| Max CVSS | 7.5 | Min CVSS | 2.1 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2005-2367 | 7.5 |
Format string vulnerability in the proto_item_set_text function in Ethereal 0.9.4 through 0.10.11, as used in multiple dissectors, allows remote attackers to write to arbitrary memory locations and gain privileges via a crafted AFP packet.
|
14-02-2024 - 01:17 | 10-08-2005 - 04:00 | |
| CVE-2009-2409 | 5.1 |
The Network Security Services (NSS) library before 3.12.3, as used in Firefox; GnuTLS before 2.6.4 and 2.7.4; OpenSSL 0.9.8 through 0.9.8k; and other products support MD2 with X.509 certificates, which might allow remote attackers to spoof certificat
|
13-02-2023 - 02:20 | 30-07-2009 - 19:30 | |
| CVE-2009-1183 | 4.3 |
The JBIG2 MMR decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and earlier, Poppler before 0.10.6, and other products allows remote attackers to cause a denial of service (infinite loop and hang) via a crafted PDF file.
|
13-02-2023 - 01:17 | 23-04-2009 - 17:30 | |
| CVE-2007-2172 | 4.7 |
A typo in Linux kernel 2.6 before 2.6.21-rc6 and 2.4 before 2.4.35 causes RTA_MAX to be used as an array size instead of RTN_MAX, which leads to an "out of bound access" by the (1) dn_fib_props (dn_fib.c, DECNet) and (2) fib_props (fib_semantics.c, I
|
19-10-2018 - 18:59 | 22-04-2007 - 19:19 | |
| CVE-2004-0123 | 7.5 |
Double free vulnerability in the ASN.1 library as used in Windows NT 4.0, Windows 2000, Windows XP, and Windows Server 2003, allows remote attackers to cause a denial of service and possibly execute arbitrary code.
|
12-10-2018 - 21:34 | 01-06-2004 - 04:00 | |
| CVE-2010-0734 | 6.8 |
content_encoding.c in libcurl 7.10.5 through 7.19.7, when zlib is enabled, does not properly restrict the amount of callback data sent to an application that requests automatic decompression, which might allow remote attackers to cause a denial of se
|
10-10-2018 - 19:53 | 19-03-2010 - 19:30 | |
| CVE-2005-2703 | 5.0 |
Firefox before 1.0.7 and Mozilla Suite before 1.7.12 allows remote attackers to modify HTTP headers of XML HTTP requests via XMLHttpRequest, and possibly use the client to exploit vulnerabilities in servers or proxies, including HTTP request smugglin
|
11-10-2017 - 01:30 | 23-09-2005 - 19:03 | |
| CVE-2004-0520 | 6.8 |
Cross-site scripting (XSS) vulnerability in mime.php for SquirrelMail before 1.4.3 allows remote attackers to insert arbitrary HTML and script via the content-type mail header, as demonstrated using read_body.php.
|
11-10-2017 - 01:29 | 18-08-2004 - 04:00 | |
| CVE-2005-0706 | 7.5 |
Buffer overflow in discdb.c for grip 3.1.2 allows attackers to cause a denial of service (crash) and possibly execute arbitrary code by causing the cddb lookup to return more matches than expected.
|
11-10-2017 - 01:29 | 02-05-2005 - 04:00 | |
| CVE-2004-1453 | 2.1 |
GNU glibc 2.3.4 before 2.3.4.20040619, 2.3.3 before 2.3.3.20040420, and 2.3.2 before 2.3.2-r10 does not restrict the use of LD_DEBUG for a setuid program, which allows local users to gain sensitive information, such as the list of symbols used by the
|
11-10-2017 - 01:29 | 31-12-2004 - 05:00 | |
| CVE-2009-3880 | 5.0 |
The Abstract Window Toolkit (AWT) in Java Runtime Environment (JRE) in Sun Java SE 5.0 before Update 22 and 6 before Update 17, and OpenJDK, does not properly restrict the objects that may be sent to loggers, which allows attackers to obtain sensitiv
|
19-09-2017 - 01:29 | 09-11-2009 - 19:30 |