Vulnerabilities (CVE)

Filtered by CWE-16
Total 272 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2007-6199 2 Rsync, Slackware 2 Rsync, Slackware Linux 2025-04-09 9.3 HIGH N/A
rsync before 3.0.0pre6, when running a writable rsync daemon that is not using chroot, allows remote attackers to access restricted files via unknown vectors that cause rsync to create a symlink that points outside of the module's hierarchy.
CVE-2009-1306 1 Mozilla 3 Firefox, Seamonkey, Thunderbird 2025-04-09 4.3 MEDIUM N/A
The jar: URI implementation in Mozilla Firefox before 3.0.9, Thunderbird, and SeaMonkey does not follow the Content-Disposition header of the inner URI, which allows remote attackers to conduct cross-site scripting (XSS) attacks and possibly other attacks via an uploaded .jar file with a "Content-Disposition: attachment" designation.
CVE-2008-5109 1 Adobe 1 Flash Media Server 2025-04-09 5.0 MEDIUM N/A
The default configuration of Adobe Flash Media Server (FMS) 3.0 does not enable SWF Verification for (1) RTMPE and (2) RTMPTE sessions, which makes it easier for remote attackers to make copies of video content via stream-capture software.
CVE-2008-1199 1 Dovecot 1 Dovecot 2025-04-09 4.4 MEDIUM N/A
Dovecot before 1.0.11, when configured to use mail_extra_groups to allow Dovecot to create dotlocks in /var/mail, might allow local users to read sensitive mail files for other users, or modify files or directories that are writable by group, via a symlink attack.
CVE-2009-1184 1 Linux 1 Linux Kernel 2025-04-09 4.4 MEDIUM N/A
The selinux_ip_postroute_iptables_compat function in security/selinux/hooks.c in the SELinux subsystem in the Linux kernel before 2.6.27.22, and 2.6.28.x before 2.6.28.10, when compat_net is enabled, omits calls to avc_has_perm for the (1) node and (2) port, which allows local users to bypass intended restrictions on network traffic. NOTE: this was incorrectly reported as an issue fixed in 2.6.27.21.
CVE-2009-3376 1 Mozilla 2 Firefox, Seamonkey 2025-04-09 9.3 HIGH N/A
Mozilla Firefox before 3.0.15 and 3.5.x before 3.5.4, and SeaMonkey before 2.0, does not properly handle a right-to-left override (aka RLO or U+202E) Unicode character in a download filename, which allows remote attackers to spoof file extensions via a crafted filename, as demonstrated by displaying a non-executable extension for an executable file.
CVE-2009-3746 1 Sun 1 Solaris 2025-04-09 1.9 LOW N/A
XScreenSaver in Sun Solaris 10, when the accessibility feature is enabled, allows physically proximate attackers to obtain sensitive information by reading popup windows, which are displayed even when the screen is locked, a different vulnerability than CVE-2009-1276 and CVE-2009-2711.
CVE-2007-1184 1 Web-app.org 1 Webapp 2025-04-09 5.0 MEDIUM N/A
The default configuration of WebAPP before 0.9.9.5 has a CAPTCHA setting of "no," which makes it easier for automated programs to submit false data.
CVE-2009-1093 1 Sun 3 Jdk, Jre, Sdk 2025-04-09 5.0 MEDIUM N/A
LdapCtx in the LDAP service in Java SE Development Kit (JDK) and Java Runtime Environment (JRE) 5.0 Update 17 and earlier; 6 Update 12 and earlier; SDK and JRE 1.3.1_24 and earlier; and 1.4.2_19 and earlier does not close the connection when initialization fails, which allows remote attackers to cause a denial of service (LDAP service hang).
CVE-2008-2366 2 Openoffice, Redhat 2 Openoffice, Enterprise Linux 2025-04-09 4.4 MEDIUM N/A
Untrusted search path vulnerability in a certain Red Hat build script for OpenOffice.org (OOo) 1.1.x on Red Hat Enterprise Linux (RHEL) 3 and 4 allows local users to gain privileges via a malicious library in the current working directory, related to incorrect quoting of the ORIGIN symbol for use in the RPATH library path.
CVE-2009-1648 1 Suse 1 Suse Linux 2025-04-09 7.5 HIGH N/A
The YaST2 LDAP module in yast2-ldap-server on SUSE Linux Enterprise Server 11 (aka SLE11) does not enable the firewall in certain circumstances involving reboots during online updates, which makes it easier for remote attackers to access network services.
CVE-2008-1525 1 Zyxel 3 Prestige 660, Prestige 661, Zynos 2025-04-09 5.0 MEDIUM N/A
The default SNMP configuration on ZyXEL Prestige routers, including P-660 and P-661 models with firmware 3.40(AGD.2) through 3.40(AHQ.3), has a Trusted Host value of 0.0.0.0, which allows remote attackers to send SNMP requests from any source IP address.
CVE-2009-1072 8 Canonical, Debian, Linux and 5 more 13 Ubuntu Linux, Debian Linux, Linux Kernel and 10 more 2025-04-09 4.9 MEDIUM N/A
nfsd in the Linux kernel before 2.6.28.9 does not drop the CAP_MKNOD capability before handling a user request in a thread, which allows local users to create device nodes, as demonstrated on a filesystem that has been exported with the root_squash option.
CVE-2008-3177 1 Sophos 5 Email Appliance, Es1000, Es4000 and 2 more 2025-04-09 5.0 MEDIUM N/A
Sophos virus detection engine 2.75 on Linux and Unix, as used in Sophos Email Appliance, Pure Message for Unix, and Sophos Anti-Virus Interface (SAVI), allows remote attackers to cause a denial of service (engine crash) via zero-length MIME attachments.
CVE-2007-5071 1 Alexander Palmo 1 Simple Php Blog 2025-04-09 7.5 HIGH N/A
Incomplete blacklist vulnerability in upload_img_cgi.php in Simple PHP Blog before 0.5.1 allows remote attackers to upload dangerous files and execute arbitrary code, as demonstrated by a filename ending in .php. or a .htaccess file, a different vector than CVE-2005-2733. NOTE: the vulnerability was also present in a 0.5.1 download available in the early morning of 20070923. NOTE: the original 20070920 disclosure provided an incorrect filename, img_upload_cgi.php.
CVE-2009-0144 1 Apple 2 Mac Os X, Mac Os X Server 2025-04-09 4.3 MEDIUM N/A
CFNetwork in Apple Mac OS X 10.5 before 10.5.7 does not properly parse noncompliant Set-Cookie headers, which allows remote attackers to obtain sensitive information by sniffing the network for "secure cookies" that are sent over unencrypted HTTP connections.
CVE-2008-0128 1 Apache 1 Tomcat 2025-04-09 5.0 MEDIUM N/A
The SingleSignOn Valve (org.apache.catalina.authenticator.SingleSignOn) in Apache Tomcat before 5.5.21 does not set the secure flag for the JSESSIONIDSSO cookie in an https session, which can cause the cookie to be sent in http requests and make it easier for remote attackers to capture this cookie.
CVE-2007-6676 1 Uber Uploader 1 Uber Uploader 2025-04-09 5.0 MEDIUM N/A
The default configuration of Uber Uploader (UU) 5.3.6 and earlier does not block uploads of (1) .html, (2) .asp, and other possibly dangerous extensions, which allows remote attackers to use these extensions in uploads via (a) uu_file_upload.php, related to uu_file_upload.js and (b) uber_uploader_file.php, related to uber_uploader_file.js, a different issue than CVE-2007-0123. NOTE: the vendor disputes the severity of the issue, noting that it is the administrator's responsibility to "add file extensions that you may or may not want uploaded."
CVE-2007-6723 3 Anonymityanywhere, Apple, Microsoft 3 Tork, Mac Os X, Windows 2025-04-09 4.3 MEDIUM N/A
TorK before 0.22, when running on Windows and Mac OS X, installs Privoxy with a configuration file (config.txt or config) that contains insecure (1) enable-remote-toggle and (2) enable-edit-actions settings, which allows remote attackers to bypass intended access restrictions and modify configuration.
CVE-2007-3759 1 Apple 3 Iphone, Iphone Os, Safari 2025-04-09 6.8 MEDIUM N/A
Safari in Apple iPhone 1.1.1, when requested to disable Javascript, does not disable it until Safari is restarted, which might leave Safari open to attacks that the user does not expect.