CVE-2010-0748
Transmission before 1.92 allows an attacker to cause a denial of service (crash) or possibly have other unspecified impact via a large number of tr arguments in a magnet link.
Source: CVE-2010-0748
[월:] 2019년 10월
CVE-2010-0749
CVE-2010-0749
Transmission before 1.92 allows attackers to prevent download of a file by corrupted data during the endgame.
Source: CVE-2010-0749
CVE-2010-0737
CVE-2010-0737
A missing permission check was found in The CLI in JBoss Operations Network before 2.3.1 does not properly check permissions, which allows JBoss ON users to perform management tasks and configuration changes with the privileges of the administrator user.
Source: CVE-2010-0737
CVE-2010-0747
CVE-2010-0747
drbd8 allows local users to bypass intended restrictions for certain actions via netlink packets, similar to CVE-2009-3725.
Source: CVE-2010-0747
CVE-2019-18635
CVE-2019-18635
An issue was discovered in Mooltipass Moolticute through v0.42.1 and v0.42.x-testing through v0.42.5-testing. There is a NULL pointer dereference in MPDevice_win.cpp.
Source: CVE-2019-18635
CVE-2019-12417
CVE-2019-12417
A malicious admin user could edit the state of objects in the Airflow metadata database to execute arbitrary javascript on certain page views. This also presented a Local File Disclosure vulnerability to any file readable by the webserver process.
Source: CVE-2019-12417
CVE-2019-10762
CVE-2019-10762
columnQuote in medoo before 1.7.5 allows remote attackers to perform a SQL Injection due to improper escaping.
Source: CVE-2019-10762
CVE-2019-18633
CVE-2019-18633
European Commission eIDAS-Node Integration Package before 2.3.1 has Missing Certificate Validation because a certain ExplicitKeyTrustEvaluator return value is not checked. NOTE: only 2.1 is confirmed to be affected.
Source: CVE-2019-18633
CVE-2019-18632
CVE-2019-18632
European Commission eIDAS-Node Integration Package before 2.3.1 allows Certificate Faking because an attacker can sign a manipulated SAML response with a forged certificate.
Source: CVE-2019-18632
CVE-2018-21029
CVE-2018-21029
systemd 239 through 243 accepts any certificate signed by a trusted certificate authority for DNS Over TLS. Server Name Indication (SNI) is not sent, and there is no hostname validation with the GnuTLS backend.
Source: CVE-2018-21029