Show filters
456 Total Results
Displaying 11-20 of 456
Sort by:
Attacker Value
Unknown

CVE-2020-5504

Disclosure Date: January 09, 2020 (last updated February 21, 2025)
In phpMyAdmin 4 before 4.9.4 and 5 before 5.0.1, SQL injection exists in the user accounts page. A malicious user could inject custom SQL in place of their own username when creating queries to this page. An attacker must have a valid MySQL account to access the server.
Attack Vector: NetworkPrivileges: LowUser Interaction: None
0
0
Attacker Value
Unknown

CVE-2012-2736

Disclosure Date: December 26, 2019 (last updated November 27, 2024)
In NetworkManager 0.9.2.0, when a new wireless network was created with WPA/WPA2 security in AdHoc mode, it created an open/insecure network.
Attack Vector: LocalPrivileges: LowUser Interaction: None
0
0
Attacker Value
Unknown

CVE-2014-3495

Disclosure Date: December 13, 2019 (last updated November 27, 2024)
duplicity 0.6.24 has improper verification of SSL certificates
Attack Vector: NetworkPrivileges: NoneUser Interaction: None
0
0
Attacker Value
Unknown

CVE-2014-2387

Disclosure Date: December 13, 2019 (last updated November 27, 2024)
Pen 0.18.0 has Insecure Temporary File Creation vulnerabilities
Attack Vector: LocalPrivileges: LowUser Interaction: None
0
0
Attacker Value
Unknown

CVE-2013-7370

Disclosure Date: December 11, 2019 (last updated November 27, 2024)
node-connect before 2.8.1 has XSS in the Sencha Labs Connect middleware
Attack Vector: NetworkPrivileges: NoneUser Interaction: Required
0
0
Attacker Value
Unknown

CVE-2013-2625

Disclosure Date: November 27, 2019 (last updated November 27, 2024)
An Access Bypass issue exists in OTRS Help Desk before 3.2.4, 3.1.14, and 3.0.19, OTRS ITSM before 3.2.3, 3.1.8, and 3.0.7, and FAQ before 2.2.3, 2.1.4, and 2.0.8. Access rights by the object linking mechanism is not verified
Attack Vector: NetworkPrivileges: NoneUser Interaction: None
0
0
Attacker Value
Unknown

CVE-2012-6655

Disclosure Date: November 27, 2019 (last updated November 27, 2024)
An issue exists AccountService 0.6.37 in the user_change_password_authorized_cb() function in user.c which could let a local users obtain encrypted passwords.
Attack Vector: LocalPrivileges: LowUser Interaction: None
0
0
Attacker Value
Unknown

CVE-2011-1145

Disclosure Date: November 14, 2019 (last updated November 27, 2024)
The SQLDriverConnect() function in unixODBC before 2.2.14p2 have a possible buffer overflow condition when specifying a large value for SAVEFILE parameter in the connection string.
Attack Vector: LocalPrivileges: LowUser Interaction: None
0
0
Attacker Value
Unknown

CVE-2011-1588

Disclosure Date: November 14, 2019 (last updated November 27, 2024)
Thunar before 1.3.1 could crash when copy and pasting a file name with % format characters due to a format string error.
Attack Vector: LocalPrivileges: NoneUser Interaction: Required
0
0
Attacker Value
Unknown

CVE-2011-1490

Disclosure Date: November 14, 2019 (last updated November 27, 2024)
A memory leak in rsyslog before 5.7.6 was found in the way deamon processed log messages are logged when multiple rulesets were used and some output batches contained messages belonging to more than one ruleset. A local attacker could cause denial of the rsyslogd daemon service via a log message belonging to more than one ruleset
Attack Vector: LocalPrivileges: LowUser Interaction: None
0
0
View More Topics  < Previous  Next >