CVE List

Id CVE No. Status Description Phase Votes Comments Actions
47114  CVE-2010-4530  Candidate  Signedness error in ccid_serial.c in libccid in the USB Chip/Smart Card Interface Devices (CCID) driver, as used in pcscd in PCSC-Lite 1.5.3 and possibly other products, allows physically proximate attackers to execute arbitrary code via a smart card with a crafted serial number that causes a negative value to be used in a memcpy operation, which triggers a buffer overflow. NOTE: some sources refer to this issue as an integer overflow.  Assigned (20101209)  None (candidate not yet proposed)    View
47370  CVE-2010-4786  Candidate  IBM Tivoli Directory Server (TDS) 6.0 before 6.0.0.63 (aka 6.0.0.8-TIV-ITDS-IF0005) allows remote authenticated users to cause a denial of service (daemon crash or hang) via a paged search, as demonstrated by a certain idsldapsearch command, related to an improper ibm-slapdIdleTimeOut configuration setting.  Assigned (20110420)  None (candidate not yet proposed)    View
47626  CVE-2010-5042  Candidate  Cross-site scripting (XSS) vulnerability in the DJ-ArtGallery (com_djartgallery) component 0.9.1 for Joomla! allows remote attackers to inject arbitrary web script or HTML via the cid[] parameter in an editItem action to administrator/index.php. NOTE: some of these details are obtained from third party information.  Assigned (20111102)  None (candidate not yet proposed)    View
47882  CVE-2010-5298  Candidate  Race condition in the ssl3_read_bytes function in s3_pkt.c in OpenSSL through 1.0.1g, when SSL_MODE_RELEASE_BUFFERS is enabled, allows remote attackers to inject data across sessions or cause a denial of service (use-after-free and parsing error) via an SSL connection in a multithreaded environment.  Assigned (20140414)  None (candidate not yet proposed)    View
48138  CVE-2011-0226  Candidate  Integer signedness error in psaux/t1decode.c in FreeType before 2.4.6, as used in CoreGraphics in Apple iOS before 4.2.9 and 4.3.x before 4.3.4 and other products, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted Type 1 font in a PDF document, as exploited in the wild in July 2011.  Assigned (20101223)  None (candidate not yet proposed)    View

Page 873 of 20943, showing 5 records out of 104715 total, starting on record 4361, ending on 4365

Actions