Export limit exceeded: 364840 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Search Results (29948 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2010-3380 1 Llnl 1 Slurm 2025-04-11 N/A
The (1) init.d/slurm and (2) init.d/slurmdbd scripts in SLURM before 2.1.14 place the . (dot) directory in the LD_LIBRARY_PATH, which allows local users to gain privileges via a Trojan horse shared library in the current working directory.
CVE-2010-3381 1 Alex Launi 1 Tangerine 2025-04-11 N/A
The (1) tangerine and (2) tangerine-properties scripts in Tangerine 0.3.2.2 place a zero-length directory name in the LD_LIBRARY_PATH, which allows local users to gain privileges via a Trojan horse shared library in the current working directory.
CVE-2010-3382 1 Uoregon 1 Tau 2025-04-11 N/A
tauex in Tuning and Analysis Utilities (TAU) 2.16.4 places a zero-length directory name in the LD_LIBRARY_PATH, which allows local users to gain privileges via a Trojan horse shared library in the current working directory.
CVE-2010-3383 1 Teamspeak 1 Teamspeak 2025-04-11 N/A
The (1) teamspeak and (2) teamspeak-server scripts in TeamSpeak 2.0.32 place a zero-length directory name in the LD_LIBRARY_PATH, which allows local users to gain privileges via a Trojan horse shared library in the current working directory.
CVE-2010-3384 1 Bernhard Wymann 1 Torcs 2025-04-11 N/A
The (1) torcs, (2) nfsperf, (3) accc, (4) texmapper, (5) trackgen, and (6) nfs2ac scripts in TORCS 1.3.1 place a zero-length directory name in the LD_LIBRARY_PATH, which allows local users to gain privileges via a Trojan horse shared library in the current working directory.
CVE-2010-3385 1 Herac 1 Tuxguitar 2025-04-11 N/A
TuxGuitar 1.2 places a zero-length directory name in the LD_LIBRARY_PATH, which allows local users to gain privileges via a Trojan horse shared library in the current working directory.
CVE-2010-3386 1 Lttng 1 Ust 2025-04-11 N/A
usttrace in LTTng Userspace Tracer (aka UST) 0.7 places a zero-length directory name in the LD_LIBRARY_PATH, which allows local users to gain privileges via a Trojan horse shared library in the current working directory.
CVE-2010-3387 1 Tvdr 1 Vdr 2025-04-11 N/A
vdrleaktest in Video Disk Recorder (VDR) 1.6.0 places a zero-length directory name in the LD_LIBRARY_PATH, which allows local users to gain privileges via a Trojan horse shared library in the current working directory. NOTE: a third party disputes this issue because the script erroneously uses a semicolon in a context where a colon was intended
CVE-2010-3389 2 Linux-ha, Redhat 3 Ocf Resource Agents, Enterprise Linux, Rhel Cluster 2025-04-11 N/A
The (1) SAPDatabase and (2) SAPInstance scripts in OCF Resource Agents (aka resource-agents or cluster-agents) 1.0.3 in Linux-HA place a zero-length directory name in the LD_LIBRARY_PATH, which allows local users to gain privileges via a Trojan horse shared library in the current working directory.
CVE-2010-3393 1 Ecmwf 1 Magics\+\+ 2025-04-11 N/A
magics-config in Magics++ 2.10.0 places a zero-length directory name in the LD_LIBRARY_PATH, which allows local users to gain privileges via a Trojan horse shared library in the current working directory.
CVE-2010-3394 1 Texmacs 1 Texmacs 2025-04-11 N/A
The (1) texmacs and (2) tm_mupad_help scripts in TeXmacs 1.0.7.4 place a zero-length directory name in the LD_LIBRARY_PATH, which allows local users to gain privileges via a Trojan horse shared library in the current working directory.
CVE-2010-3397 1 Pgp 1 Desktop 2025-04-11 N/A
Untrusted search path vulnerability in PGP Desktop 9.9.0 Build 397, 9.10.x, 10.0.0 Build 2732, and probably other versions allows local users, and possibly remote attackers, to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse tsp.dll or tvttsp.dll that is located in the same folder as a .p12, .pem, .pgp, .prk, .prvkr, .pubkr, .rnd, or .skr file.
CVE-2010-3402 1 Ultraedit 1 Ultraedit 2025-04-11 N/A
Untrusted search path vulnerability in IDM Computer Solutions UltraEdit 16.20.0.1009, 16.10.0.1036, and probably other versions allows local users, and possibly remote attackers, to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse dwmapi.dll that is located in the same folder as a bin, cpp, css, c, dat, hpp, html, h, ini, java, log, mak, php, prj, txt, or xml file.
CVE-2010-3403 1 Qualcomm 1 Extensible Diagnostic Monitor 2025-04-11 N/A
Untrusted search path vulnerability in Qualcomm eXtensible Diagnostic Monitor (QXDM) 03.09.19 allows local users, and possibly remote attackers, to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse mfc71enu.dll that is located in the same folder as a .isf file.
CVE-2010-3676 2 Mysql, Oracle 2 Mysql, Mysql 2025-04-11 N/A
storage/innobase/dict/dict0crea.c in mysqld in Oracle MySQL 5.1 before 5.1.49 allows remote authenticated users to cause a denial of service (assertion failure) by modifying the (1) innodb_file_format or (2) innodb_file_per_table configuration parameters for the InnoDB storage engine, then executing a DDL statement.
CVE-2010-3680 3 Mysql, Oracle, Redhat 3 Mysql, Mysql, Enterprise Linux 2025-04-11 N/A
Oracle MySQL 5.1 before 5.1.49 allows remote authenticated users to cause a denial of service (mysqld daemon crash) by creating temporary tables with nullable columns while using InnoDB, which triggers an assertion failure.
CVE-2010-3681 3 Mysql, Oracle, Redhat 3 Mysql, Mysql, Enterprise Linux 2025-04-11 N/A
Oracle MySQL 5.1 before 5.1.49 and 5.5 before 5.5.5 allows remote authenticated users to cause a denial of service (mysqld daemon crash) by using the HANDLER interface and performing "alternate reads from two indexes on a table," which triggers an assertion failure.
CVE-2010-3682 3 Mysql, Oracle, Redhat 3 Mysql, Mysql, Enterprise Linux 2025-04-11 N/A
Oracle MySQL 5.1 before 5.1.49 and 5.0 before 5.0.92 allows remote authenticated users to cause a denial of service (mysqld daemon crash) by using EXPLAIN with crafted "SELECT ... UNION ... ORDER BY (SELECT ... WHERE ...)" statements, which triggers a NULL pointer dereference in the Item_singlerow_subselect::store function.
CVE-2010-3683 3 Mysql, Oracle, Redhat 3 Mysql, Mysql, Enterprise Linux 2025-04-11 N/A
Oracle MySQL 5.1 before 5.1.49 and 5.5 before 5.5.5 sends an OK packet when a LOAD DATA INFILE request generates SQL errors, which allows remote authenticated users to cause a denial of service (mysqld daemon crash) via a crafted request.
CVE-2010-3718 2 Apache, Redhat 3 Tomcat, Enterprise Linux, Jboss Enterprise Web Server 2025-04-11 N/A
Apache Tomcat 7.0.0 through 7.0.3, 6.0.x, and 5.5.x, when running within a SecurityManager, does not make the ServletContext attribute read-only, which allows local web applications to read or write files outside of the intended working directory, as demonstrated using a directory traversal attack.