Max CVSS | 10.0 | Min CVSS | 2.1 | Total Count | 2 |
ID | CVSS | Summary | Last (major) update | Published | |
CVE-2010-3855 | 6.8 |
Buffer overflow in the ft_var_readpackedpoints function in truetype/ttgxvar.c in FreeType 2.4.3 and earlier allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted TrueType GX font.
|
13-02-2023 - 04:26 | 26-11-2010 - 20:00 | |
CVE-2018-1123 | 5.0 |
procps-ng before version 3.3.15 is vulnerable to a denial of service in ps via mmap buffer overflow. Inbuilt protection in ps maps a guard page at the end of the overflowed buffer, ensuring that the impact of this flaw is limited to a crash (temporar
|
29-06-2021 - 15:15 | 23-05-2018 - 14:29 | |
CVE-2018-1125 | 5.0 |
procps-ng before version 3.3.15 is vulnerable to a stack buffer overflow in pgrep. This vulnerability is mitigated by FORTIFY, as it involves strncat() to a stack-allocated string. When pgrep is compiled with FORTIFY (as on Red Hat Enterprise Linux a
|
09-09-2020 - 14:59 | 23-05-2018 - 14:29 | |
CVE-2018-1124 | 4.6 |
procps-ng before version 3.3.15 is vulnerable to multiple integer overflows leading to a heap corruption in file2strvec function. This allows a privilege escalation for a local attacker who can create entries in procfs by starting processes, which co
|
09-09-2020 - 14:58 | 23-05-2018 - 13:29 | |
CVE-2018-1121 | 4.3 |
procps-ng, procps is vulnerable to a process hiding through race condition. Since the kernel's proc_pid_readdir() returns PID entries in ascending numeric order, a process occupying a high PID can use inotify events to determine when the process list
|
30-06-2020 - 16:15 | 13-06-2018 - 20:29 | |
CVE-2016-7035 | 7.2 |
An authorization flaw was found in Pacemaker before 1.1.16, where it did not properly guard its IPC interface. An attacker with an unprivileged account on a Pacemaker node could use this flaw to, for example, force the Local Resource Manager daemon t
|
09-10-2019 - 23:19 | 10-09-2018 - 16:29 | |
CVE-2018-1122 | 4.4 |
procps-ng before version 3.3.15 is vulnerable to a local privilege escalation in top. If a user runs top with HOME unset in an attacker-controlled directory, the attacker could achieve privilege escalation by exploiting one of several vulnerabilities
|
03-10-2019 - 00:03 | 23-05-2018 - 14:29 | |
CVE-2018-1126 | 7.5 |
procps-ng before version 3.3.15 is vulnerable to an incorrect integer size in proc/alloc.* leading to truncation/integer overflow issues. This flaw is related to CVE-2018-1124.
|
30-07-2019 - 13:15 | 23-05-2018 - 13:29 | |
CVE-2005-1219 | 7.5 |
Buffer overflow in the Microsoft Color Management Module for Windows allows remote attackers to execute arbitrary code via an image with crafted ICC profile format tags.
|
12-10-2018 - 21:36 | 12-07-2005 - 04:00 | |
CVE-2016-0954 | 10.0 |
Adobe Digital Editions before 4.5.1 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors.
|
08-09-2017 - 01:29 | 09-03-2016 - 11:59 | |
CVE-2010-5075 | 2.1 |
Integer overflow in aswFW.sys 5.0.594.0 in Avast! Internet Security 5.0 Korean Trial allows local users to cause a denial of service (memory corruption and panic) via a crafted IOCTL_ASWFW_COMM_PIDINFO_RESULTS DeviceIoControl request to \\.\aswFW.
|
29-12-2014 - 16:14 | 28-12-2014 - 01:59 | |
CVE-2002-0410 | 5.0 |
send_message.php in AeroMail before 1.45 allows remote attackers to read arbitrary files on the server, instead of just uploaded files, via an attachment that modifies the filename to be uploaded.
|
05-09-2008 - 20:27 | 26-07-2002 - 04:00 |