CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Security Vulnerabilities (CVSS score between 2 and 2.99)

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
2651 CVE-2011-3177 200 +Info 2017-09-08 2017-09-18
2.1
None Local Low Not required Partial None None
The YaST2 network created files with world readable permissions which could have allowed local users to read sensitive material out of network configuration files, like passwords for wireless networks.
2652 CVE-2011-3149 119 DoS Overflow 2012-07-22 2019-01-03
2.1
None Local Low Not required None None Partial
The _expand_arg function in the pam_env module (modules/pam_env/pam_env.c) in Linux-PAM (aka pam) before 1.1.5 does not properly handle when environment variable expansion can overflow, which allows local users to cause a denial of service (CPU consumption).
2653 CVE-2011-2977 +Info 2011-08-09 2017-08-28
2.1
None Local Low Not required Partial None None
Bugzilla 3.6.x before 3.6.6, 3.7.x, 4.0.x before 4.0.2, and 4.1.x before 4.1.3 on Windows does not delete the temporary files associated with uploaded attachments, which allows local users to obtain sensitive information by reading these files. NOTE: this issue exists because of a regression in 3.6.
2654 CVE-2011-2712 79 XSS 2011-08-29 2018-10-09
2.6
None Remote High Not required None Partial None
Cross-site scripting (XSS) vulnerability in Apache Wicket 1.4.x before 1.4.18, when setAutomaticMultiWindowSupport is enabled, allows remote attackers to inject arbitrary web script or HTML via unspecified parameters.
2655 CVE-2011-2700 119 DoS Overflow 2011-09-06 2012-03-19
2.1
None Local Low Not required None None Partial
Multiple buffer overflows in the si4713_write_econtrol_string function in drivers/media/radio/si4713-i2c.c in the Linux kernel before 2.6.39.4 on the N900 platform might allow local users to cause a denial of service or have unspecified other impact via a crafted s_ext_ctrls operation with a (1) V4L2_CID_RDS_TX_PS_NAME or (2) V4L2_CID_RDS_TX_RADIO_TEXT control ID.
2656 CVE-2011-2694 79 XSS 2011-07-29 2018-10-30
2.6
None Remote High Not required None Partial None
Cross-site scripting (XSS) vulnerability in the chg_passwd function in web/swat.c in the Samba Web Administration Tool (SWAT) in Samba 3.x before 3.5.10 allows remote authenticated administrators to inject arbitrary web script or HTML via the username parameter to the passwd program (aka the user field to the Change Password page).
2657 CVE-2011-2684 59 2017-10-23 2017-11-21
2.1
None Local Low Not required None Partial None
foo2zjs before 20110722dfsg-3ubuntu1 as packaged in Ubuntu, 20110722dfsg-1 as packaged in Debian unstable, and 20090908dfsg-5.1+squeeze0 as packaged in Debian squeeze create temporary files insecurely, which allows local users to write over arbitrary files via a symlink attack on /tmp/foo2zjs.
2658 CVE-2011-2642 79 XSS 2011-08-01 2017-08-28
2.6
None Remote High Not required None Partial None
Multiple cross-site scripting (XSS) vulnerabilities in the table Print view implementation in tbl_printview.php in phpMyAdmin before 3.3.10.3 and 3.4.x before 3.4.3.2 allow remote authenticated users to inject arbitrary web script or HTML via a crafted table name.
2659 CVE-2011-2527 264 2012-06-21 2017-08-28
2.1
None Local Low Not required Partial None None
The change_process_uid function in os-posix.c in Qemu 0.14.0 and earlier does not properly drop group privileges when the -runas option is used, which allows local guest users to access restricted files on the host.
2660 CVE-2011-2495 264 2012-06-13 2013-12-30
2.1
None Local Low Not required Partial None None
fs/proc/base.c in the Linux kernel before 2.6.39.4 does not properly restrict access to /proc/#####/io files, which allows local users to obtain sensitive I/O statistics by polling a file, as demonstrated by discovering the length of another user's password.
2661 CVE-2011-2494 200 +Info 2012-06-13 2017-12-28
2.1
None Local Low Not required Partial None None
kernel/taskstats.c in the Linux kernel before 3.1 allows local users to obtain sensitive I/O statistics by sending taskstats commands to a netlink socket, as demonstrated by discovering the length of another user's password.
2662 CVE-2011-2493 DoS 2012-06-13 2012-06-14
2.1
None Local Low Not required None None Partial
The ext4_fill_super function in fs/ext4/super.c in the Linux kernel before 2.6.39 does not properly initialize a certain error-report data structure, which allows local users to cause a denial of service (OOPS) by attempting to mount a crafted ext4 filesystem.
2663 CVE-2011-2477 79 XSS 2011-06-14 2017-08-28
2.6
None Remote High Not required None Partial None
Multiple cross-site scripting (XSS) vulnerabilities in config.c in config.cgi in Icinga before 1.4.1, when escape_html_tags is disabled, allow remote attackers to inject arbitrary web script or HTML via a JavaScript expression, as demonstrated by the onload attribute of a BODY element located after a check-host-alive! sequence, a different vulnerability than CVE-2011-2179.
2664 CVE-2011-2465 DoS 2011-07-08 2018-10-09
2.6
None Remote High Not required None None Partial
Unspecified vulnerability in ISC BIND 9 9.8.0, 9.8.0-P1, 9.8.0-P2, and 9.8.1b1, when recursion is enabled and the Response Policy Zone (RPZ) contains DNAME or certain CNAME records, allows remote attackers to cause a denial of service (named daemon crash) via an unspecified query.
2665 CVE-2011-2327 2011-10-18 2012-01-11
2.1
None Local Low Not required Partial None None
Unspecified vulnerability in the Oracle Communications Unified component in Oracle Sun Products Suite 7.0 allows local users to affect confidentiality via unknown vectors related to Delegated Administrator.
2666 CVE-2011-2292 2011-10-18 2012-01-11
2.4
None Local High Single system Partial Partial None
Unspecified vulnerability in Oracle Solaris 9 and 11 Express allows local users to affect confidentiality and integrity via unknown vectors related to xscreensaver.
2667 CVE-2011-2286 2011-10-18 2011-12-23
2.1
None Remote High Single system None None Partial
Unspecified vulnerability in Oracle Solaris 10 and 11 Express allows remote authenticated users to affect availability, related to ZFS.
2668 CVE-2011-2263 2011-07-20 2011-10-04
2.1
None Local Low Not required Partial None None
Unspecified vulnerability in Sun Integrated Lights Out Manager in Oracle SysFW 8.0.3.b or earlier for various Oracle SPARC T3, SPARC Netra T3, Sun Blade, and Sun Fire servers allows local users to affect confidentiality via unknown vectors.
2669 CVE-2011-2210 264 +Info 2012-06-13 2012-06-13
2.1
None Local Low Not required Partial None None
The osf_getsysinfo function in arch/alpha/kernel/osf_sys.c in the Linux kernel before 2.6.39.4 on the Alpha platform does not properly restrict the data size for GSI_GET_HWRPB operations, which allows local users to obtain sensitive information from kernel memory via a crafted call.
2670 CVE-2011-2209 189 +Info 2012-06-13 2012-06-13
2.1
None Local Low Not required None None Partial
Integer signedness error in the osf_sysinfo function in arch/alpha/kernel/osf_sys.c in the Linux kernel before 2.6.39.4 on the Alpha platform allows local users to obtain sensitive information from kernel memory via a crafted call.
2671 CVE-2011-2208 189 +Info 2012-06-13 2012-06-13
2.1
None Local Low Not required Partial None None
Integer signedness error in the osf_getdomainname function in arch/alpha/kernel/osf_sys.c in the Linux kernel before 2.6.39.4 on the Alpha platform allows local users to obtain sensitive information from kernel memory via a crafted call.
2672 CVE-2011-2203 264 DoS 2012-01-27 2012-03-19
2.1
None Local Low Not required None None Partial
The hfs_find_init function in the Linux kernel 2.6 allows local users to cause a denial of service (NULL pointer dereference and Oops) by mounting an HFS file system with a malformed MDB extent record.
2673 CVE-2011-2190 310 2011-10-06 2012-05-14
2.1
None Local Low Not required Partial None None
The generate_admin_password function in Cherokee before 1.2.99 uses time and PID values for seeding of a random number generator, which makes it easier for local users to determine admin passwords via a brute-force attack.
2674 CVE-2011-2176 287 Bypass 2011-09-02 2012-01-18
2.1
None Local Low Not required None Partial None
GNOME NetworkManager before 0.8.6 does not properly enforce the auth_admin element in PolicyKit, which allows local users to bypass intended wireless network sharing restrictions via unspecified vectors.
2675 CVE-2011-2146 200 +Info 2011-06-06 2017-08-28
2.1
None Local Low Not required Partial None None
mount.vmhgfs in the VMware Host Guest File System (HGFS) in VMware Workstation 7.1.x before 7.1.4, VMware Player 3.1.x before 3.1.4, VMware Fusion 3.1.x before 3.1.3, VMware ESXi 3.5 through 4.1, and VMware ESX 3.0.3 through 4.1 allows guest OS users to determine the existence of host OS files and directories via unspecified vectors.
2676 CVE-2011-1945 310 2011-05-31 2013-06-05
2.6
None Remote High Not required Partial None None
The elliptic curve cryptography (ECC) subsystem in OpenSSL 1.0.0d and earlier, when the Elliptic Curve Digital Signature Algorithm (ECDSA) is used for the ECDHE_ECDSA cipher suite, does not properly implement curves over binary fields, which makes it easier for context-dependent attackers to determine private keys via a timing attack and a lattice calculation.
2677 CVE-2011-1943 200 +Info 2011-06-14 2017-08-16
2.1
None Local Low Not required Partial None None
The destroy_one_secret function in nm-setting-vpn.c in libnm-util in the NetworkManager package 0.8.999-3.git20110526 in Fedora 15 creates a log entry containing a certificate password, which allows local users to obtain sensitive information by reading a log file.
2678 CVE-2011-1886 2011-07-13 2018-10-12
2.1
None Local Low Not required Partial None None
win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP3 does not properly validate the arguments to functions, which allows local users to read arbitrary data from kernel memory via a crafted application that triggers a NULL pointer dereference, aka "Win32k Incorrect Parameter Validation Allows Information Disclosure Vulnerability."
2679 CVE-2011-1840 310 +Info 2011-05-13 2011-09-21
2.1
None Local Low Not required Partial None None
The MartiniCreations PassmanLite Password Manager application before 1.48 for Android stores the master password and unspecified other account information in cleartext, which allows local users to obtain sensitive information by leveraging shell access.
2680 CVE-2011-1834 264 DoS Bypass 2014-02-15 2014-03-07
2.1
None Local Low Not required None None Partial
utils/mount.ecryptfs_private.c in ecryptfs-utils before 90 does not properly maintain the mtab file during error conditions, which allows local users to cause a denial of service (table corruption) or bypass intended unmounting restrictions via a umount system call.
2681 CVE-2011-1832 264 2014-02-15 2014-03-07
2.1
None Local Low Not required None None Partial
utils/mount.ecryptfs_private.c in ecryptfs-utils before 90 does not properly check mountpoint permissions, which allows local users to remove directories via a umount system call.
2682 CVE-2011-1828 264 2011-05-16 2017-08-16
2.1
None Local Low Not required None Partial None
usb-creator-helper in usb-creator before 0.2.28.3 does not enforce intended PolicyKit restrictions, which allows local users to perform arbitrary unmount operations via the UnmountFile method in a dbus-send command.
2683 CVE-2011-1822 255 +Info 2011-04-21 2011-04-21
2.1
None Local Low Not required Partial None None
The LDAP_ADD implementation in IBM Tivoli Directory Server (TDS) 5.2 before 5.2.0.5-TIV-ITDS-IF0009 stores a cleartext SHA password in the change log, which might allow local users to obtain sensitive information by reading this log.
2684 CVE-2011-1788 200 +Info 2011-05-09 2017-08-16
2.1
None Local Low Not required Partial None None
vCenter Server in VMware vCenter 4.0 before Update 3 and 4.1 before Update 1 allows local users to discover the SOAP session ID via unspecified vectors.
2685 CVE-2011-1772 79 XSS 2011-05-13 2012-01-18
2.6
None Remote High Not required None Partial None
Multiple cross-site scripting (XSS) vulnerabilities in XWork in Apache Struts 2.x before 2.2.3, and OpenSymphony XWork in OpenSymphony WebWork, allow remote attackers to inject arbitrary web script or HTML via vectors involving (1) an action name, (2) the action attribute of an s:submit element, or (3) the method attribute of an s:submit element.
2686 CVE-2011-1742 310 +Info 2011-08-01 2018-10-09
2.1
None Local Low Not required Partial None None
EMC Data Protection Advisor before 5.8.1 places cleartext account credentials in the DPA configuration file in unspecified circumstances, which might allow local users to obtain sensitive information by reading this file.
2687 CVE-2011-1717 264 2011-04-18 2011-05-11
2.1
None Local Low Not required Partial None None
Skype for Android stores sensitive user data without encryption in sqlite3 databases that have weak permissions, which allows local applications to read user IDs, contacts, phone numbers, date of birth, instant message logs, and other private information.
2688 CVE-2011-1500 264 2011-04-13 2017-08-16
2.1
None Local Low Not required Partial None None
PreferencesPithosDialog.py in Pithos 0.3.7 does not properly restrict permissions for the .config/pithos.ini file in a user's home directory, which allows local users to obtain Pandora credentials by reading this file.
2689 CVE-2011-1499 16 2011-04-29 2017-08-16
2.6
None Remote High Not required None Partial None
acl.c in Tinyproxy before 1.8.3, when an Allow configuration setting specifies a CIDR block, permits TCP connections from all IP addresses, which makes it easier for remote attackers to hide the origin of web traffic by leveraging the open HTTP proxy server.
2690 CVE-2011-1356 200 +Info 2011-07-19 2017-08-16
2.1
None Local Low Not required Partial None None
IBM WebSphere Application Server (WAS) 6.1 before 6.1.0.39 and 7.0 before 7.0.0.19 allows local users to obtain sensitive stack-trace information via a crafted Administration Console request.
2691 CVE-2011-1327 310 +Info 2011-05-20 2011-05-24
2.1
None Local Low Not required Partial None None
The Keystroke Encryption feature in Trend Micro Internet Security 2009 (aka Virus Buster 2009 and PC-cillin 2009) does not completely encrypt passwords, which allows local users to obtain sensitive information by leveraging a keylogger.
2692 CVE-2011-1307 264 2011-03-08 2011-04-21
2.1
None Local Low Not required Partial None None
The installer in IBM WebSphere Application Server (WAS) before 7.0.0.15 uses 777 permissions for a temporary log directory, which allows local users to have unintended access to log files via standard filesystem operations, a different vulnerability than CVE-2009-1173.
2693 CVE-2011-1172 200 +Info 2011-06-22 2015-10-05
2.1
None Local Low Not required Partial None None
net/ipv6/netfilter/ip6_tables.c in the IPv6 implementation in the Linux kernel before 2.6.39 does not place the expected '\0' character at the end of string data in the values of certain structure members, which allows local users to obtain potentially sensitive information from kernel memory by leveraging the CAP_NET_ADMIN capability to issue a crafted request, and then reading the argument to the resulting modprobe process.
2694 CVE-2011-1171 200 +Info 2011-06-22 2015-10-05
2.1
None Local Low Not required Partial None None
net/ipv4/netfilter/ip_tables.c in the IPv4 implementation in the Linux kernel before 2.6.39 does not place the expected '\0' character at the end of string data in the values of certain structure members, which allows local users to obtain potentially sensitive information from kernel memory by leveraging the CAP_NET_ADMIN capability to issue a crafted request, and then reading the argument to the resulting modprobe process.
2695 CVE-2011-1170 200 +Info 2011-06-22 2015-10-05
2.1
None Local Low Not required Partial None None
net/ipv4/netfilter/arp_tables.c in the IPv4 implementation in the Linux kernel before 2.6.39 does not place the expected '\0' character at the end of string data in the values of certain structure members, which allows local users to obtain potentially sensitive information from kernel memory by leveraging the CAP_NET_ADMIN capability to issue a crafted request, and then reading the argument to the resulting modprobe process.
2696 CVE-2011-1163 20 +Info 2011-04-09 2015-05-11
2.1
None Local Low Not required Partial None None
The osf_partition function in fs/partitions/osf.c in the Linux kernel before 2.6.38 does not properly handle an invalid number of partitions, which might allow local users to obtain potentially sensitive information from kernel heap memory via vectors related to partition-table parsing.
2697 CVE-2011-1162 200 +Info 2012-01-27 2012-03-19
2.1
None Local Low Not required Partial None None
The tpm_read function in the Linux kernel 2.6 does not properly clear memory, which might allow local users to read the results of the previous TPM command.
2698 CVE-2011-1160 200 +Info 2012-06-21 2012-06-26
2.1
None Local Low Not required Partial None None
The tpm_open function in drivers/char/tpm/tpm.c in the Linux kernel before 2.6.39 does not initialize a certain buffer, which allows local users to obtain potentially sensitive information from kernel memory via unspecified vectors.
2699 CVE-2011-1159 20 DoS 2011-10-04 2012-05-14
2.1
None Local Low Not required None None Partial
acpid.c in acpid before 2.0.9 does not properly handle a situation in which a process has connected to acpid.socket but is not reading any data, which allows local users to cause a denial of service (daemon hang) via a crafted application that performs a connect system call but no read system calls.
2700 CVE-2011-1080 20 +Info 2012-06-21 2015-05-05
2.1
None Local Low Not required Partial None None
The do_replace function in net/bridge/netfilter/ebtables.c in the Linux kernel before 2.6.39 does not ensure that a certain name field ends with a '\0' character, which allows local users to obtain potentially sensitive information from kernel stack memory by leveraging the CAP_NET_ADMIN capability to replace a table, and then reading a modprobe command line.
Total number of vulnerabilities : 4561   Page : 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 (This Page)55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.