CVE List
Id | CVE No. | Status | Description | Phase | Votes | Comments | Actions |
---|---|---|---|---|---|---|---|
41468 | CVE-2009-4033 | Candidate | A certain Red Hat patch for acpid 1.0.4 effectively triggers a call to the open function with insufficient arguments, which might allow local users to leverage weak permissions on /var/log/acpid, and obtain sensitive information by reading this file, cause a denial of service by overwriting this file, or gain privileges by executing this file. | Assigned (20091120) | None (candidate not yet proposed) | View | |
41724 | CVE-2009-4289 | Candidate | ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided. | Assigned (20091210) | None (candidate not yet proposed) | View | |
41980 | CVE-2009-4545 | Candidate | Logoshows BBS 2.0 stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a database via a direct request for database/globepersonnel.mdb. | Assigned (20100104) | None (candidate not yet proposed) | View | |
42236 | CVE-2009-4801 | Candidate | EZ-Blog Beta 1 does not require authentication, which allows remote attackers to create or delete arbitrary posts via requests to PHP scripts. | Assigned (20100423) | None (candidate not yet proposed) | View | |
42492 | CVE-2009-5057 | Candidate | The S/MIME feature in Open Ticket Request System (OTRS) before 2.3.4 does not configure the RANDFILE and HOME environment variables for OpenSSL, which might make it easier for remote attackers to decrypt e-mail messages that had lower than intended entropy available for cryptographic operations, related to inability to write to the seeding file. | Assigned (20110318) | None (candidate not yet proposed) | View |
Page 20076 of 20943, showing 5 records out of 104715 total, starting on record 100376, ending on 100380