VIR Vulnerability Intelligence Relay

Search

Found 721 results in 329ms · Match type: Filtered list

Severitycriticalhighmediumlowunknown
0
KEVHas exploit
Reset
CVE Severity CVSS Risk Flags OS Vendor Published Description
CVE-2012-0042 low 2.9 FIX rheldebian debian wireshark 14y ago Wireshark 1.4.x before 1.4.11 and 1.6.x before 1.6.5 does not properly perform certain string conversions, which allows remote attackers to cause a denial of service (NULL pointer dereference and app…
CVE-2011-4749 critical 10.0 rhel parallels 15y ago The billing system for Parallels Plesk Panel 10.3.1_build1013110726.09 generates a password form field without disabling the autocomplete feature, which makes it easier for remote attackers to bypass…
CVE-2011-4744 critical 10.0 rhel parallels 15y ago The Control Panel in Parallels Plesk Panel 10.2.0 build 20110407.20 sends incorrect Content-Type headers for certain resources, which might allow remote attackers to have an unspecified impact by lev…
CVE-2011-4743 critical 10.0 rhel parallels 15y ago The Control Panel in Parallels Plesk Panel 10.2.0 build 20110407.20 omits the Content-Type header's charset parameter for certain resources, which might allow remote attackers to have an unspecified …
CVE-2011-4739 critical 10.0 rhel parallels 15y ago The Control Panel in Parallels Plesk Panel 10.2.0 build 20110407.20 generates a password form field without disabling the autocomplete feature, which makes it easier for remote attackers to bypass au…
CVE-2011-4733 critical 10.0 rhel parallels 15y ago The Server Administration Panel in Parallels Plesk Panel 10.2.0_build1011110331.18 sends incorrect Content-Type headers for certain resources, which might allow remote attackers to have an unspecifie…
CVE-2011-4732 critical 10.0 rhel parallels 15y ago The Server Administration Panel in Parallels Plesk Panel 10.2.0_build1011110331.18 omits the Content-Type header's charset parameter for certain resources, which might allow remote attackers to have …
CVE-2011-4730 critical 10.0 rhel parallels 15y ago The Server Administration Panel in Parallels Plesk Panel 10.2.0_build1011110331.18 generates a password form field without disabling the autocomplete feature, which makes it easier for remote attacke…
CVE-2011-4727 critical 10.0 rhel parallels 15y ago The Server Administration Panel in Parallels Plesk Panel 10.2.0_build1011110331.18 does not properly validate string data that is intended for storage in an XML document, which allows remote attacker…
CVE-2011-4339 low 3.6 FIX debian debian rhel ipmitool_project 15y ago ipmievd (aka the IPMI event daemon) in OpenIPMI, as used in the ipmitool package 1.8.11 in Red Hat Enterprise Linux (RHEL) 6, Debian GNU/Linux, Fedora 16, and other products uses 0666 permissions for…
CVE-2011-4346 low 3.5 rhel redhat 15y ago Cross-site scripting (XSS) vulnerability in the web interface in Red Hat Network (RHN) Satellite 5.4.1 allows remote authenticated users to inject arbitrary web script or HTML via the Description fie…
CVE-2011-2492 low 1.9 FIX linux-kernel rhel 15y ago The bluetooth subsystem in the Linux kernel before 3.0-rc4 does not properly initialize certain data structures, which allows local users to obtain potentially sensitive information from kernel memor…
CVE-2011-1163 low 2.1 FIX linux-kernelsuse suse rhel 15y ago The osf_partition function in fs/partitions/osf.c in the Linux kernel before 2.6.38 does not properly handle an invalid number of partitions, which might allow local users to obtain potentially sensi…
CVE-2011-0711 low 2.1 FIX linux-kernel rhel 16y ago The xfs_fs_geometry function in fs/xfs/xfs_fsops.c in the Linux kernel before 2.6.38-rc6-git3 does not initialize a certain structure member, which allows local users to obtain potentially sensitive …
CVE-2011-1044 low 2.1 FIX linux-kernel rhel 16y ago The ib_uverbs_poll_cq function in drivers/infiniband/core/uverbs_cmd.c in the Linux kernel before 2.6.37 does not initialize a certain response buffer, which allows local users to obtain potentially …
CVE-2010-3881 low 2.1 FIX linux-kernelsuse suse rhel 16y ago arch/x86/kvm/x86.c in the Linux kernel before 2.6.36.2 does not initialize certain structure members, which allows local users to obtain potentially sensitive information from kernel stack memory via…
CVE-2010-4203 critical 9.8 9.8 FIX debian debian rhel googlewebmproject 16y ago WebM libvpx (aka the VP8 Codec SDK) before 0.9.5, as used in Google Chrome before 7.0.517.44, allows remote attackers to cause a denial of service (memory corruption) or possibly execute arbitrary co…
CVE-2010-2941 critical 9.8 9.8 FIX debian debiansuse susemacos macos apple 16y ago ipp.c in cupsd in CUPS 1.4.4 and earlier does not properly allocate memory for attribute values with invalid string data types, which allows remote attackers to cause a denial of service (use-after-f…
CVE-2010-1439 low 3.6 fedora fedora rhel redhat 16y ago yum-rhn-plugin in Red Hat Network Client Tools (aka rhn-client-tools) on Red Hat Enterprise Linux (RHEL) 5 and Fedora uses world-readable permissions for the /var/spool/up2date/loginAuth.pkl file, wh…
CVE-2010-0730 low 2.6 linux-kernel rhel 16y ago The MMIO instruction decoder in the Xen hypervisor in the Linux kernel 2.6.18 in Red Hat Enterprise Linux (RHEL) 5 allows guest OS users to cause a denial of service (32-bit guest OS crash) via vecto…
CVE-2009-3556 low 1.9 linux-kernel rhel 17y ago A certain Red Hat configuration step for the qla2xxx driver in the Linux kernel 2.6.18 on Red Hat Enterprise Linux (RHEL) 5, when N_Port ID Virtualization (NPIV) hardware is used, sets world-writable…