|Max CVSS||10.0||Min CVSS||4.9||Total Count||2|
|ID||CVSS||Summary||Last (major) update||Published|
Multiple heap-based buffer overflows in the cirrus_invalidate_region function in the Cirrus VGA extension in QEMU 0.8.2, as used in Xen and possibly other products, might allow local users to execute arbitrary code via unspecified vectors related to
|15-12-2020 - 23:52||02-05-2007 - 17:19|
nfsd in the Linux kernel before 220.127.116.11 does not drop the CAP_MKNOD capability before handling a user request in a thread, which allows local users to create device nodes, as demonstrated on a filesystem that has been exported with the root_squash o
|02-09-2020 - 16:01||25-03-2009 - 01:30|
SQL injection vulnerability in MySQL 4.1.x before 4.1.20 and 5.0.x before 5.0.22 allows context-dependent attackers to execute arbitrary SQL commands via crafted multibyte encodings in character sets such as SJIS, BIG5, and GBK, which are not properl
|17-12-2019 - 20:16||01-06-2006 - 17:02|
OpenSSL 0.9.7 before 0.9.7l, 0.9.8 before 0.9.8d, and earlier versions allows attackers to cause a denial of service (CPU consumption) via parasitic public keys with large (1) "public exponent" or (2) "public modulus" values in X.509 certificates tha
|18-10-2018 - 16:44||28-09-2006 - 18:07|
The ip_push_pending_frames function in Linux 2.4.x and 2.6.x before 2.6.16 increments the IP ID field when sending a RST after receiving unsolicited TCP SYN-ACK packets, which allows remote attackers to conduct an Idle Scan (nmap -sI) attack, which b
|18-10-2018 - 16:31||15-03-2006 - 17:06|
The PNG reference library (aka libpng) before 1.0.43, and 1.2.x before 1.2.35, as used in pngcrush and other applications, allows context-dependent attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a cr
|11-10-2018 - 20:59||22-02-2009 - 22:30|
Unspecified vulnerability in swagentd in HP-UX B.11.00, B.11.04, and B.11.11 allows remote attackers to cause a denial of service (application crash) via unspecified vectors.
|11-10-2017 - 01:30||25-03-2006 - 00:06|
The hypervisor_callback function in Xen, possibly before 3.4.0, as applied to the Linux kernel 2.6.30-rc4, 2.6.18, and probably other versions allows guest user applications to cause a denial of service (kernel oops) of the guest OS by triggering a s
|29-09-2017 - 01:34||22-05-2009 - 11:52|
Heap-based buffer overflow in the OLE importer in OpenOffice.org before 2.4 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via an OLE file with a crafted DocumentSummaryInformation stream.
|29-09-2017 - 01:30||17-04-2008 - 19:05|
The poll_mode_io file for the megaraid_sas driver in the Linux kernel 18.104.22.168 and earlier has world-writable permissions, which allows local users to change the I/O mode of the driver by modifying this file.
|19-09-2017 - 01:29||16-11-2009 - 19:30|
The msn_slplink_process_msg function in libpurple/protocols/msn/slplink.c in libpurple, as used in Pidgin (formerly Gaim) before 2.5.9 and Adium 1.3.5 and earlier, allows remote attackers to execute arbitrary code or cause a denial of service (memory
|19-09-2017 - 01:29||21-08-2009 - 11:02|