Search Results (29948 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2010-3364 1 Vips 1 Vips 2025-04-11 N/A
The vips-7.22 script in VIPS 7.22.2 places a zero-length directory name in the LD_LIBRARY_PATH, which allows local users to gain privileges via a Trojan horse shared library in the current working directory.
CVE-2010-3365 1 Mistelix 1 Mistelix 2025-04-11 N/A
Mistelix 0.31 places a zero-length directory name in the LD_LIBRARY_PATH, which allows local users to gain privileges via a Trojan horse shared library in the current working directory.
CVE-2010-3366 1 Zeus.physik.uni-bonn 1 Mn Fit 2025-04-11 N/A
Mn_Fit 5.13 places a zero-length directory name in the LD_LIBRARY_PATH, which allows local users to gain privileges via a Trojan horse shared library in the current working directory.
CVE-2010-3369 1 Debian 1 Mono-debugger 2025-04-11 N/A
The (1) mdb and (2) mdb-symbolreader scripts in mono-debugger 2.4.3, and other versions before 2.8.1, place a zero-length directory name in the LD_LIBRARY_PATH, which allows local users to gain privileges via a Trojan horse shared library in the current working directory.
CVE-2010-3372 1 Nordugrid 1 Nordugrid-arc 2025-04-11 N/A
Untrusted search path vulnerability in NorduGrid Advanced Resource Connector (ARC) before 0.8.3 allows local users to gain privileges via vectors related to the LD_LIBRARY_PATH environment variable. NOTE: some of these details are obtained from third party information.
CVE-2010-3374 1 Nokia 1 Qt Creator 2025-04-11 N/A
Qt Creator before 2.0.1 places a zero-length directory name in the LD_LIBRARY_PATH, which allows local users to gain privileges via a Trojan horse shared library in the current working directory.
CVE-2010-3376 1 Root 1 Root 2025-04-11 N/A
The (1) proofserv, (2) xrdcp, (3) xrdpwdadmin, and (4) xrd scripts in ROOT 5.18/00 place a zero-length directory name in the LD_LIBRARY_PATH, which allows local users to gain privileges via a Trojan horse shared library in the current working directory.
CVE-2010-3377 1 Salome-platform 1 Salome 2025-04-11 N/A
The (1) runSalome, (2) runTestMedCorba, (3) runLightSalome, and (4) hxx2salome scripts in SALOME 5.1.3 place a zero-length directory name in the LD_LIBRARY_PATH, which allows local users to gain privileges via a Trojan horse shared library in the current working directory.
CVE-2010-3378 1 Scilab 1 Scilab 2025-04-11 N/A
The (1) scilab, (2) scilab-cli, and (3) scilab-adv-cli scripts in Scilab 5.2.2 place a zero-length directory name in the LD_LIBRARY_PATH, which allows local users to gain privileges via a Trojan horse shared library in the current working directory.
CVE-2010-3380 1 Llnl 1 Slurm 2025-04-11 N/A
The (1) init.d/slurm and (2) init.d/slurmdbd scripts in SLURM before 2.1.14 place the . (dot) directory in the LD_LIBRARY_PATH, which allows local users to gain privileges via a Trojan horse shared library in the current working directory.
CVE-2010-3381 1 Alex Launi 1 Tangerine 2025-04-11 N/A
The (1) tangerine and (2) tangerine-properties scripts in Tangerine 0.3.2.2 place a zero-length directory name in the LD_LIBRARY_PATH, which allows local users to gain privileges via a Trojan horse shared library in the current working directory.
CVE-2010-3382 1 Uoregon 1 Tau 2025-04-11 N/A
tauex in Tuning and Analysis Utilities (TAU) 2.16.4 places a zero-length directory name in the LD_LIBRARY_PATH, which allows local users to gain privileges via a Trojan horse shared library in the current working directory.
CVE-2013-0974 1 Apple 1 Iphone Os 2025-04-11 N/A
StoreKit in Apple iOS before 6.1 does not properly handle the disabling of JavaScript within the preferences configuration of Mobile Safari, which allows remote attackers to bypass intended access restrictions and execute JavaScript code via a web site with a Smart App Banner.
CVE-2010-3383 1 Teamspeak 1 Teamspeak 2025-04-11 N/A
The (1) teamspeak and (2) teamspeak-server scripts in TeamSpeak 2.0.32 place a zero-length directory name in the LD_LIBRARY_PATH, which allows local users to gain privileges via a Trojan horse shared library in the current working directory.
CVE-2010-3892 1 Ibm 1 Omnifind 2025-04-11 N/A
Session fixation vulnerability in the login form in the administrator interface in IBM OmniFind Enterprise Edition 8.x and 9.x allows remote attackers to hijack web sessions by replaying a session ID (aka SID) value.
CVE-2010-3900 1 Christian Dywan 1 Midori 2025-04-11 N/A
Midori before 0.2.5, when WebKitGTK+ before 1.1.14 or LibSoup before 2.29.91 is used, does not verify X.509 certificates, which allows man-in-the-middle attackers to spoof arbitrary https web sites via a crafted server certificate, a related issue to CVE-2010-3312.
CVE-2010-3914 1 Vim 1 Gvim 2025-04-11 N/A
Untrusted search path vulnerability in VIM Development Group GVim before 7.3.034, and possibly other versions before 7.3.46, allows local users, and possibly remote attackers, to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse User32.dll or other DLL that is located in the same folder as a .TXT file. NOTE: some of these details are obtained from third party information.
CVE-2010-3923 1 Mitsu Hiro Hi Rose 1 Attachecase 2025-04-11 N/A
Untrusted search path vulnerability in AttacheCase before 2.70 allows local users to gain privileges via a Trojan horse executable file in the current working directory.
CVE-2010-3927 1 Lunascape 1 Lunascape 2025-04-11 N/A
Untrusted search path vulnerability in Lunascape before 6.4.0 allows local users to gain privileges via a Trojan horse DLL in the current working directory.
CVE-2010-3928 1 Wayneeseguin 1 Ruby Version Manager 2025-04-11 N/A
Ruby Version Manager (RVM) before 1.2.1 writes file contents to a terminal without sanitizing non-printable characters, which might allow remote attackers to execute arbitrary commands via a crafted file, related to an "escape sequence injection vulnerability." NOTE: some of these details are obtained from third party information.