Page 26 of 289 results (0.010 seconds)

CVSS: 4.6EPSS: 0%CPEs: 28EXPL: 0

The KDE screen saver in KDE before 3.0.5 does not properly check the return value from a certain function call, which allows attackers with physical access to cause a crash and access the desktop session. • http://www.debian.org/security/2005/dsa-660 http://www.redhat.com/support/errata/RHSA-2005-009.html https://exchange.xforce.ibmcloud.com/vulnerabilities/19084 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9260 https://access.redhat.com/security/cve/CVE-2005-0078 https://bugzilla.redhat.com/show_bug.cgi?id=1617445 •

CVSS: 2.1EPSS: 0%CPEs: 7EXPL: 0

The DBI library (libdbi-perl) for Perl allows local users to overwrite arbitrary files via a symlink attack on a temporary PID file. • http://marc.info/?l=bugtraq&m=110667936707597&w=2 http://secunia.com/advisories/14015 http://secunia.com/advisories/14050 http://securitytracker.com/id?1013007 http://www.debian.org/security/2005/dsa-658 http://www.gentoo.org/security/en/glsa/glsa-200501-38.xml http://www.mandriva.com/security/advisories?name=MDKSA-2005:030 http://www.redhat.com/support/errata/RHSA-2005-072.html http://www.securityfocus.com/archive/1/426530/30/6600/threaded http://www.securityfocus •

CVSS: 2.1EPSS: 0%CPEs: 12EXPL: 0

Debian GNU/Linux 3.0 installs the libpam-radius-auth package with the pam_radius_auth.conf set to be world-readable, which allows local users to obtain sensitive information. • http://secunia.com/advisories/14046 http://securitytracker.com/id?1013030 http://www.debian.org/security/2005/dsa-659 https://exchange.xforce.ibmcloud.com/vulnerabilities/19087 •

CVSS: 9.8EPSS: 0%CPEs: 2EXPL: 0

Integer overflow in camel-lock-helper in Evolution 2.0.2 and earlier allows local users or remote malicious POP3 servers to execute arbitrary code via a length value of -1, which leads to a zero byte memory allocation and a buffer overflow. • http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000925 http://secunia.com/advisories/13830 http://security.gentoo.org/glsa/glsa-200501-35.xml http://securitytracker.com/id?1012981 http://www.debian.org/security/2005/dsa-673 http://www.mandriva.com/security/advisories?name=MDKSA-2005:024 http://www.redhat.com/support/errata/RHSA-2005-238.html http://www.redhat.com/support/errata/RHSA-2005-397.html http://www.securityfocus.com/bid/12354 https://exchange.xforce. • CWE-190: Integer Overflow or Wraparound •

CVSS: 4.6EPSS: 0%CPEs: 5EXPL: 0

The mysqlaccess script in MySQL 4.0.23 and earlier, 4.1.x before 4.1.10, 5.0.x before 5.0.3, and other versions including 3.x, allows local users to overwrite arbitrary files or read temporary files via a symlink attack on temporary files. El script mysqlaccess de MySQL 4.0.23 y anteriores, 4.1.x anteriores a 4.1.10, 5.0.x anteriores a 5.0.3, y otras versiones incluyendo 3.x permite a usuarios locales sobreescribir ficheros arbitrariamente o leer ficheros temporales mediante un enlace de enlaces simbólicos (symlink) en ficheros temporales. • http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000947 http://lists.mysql.com/internals/20600 http://marc.info/?l=bugtraq&m=110608297217224&w=2 http://mysql.osuosl.org/doc/mysql/en/News-4.1.10.html http://secunia.com/advisories/13867 http://sunsolve.sun.com/search/document.do?assetkey=1-26-101864-1 http://www.debian.org/security/2005/dsa-647 http://www.mandriva.com/security/advisories?name=MDKSA-2005:036 http://www.securityfocus.com/bid/12277 https:&#x • CWE-59: Improper Link Resolution Before File Access ('Link Following') •