |
79 |
|
XSS |
2014-04-08 |
2017-08-29 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
|
Cross-site scripting (XSS) vulnerability in the Finder module 6.x-1.x before 6.x-1.26, 7.x-1.x, and 7.x-2.x before 7.x-2.0-alpha8 for Drupal allows remote attackers to inject arbitrary web script or HTML via unspecified vectors related to the "checkbox and radio button functionalities." |
|
34 |
CVE-2012-1834 |
79 |
|
XSS |
2014-04-07 |
2017-08-29 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
|
Cross-site scripting (XSS) vulnerability in the cms_tpv_admin_head function in functions.php in the CMS Tree Page View plugin before 0.8.9 for WordPress allows remote attackers to inject arbitrary web script or HTML via the cms_tpv_view parameter to wp-admin/options-general.php. |
|
35 |
CVE-2012-2095 |
20 |
1
|
+Priv |
2014-04-07 |
2014-04-08 |
6.9 |
None |
Local |
Medium |
Not required |
Complete |
Complete |
Complete |
|
The SetWiredProperty function in the D-Bus interface in WICD before 1.7.2 allows local users to write arbitrary configuration settings and gain privileges via a crafted property name in a dbus message. |
|
36 |
CVE-2012-3062 |
20 |
|
DoS |
2014-04-23 |
2014-04-23 |
5.7 |
None |
Local Network |
Medium |
Not required |
None |
None |
Complete |
|
Cisco IOS before 15.1(1)SY, when Multicast Listener Discovery (MLD) snooping is enabled, allows remote attackers to cause a denial of service (CPU consumption or device crash) via MLD packets on a network that contains many IPv6 hosts, aka Bug ID CSCtr88193. |
|
37 |
CVE-2012-3918 |
|
|
DoS |
2014-04-23 |
2014-04-23 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
None |
Partial |
|
Cisco IOS before 15.3(1)T on Cisco 2900 devices, when a VWIC2-2MFT-T1/E1 card is configured for TDM/HDLC mode, allows remote attackers to cause a denial of service (serial-interface outage) via certain Frame Relay traffic, aka Bug ID CSCub13317. |
|
38 |
CVE-2012-3946 |
264 |
|
Bypass |
2014-04-24 |
2014-04-24 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
Cisco IOS before 15.3(2)S allows remote attackers to bypass interface ACL restrictions in opportunistic circumstances by sending IPv6 packets in an unspecified scenario in which expected packet drops do not occur for "a small percentage" of the packets, aka Bug ID CSCty73682. |
|
39 |
CVE-2012-4230 |
264 |
|
XSS |
2014-04-25 |
2017-08-29 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
|
The bbcode plugin in TinyMCE 3.5.8 does not properly enforce the TinyMCE security policy for the (1) encoding directive and (2) valid_elements attribute, which allows attackers to conduct cross-site scripting (XSS) attacks via application-specific vectors, as demonstrated using a textarea element. |
|
40 |
CVE-2012-4638 |
|
|
DoS |
2014-04-23 |
2014-04-23 |
4.9 |
None |
Local |
Low |
Not required |
None |
None |
Complete |
|
Cisco IOS before 15.1(1)SY allows local users to cause a denial of service (device reload) by establishing an outbound SSH session, aka Bug ID CSCto00318. |
|
41 |
CVE-2012-4651 |
189 |
|
DoS |
2014-04-23 |
2014-04-23 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
None |
Partial |
|
Cisco IOS before 15.3(2)T, when scansafe is enabled, allows remote attackers to cause a denial of service (latency) via SYN packets that are not accompanied by SYN-ACK packets from the Scan Safe Tower, aka Bug ID CSCub85451. |
|
42 |
CVE-2012-4658 |
287 |
|
DoS |
2014-04-23 |
2014-04-23 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
The ios-authproxy implementation in Cisco IOS before 15.1(1)SY3 allows remote attackers to cause a denial of service (webauth and HTTP service outage) via vectors that trigger incorrectly terminated HTTP sessions, aka Bug ID CSCtz99447. |
|
43 |
CVE-2012-4920 |
22 |
|
Dir. Trav. |
2014-04-04 |
2017-08-29 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
Directory traversal vulnerability in the zing_forum_output function in forum.php in the Zingiri Forum (aka Forums) plugin before 1.4.4 for WordPress allows remote attackers to read arbitrary files via a .. (dot dot) in the url parameter to index.php. |
|
44 |
CVE-2012-4921 |
352 |
|
XSS CSRF |
2014-04-10 |
2014-04-11 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
|
Multiple cross-site request forgery (CSRF) vulnerabilities in the DVS Custom Notification plugin 1.0.1 and earlier for WordPress allow remote attackers to hijack the authentication of administrators for requests that (1) change application settings or (2) conduct cross-site scripting (XSS) attacks. |
|
45 |
CVE-2012-5014 |
|
|
DoS |
2014-04-23 |
2014-04-23 |
6.3 |
None |
Remote |
Medium |
??? |
None |
None |
Complete |
|
Cisco IOS before 15.1(2)SY allows remote authenticated users to cause a denial of service (device crash) by establishing an SSH session from a client and then placing this client into a (1) slow or (2) idle state, aka Bug ID CSCto87436. |
|
46 |
CVE-2012-5017 |
20 |
|
DoS |
2014-04-23 |
2021-10-05 |
6.8 |
None |
Remote |
Low |
??? |
None |
None |
Complete |
|
Cisco IOS before 15.1(1)SY1 allows remote authenticated users to cause a denial of service (device reload) by establishing a VPN session and then sending malformed IKEv2 packets, aka Bug ID CSCub39268. |
|
47 |
CVE-2012-5032 |
287 |
|
|
2014-04-23 |
2014-04-23 |
6.4 |
None |
Remote |
Low |
Not required |
None |
Partial |
Partial |
|
The Flex-VPN load-balancing feature in the ipsec-ikev2 implementation in Cisco IOS before 15.1(1)SY3 does not require authentication, which allows remote attackers to trigger the forwarding of VPN traffic to an attacker-controlled destination, or the discarding of this traffic, by arranging for an arbitrary device to become a cluster member, aka Bug ID CSCub93641. |
|
48 |
CVE-2012-5036 |
399 |
|
DoS |
2014-04-23 |
2014-04-23 |
6.8 |
None |
Remote |
Low |
??? |
None |
None |
Complete |
|
Cisco IOS before 12.2(50)SY1 allows remote authenticated users to cause a denial of service (memory consumption) via a sequence of VTY management sessions (aka exec sessions), aka Bug ID CSCtn43662. |
|
49 |
CVE-2012-5037 |
264 |
|
DoS |
2014-04-23 |
2014-04-23 |
4.6 |
None |
Local |
Low |
??? |
None |
None |
Complete |
|
The ACL implementation in Cisco IOS before 15.1(1)SY on Catalyst 6500 and 7600 devices allows local users to cause a denial of service (device reload) via a "no object-group" command followed by an object-group command, aka Bug ID CSCts16133. |
|
50 |
CVE-2012-5039 |
399 |
|
DoS |
2014-04-23 |
2014-04-23 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
None |
Partial |
|
The BGP Router process in Cisco IOS before 12.2(50)SY1 allows remote attackers to cause a denial of service (memory consumption) via vectors involving BGP path attributes, aka Bug ID CSCsw63003. |
