| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| Bugzilla before 2.14 stores user passwords in plaintext and sends password requests in an email message, which could allow attackers to gain privileges. |
| Zope 2.2.0 through 2.5.1 does not properly verify the access for objects with proxy roles, which could allow some users to access documents in violation of the intended configuration. |
| Zope 2.2.0 through 2.2.4 does not properly perform security registration for legacy names of object constructors such as DTML method objects, which could allow attackers to perform unauthorized activities. |
| Zope 2.2.0 through 2.2.4 does not properly protect a data updating method on Image and File objects, which allows attackers with DTML editing privileges to modify the raw data of these objects. |
| Buffer overflow in X11 dissector in Ethereal 0.9.3 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code while Ethereal is parsing keysyms. |
| Vulnerability in GIOP dissector in Ethereal before 0.9.3 allows remote attackers to cause a denial of service (memory consumption). |
| Format string vulnerability in print_client in icecast 1.3.8beta2 and earlier allows remote attackers to execute arbitrary commands. |
| licq before 1.0.3 allows remote attackers to execute arbitrary commands via shell metacharacters in a URL. |
| The URL handler in the manual browser option for Gaim before 0.59.1 allows remote attackers to execute arbitrary script via shell metacharacters in a link. |
| Format string vulnerability in the default logging callback function _sasl_syslog in common.c in Cyrus SASL library (cyrus-sasl) may allow remote attackers to execute arbitrary commands. |
| Certain backend drivers in the SANE library 1.0.3 and earlier, as used in frontend software such as XSane, allows local users to modify files via a symlink attack on temporary files. |
| The "through the web code" capability for Zope 2.0 through 2.5.1 b1 allows untrusted users to shut down the Zope server via certain headers. |
| ZCatalog plug-in index support capability for Zope 2.4.0 through 2.5.1 allows anonymous users and untrusted code to bypass access restrictions and call arbitrary methods of catalog indexes. |
| Zope before 2.2.4 allows partially trusted users to bypass security controls for certain methods by accessing the methods through the fmt attribute of dtml-var tags. |
| Bugzilla before 2.14 does not properly escape untrusted parameters, which could allow remote attackers to conduct unauthorized activities via cross-site scripting (CSS) and possibly SQL injection attacks on (1) the product or output form variables for reports.cgi, (2) the voteon, bug_id, and user variables for showvotes.cgi, (3) an invalid email address in createaccount.cgi, (4) an invalid ID in showdependencytree.cgi, (5) invalid usernames and other fields in process_bug.cgi, and (6) error messages in buglist.cgi. |
| Bugzilla before 2.14 allows Bugzilla users to bypass group security checks by marking a bug as the duplicate of a restricted bug, which adds the user to the CC list of the restricted bug and allows the user to view the bug. |
| Bugzilla 2.14 before 2.14.2, and 2.16 before 2.16rc2, allows remote attackers to display restricted products and components via a direct HTTP request to queryhelp.cgi. |
| Bugzilla 2.14 before 2.14.2, and 2.16 before 2.16rc2, when configured to perform reverse DNS lookups, allows remote attackers to bypass IP restrictions by connecting from a system with a spoofed reverse DNS hostname. |
| Bugzilla 2.14 before 2.14.2, and 2.16 before 2.16rc2, does not properly handle URL-encoded field names that are generated by some browsers, which could cause certain fields to appear to be unset, which has the effect of removing group permissions on bugs when buglist.cgi is provided with the encoded field names. |
| xSANE 0.81 and earlier allows local users to modify files of other xSANE users via a symlink attack on temporary files. |
