Vulnerabilities > Opensuse > Opensuse > 10.2
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2008-06-06 | CVE-2008-2389 | Link Following vulnerability in Opensuse 10.2 opensuse-updater in openSUSE 10.2 allows local users to access arbitrary files via a symlink attack. | 4.9 |
2008-06-06 | CVE-2008-2388 | Numeric Errors vulnerability in Opensuse 10.2 Multiple off-by-one errors in opensuse-updater in openSUSE 10.2 have unspecified impact and attack vectors. | 10.0 |
2008-05-02 | CVE-2008-1375 | Race Condition vulnerability in multiple products Race condition in the directory notification subsystem (dnotify) in Linux kernel 2.6.x before 2.6.24.6, and 2.6.25 before 2.6.25.1, allows local users to cause a denial of service (OOPS) and possibly gain privileges via unspecified vectors. | 6.9 |
2008-03-31 | CVE-2008-1567 | Cleartext Storage of Sensitive Information vulnerability in multiple products phpMyAdmin before 2.11.5.1 stores the MySQL (1) username and (2) password, and the (3) Blowfish secret key, in cleartext in a Session file under /tmp, which allows local users to obtain sensitive information. | 5.5 |
2008-03-19 | CVE-2008-0063 | Use of Uninitialized Resource vulnerability in multiple products The Kerberos 4 support in KDC in MIT Kerberos 5 (krb5kdc) does not properly clear the unused portion of a buffer when generating an error message, which might allow remote attackers to obtain sensitive information, aka "Uninitialized stack values." | 7.5 |
2008-01-18 | CVE-2007-6427 | Out-Of-Bounds Write vulnerability in multiple products The XInput extension in X.Org Xserver before 1.4.1 allows context-dependent attackers to execute arbitrary code via requests related to byte swapping and heap corruption within multiple functions, a different vulnerability than CVE-2007-4990. | 9.3 |
2007-11-02 | CVE-2007-5197 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Mono Buffer overflow in the Mono.Math.BigInteger class in Mono 1.2.5.1 and earlier allows context-dependent attackers to execute arbitrary code via unspecified vectors related to Reduce in Montgomery-based Pow methods. | 7.5 |
2007-10-14 | CVE-2007-5200 | Link Following vulnerability in Opensuse 10.2/10.3 hugin, as used on various operating systems including SUSE openSUSE 10.2 and 10.3, allows local users to overwrite arbitrary files via a symlink attack on the hugin_debug_optim_results.txt temporary file. | 3.3 |