Max CVSS 10.0 Min CVSS 1.7 Total Count2
IDCVSSSummaryLast (major) updatePublished
CVE-2004-0079 5.0
The do_change_cipher_spec function in OpenSSL 0.9.6c to 0.9.6k, and 0.9.7a to 0.9.7c, allows remote attackers to cause a denial of service (crash) via a crafted SSL/TLS handshake that triggers a null dereference.
28-12-2023 - 15:33 23-11-2004 - 05:00
CVE-2009-0033 5.0
Apache Tomcat 4.1.0 through 4.1.39, 5.5.0 through 5.5.27, and 6.0.0 through 6.0.18, when the Java AJP connector and mod_jk load balancing are used, allows remote attackers to cause a denial of service (application outage) via a crafted request with i
13-02-2023 - 01:17 05-06-2009 - 16:00
CVE-2008-1105 7.5
Heap-based buffer overflow in the receive_smb_raw function in util/sock.c in Samba 3.0.0 through 3.0.29 allows remote attackers to execute arbitrary code via a crafted SMB response.
29-08-2022 - 20:12 29-05-2008 - 16:32
CVE-2009-1725 9.3
WebKit in Apple Safari before 4.0.2, as used on iPhone OS before 3.1, iPhone OS before 3.1.1 for iPod touch, and other platforms; KHTML in kdelibs in KDE; QtWebKit (aka Qt toolkit); and possibly other products do not properly handle numeric character
09-08-2022 - 13:48 09-07-2009 - 17:30
CVE-2008-3471 9.3
Stack-based buffer overflow in Microsoft Excel 2000 SP3, 2002 SP3, 2003 SP2 and SP3, and 2007 Gold and SP1; Office Excel Viewer 2003 SP3; Office Excel Viewer; Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats Gold and SP1; O
09-02-2022 - 19:22 15-10-2008 - 00:12
CVE-2007-2949 6.8
Integer overflow in the seek_to_and_unpack_pixeldata function in the psd.c plugin in Gimp 2.2.15 allows remote attackers to execute arbitrary code via a crafted PSD file that contains a large (1) width or (2) height value.
07-02-2022 - 17:48 04-07-2007 - 15:30
CVE-2006-3894 5.0
The RSA Crypto-C before 6.3.1 and Cert-C before 2.8 libraries, as used by RSA BSAFE, multiple Cisco products, and other products, allows remote attackers to cause a denial of service via malformed ASN.1 objects.
17-12-2021 - 20:00 22-05-2007 - 19:30
CVE-2003-1328 7.5
The showHelp() function in Microsoft Internet Explorer 5.01, 5.5, and 6.0 supports certain types of pluggable protocols that allow remote attackers to bypass the cross-domain security model and execute arbitrary code, aka "Improper Cross Domain Secur
23-07-2021 - 12:55 19-02-2003 - 05:00
CVE-2006-3639 7.5
Microsoft Internet Explorer 5.01 and 6 does not properly identify the originating domain zone when handling redirects, which allows remote attackers to read cross-domain web pages and possibly execute code via unspecified vectors involving a crafted
23-07-2021 - 12:18 09-08-2006 - 00:04
CVE-2004-0845 6.4
Internet Explorer 5.01, 5.5, and 6 does not properly cache SSL content, which allows remote attackers to obtain information or spoof content via a web site with the same host name as the target web site, whose content is cached and reused when the us
23-07-2021 - 12:18 03-11-2004 - 05:00
CVE-2008-1446 9.0
Integer overflow in the Internet Printing Protocol (IPP) ISAPI extension in Microsoft Internet Information Services (IIS) 5.0 through 7.0 on Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP1 and SP2, and Server 2008 allows remote authenticated users
23-11-2020 - 20:09 15-10-2008 - 00:12
CVE-2009-3655 5.0
Rhino Software Serv-U 7.0.0.1 through 8.2.0.3 allows remote attackers to cause a denial of service (server crash) via unspecified vectors related to the "SITE SET TRANSFERPROGRESS ON" FTP command.
28-07-2020 - 14:46 09-10-2009 - 14:30
CVE-2008-1447 5.0
The DNS protocol, as implemented in (1) BIND 8 and 9 before 9.5.0-P1, 9.4.2-P1, and 9.3.5-P1; (2) Microsoft DNS in Windows 2000 SP4, XP SP2 and SP3, and Server 2003 SP1 and SP2; and other implementations allow remote attackers to spoof DNS traffic vi
24-03-2020 - 18:19 08-07-2008 - 23:41
CVE-2005-0063 7.5
The document processing application used by the Windows Shell in Microsoft Windows 2000, Windows XP, and Windows Server 2003 allows remote attackers to execute arbitrary code by modifying the CLSID stored in a file so that it is processed by HTML App
30-04-2019 - 14:27 02-05-2005 - 04:00
CVE-2003-0812 7.5
Stack-based buffer overflow in a logging function for Windows Workstation Service (WKSSVC.DLL) allows remote attackers to execute arbitrary code via RPC calls that cause long entries to be written to a debug log file ("NetSetup.LOG"), as demonstrated
30-04-2019 - 14:27 15-12-2003 - 05:00
CVE-2008-4038 10.0
Buffer underflow in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP1 and SP2, Vista Gold and SP1, and Server 2008 allows remote attackers to execute arbitrary code via a Server Message Block (SMB) request that contains a filename with a cr
26-02-2019 - 14:04 15-10-2008 - 00:12
CVE-2008-4259 9.3
Microsoft Internet Explorer 7 sometimes attempts to access uninitialized memory locations, which allows remote attackers to execute arbitrary code via a crafted HTML document that triggers memory corruption, related to a WebDAV request for a file wit
26-02-2019 - 14:04 10-12-2008 - 14:00
CVE-2009-2531 9.3
Microsoft Internet Explorer 6, 6 SP1, 7, and 8 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing an object that (1) was not properly initialized or (2) is deleted, leading to memory corru
26-02-2019 - 14:04 14-10-2009 - 10:30
CVE-2009-2494 10.0
The Active Template Library (ATL) in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, Vista Gold, SP1, and SP2, and Server 2008 Gold and SP2 allows remote attackers to execute arbitrary code via vectors related to erroneous free operation
26-02-2019 - 14:04 12-08-2009 - 17:30
CVE-2009-0088 9.3
The WordPerfect 6.x Converter (WPFT632.CNV, 1998.1.27.0) in Microsoft Office Word 2000 SP3 and Microsoft Office Converter Pack does not properly validate the length of an unspecified string, which allows remote attackers to execute arbitrary code via
26-02-2019 - 14:04 15-04-2009 - 08:00
CVE-2009-0090 9.3
Microsoft .NET Framework 1.0 SP3, 1.1 SP1, and 2.0 SP1 does not properly validate .NET verifiable code, which allows remote attackers to obtain unintended access to stack memory, and execute arbitrary code, via (1) a crafted XAML browser application
26-02-2019 - 14:04 14-10-2009 - 10:30
CVE-2009-0554 9.3
Microsoft Internet Explorer 5.01 SP4, 6 SP1, 6 and 7 on Windows XP SP2 and SP3, 6 and 7 on Windows Server 2003 SP1 and SP2, 7 on Windows Vista Gold and SP1, and 7 on Windows Server 2008 allows remote attackers to execute arbitrary code via a web page
26-02-2019 - 14:04 15-04-2009 - 08:00
CVE-2009-0234 6.4
The DNS Resolver Cache Service (aka DNSCache) in Windows DNS Server in Microsoft Windows 2000 SP4, Server 2003 SP1 and SP2, and Server 2008 does not properly cache crafted DNS responses, which makes it easier for remote attackers to predict transacti
26-02-2019 - 14:04 11-03-2009 - 14:19
CVE-2003-0694 10.0
The prescan function in Sendmail 8.12.9 allows remote attackers to execute arbitrary code via buffer overflow attacks, as demonstrated using the parseaddr function in parseaddr.c.
30-10-2018 - 16:26 06-10-2003 - 04:00
CVE-2008-4030 9.3
Microsoft Office Word 2000 SP3, 2002 SP3, 2003 SP3, and 2007 Gold and SP1; Outlook 2007 Gold and SP1; Word Viewer 2003 Gold and SP3; and Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats Gold and SP1 allow remote attackers t
30-10-2018 - 16:25 10-12-2008 - 14:00
CVE-2006-2387 5.1
Unspecified vulnerability in Microsoft Excel 2000, 2002, 2003, 2004 for Mac, v.X for Mac, Excel Viewer 2003, and Microsoft Works Suite 2004 through 2006 allows user-assisted attackers to execute arbitrary code via a crafted DATETIME record in an XLS
30-10-2018 - 16:25 10-10-2006 - 22:07
CVE-2006-4534 9.3
Unspecified vulnerability in Microsoft Word 2000, 2002, and Office 2003 allows remote user-assisted attackers to execute arbitrary code via unspecified vectors involving a crafted file resulting in a malformed stack, as exploited by malware with name
30-10-2018 - 16:25 05-09-2006 - 17:04
CVE-2008-2710 7.2
Integer signedness error in the ip_set_srcfilter function in the IP Multicast Filter in uts/common/inet/ip/ip_multi.c in the kernel in Sun Solaris 10 and OpenSolaris before snv_92 allows local users to execute arbitrary code in other Solaris Zones vi
30-10-2018 - 16:25 16-06-2008 - 20:41
CVE-2008-0960 10.0
SNMPv3 HMAC verification in (1) Net-SNMP 5.2.x before 5.2.4.1, 5.3.x before 5.3.2.1, and 5.4.x before 5.4.1.1; (2) UCD-SNMP; (3) eCos; (4) Juniper Session and Resource Control (SRC) C-series 1.0.0 through 2.0.0; (5) NetApp (aka Network Appliance) Dat
30-10-2018 - 16:25 10-06-2008 - 18:32
CVE-2008-0965 9.3
Multiple format string vulnerabilities in snoop on Sun Solaris 8 through 10 and OpenSolaris before snv_96, when the -o option is omitted, allow remote attackers to execute arbitrary code via format string specifiers in an SMB packet.
30-10-2018 - 16:25 08-08-2008 - 18:41
CVE-2009-0087 9.3
Unspecified vulnerability in the Word 6 text converter in WordPad in Microsoft Windows 2000 SP4, XP SP2 and SP3, and Server 2003 SP1 and SP2; and the Word 6 text converter in Microsoft Office Word 2000 SP3 and 2002 SP3; allows remote attackers to exe
30-10-2018 - 16:25 15-04-2009 - 08:00
CVE-2005-4316 7.8
HP-UX B.11.00, B.11.04, B.11.11, and B.11.23 allows remote attackers to cause a denial of service via a "Rose Attack" that involves sending a subset of small IP fragments that do not form a complete, larger packet.
19-10-2018 - 15:40 17-12-2005 - 11:03
CVE-2005-4437 7.5
MD5 Neighbor Authentication in Extended Interior Gateway Routing Protocol (EIGRP) 1.2, as implemented in Cisco IOS 11.3 and later, does not include the Message Authentication Code (MAC) in the checksum, which allows remote attackers to sniff message
19-10-2018 - 15:40 21-12-2005 - 01:03
CVE-2005-2993 1.7
Unspecified vulnerability in the FTP Daemon (ftpd) for HP Tru64 UNIX 4.0F PK8 and other versions up to HP Tru64 UNIX 5.1B-3, and HP-UX B.11.00, B.11.04, B.11.11, and B.11.23, allows remote authenticated users to cause a denial of service (hang).
19-10-2018 - 15:34 20-09-2005 - 20:03
CVE-2004-0230 5.0
TCP, when using a large Window Size, makes it easier for remote attackers to guess sequence numbers and cause a denial of service (connection loss) to persistent TCP connections by repeatedly injecting a TCP RST packet, especially in protocols that u
19-10-2018 - 15:30 18-08-2004 - 04:00
CVE-2006-3201 4.9
Unspecified vulnerability in the kernel in HP-UX B.11.00, B.11.11, and B.11.23 allows local users to cause an unspecified denial of service via unknown vectors.
18-10-2018 - 16:46 23-06-2006 - 20:06
CVE-2006-2551 2.1
Unspecified vulnerability in the kernel in HP-UX B.11.00 allows local users to cause an unspecified denial of service via unknown vectors.
18-10-2018 - 16:40 23-05-2006 - 16:06
CVE-2006-4820 2.1
Unspecified vulnerability in X.25 on HP-UX B.11.00, B.11.11, and B.11.23 allows local users to cause an unspecified denial of service via unknown vectors.
17-10-2018 - 21:39 15-09-2006 - 21:07
CVE-2006-4650 2.6
Cisco IOS 12.0, 12.1, and 12.2, when GRE IP tunneling is used and the RFC2784 compliance fixes are missing, does not verify the offset field of a GRE packet during decapsulation, which leads to an integer overflow that references data from incorrect
17-10-2018 - 21:38 09-09-2006 - 00:04
CVE-2007-0099 9.3
Race condition in the msxml3 module in Microsoft XML Core Services 3.0, as used in Internet Explorer 6 and other applications, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via many nested tags in
16-10-2018 - 16:31 08-01-2007 - 20:28
CVE-2007-6195 10.0
Buffer overflow in the sw_rpc_agent_init function in swagentd in Software Distributor (SD), and possibly other DCE applications, in HP HP-UX B.11.11 and B.11.23 allows remote attackers to execute arbitrary code or cause a denial of service via malfor
15-10-2018 - 21:50 15-12-2007 - 01:46
CVE-2007-4887 4.3
The dl function in PHP 5.2.4 and earlier allows context-dependent attackers to cause a denial of service (application crash) via a long string in the library parameter. NOTE: there are limited usage scenarios under which this would be a vulnerabilit
15-10-2018 - 21:38 14-09-2007 - 00:17
CVE-2009-0237 4.3
Cross-site scripting (XSS) vulnerability in cookieauth.dll in the HTML forms authentication component in Microsoft Forefront Threat Management Gateway, Medium Business Edition (TMG MBE); and Internet Security and Acceleration (ISA) Server 2006, 2006
12-10-2018 - 21:50 15-04-2009 - 08:00
CVE-2008-4032 7.5
Microsoft Office SharePoint Server 2007 Gold and SP1 and Microsoft Search Server 2008 do not properly perform authentication and authorization for administrative functions, which allows remote attackers to cause a denial of service (server load), obt
12-10-2018 - 21:48 10-12-2008 - 14:00
CVE-2008-3704 9.3
Heap-based buffer overflow in the MaskedEdit ActiveX control in Msmask32.ocx 6.0.81.69, and possibly other versions before 6.0.84.18, in Microsoft Visual Studio 6.0, Visual Basic 6.0, Visual Studio .NET 2002 SP1 and 2003 SP1, and Visual FoxPro 8.0 SP
12-10-2018 - 21:48 18-08-2008 - 19:41
CVE-2008-2540 9.3
Apple Safari on Mac OS X, and before 3.1.2 on Windows, does not prompt the user before downloading an object that has an unrecognized content type, which allows remote attackers to place malware into the (1) Desktop directory on Windows or (2) Downlo
12-10-2018 - 21:47 03-06-2008 - 15:32
CVE-2008-1442 9.3
Heap-based buffer overflow in the substringData method in Microsoft Internet Explorer 6 and 7 allows remote attackers to execute arbitrary code, related to an unspecified manipulation of a DOM object before a call to this method, aka the "HTML Object
12-10-2018 - 21:45 12-06-2008 - 02:32
CVE-2008-0121 9.3
A "memory calculation error" in Microsoft PowerPoint Viewer 2003 allows remote attackers to execute arbitrary code via a PowerPoint file with an invalid picture index that triggers memory corruption, aka "Memory Calculation Vulnerability."
12-10-2018 - 21:45 13-08-2008 - 00:41
CVE-2008-0120 9.3
Integer overflow in Microsoft PowerPoint Viewer 2003 allows remote attackers to execute arbitrary code via a PowerPoint file with a malformed picture index that triggers memory corruption, related to handling of CString objects, aka "Memory Allocatio
12-10-2018 - 21:45 13-08-2008 - 00:41
CVE-2005-1978 7.5
COM+ in Microsoft Windows does not properly "create and use memory structures," which allows local users or remote attackers to execute arbitrary code.
12-10-2018 - 21:36 12-10-2005 - 13:04
CVE-2009-0360 6.2
Russ Allbery pam-krb5 before 3.13, when linked against MIT Kerberos, does not properly initialize the Kerberos libraries for setuid use, which allows local users to gain privileges by pointing an environment variable to a modified Kerberos configurat
11-10-2018 - 21:01 13-02-2009 - 17:30
CVE-2008-2097 9.0
Buffer overflow in the openwsman management service in VMware ESXi 3.5 and ESX 3.5 allows remote authenticated users to gain privileges via an "invalid Content-Length."
11-10-2018 - 20:39 05-06-2008 - 20:32
CVE-2009-2564 7.2
NOS Microsystems getPlus Download Manager, as used in Adobe Reader 1.6.2.36 and possibly other versions, Corel getPlus Download Manager before 1.5.0.48, and possibly other products, installs NOS\bin\getPlus_HelperSvc.exe with insecure permissions (Ev
10-10-2018 - 19:40 21-07-2009 - 17:30
CVE-2009-1269 5.0
Unspecified vulnerability in Wireshark 0.99.6 through 1.0.6 allows remote attackers to cause a denial of service (crash) via a crafted Tektronix .rf5 file.
10-10-2018 - 19:35 13-04-2009 - 16:30
CVE-2009-1099 7.5
Integer signedness error in Java SE Development Kit (JDK) and Java Runtime Environment (JRE) 5.0 Update 17 and earlier, and 6 Update 12 and earlier, allows remote attackers to access files or execute arbitrary code via crafted glyph descriptions in a
10-10-2018 - 19:33 25-03-2009 - 23:30
CVE-2009-0772 9.3
The layout engine in Mozilla Firefox 2 and 3 before 3.0.7, Thunderbird before 2.0.0.21, and SeaMonkey 1.1.15 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via vectors related to nsCSSStyleSheet::GetO
03-10-2018 - 21:58 05-03-2009 - 02:30
CVE-1999-0104 5.0
A later variation on the Teardrop IP denial of service attack, a.k.a. Teardrop-2.
22-08-2018 - 10:29 16-12-1997 - 05:00
CVE-2000-0078 7.2
The June 1999 version of the HP-UX aserver program allows local users to gain privileges by specifying an alternate PATH which aserver uses to find the awk command.
03-05-2018 - 01:29 02-01-2000 - 05:00
CVE-2001-0380 6.4
Crosscom/Olicom XLT-F running XL 80 IM Version 5.5 Build Level 2 allows a remote attacker SNMP read and write access via a default, undocumented community string 'ILMI'.
19-10-2017 - 01:29 18-06-2001 - 04:00
CVE-2007-2813 7.8
Cisco IOS 12.4 and earlier, when using the crypto packages and SSL support is enabled, allows remote attackers to cause a denial of service via a malformed (1) ClientHello, (2) ChangeCipherSpec, or (3) Finished message during an SSL session.
11-10-2017 - 01:32 22-05-2007 - 19:30
CVE-2007-1993 9.3
Buffer overflow in the pfs_mountd.rpc RPC daemon in the Portable File System (PFS) in HP-UX B.11.00, B.11.11, and B.11.23 allows remote attackers to execute arbitrary code by sending "a call to procedure 5, followed by a crafted payload to procedure
11-10-2017 - 01:32 12-04-2007 - 10:19
CVE-2007-0199 5.0
The Data-link Switching (DLSw) feature in Cisco IOS 11.0 through 12.4 allows remote attackers to cause a denial of service (device reload) via "an invalid value in a DLSw message... during the capabilities exchange."
11-10-2017 - 01:31 11-01-2007 - 11:28
CVE-2005-2105 7.5
Cisco IOS 12.2T through 12.4 allows remote attackers to bypass Authentication, Authorization, and Accounting (AAA) RADIUS authentication, if the fallback method is set to none, via a long username.
11-10-2017 - 01:30 05-07-2005 - 04:00
CVE-2005-1058 7.5
Cisco IOS 12.2T, 12.3 and 12.3T, when processing an ISAKMP profile that specifies XAUTH authentication after Phase 1 negotiation, may not process certain attributes in the ISAKMP profile that specifies XAUTH, which allows remote attackers to bypass X
11-10-2017 - 01:30 02-05-2005 - 04:00
CVE-2002-1358 10.0
Multiple SSH2 servers and clients do not properly handle lists with empty elements or strings, which may allow remote attackers to cause a denial of service or possibly execute arbitrary code, as demonstrated by the SSHredder SSH protocol test suite.
11-10-2017 - 01:29 23-12-2002 - 05:00
CVE-2002-1360 10.0
Multiple SSH2 servers and clients do not properly handle strings with null characters in them when the string length is specified by a length field, which could allow remote attackers to cause a denial of service or possibly execute arbitrary code du
11-10-2017 - 01:29 23-12-2002 - 05:00
CVE-2002-1618 7.2
JFS (JFS3.1 and OnlineJFS) in HP-UX 10.20, 11.00, and 11.04 does not properly implement the sticky bit functionality, which could allow attackers to bypass intended restrictions on filesystems.
11-10-2017 - 01:29 16-10-2002 - 04:00
CVE-2001-1198 7.2
RLPDaemon in HP-UX 10.20 and 11.0 allows local users to overwrite arbitrary files and gain privileges by specifying the target file in the -L option.
11-10-2017 - 01:29 15-12-2001 - 05:00
CVE-2004-0952 6.4
HP-UX B.11.00 through B.11.23, when running Ignite-UX and using the add_new_client command, causes the TFTP server to set world-writable permissions on part of the directory tree, which allows remote attackers to modify data or cause disk consumption
11-10-2017 - 01:29 31-12-2004 - 05:00
CVE-2003-1099 2.1
shar on HP-UX B.11.00, B.11.04, and B.11.11 creates temporary files with predictable names in /tmp, which allows local users to cause a denial of service and possibly execute arbitrary code via a symlink attack.
11-10-2017 - 01:29 31-12-2003 - 05:00
CVE-2004-1332 7.5
Stack-based buffer overflow in the FTP daemon in HP-UX 11.11i, with the -v (debug) option enabled, allows remote attackers to execute arbitrary code via a long command request.
11-10-2017 - 01:29 31-12-2004 - 05:00
CVE-2004-1764 7.2
Buffer overflow in CDE libDtSvc on HP-UX B.11.00, B.11.04, B.11.11, and B.11.22 allows local users to gain root privileges via unknown vectors.
11-10-2017 - 01:29 14-01-2004 - 05:00
CVE-2003-1098 7.2
The Xserver for HP-UX 11.22 was not properly built, which introduced a vulnerability that allows local users to gain privileges.
11-10-2017 - 01:29 31-12-2003 - 05:00
CVE-2003-1356 7.2
The "file handling" in sort in HP-UX 10.01 through 10.20, and 11.00 through 11.11 is "incorrect," which allows attackers to gain access or cause a denial of service via unknown vectors.
11-10-2017 - 01:29 31-12-2003 - 05:00
CVE-2009-0910 6.8
Heap-based buffer overflow in the VNnc Codec in VMware Workstation 6.5.x before 6.5.2 build 156735, VMware Player 2.5.x before 2.5.2 build 156735, VMware ACE 2.5.x before 2.5.2 build 156735, and VMware Server 2.0.x before 2.0.1 build 156745 allows re
29-09-2017 - 01:34 06-04-2009 - 15:30
CVE-2009-0719 6.0
Unspecified vulnerability in useradd in HP HP-UX B.11.11, B.11.23, and B.11.31 allows local users to access arbitrary files and directories via unknown vectors, a different issue than CVE-2008-1660.
29-09-2017 - 01:33 29-04-2009 - 15:30
CVE-2008-5690 2.1
The Kerberos credential renewal feature in Sun Solaris 8, 9, and 10, and OpenSolaris build snv_01 through snv_104, allows local users to cause a denial of service (authentication failure) via unspecified vectors related to incorrect cache file permis
29-09-2017 - 01:32 19-12-2008 - 17:30
CVE-2008-2706 4.9
Unspecified vulnerability in the event port implementation in Sun Solaris 10 allows local users to cause a denial of service (panic) by submitting and retrieving user-defined events, probably related to a NULL dereference.
29-09-2017 - 01:31 16-06-2008 - 18:41
CVE-2008-0509 4.4
Multiple buffer overflows in IBM AIX 4.3 allow remote attackers to cause a denial of service (crash) or possibly gain privileges via a long argument to (1) piox25, related to piox25.c; or (2) piox25remote, related to piox25remote.sh.
29-09-2017 - 01:30 31-01-2008 - 20:00
CVE-2008-0586 7.2
Multiple buffer overflows in IBM AIX 5.2 and 5.3 allow local users to gain privileges via unspecified vectors related to the (1) lchangevg, (2) ldeletepv, (3) putlvodm, (4) lvaryoffvg, and (5) lvgenminor programs in bos.rte.lvm; and the (6) tellclvmd
29-09-2017 - 01:30 05-02-2008 - 03:00
CVE-2008-0584 7.2
Multiple buffer overflows in bos.rte.control in IBM AIX 5.2 and 5.3 allow local users to gain privileges via unspecified vectors related to the (1) swap, (2) swapoff, and (3) swapon programs.
29-09-2017 - 01:30 05-02-2008 - 03:00
CVE-2007-6419 7.8
Unspecified vulnerability in rpc.yppasswdd in HP HP-UX B.11.11, B.11.23, and B.11.31 allows remote attackers to cause a denial of service (daemon crash) via unspecified vectors.
29-09-2017 - 01:29 24-12-2007 - 20:46
CVE-2007-5302 4.3
Multiple cross-site scripting (XSS) vulnerabilities in HP System Management Homepage (SMH) in HP-UX B.11.11, B.11.23, and B.11.31, and SMH before 2.1.10 for Linux and Windows, allow remote attackers to inject arbitrary web script or HTML via unspecif
29-09-2017 - 01:29 09-10-2007 - 18:17
CVE-2007-5008 9.0
The logins command in HP-UX B.11.31, B.11.23, and B.11.11 does not correctly report password status, which allows remote attackers to obtain privileges when certain "password issues" are not detected.
29-09-2017 - 01:29 20-09-2007 - 21:17
CVE-2007-4292 9.3
Multiple memory leaks in Cisco IOS 12.0 through 12.4 allow remote attackers to cause a denial of service (device crash) via a malformed SIP packet, aka (1) CSCsf11855, (2) CSCeb21064, (3) CSCse40276, (4) CSCse68355, (5) CSCsf30058, (6) CSCsb24007, an
29-09-2017 - 01:29 09-08-2007 - 21:17
CVE-2009-3026 5.0
protocols/jabber/auth.c in libpurple in Pidgin 2.6.0, and possibly other versions, does not follow the "require TLS/SSL" preference when connecting to older Jabber servers that do not follow the XMPP specification, which causes libpurple to connect t
19-09-2017 - 01:29 31-08-2009 - 20:30
CVE-2009-3465 9.3
Adobe Shockwave Player before 11.5.2.602 allows remote attackers to execute arbitrary code via crafted Shockwave content on a web site, related to an "invalid pointer vulnerability," a different issue than CVE-2009-3464. NOTE: some of these details
19-09-2017 - 01:29 04-11-2009 - 15:30
CVE-2009-3075 10.0
Multiple unspecified vulnerabilities in the JavaScript engine in Mozilla Firefox before 3.0.14 and 3.5.x before 3.5.2, Thunderbird before 2.0.0.24, and SeaMonkey before 1.1.19 allow remote attackers to cause a denial of service (memory corruption and
19-09-2017 - 01:29 10-09-2009 - 21:30
CVE-2009-2679 7.8
Unspecified vulnerability in bootpd in HP HP-UX B.11.11, B.11.23, and B.11.31 allows remote attackers to cause a denial of service via unknown attack vectors.
19-09-2017 - 01:29 05-10-2009 - 18:30
CVE-2009-2561 5.0
Unspecified vulnerability in the sFlow dissector in Wireshark 1.2.0 allows remote attackers to cause a denial of service (CPU and memory consumption) via unspecified vectors.
19-09-2017 - 01:29 21-07-2009 - 17:30
Back to Top Mark selected
Back to Top