| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| The mirroring support (-M, --use-mirrors) in Python Pip before 1.5 uses insecure DNS querying and authenticity checks which allows attackers to perform man-in-the-middle attacks. |
| Perdition before 2.2 may have weak security when handling outbound connections, caused by an error in the STARTTLS IMAP and POP server. ssl_outgoing_ciphers not being applied to STARTTLS connections |
| Qemu 1.1.2+dfsg to 2.1+dfsg suffers from a buffer overrun which could potentially result in arbitrary code execution on the host with the privileges of the QEMU process. |
| slim has NULL pointer dereference when using crypt() method from glibc 2.17 |
| The eglibc package before 2.14 incorrectly handled the getaddrinfo() function. An attacker could use this issue to cause a denial of service. |
| The scipy.weave component in SciPy before 0.12.1 creates insecure temporary directories. |
| Orca has arbitrary code execution due to insecure Python module load |
| shadow: TOCTOU (time-of-check time-of-use) race condition when copying and removing directory trees |
| Perl module Data::UUID from CPAN version 1.219 vulnerable to symlink attacks |
| Cross-site scripting (XSS) vulnerability in SmokePing 2.6.9 in the start and end time fields. |
| smokeping before 2.6.9 has XSS (incomplete fix for CVE-2012-0790) |
| kde-workspace before 4.10.5 has a memory leak in plasma desktop |
| evince is missing a check on number of pages which can lead to a segmentation fault |
| An SQL Injection vulnerability exists in MiniDLNA prior to 1.1.0 |
| MiniDLNA has heap-based buffer overflow |
| An Access Bypass issue exists in OTRS Help Desk before 3.2.4, 3.1.14, and 3.0.19, OTRS ITSM before 3.2.3, 3.1.8, and 3.0.7, and FAQ before 2.2.3, 2.1.4, and 2.0.8. Access rights by the object linking mechanism is not verified |
| MiniUPnPd has information disclosure use of snprintf() |
| HTTPSConnections in OpenStack Keystone 2013, OpenStack Compute 2013.1, and possibly other OpenStack components, fail to validate server-side SSL certificates. |
| GLPI 0.83.7 has Local File Inclusion in common.tabs.php. |
| python-keystoneclient version 0.2.3 to 0.2.5 has middleware memcache signing bypass |
