| Max CVSS | 9.3 | Min CVSS | 4.6 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2006-2936 | 7.8 |
The ftdi_sio driver (usb/serial/ftdi_sio.c) in Linux kernel 2.6.x up to 2.6.17, and possibly later versions, allows local users to cause a denial of service (memory consumption) by writing more data to the serial port than the hardware can handle, wh
|
13-02-2023 - 02:16 | 10-07-2006 - 19:05 | |
| CVE-2002-0648 | 5.0 |
The legacy <script> data-island capability for XML in Microsoft Internet Explorer 5.01, 5.5, and 6.0 allows remote attackers to read arbitrary XML files, and portions of other files, via a URL whose "src" attribute redirects to a local file.
|
23-07-2021 - 12:55 | 24-09-2002 - 04:00 | |
| CVE-2004-0643 | 4.6 |
Double free vulnerability in the krb5_rd_cred function for MIT Kerberos 5 (krb5) 1.3.1 and earlier may allow local users to execute arbitrary code.
|
02-02-2021 - 18:08 | 28-09-2004 - 04:00 | |
| CVE-2005-1264 | 7.2 |
Raw character devices (raw.c) in the Linux kernel 2.6.x call the wrong function before passing an ioctl to the block device, which crosses security boundaries by making kernel address space accessible from user space, a similar vulnerability to CVE-2
|
19-10-2018 - 15:31 | 17-05-2005 - 04:00 | |
| CVE-2006-3376 | 7.5 |
Integer overflow in player.c in libwmf 0.2.8.4, as used in multiple products including (1) wv, (2) abiword, (3) freetype, (4) gimp, (5) libgsf, and (6) imagemagick allows remote attackers to execute arbitrary code via the MaxRecordSize header field i
|
18-10-2018 - 16:47 | 06-07-2006 - 20:05 | |
| CVE-2006-3113 | 7.5 |
Mozilla Firefox 1.5 before 1.5.0.5, Thunderbird before 1.5.0.5, and SeaMonkey before 1.0.3 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via simultaneous XPCOM events, which causes a timer object to
|
18-10-2018 - 16:45 | 27-07-2006 - 20:04 | |
| CVE-2009-2673 | 7.5 |
The proxy mechanism implementation in Sun Java Runtime Environment (JRE) in JDK and JRE 6 before Update 15, and JDK and JRE 5.0 before Update 20, allows remote attackers to bypass intended access restrictions and connect to arbitrary sites via unspec
|
10-10-2018 - 19:41 | 05-08-2009 - 19:30 | |
| CVE-2008-3640 | 6.8 |
Integer overflow in the WriteProlog function in texttops in CUPS before 1.3.9 allows remote attackers to execute arbitrary code via a crafted PostScript file that triggers a heap-based buffer overflow.
|
03-10-2018 - 21:55 | 14-10-2008 - 21:10 | |
| CVE-2004-0983 | 5.0 |
The CGI module in Ruby 1.6 before 1.6.8, and 1.8 before 1.8.2, allows remote attackers to cause a denial of service (infinite loop and CPU consumption) via a certain HTTP request.
|
03-10-2018 - 21:29 | 01-03-2005 - 05:00 | |
| CVE-2005-0095 | 5.0 |
The WCCP message parsing code in Squid 2.5.STABLE7 and earlier allows remote attackers to cause a denial of service (crash) via malformed WCCP messages with source addresses that are spoofed to reference Squid's home router and invalid WCCP_I_SEE_YOU
|
11-10-2017 - 01:29 | 15-01-2005 - 05:00 | |
| CVE-2009-1687 | 9.3 |
The JavaScript garbage collector in WebKit in Apple Safari before 4.0, iPhone OS 1.0 through 2.2.1, and iPhone OS for iPod touch 1.1 through 2.2.1 does not properly handle allocation failures, which allows remote attackers to execute arbitrary code o
|
29-09-2017 - 01:34 | 10-06-2009 - 14:30 |