| Max CVSS | 7.5 | Min CVSS | 2.1 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2011-2911 | 6.8 |
Integer overflow in the CSoundFile::ReadWav function in src/load_wav.cpp in libmodplug before 0.8.8.4 allows remote attackers to cause a denial of service and possibly execute arbitrary code via a crafted WAV file, which triggers a heap-based buffer
|
13-02-2023 - 04:32 | 07-06-2012 - 19:55 | |
| CVE-2011-1761 | 6.8 |
Multiple stack-based buffer overflows in the (1) abc_new_macro and (2) abc_new_umacro functions in src/load_abc.cpp in libmodplug before 0.8.8.3 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a cra
|
13-02-2023 - 04:30 | 07-06-2012 - 19:55 | |
| CVE-2011-2913 | 6.8 |
Off-by-one error in the CSoundFile::ReadAMS function in src/load_ams.cpp in libmodplug before 0.8.8.4 allows remote attackers to cause a denial of service (stack memory corruption) and possibly execute arbitrary code via a crafted AMS file with a lar
|
13-02-2023 - 01:20 | 07-06-2012 - 19:55 | |
| CVE-2011-2912 | 6.8 |
Stack-based buffer overflow in the CSoundFile::ReadS3M function in src/load_s3m.cpp in libmodplug before 0.8.8.4 allows remote attackers to cause a denial of service and possibly execute arbitrary code via a crafted S3M file with an invalid offset.
|
13-02-2023 - 01:20 | 07-06-2012 - 19:55 | |
| CVE-2012-0841 | 5.0 |
libxml2 before 2.8.0 computes hash values without restricting the ability to trigger hash collisions predictably, which allows context-dependent attackers to cause a denial of service (CPU consumption) via crafted XML data.
|
13-02-2023 - 00:23 | 21-12-2012 - 05:46 | |
| CVE-2011-2915 | 6.8 |
Off-by-one error in the CSoundFile::ReadAMS2 function in src/load_ams.cpp in libmodplug before 0.8.8.4 allows remote attackers to cause a denial of service (memory corruption) and possibly execute arbitrary code via a crafted AMS file with a large nu
|
13-02-2023 - 00:19 | 07-06-2012 - 19:55 | |
| CVE-2011-2914 | 6.8 |
Off-by-one error in the CSoundFile::ReadDSM function in src/load_dms.cpp in libmodplug before 0.8.8.4 allows remote attackers to cause a denial of service (memory corruption) and possibly execute arbitrary code via a crafted DSM file with a large num
|
13-02-2023 - 00:19 | 07-06-2012 - 19:55 | |
| CVE-2012-1053 | 6.9 |
The change_user method in the SUIDManager (lib/puppet/util/suidmanager.rb) in Puppet 2.6.x before 2.6.14 and 2.7.x before 2.7.11, and Puppet Enterprise (PE) Users 1.0, 1.1, 1.2.x, 2.0.x before 2.0.3 does not properly manage group privileges, which al
|
11-07-2019 - 15:09 | 29-05-2012 - 20:55 | |
| CVE-2012-1054 | 4.4 |
Puppet 2.6.x before 2.6.14 and 2.7.x before 2.7.11, and Puppet Enterprise (PE) Users 1.0, 1.1, 1.2.x, 2.0.x before 2.0.3, when managing a user login file with the k5login resource type, allows local users to gain privileges via a symlink attack on .k
|
11-07-2019 - 15:09 | 29-05-2012 - 20:55 | |
| CVE-2011-1777 | 6.8 |
Multiple buffer overflows in the (1) heap_add_entry and (2) relocate_dir functions in archive_read_support_format_iso9660.c in libarchive through 2.8.5 allow remote attackers to cause a denial of service (application crash) or possibly execute arbitr
|
10-01-2018 - 02:29 | 13-04-2012 - 20:55 | |
| CVE-2011-1778 | 6.8 |
Buffer overflow in libarchive through 2.8.5 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted TAR archive.
|
10-01-2018 - 02:29 | 13-04-2012 - 20:55 | |
| CVE-2012-0863 | 2.1 |
Mumble 1.2.3 and earlier uses world-readable permissions for .local/share/data/Mumble/.mumble.sqlite files in home directories, which might allow local users to obtain a cleartext password and configuration data by reading a file.
|
19-12-2017 - 02:29 | 30-04-2012 - 14:55 | |
| CVE-2012-0869 | 4.3 |
Cross-site scripting (XSS) vulnerability in fup in Frams' Fast File EXchange (F*EX, aka fex) before 20120215 allows remote attackers to inject arbitrary web script or HTML via the id parameter.
|
29-08-2017 - 01:31 | 25-09-2012 - 23:55 | |
| CVE-2012-0868 | 6.8 |
CRLF injection vulnerability in pg_dump in PostgreSQL 8.3.x before 8.3.18, 8.4.x before 8.4.11, 9.0.x before 9.0.7, and 9.1.x before 9.1.3 allows user-assisted remote attackers to execute arbitrary SQL commands via a crafted file containing object na
|
08-12-2016 - 03:02 | 18-07-2012 - 23:55 | |
| CVE-2012-0866 | 6.5 |
CREATE TRIGGER in PostgreSQL 8.3.x before 8.3.18, 8.4.x before 8.4.11, 9.0.x before 9.0.7, and 9.1.x before 9.1.3 does not properly check the execute permission for trigger functions marked SECURITY DEFINER, which allows remote authenticated users to
|
08-12-2016 - 03:02 | 18-07-2012 - 23:55 | |
| CVE-2012-0867 | 4.3 |
PostgreSQL 8.4.x before 8.4.11, 9.0.x before 9.0.7, and 9.1.x before 9.1.3 truncates the common name to only 32 characters when verifying SSL certificates, which allows remote attackers to spoof connections when the host name is exactly 32 characters
|
07-12-2016 - 19:56 | 18-07-2012 - 23:55 | |
| CVE-2002-1393 | 7.5 |
Multiple vulnerabilities in KDE 2 and KDE 3.x through 3.0.5 do not quote certain parameters that are inserted into a shell command, which could allow remote attackers to execute arbitrary commands via (1) URLs, (2) filenames, or (3) e-mail addresses.
|
18-10-2016 - 02:26 | 17-01-2003 - 05:00 | |
| CVE-2012-1293 | 4.3 |
Multiple cross-site scripting (XSS) vulnerabilities in fup in Frams' Fast File EXchange (F*EX, aka fex) before 20111129-2 allow remote attackers to inject arbitrary web script or HTML via the (1) to or (2) from parameters.
|
30-10-2012 - 04:02 | 25-09-2012 - 23:55 | |
| CVE-2012-1103 | 4.3 |
emacs/notmuch-mua.el in Notmuch before 0.11.1, when using the Emacs interface, allows user-assisted remote attackers to read arbitrary files via crafted MML tags, which are not properly quoted in an email reply cna cause the files to be attached to t
|
26-09-2012 - 04:00 | 25-09-2012 - 23:55 |