VIR Vulnerability Intelligence Relay

Search

Found 835 results in 628ms · Match type: Filtered list

Severitycriticalhighmediumlowunknown
0
KEVHas exploit
Reset
CVE Severity CVSS Risk Flags OS Vendor Published Description
CVE-2010-3083 medium 4.3 apache 16y ago sys/ssl/SslSocket.cpp in qpidd in Apache Qpid, as used in Red Hat Enterprise MRG before 1.2.2 and other products, when SSL is enabled, allows remote attackers to cause a denial of service (daemon out…
CVE-2010-3315 medium 6.0 FIX debian debian apache 16y ago authz.c in the mod_dav_svn module for the Apache HTTP Server, as distributed in Apache Subversion 1.5.x before 1.5.8 and 1.6.x before 1.6.13, when SVNPathAuthz short_circuit is enabled, does not prop…
CVE-2010-1623 medium 5.0 FIX debian debian apache 16y ago Memory leak in the apr_brigade_split_line function in buckets/apr_brigade.c in the Apache Portable Runtime Utility library (aka APR-util) before 1.3.10, as used in the mod_reqtimeout module in the Ap…
CVE-2010-2953 medium 6.9 apache 16y ago Untrusted search path vulnerability in a certain Debian GNU/Linux patch for the couchdb script in CouchDB 0.8.0 allows local users to gain privileges via a crafted shared library in the current worki…
CVE-2010-2952 medium 4.3 FIX debian debian apache 16y ago Apache Traffic Server before 2.0.1, and 2.1.x before 2.1.2-unstable, does not properly choose DNS source ports and transaction IDs, and does not properly use DNS query fields to validate responses, w…
CVE-2010-2234 medium 6.8 apache 16y ago Cross-site request forgery (CSRF) vulnerability in Apache CouchDB 0.8.0 through 0.11.0 allows remote attackers to hijack the authentication of administrators for direct requests to an installation UR…
CVE-2010-2076 critical 9.8 9.8 apache 16y ago Improper Input Validation in Apache CXF
CVE-2010-1870 medium 6.0 EXP apache 16y ago Server side object manipulation in Apache Struts
CVE-2010-2791 medium 5.0 FIX debian debian apache 16y ago mod_proxy in httpd in Apache HTTP Server 2.2.9, when running on Unix, does not close the backend connection if a timeout occurs when reading a response from a persistent connection, which allows remo…
CVE-2009-2696 medium 4.3 rhel apache 16y ago Cross-site scripting (XSS) vulnerability in jsp/cal/cal2.jsp in the calendar application in the examples web application in Apache Tomcat on Red Hat Enterprise Linux 5, Desktop Workstation 5, and Lin…
CVE-2010-1452 medium 5.0 FIX debian debian apache 16y ago The (1) mod_cache and (2) mod_dav modules in the Apache HTTP Server 2.2.x before 2.2.16 allow remote attackers to cause a denial of service (process crash) via a request that lacks a path.
CVE-2010-2227 medium 7.4 EXP apache 16y ago Apache Tomcat does not properly handle an invalid Transfer-Encoding header
CVE-2010-1632 high 7.5 ibmapache 16y ago Improper Input Validation in Apache Axis2
CVE-2010-2068 medium 5.0 FIX debian debian apache 16y ago mod_proxy_http.c in mod_proxy_http in the Apache HTTP Server 2.2.9 through 2.2.15, 2.3.4-alpha, and 2.3.5-alpha on Windows, NetWare, and OS/2, in certain configurations involving proxy worker pools, …
CVE-2010-0395 critical 9.3 fedora fedoraubuntu ubuntudebian debian apache 16y ago OpenOffice.org 2.x and 3.0 before 3.2.1 allows user-assisted remote attackers to bypass Python macro security restrictions and execute arbitrary Python code via a crafted OpenDocument Text (ODT) file…
CVE-2010-2103 medium 5.3 EXPFIX debian debian apache3comsap 16y ago Improper Neutralization of Input During Web Page Generation in Apache Axis2
CVE-2010-2086 medium 4.0 apache 16y ago Apache MyFaces Cross-site Scripting vulnerability
CVE-2010-1587 medium 6.0 EXP apache 16y ago Apache ActiveMQ Sensitive Information Disclosure via the Jetty ResourceHandler
CVE-2010-1151 medium 6.8 apache 16y ago Race condition in the mod_auth_shadow module for the Apache HTTP Server allows remote attackers to bypass authentication, and read and possibly modify data, via vectors related to improper interactio…
CVE-2010-0432 medium 5.3 EXP apache 16y ago Multiple cross-site scripting (XSS) vulnerabilities in the Apache Open For Business Project (aka OFBiz) 09.04 and earlier, as used in Opentaps, Neogia, and Entente Oya, allow remote attackers to inje…
CVE-2010-1244 medium 6.8 apache 16y ago Cross-site request forgery in Apache ActiveMQ
CVE-2010-0009 medium 4.3 apache 16y ago Apache CouchDB 0.8.0 through 0.10.1 allows remote attackers to obtain sensitive information by measuring the completion time of operations that verify (1) hashes or (2) passwords.
CVE-2010-0434 medium 4.3 FIX debian debianfedora fedora apache 17y ago The ap_read_request function in server/protocol.c in the Apache HTTP Server 2.2.x before 2.2.15, when a multithreaded MPM is used, does not properly handle headers in subrequests in certain circumsta…
CVE-2010-0408 medium 5.0 FIX debian debian apache 17y ago The ap_proxy_ajp_request function in mod_proxy_ajp.c in mod_proxy_ajp in the Apache HTTP Server 2.2.x before 2.2.15 does not properly handle certain situations in which a client sends no request body…
CVE-2010-0136 critical 9.3 ubuntu ubuntudebian debian apache 17y ago OpenOffice.org (OOo) 2.0.4, 2.4.1, and 3.1.1 does not properly enforce Visual Basic for Applications (VBA) macro security settings, which allows remote attackers to run arbitrary macros via a crafted…
CVE-2009-3302 critical 9.3 ubuntu ubuntudebian debian apache 17y ago filter/ww8/ww8par2.cxx in OpenOffice.org (OOo) before 3.2 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted sprmTSetBrc table p…
CVE-2009-3301 critical 9.3 ubuntu ubuntudebian debian apache 17y ago Integer underflow in filter/ww8/ww8par2.cxx in OpenOffice.org (OOo) before 3.2 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafte…
CVE-2009-2950 critical 9.3 ubuntu ubuntudebian debian apache 17y ago Heap-based buffer overflow in the GIFLZWDecompressor::GIFLZWDecompressor function in filter.vcl/lgif/decode.cxx in OpenOffice.org (OOo) before 3.2 allows remote attackers to cause a denial of service…
CVE-2009-2949 critical 9.3 ubuntu ubuntudebian debian apache 17y ago Integer overflow in the XPMReader::ReadXPM function in filter.vcl/ixpm/svt_xpmread.cxx in OpenOffice.org (OOo) before 3.2 allows remote attackers to execute arbitrary code via a crafted XPM file that…
CVE-2003-1580 medium 4.3 debian debian apache 17y ago The Apache HTTP Server 2.0.44, when DNS resolution is enabled for client IP addresses, uses a logging format that does not identify whether a dotted quad represents an unresolved IP address, which al…
CVE-2010-0010 medium 6.8 apache 17y ago Integer overflow in the ap_proxy_send_fb function in proxy/proxy_util.c in mod_proxy in the Apache HTTP Server before 1.3.42 on 64-bit platforms allows remote origin servers to cause a denial of serv…
CVE-2009-2902 medium 4.3 apache 17y ago Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') in Apache Tomcat
CVE-2009-2901 medium 4.3 apache 17y ago Improper Authentication in Apache Tomcat
CVE-2009-2693 medium 5.8 apache 17y ago Apache Tomcat Directory Traversal vulnerability
CVE-2009-3555 critical 9.8 10.0 EXPFIX debian debianubuntu ubuntufedora fedora apachegnumozilla 17y ago The TLS protocol, and the SSL protocol 3.0 and possibly earlier, as used in Microsoft Internet Information Services (IIS) 7.0, mod_ssl in the Apache HTTP Server 2.2.14 and earlier, OpenSSL before 0.9…