Filtered by CWE-20
Filtered by vendor Subscriptions
Total 12366 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2011-3477 1 Symantec 4 Backup Exec System Recovery, Norton 360, Norton Ghost and 1 more 2024-11-21 N/A
GEAR Software CD DVD Filter driver (aka GEARAspiWDM.sys), as used in Symantec Backup Exec System Recovery 8.5 and BESR 2010, Symantec System Recovery 2011, Norton 360, and Norton Ghost, allows local users to cause a denial of service (system crash) via unspecified vectors.
CVE-2011-3203 1 Jcow 1 Jcow Cms 2024-11-21 9.8 Critical
A Code Execution vulnerability exists the attachment parameter to index.php in Jcow CMS 4.x to 4.2 and 5.2 to 5.2.
CVE-2011-2922 1 Ktsuss Project 1 Ktsuss 2024-11-21 7.8 High
ktsuss versions 1.4 and prior spawns the GTK interface to run as root. This can allow a local attacker to escalate privileges to root and use the "GTK_MODULES" environment variable to possibly execute arbitrary code.
CVE-2011-2902 2 Debian, Glyphandcog 2 Debian Linux, Xpdf 2024-11-21 N/A
zxpdf in xpdf before 3.02-19 as packaged in Debian unstable and 3.02-12+squeeze1 as packaged in Debian squeeze deletes temporary files insecurely, which allows remote attackers to delete arbitrary files via a crafted .pdf.gz file name.
CVE-2011-2897 3 Debian, Gnome, Redhat 3 Debian Linux, Gdk-pixbuf, Enterprise Linux 2024-11-21 9.8 Critical
gdk-pixbuf through 2.31.1 has GIF loader buffer overflow when initializing decompression tables due to an input validation flaw
CVE-2011-2808 1 Google 1 Blink 2024-11-21 6.5 Medium
A stale layout root is set as an input element in WebKit in Google Chrome before Blink M13 when a child of a keygen with autofocus is accessed.
CVE-2011-1028 2 Debian, Smarty 2 Debian Linux, Smarty 2024-11-21 9.8 Critical
The $smarty.template variable in Smarty3 allows attackers to possibly execute arbitrary PHP code via the sysplugins/smarty_internal_compile_private_special_variable.php file.
CVE-2011-0704 1 Fedoraproject 1 389 Directory Server 2024-11-21 N/A
389 Directory Server 1.2.7.5, when built with mozldap, allows remote attackers to cause a denial of service (replica crash) by sending an empty modify request.
CVE-2011-0703 2 Debian, Gksu-polkit Project 2 Debian Linux, Gksu-polkit 2024-11-21 9.8 Critical
In gksu-polkit before 0.0.3, the source file for xauth may contain arbitrary commands that may allow an attacker to overtake an administrator X11 session.
CVE-2011-0529 2 Debian, Weborf Project 2 Debian Linux, Weborf 2024-11-21 7.5 High
Weborf before 0.12.5 is affected by a Denial of Service (DOS) due to malformed fields in HTTP.
CVE-2011-0220 1 Apple 1 Bonjour 2024-11-21 5.5 Medium
Apple Bonjour before 2011 allows a crash via a crafted multicast DNS packet.
CVE-2010-4815 1 Coppermine-gallery 1 Coppermine Gallery 2024-11-21 9.8 Critical
Coppermine gallery before 1.4.26 has an input validation vulnerability that allows for code execution.
CVE-2010-4660 1 Status 1 Statusnet 2024-11-21 9.8 Critical
Unspecified vulnerability in statusnet through 2010 due to the way addslashes are used in SQL string escapes..
CVE-2010-4239 1 Tiki 1 Tikiwiki Cms\/groupware 2024-11-21 9.8 Critical
Tiki Wiki CMS Groupware 5.2 has Local File Inclusion
CVE-2010-3667 1 Typo3 1 Typo3 2024-11-21 5.3 Medium
TYPO3 before 4.1.14, 4.2.x before 4.2.13, 4.3.x before 4.3.4 and 4.4.x before 4.4.1 allows Spam Abuse in the native form content element.
CVE-2010-3439 3 Cor-entertainment, Debian, Fedoraproject 3 Alien-arena, Debian Linux, Fedora 2024-11-21 6.5 Medium
It is possible to cause a DoS condition by causing the server to crash in alien-arena 7.33 by supplying various invalid parameters to the download command.
CVE-2010-3375 1 Qtparted Project 1 Qtparted 2024-11-21 9.8 Critical
qtparted has insecure library loading which may allow arbitrary code execution
CVE-2010-3373 2 Debian, Grsecurity 2 Debian Linux, Paxtest 2024-11-21 5.5 Medium
paxtest handles temporary files insecurely
CVE-2010-3359 2 Debian, Gargoyle Project 2 Debian Linux, Gargoyle 2024-11-21 4.8 Medium
If LD_LIBRARY_PATH is undefined in gargoyle-free before 2009-08-25, the variable will point to the current directory. This can allow a local user to trick another user into running gargoyle in a directory with a cracked libgarglk.so and gain access to the user's account.
CVE-2010-3293 1 Mailscanner 1 Mailscanner 2024-11-21 5.5 Medium
mailscanner can allow local users to prevent virus signatures from being updated