| Max CVSS | 9.3 | Min CVSS | 2.6 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2004-0594 | 5.1 |
The memory_limit functionality in PHP 4.x up to 4.3.7, and 5.x up to 5.0.0RC3, under certain conditions such as when register_globals is enabled, allows remote attackers to execute arbitrary code by triggering a memory_limit abort during execution of
|
15-02-2024 - 21:17 | 27-07-2004 - 04:00 | |
| CVE-2006-0576 | 7.2 |
Untrusted search path vulnerability in opcontrol in OProfile 0.9.1 and earlier allows local users to execute arbitrary commands via a modified PATH that references malicious (1) which or (2) dirname programs. NOTE: while opcontrol normally is not ru
|
19-10-2018 - 15:45 | 08-02-2006 - 00:06 | |
| CVE-2005-0638 | 7.5 |
xloadimage before 4.1-r2, and xli before 1.17, allows attackers to execute arbitrary commands via shell metacharacters in filenames for compressed images, which are not properly quoted when calling the gunzip command.
|
19-10-2018 - 15:31 | 02-03-2005 - 05:00 | |
| CVE-2004-1014 | 5.0 |
statd in nfs-utils 1.257 and earlier does not ignore the SIGPIPE signal, which allows remote attackers to cause a denial of service (server process crash) via a TCP connection that is prematurely terminated.
|
19-10-2018 - 15:30 | 10-01-2005 - 05:00 | |
| CVE-2006-6503 | 6.8 |
Mozilla Firefox 2.x before 2.0.0.1, 1.5.x before 1.5.0.9, Thunderbird before 1.5.0.9, and SeaMonkey before 1.0.7 allows remote attackers to bypass cross-site scripting (XSS) protection by changing the src attribute of an IMG element to a javascript:
|
17-10-2018 - 21:48 | 20-12-2006 - 01:28 | |
| CVE-2006-6106 | 7.5 |
Multiple buffer overflows in the cmtp_recv_interopmsg function in the Bluetooth driver (net/bluetooth/cmtp/capi.c) in the Linux kernel 2.4.22 up to 2.4.33.4 and 2.6.2 before 2.6.18.6, and 2.6.19.x, allow remote attackers to cause a denial of service
|
17-10-2018 - 21:46 | 19-12-2006 - 19:28 | |
| CVE-2006-4810 | 4.6 |
Buffer overflow in the readline function in util/texindex.c, as used by the (1) texi2dvi and (2) texindex commands, in texinfo 4.8 and earlier allows local users to execute arbitrary code via a crafted Texinfo file.
|
17-10-2018 - 21:39 | 08-11-2006 - 21:07 | |
| CVE-2007-4782 | 5.0 |
PHP before 5.2.3 allows context-dependent attackers to cause a denial of service (application crash) via (1) a long string in the pattern parameter to the glob function; or (2) a long string in the string parameter to the fnmatch function, accompanie
|
15-10-2018 - 21:38 | 10-09-2007 - 21:17 | |
| CVE-2008-4101 | 9.3 |
Vim 3.0 through 7.x before 7.2.010 does not properly escape characters, which allows user-assisted attackers to (1) execute arbitrary shell commands by entering a K keystroke on a line that contains a ";" (semicolon) followed by a command, or execute
|
11-10-2018 - 20:50 | 18-09-2008 - 17:59 | |
| CVE-2006-4570 | 2.6 |
Mozilla Thunderbird before 1.5.0.7 and SeaMonkey before 1.0.5, with "Load Images" enabled, allows remote user-assisted attackers to bypass settings that disable JavaScript via a remote XBL file in a message that is loaded when the user views, forward
|
11-10-2017 - 01:31 | 15-09-2006 - 19:07 | |
| CVE-2005-2703 | 5.0 |
Firefox before 1.0.7 and Mozilla Suite before 1.7.12 allows remote attackers to modify HTTP headers of XML HTTP requests via XMLHttpRequest, and possibly use the client to exploit vulnerabilities in servers or proxies, including HTTP request smugglin
|
11-10-2017 - 01:30 | 23-09-2005 - 19:03 |