Max CVSS | 10.0 | Min CVSS | 2.1 | Total Count | 2 |
ID | CVSS | Summary | Last (major) update | Published | |
CVE-2008-6123 | 5.0 |
The netsnmp_udp_fmtaddr function (snmplib/snmpUDPDomain.c) in net-snmp 5.0.9 through 5.4.2.1, when using TCP wrappers for client authorization, does not properly parse hosts.allow rules, which allows remote attackers to bypass intended access restric
|
12-01-2024 - 20:41 | 12-02-2009 - 16:30 | |
CVE-2005-3628 | 7.5 |
Buffer overflow in the JBIG2Bitmap::JBIG2Bitmap function in JBIG2Stream.cc in Xpdf, as used in products such as gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others, allows attackers to modify memory and possibly execute arbitrary co
|
19-10-2018 - 15:38 | 31-12-2005 - 05:00 | |
CVE-2005-2097 | 2.1 |
xpdf and kpdf do not properly validate the "loca" table in PDF files, which allows local users to cause a denial of service (disk consumption and hang) via a PDF file with a "broken" loca table, which causes a large temporary file to be created when
|
19-10-2018 - 15:32 | 16-08-2005 - 04:00 | |
CVE-2008-0003 | 10.0 |
Stack-based buffer overflow in the PAMBasicAuthenticator::PAMCallback function in OpenPegasus CIM management server (tog-pegasus), when compiled to use PAM and without PEGASUS_USE_PAM_STANDALONE_PROC defined, might allow remote attackers to execute a
|
15-10-2018 - 21:56 | 08-01-2008 - 20:46 | |
CVE-2007-4995 | 9.3 |
Off-by-one error in the DTLS implementation in OpenSSL 0.9.8 before 0.9.8f allows remote attackers to execute arbitrary code via unspecified vectors.
|
15-10-2018 - 21:39 | 13-10-2007 - 01:17 | |
CVE-2004-0380 | 10.0 |
The MHTML protocol handler in Microsoft Outlook Express 5.5 SP2 through Outlook Express 6 SP1 allows remote attackers to bypass domain restrictions and execute arbitrary code, as demonstrated on Internet Explorer using script in a compiled help (CHM)
|
12-10-2018 - 21:34 | 04-05-2004 - 04:00 | |
CVE-2008-5557 | 10.0 |
Heap-based buffer overflow in ext/mbstring/libmbfl/filters/mbfilter_htmlent.c in the mbstring extension in PHP 4.3.0 through 5.2.6 allows context-dependent attackers to execute arbitrary code via a crafted string containing an HTML entity, which is n
|
11-10-2018 - 20:56 | 23-12-2008 - 18:30 | |
CVE-2008-5300 | 4.9 |
Linux kernel 2.6.28 allows local users to cause a denial of service ("soft lockup" and process loss) via a large number of sendmsg function calls, which does not block during AF_UNIX garbage collection and triggers an OOM condition, a different vulne
|
11-10-2018 - 20:54 | 01-12-2008 - 17:30 | |
CVE-2005-2369 | 7.5 |
Multiple integer signedness errors in libgadu, as used in ekg before 1.6rc2 and other packages, may allow remote attackers to cause a denial of service or execute arbitrary code.
|
11-10-2017 - 01:30 | 26-07-2005 - 04:00 | |
CVE-2004-0967 | 7.2 |
The (1) pj-gs.sh, (2) ps2epsi, (3) pv.sh, and (4) sysvlp.sh scripts in the ESP Ghostscript (espgs) package in Trustix Secure Linux 1.5 through 2.1, and other operating systems, allow local users to overwrite files via a symlink attack on temporary fi
|
11-10-2017 - 01:29 | 09-02-2005 - 05:00 | |
CVE-2003-0465 | 5.0 |
The kernel strncpy function in Linux 2.4 and 2.5 does not %NUL pad the buffer on architectures other than x86, as opposed to the expected behavior of strncpy as implemented in libc, which could lead to information leaks.
|
11-10-2017 - 01:29 | 18-08-2003 - 04:00 |