| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| It was found in FreeBSD 8.0, 6.3 and 4.9, and OpenBSD 4.6 that a null pointer dereference in ftpd/popen.c may lead to remote denial of service of the ftpd service. |
| Coppermine gallery before 1.4.26 has an input validation vulnerability that allows for code execution. |
| In ConsoleKit before 0.4.2, an intended security policy restriction bypass was found. This flaw allows an authenticated system user to escalate their privileges by initiating a remote VNC session. |
| PmWiki before 2.2.21 has XSS. |
| udisks before 1.0.3 allows a local user to load arbitrary Linux kernel modules. |
| Unspecified vulnerability in statusnet through 2010 due to the way addslashes are used in SQL string escapes.. |
| Cross-site scripting (XSS) vulnerability in statusnet through 2010 in error message contents. |
| statusnet through 2010 allows attackers to spoof syslog messages via newline injection attacks. |
| PHP5 before 5.4.4 allows passing invalid utf-8 strings via the xmlTextWriterWriteAttribute, which are then misparsed by libxml2. This results in memory leak into the resulting output. |
| poppler before 0.16.3 has malformed commands that may cause corruption of the internal stack. |
| An integer overflow condition in poppler before 0.16.3 can occur when parsing CharCodes for fonts. |
| offlineimap before 6.3.4 added support for SSL server certificate validation but it is still possible to use SSL v2 protocol, which is a flawed protocol with multiple security deficiencies. |
| offlineimap before 6.3.2 does not check for SSL server certificate validation when "ssl = yes" option is specified which can allow man-in-the-middle attacks. |
| It was found in vanilla forums before 2.0.10 a potential linkbait vulnerability in dispatcher. |
| It was found in vanilla forums before 2.0.10 a cross-site scripting vulnerability where a filename could contain arbitrary code to execute on the client side. |
| pootle 2.0.5 has XSS via 'match_names' parameter |
| Tiki Wiki CMS Groupware 5.2 has CSRF |
| Tiki Wiki CMS Groupware 5.2 has XSS |
| Tiki Wiki CMS Groupware 5.2 has Local File Inclusion |
| Mercurial before 1.6.4 fails to verify the Common Name field of SSL certificates which allows remote attackers who acquire a certificate signed by a Certificate Authority to perform a man-in-the-middle attack. |
