| Max CVSS | 10.0 | Min CVSS | 1.9 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2008-4579 | 1.9 |
The (1) fence_apc and (2) fence_apc_snmp programs, as used in (a) fence 2.02.00-r1 and possibly (b) cman, when running in verbose mode, allows local users to append to arbitrary files via a symlink attack on the apclog temporary file.
|
13-02-2023 - 02:19 | 15-10-2008 - 20:08 | |
| CVE-2007-3850 | 1.9 |
The eHCA driver in Linux kernel 2.6 before 2.6.22, when running on PowerPC, does not properly map userspace resources, which allows local users to read portions of physical address space.
|
13-02-2023 - 02:18 | 23-10-2007 - 10:46 | |
| CVE-2009-0583 | 9.3 |
Multiple integer overflows in icc.c in the International Color Consortium (ICC) Format library (aka icclib), as used in Ghostscript 8.64 and earlier and Argyll Color Management System (CMS) 1.0.3 and earlier, allow context-dependent attackers to caus
|
13-02-2023 - 01:17 | 23-03-2009 - 20:00 | |
| CVE-2009-1888 | 5.8 |
The acl_group_override function in smbd/posix_acls.c in smbd in Samba 3.0.x before 3.0.35, 3.1.x and 3.2.x before 3.2.13, and 3.3.x before 3.3.6, when dos filemode is enabled, allows remote attackers to modify access control lists for files via vecto
|
29-08-2022 - 19:43 | 25-06-2009 - 01:30 | |
| CVE-2008-4061 | 10.0 |
Integer overflow in the MathML component in Mozilla Firefox before 2.0.0.17 and 3.x before 3.0.2, Thunderbird before 2.0.0.17, and SeaMonkey before 1.1.12 allows remote attackers to cause a denial of service (memory corruption and application crash)
|
01-11-2018 - 16:23 | 24-09-2008 - 20:37 | |
| CVE-2007-1380 | 5.0 |
The php_binary serialization handler in the session extension in PHP before 4.4.5, and 5.x before 5.2.1, allows context-dependent attackers to obtain sensitive information (memory contents) via a serialized variable entry with a large length value, w
|
30-10-2018 - 16:25 | 10-03-2007 - 00:19 | |
| CVE-2006-4145 | 4.9 |
The Universal Disk Format (UDF) filesystem driver in Linux kernel 2.6.17 and earlier allows local users to cause a denial of service (hang and crash) via certain operations involving truncated files, as demonstrated via the dd command.
|
17-10-2018 - 21:33 | 21-08-2006 - 19:04 | |
| CVE-2000-1079 | 7.5 |
Interactions between the CIFS Browser Protocol and NetBIOS as implemented in Microsoft Windows 95, 98, NT, and 2000 allow remote attackers to modify dynamic NetBIOS name cache entries via a spoofed Browse Frame Request in a unicast or UDP broadcast d
|
19-12-2017 - 02:29 | 29-08-2000 - 04:00 | |
| CVE-2006-6304 | 7.5 |
The do_coredump function in fs/exec.c in the Linux kernel 2.6.19 sets the flag variable to O_EXCL but does not use it, which allows context-dependent attackers to modify arbitrary files via a rewrite attack during a core dump.
|
11-10-2017 - 01:31 | 14-12-2006 - 20:28 | |
| CVE-2005-1532 | 7.5 |
Firefox before 1.0.4 and Mozilla Suite before 1.7.8 do not properly limit privileges of Javascript eval and Script objects in the calling context, which allows remote attackers to conduct unauthorized activities via "non-DOM property overrides," a va
|
11-10-2017 - 01:30 | 12-05-2005 - 04:00 | |
| CVE-2009-1932 | 6.8 |
Multiple integer overflows in the (1) user_info_callback, (2) user_endrow_callback, and (3) gst_pngdec_task functions (ext/libpng/gstpngdec.c) in GStreamer Good Plug-ins (aka gst-plugins-good or gstreamer-plugins-good) 0.10.15 allow remote attackers
|
29-09-2017 - 01:34 | 04-06-2009 - 20:30 |