| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| The tcf_fill_node function in net/sched/cls_api.c in the netlink subsystem in the Linux kernel 2.6.x before 2.6.32-rc5, and 2.4.37.6 and earlier, does not initialize a certain tcm__pad2 structure member, which might allow local users to obtain sensitive information from kernel memory via unspecified vectors. NOTE: this issue exists because of an incomplete fix for CVE-2005-4881. |
| install.php in Drupal 5.x before 5.3, when the configured database server is not reachable, allows remote attackers to execute arbitrary code via vectors that cause settings.php to be modified. |
| puppetmasterd in puppet 0.24.6 does not reset supplementary groups when it switches to a different user, which might allow local users to access restricted files. |
| Heap-based buffer overflow in pcre_compile.c in the Perl-Compatible Regular Expression (PCRE) library 7.7 allows context-dependent attackers to cause a denial of service (crash) or possibly execute arbitrary code via a regular expression that begins with an option and contains multiple branches. |
| Buffer underflow in src/http/ngx_http_parse.c in nginx 0.1.0 through 0.5.37, 0.6.x before 0.6.39, 0.7.x before 0.7.62, and 0.8.x before 0.8.15 allows remote attackers to execute arbitrary code via crafted HTTP requests. |
| Red Hat Cluster Project 2.x allows local users to modify or overwrite arbitrary files via symlink attacks on files in /tmp, involving unspecified components in Resource Group Manager (aka rgmanager) before 2.03.09-1, gfs2-utils before 2.03.09-1, and CMAN - The Cluster Manager before 2.03.09-1 on Fedora 9. |
| The vmx_set_msr function in arch/x86/kvm/vmx.c in the VMX implementation in the KVM subsystem in the Linux kernel before 2.6.29.1 on the i386 platform allows guest OS users to cause a denial of service (OOPS) by setting the EFER_LME (aka "Long mode enable") bit in the Extended Feature Enable Register (EFER) model-specific register, which is specific to the x86_64 platform. |
| Multiple unspecified vulnerabilities in BitlBee before 1.2.3 allow remote attackers to "overwrite" and "hijack" existing accounts via unknown vectors related to "inconsistent handling of the USTATUS_IDENTIFIED state." NOTE: this issue exists because of an incomplete fix for CVE-2008-3920. |
| The mod_deflate module in Apache httpd 2.2.11 and earlier compresses large files until completion even after the associated network connection is closed, which allows remote attackers to cause a denial of service (CPU consumption). |
| The CUPS service, as used in SUSE Linux before 20070720 and other Linux distributions, allows remote attackers to cause a denial of service via unspecified vectors related to an incomplete fix for CVE-2007-0720 that introduced a different denial of service problem in SSL negotiation. |
| The core server component in PostgreSQL 8.3 before 8.3.8 and 8.2 before 8.2.14, when using LDAP authentication with anonymous binds, allows remote attackers to bypass authentication via an empty password. |
| nsFrameManager in Firefox 3.x before 3.0.4, Firefox 2.x before 2.0.0.18, Thunderbird 2.x before 2.0.0.18, and SeaMonkey 1.x before 1.1.13 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code by modifying properties of a file input element while it is still being initialized, then using the blur method to access uninitialized memory. |
| The date handling code in modules/proxy/proxy_util.c (mod_proxy) in Apache 2.3.0, when using a threaded MPM, allows remote origin servers to cause a denial of service (caching forward proxy process crash) via crafted date headers that trigger a buffer over-read. |
| libraries/libldap/tls_o.c in OpenLDAP 2.2 and 2.4, and possibly other versions, when OpenSSL is used, does not properly handle a '\0' character in a domain name in the subject's Common Name (CN) field of an X.509 certificate, which allows man-in-the-middle attackers to spoof arbitrary SSL servers via a crafted certificate issued by a legitimate Certification Authority, a related issue to CVE-2009-2408. |
| The multipart processor in ModSecurity before 2.5.9 allows remote attackers to cause a denial of service (crash) via a multipart form datapost request with a missing part header name, which triggers a NULL pointer dereference. |
| SQL injection vulnerability in the Schema API in Drupal 6.x before 6.3 allows remote attackers to execute arbitrary SQL commands via vectors related to "an inappropriate placeholder for 'numeric' fields." |
| Cross-site request forgery (CSRF) vulnerability in Drupal 6.x before 6.3 allows remote attackers to perform administrative actions via vectors involving deletion of OpenID identities. |
| Buffer overflow in the util_path_encode function in udev/lib/libudev-util.c in udev before 1.4.1 allows local users to cause a denial of service (service outage) via vectors that trigger a call with crafted arguments. |
| Untrusted search path vulnerability in the PySys_SetArgv API function in Python 2.6 and earlier, and possibly later versions, prepends an empty string to sys.path when the argv[0] argument does not contain a path separator, which might allow local users to execute arbitrary code via a Trojan horse Python file in the current working directory. |
| Session fixation vulnerability in Drupal 5.x before 5.9 and 6.x before 6.3, when contributed modules "terminate the current request during a login event," allows remote attackers to hijack web sessions via unknown vectors. |
