|Max CVSS||7.5||Min CVSS||3.7||Total Count||2|
|ID||CVSS||Summary||Last (major) update||Published|
bzip2 allows remote attackers to cause a denial of service (hard drive consumption) via a crafted bzip2 file that causes an infinite loop (a.k.a "decompression bomb").
|13-11-2020 - 17:07||19-05-2005 - 04:00|
Certain BSD-based Telnet clients, including those used on Solaris and SuSE Linux, allow remote malicious Telnet servers to read sensitive environment variables via the NEW-ENVIRON option with a SEND ENV_USERVAR command.
|21-01-2020 - 15:45||14-06-2005 - 04:00|
zgrep in gzip before 1.3.5 does not properly sanitize arguments, which allows local users to execute arbitrary commands via filenames that are injected into a sed script.
|16-10-2019 - 20:01||13-05-2005 - 04:00|
Gaim before 1.3.1 allows remote attackers to cause a denial of service (crash) via a malformed MSN message that leads to a memory allocation of a large size, possibly due to an integer signedness error.
|19-10-2018 - 15:32||19-05-2005 - 04:00|
Eval injection vulnerability in PEAR XML_RPC 1.3.0 and earlier (aka XML-RPC or xmlrpc) and PHPXMLRPC (aka XML-RPC For PHP or php-xmlrpc) 1.1 and earlier, as used in products such as (1) WordPress, (2) Serendipity, (3) Drupal, (4) egroupware, (5) Mail
|19-10-2018 - 15:32||05-07-2005 - 04:00|
Race condition in sudo 1.3.1 up to 1.6.8p8, when the ALL pseudo-command is used after a user entry in the sudoers file, allows local users to gain privileges via a symlink attack.
|19-10-2018 - 15:32||20-06-2005 - 04:00|
Gaim before 1.3.1 allows remote attackers to cause a denial of service (application crash) via a Yahoo! message with non-ASCII characters in a file name.
|19-10-2018 - 15:31||16-06-2005 - 04:00|
Race condition in bzip2 1.0.2 and earlier allows local users to modify permissions of arbitrary files via a hard link attack on a file while it is being decompressed, whose permissions are changed by bzip2 after the decompression is complete.
|19-10-2018 - 15:31||02-05-2005 - 04:00|
Buffer overflow in the Microsoft Color Management Module for Windows allows remote attackers to execute arbitrary code via an image with crafted ICC profile format tags.
|12-10-2018 - 21:36||12-07-2005 - 04:00|
The XWD Decoder in ImageMagick before 22.214.171.124, and GraphicsMagick before 1.1.6-r1, allows remote attackers to cause a denial of service (infinite loop) via an image with a zero color mask.
|03-10-2018 - 21:30||24-05-2005 - 04:00|
Race condition in shtool 2.0.1 and earlier allows local users to create or modify arbitrary files via a symlink attack on the .shtool.$$ temporary file, a different vulnerability than CVE-2005-1759.
|03-05-2018 - 01:29||25-05-2005 - 04:00|
sysreport 1.3.15 and earlier includes contents of the up2date file in a report, which leaks the password for a proxy server in plaintext and allows local users to gain privileges.
|11-10-2017 - 01:30||13-06-2005 - 04:00|
Race condition in cpio 2.6 and earlier allows local users to modify permissions of arbitrary files via a hard link attack on a file while it is being decompressed, whose permissions are changed by cpio after the decompression is complete.
|11-10-2017 - 01:30||02-05-2005 - 04:00|