Max CVSS | 7.5 | Min CVSS | 1.9 | Total Count | 2 |
ID | CVSS | Summary | Last (major) update | Published | |
CVE-2003-0082 | 5.0 |
The Key Distribution Center (KDC) in Kerberos 5 (krb5) 1.2.7 and earlier allows remote, authenticated attackers to cause a denial of service (crash) on KDCs within the same realm using a certain protocol request that causes the KDC to corrupt its hea
|
21-01-2020 - 15:47 | 02-04-2003 - 05:00 | |
CVE-2003-0072 | 5.0 |
The Key Distribution Center (KDC) in Kerberos 5 (krb5) 1.2.7 and earlier allows remote, authenticated attackers to cause a denial of service (crash) on KDCs within the same realm using a certain protocol request that causes an out-of-bounds read of a
|
21-01-2020 - 15:47 | 02-04-2003 - 05:00 | |
CVE-2003-0028 | 7.5 |
Integer overflow in the xdrmem_getbytes() function, and possibly other functions, of XDR (external data representation) libraries derived from SunRPC, including libnsl, libc, glibc, and dietlibc, allows remote attackers to execute arbitrary code via
|
21-01-2020 - 15:45 | 25-03-2003 - 05:00 | |
CVE-2003-0138 | 7.5 |
Version 4 of the Kerberos protocol (krb4), as used in Heimdal and other packages, allows an attacker to impersonate any principal in a realm via a chosen-plaintext attack.
|
19-10-2018 - 15:29 | 24-03-2003 - 05:00 | |
CVE-2003-0139 | 7.5 |
Certain weaknesses in the implementation of version 4 of the Kerberos protocol (krb4) in the krb5 distribution, when triple-DES keys are used to key krb4 services, allow an attacker to create krb4 tickets for unauthorized principals using a cut-and-p
|
19-10-2018 - 15:29 | 24-03-2003 - 05:00 | |
CVE-2013-2944 | 4.9 |
strongSwan 4.3.5 through 5.0.3, when using the OpenSSL plugin for ECDSA signature verification, allows remote attackers to authenticate as other users via an invalid signature.
|
13-08-2018 - 21:47 | 02-05-2013 - 14:55 | |
CVE-2013-1952 | 1.9 |
Xen 4.x, when using Intel VT-d for a bus mastering capable PCI device, does not properly check the source when accessing a bridge device's interrupt remapping table entries for MSI interrupts, which allows local guest domains to cause a denial of ser
|
29-08-2017 - 01:33 | 13-05-2013 - 23:55 | |
CVE-2013-1964 | 6.9 |
Xen 4.0.x and 4.1.x incorrectly releases a grant reference when releasing a non-v1, non-transitive grant, which allows local guest administrators to cause a denial of service (host crash), obtain sensitive information, or possibly have other impacts
|
30-06-2017 - 01:29 | 21-05-2013 - 18:55 | |
CVE-2013-1944 | 5.0 |
The tailMatch function in cookie.c in cURL and libcurl before 7.30.0 does not properly match the path domain when sending cookies, which allows remote attackers to steal cookies via a matching suffix in the domain of a URL. Per http://www.ubuntu.com/
|
09-09-2016 - 01:59 | 29-04-2013 - 22:55 | |
CVE-2013-1917 | 1.9 |
Xen 3.1 through 4.x, when running 64-bit hosts on Intel CPUs, does not clear the NT flag when using an IRET after a SYSENTER instruction, which allows PV guest users to cause a denial of service (hypervisor crash) by triggering a #GP fault, which is
|
19-04-2014 - 04:34 | 13-05-2013 - 23:55 | |
CVE-2013-1919 | 4.7 |
Xen 4.2.x and 4.1.x does not properly restrict access to IRQs, which allows local stub domain clients to gain access to IRQs and cause a denial of service via vectors related to "passed-through IRQs or PCI devices."
|
19-04-2014 - 04:34 | 13-05-2013 - 23:55 | |
CVE-2013-1918 | 4.7 |
Certain page table manipulation operations in Xen 4.1.x, 4.2.x, and earlier are not preemptible, which allows local PV kernels to cause a denial of service via vectors related to "deep page table traversal."
|
19-04-2014 - 04:34 | 13-05-2013 - 23:55 | |
CVE-2013-1762 | 6.6 |
stunnel 4.21 through 4.54, when CONNECT protocol negotiation and NTLM authentication are enabled, does not correctly perform integer conversion, which allows remote proxy servers to execute arbitrary code via a crafted request that triggers a buffer
|
17-01-2014 - 05:13 | 08-03-2013 - 18:55 | |
CVE-2013-1428 | 6.5 |
Stack-based buffer overflow in the receive_tcppacket function in net_packet.c in tinc before 1.0.21 and 1.1 before 1.1pre7 allows remote authenticated peers to cause a denial of service (crash) or possibly execute arbitrary code via a large TCP packe
|
01-12-2013 - 04:26 | 26-04-2013 - 16:55 | |
CVE-2013-1940 | 2.1 |
X.Org X server before 1.13.4 and 1.4.x before 1.14.1 does not properly restrict access to input events when adding a new hot-plug device, which might allow physically proximate attackers to obtain sensitive information, as demonstrated by reading pas
|
21-06-2013 - 03:17 | 13-05-2013 - 23:55 |