CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0CVE-2016-1925 – Gentoo Linux Security Advisory 202007-42
https://notcve.org/view.php?id=CVE-2016-1925
23 Jan 2017 — Integer underflow in header.c in lha allows remote attackers to have unspecified impact via a large header size value for the (1) level0 or (2) level1 header in a lha archive, which triggers a buffer overflow. Desbordamiento inferior de entero en header.c en lha permite a atacantes remotos tener un impacto no especificado a través de un valor de tamaño de encabezado grande para la cabecera (1) level0 o (2) level1 en un archivo lha, lo que desencadena un desbordamiento de búfer. LHa has a buffer overflow in ... • http://www.openwall.com/lists/oss-security/2016/01/18/3 • CWE-191: Integer Underflow (Wrap or Wraparound) •
CVSS: 7.1EPSS: 0%CPEs: 170EXPL: 0CVE-2012-6472 – Gentoo Linux Security Advisory 201406-14
https://notcve.org/view.php?id=CVE-2012-6472
02 Jan 2013 — Opera before 12.12 on UNIX uses weak permissions for the profile directory, which allows local users to obtain sensitive information by reading a (1) cache file, (2) password file, or (3) configuration file, or (4) possibly gain privileges by modifying or overwriting a configuration file. Opera antes de v12.12 en UNIX utiliza permisos débiles para el directorio de perfiles, lo que permite a usuarios locales obtener información sensible mediante (1) la lectura de un archivo de caché, (2) el archivo de contra... • http://www.opera.com/docs/changelogs/unified/1212 • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 5.5EPSS: 0%CPEs: 124EXPL: 0CVE-2012-1930
https://notcve.org/view.php?id=CVE-2012-1930
28 Mar 2012 — Opera before 11.62 on UNIX uses world-readable permissions for temporary files during printing, which allows local users to obtain sensitive information by reading these files. Opera antes de v11.62 en UNIX asigna permisos de lectura para todo el mundo a los archivos temporales durante la impresión, lo que permite a usuarios locales obtener información sensible mediante la lectura de estos archivos. • http://lists.opensuse.org/opensuse-security-announce/2012-05/msg00012.html • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 5.5EPSS: 0%CPEs: 124EXPL: 0CVE-2012-1931
https://notcve.org/view.php?id=CVE-2012-1931
28 Mar 2012 — Opera before 11.62 on UNIX, when used in conjunction with an unspecified printing application, allows local users to overwrite arbitrary files via a symlink attack on a temporary file during printing. Opera antes de v11.62 en UNIX, cuando se utiliza junto con una aplicación de impresión no se especificada, permite a usuarios locales sobreescribir ficheros arbitrarios mediante un ataque de enlace simbólico en un archivo temporal durante la impresión. • http://lists.opensuse.org/opensuse-security-announce/2012-05/msg00012.html • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 10.0EPSS: 12%CPEs: 53EXPL: 0CVE-2011-4369 – acroread: unspecified vulnerability in PRC component (APSB11-30)
https://notcve.org/view.php?id=CVE-2011-4369
16 Dec 2011 — Unspecified vulnerability in the PRC component in Adobe Reader and Acrobat 9.x before 9.4.7 on Windows, Adobe Reader and Acrobat 9.x through 9.4.6 on Mac OS X, Adobe Reader and Acrobat 10.x through 10.1.1 on Windows and Mac OS X, and Adobe Reader 9.x through 9.4.6 on UNIX allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via unknown vectors, as exploited in the wild in December 2011. Vulnerabilidad sin especificar en el componente PRC de Adobe Reader y Acroba... • http://lists.opensuse.org/opensuse-security-announce/2012-01/msg00019.html •
CVSS: 7.5EPSS: 6%CPEs: 2EXPL: 0CVE-2010-2791 – httpd: Reverse proxy sends wrong responses after time-outs
https://notcve.org/view.php?id=CVE-2010-2791
05 Aug 2010 — mod_proxy in httpd in Apache HTTP Server 2.2.9, when running on Unix, does not close the backend connection if a timeout occurs when reading a response from a persistent connection, which allows remote attackers to obtain a potentially sensitive response intended for a different client in opportunistic circumstances via a normal HTTP request. NOTE: this is the same issue as CVE-2010-2068, but for a different OS and set of affected versions. mod_proxy en httpd del servidor HTTP Apache v2.2.9, cuando se ejecu... • http://www.mandriva.com/security/advisories?name=MDVSA-2013:150 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 6.5EPSS: 0%CPEs: 238EXPL: 0CVE-2010-2659
https://notcve.org/view.php?id=CVE-2010-2659
07 Jul 2010 — Opera before 10.50 on Windows, before 10.52 on Mac OS X, and before 10.60 on UNIX platforms makes widget properties accessible to third-party domains, which allows remote attackers to obtain potentially sensitive information via a crafted web site. Opera anterior a v10.50 en Windows, anterior a v10.52 en Mac OS X, y anterior a v10.60 en plataformas UNIX hace accesibles las propiedades de los widges a dominios de terceros, lo cual permite a los atacantes remotos obtener información potencialmente sensible a ... • http://www.opera.com/docs/changelogs/mac/1052 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 7.5EPSS: 1%CPEs: 243EXPL: 0CVE-2010-2660
https://notcve.org/view.php?id=CVE-2010-2660
07 Jul 2010 — Opera before 10.54 on Windows and Mac OS X, and before 10.60 on UNIX platforms, does not properly restrict certain uses of homograph characters in domain names, which makes it easier for remote attackers to spoof IDN domains via unspecified choices of characters. Opera anterior a v10.54 en Windows y Mac OS X, y anterior a v10.60 en las plataformas UNIX, no limita propiamente determinados usos de los caracteres en los nombres de dominio homógrafos, lo cual facilita a los atacantes remotos suplantar dominios ... • http://secunia.com/advisories/40250 • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 7.5EPSS: 1%CPEs: 243EXPL: 0CVE-2010-2661
https://notcve.org/view.php?id=CVE-2010-2661
07 Jul 2010 — Opera before 10.54 on Windows and Mac OS X, and before 10.60 on UNIX platforms, does not properly restrict access to the full pathname of a file selected for upload, which allows remote attackers to obtain potentially sensitive information via unspecified DOM manipulations. Opera anterior a v10.54 en Windows y Mac OS X, y anterior a v10.60 en las plataformas UNIX, no restringe adecuadamente el acceso a la ruta completa de un archivo seleccionado para la carga, lo cual permite a atacantes remotos obtener inf... • http://secunia.com/advisories/40250 • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 6.1EPSS: 0%CPEs: 240EXPL: 0CVE-2010-2665
https://notcve.org/view.php?id=CVE-2010-2665
07 Jul 2010 — Cross-site scripting (XSS) vulnerability in Opera before 10.54 on Windows and Mac OS X, and before 10.11 on UNIX platforms, allows remote attackers to inject arbitrary web script or HTML via a data: URI, related to incorrect detection of the "opening site." Vulnerabilidad de ejecución de secuencias de comandos en sitios cruzados (XSS) en Opera anterior a v10.54 en Windows y Mac OS X, y anterior a v10.11 en las plataformas UNIX, permite a atacantes remotos inyectar secuencias de comandos web o HTML a través ... • http://secunia.com/advisories/40250 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •