CVE-2020-1416

CVE-2020-1416 - An elevation of privilege vulnerability exists in Visual Studio and Visual Studio Code when they load software dependencies, aka 'Visual Studio and Visual Studio Code Elevation of Privilege Vulnerability'. ...
2 years ago

CVE-2020-8029 - A Incorrect Permission Assignment for Critical Resource vulnerability in skuba of SUSE CaaS Platform 4.5 allows local attackers to gain access to the kublet key. This issue affects: SUSE CaaS Platform 4.5 skuba versions prior to ...
4 years ago

CVE-2001-1416 - Multiple cross-site scripting (XSS) vulnerabilities in the log messages in certain Alpha versions of AOL Instant Messenger (AIM) 4.4 allow remote attackers to execute arbitrary web script or HTML via an image in the (1) DATA, (2) STYLE, or (3) BINARY ...
16 years ago

CVE-2002-1416 - The POP3 service for WebEasyMail 3.4.2.2 and earlier generates diffferent error messages for valid and invalid usernames during authentication, which makes it easier for remote attackers to conduct brute force attacks. ...
16 years ago

CVE-1999-1416 - AnswerBook2 (AB2) web server dwhttpd 3.1a4 allows remote attackers to cause a denial of service (resource exhaustion) via an HTTP POST request with a large content-length. ...
16 years ago

CVE-2009-1416 - lib/gnutls_pk.c in libgnutls in GnuTLS 2.5.0 through 2.6.5 generates RSA keys stored in DSA structures, instead of the intended DSA keys, which might allow remote attackers to spoof signatures on certificates or have unspecified other impact by ...
15 years ago

CVE-2005-1416 - Directory traversal vulnerability in 04WebServer 1.81 allows remote attackers to read files outside of the web root but within the installation folder. ...
14 years ago

CVE-2011-1416 - The Research In Motion (RIM) BlackBerry Torch 9800 with firmware 6.0.0.246 allows attackers to read the contents of memory locations via unknown vectors, as demonstrated by Vincenzo Iozzo, Willem Pinckaers, and Ralf-Philipp Weinmann during a Pwn2Own ...
13 years ago

CVE-2006-1416 - Cross-site scripting (XSS) vulnerability in afmsearch.aspx in Absolute FAQ Manager .NET 4.0 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified search module parameters, possibly the question parameter. ...
7 years ago

CVE-2003-1416 - BisonFTP Server 4 release 2 allows remote attackers to cause a denial of service (CPU consumption) via a long (1) ls or (2) cwd command. ...
7 years ago

CVE-2012-1416 - Multiple cross-site request forgery (CSRF) vulnerabilities in SocialCMS 1.0.2 allow remote attackers to hijack the authentication of administrators for requests that (1) add administrator accounts via a member_new action to ...
7 years ago

CVE-2016-1416 - Cisco Prime Collaboration Provisioning 10.6 SP2 (aka 10.6.0.10602) mishandles LDAP authentication, which allows remote attackers to obtain administrator privileges via a crafted login attempt, aka Bug ID CSCuv37513. ...
7 years ago

CVE-2010-1416 - WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1 on Mac OS X 10.4, does not properly restrict the reading of a canvas that contains an SVG image pattern from a different web site, which allows remote ...
7 years ago

CVE-2008-1416 - Multiple PHP remote file inclusion vulnerabilities in PHPauction GPL 2.51 allow remote attackers to execute arbitrary PHP code via a URL in the include_path parameter to (1) converter.inc.php, (2) messages.inc.php, and (3) settings.inc.php in ...
7 years ago

CVE-2015-1416 - Larry Wall's patch; patch in FreeBSD 10.2-RC1 before 10.2-RC1-p1, 10.2 before 10.2-BETA2-p2, and 10.1 before 10.1-RELEASE-p16; Bitrig; GNU patch before 2.2.5; and possibly other patch variants allow remote attackers to execute arbitrary shell ...
7 years ago

CVE-2018-1416 - IBM WebSphere Portal 7.0, 8.0, 8.5, and 9.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure ...
6 years ago

CVE-2007-1416 - PHP remote file inclusion vulnerability in createurl.php in JCcorp (aka James Coyle) URLshrink allows remote attackers to execute arbitrary PHP code via a URL in the formurl parameter. ...
6 years ago

CVE-2019-1416 - An elevation of privilege vulnerability exists due to a race condition in Windows Subsystem for Linux, aka 'Windows Subsystem for Linux Elevation of Privilege Vulnerability'. ...
4 years ago

CVE-2013-1416 - The prep_reprocess_req function in do_tgs_req.c in the Key Distribution Center (KDC) in MIT Kerberos 5 (aka krb5) before 1.10.5 does not properly perform service-principal realm referral, which allows remote authenticated users to cause a denial of ...
4 years ago

CVE-2021-1416 - Multiple vulnerabilities in the Admin portal of Cisco Identity Services Engine (ISE) could allow an authenticated, remote attacker to obtain sensitive information. These vulnerabilities are due to improper enforcement of administrator privilege ...
4 years ago

CVE-2004-1416 - pnxr3260.dll in the RealOne 2.0 build 6.0.11.868 browser plugin, as used in Internet Explorer, allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a crafted embed tag. ...
3 years ago

CVE-2022-1534 - Buffer Over-read at parse_rawml.c:1416 in GitHub repository bfabiszewski/libmobi prior to 0.11. The bug causes the program reads data past the end of the intented buffer. Typically, this can allow attackers to read sensitive information from other ...
2 years ago

CVE-2022-1416 - Missing sanitization of data in Pipeline error messages in GitLab CE/EE affecting all versions starting from 1.0.2 before 14.8.6, all versions from 14.9.0 before 14.9.4, and all versions from 14.10.0 before 14.10.1 allows for rendering of attacker ...
2 years ago

CVE-2023-1416 - A vulnerability classified as critical has been found in Simple Art Gallery 1.0. Affected is an unknown function of the file adminHome.php. The manipulation of the argument social_facebook leads to sql injection. It is possible to launch the attack ...
1 year ago

CVE-2024-50228 - In the Linux kernel, the following vulnerability has been resolved: mm: shmem: fix data-race in shmem_getattr() I got the following KCSAN report during syzbot testing: ================================================================== BUG: KCSAN: ...
4 months ago Tenable.com