Max CVSS | 10.0 | Min CVSS | 2.6 | Total Count | 2 |
ID | CVSS | Summary | Last (major) update | Published | |
CVE-2005-2974 | 2.6 |
libungif library before 4.1.0 allows attackers to cause a denial of service via a crafted GIF file that triggers a null dereference.
|
13-02-2023 - 02:15 | 04-11-2005 - 00:02 | |
CVE-2002-0677 | 7.5 |
CDE ToolTalk database server (ttdbserver) allows remote attackers to overwrite arbitrary memory locations with a zero, and possibly gain privileges, via a file descriptor argument in an AUTH_UNIX procedure call, which is used as a table index by the
|
30-10-2018 - 16:26 | 23-07-2002 - 04:00 | |
CVE-2007-2231 | 4.3 |
Directory traversal vulnerability in index/mbox/mbox-storage.c in Dovecot before 1.0.rc29, when using the zlib plugin, allows remote attackers to read arbitrary gzipped (.gz) mailboxes (mbox files) via a .. (dot dot) sequence in the mailbox name.
|
16-10-2018 - 16:42 | 25-04-2007 - 15:19 | |
CVE-2007-5958 | 5.0 |
X.Org Xserver before 1.4.1 allows local users to determine the existence of arbitrary files via a filename argument in the -sp option to the X program, which produces different error messages depending on whether the filename exists.
|
15-10-2018 - 21:47 | 18-01-2008 - 23:00 | |
CVE-2007-2435 | 10.0 |
Sun Java Web Start in JDK and JRE 5.0 Update 10 and earlier, and Java Web Start in SDK and JRE 1.4.2_13 and earlier, allows remote attackers to perform unauthorized actions via an application that grants privileges to itself, related to "Incorrect Us
|
11-10-2017 - 01:32 | 02-05-2007 - 10:19 | |
CVE-2006-6053 | 4.9 |
The ext3fs_dirhash function in Linux kernel 2.6.x allows local users to cause a denial of service (crash) via an ext3 stream with malformed data structures.
|
11-10-2017 - 01:31 | 22-11-2006 - 01:07 | |
CVE-2006-0996 | 4.3 |
Cross-site scripting (XSS) vulnerability in phpinfo (info.c) in PHP 5.1.2 and 4.4.2 allows remote attackers to inject arbitrary web script or HTML via long array variables, including (1) a large number of dimensions or (2) long values, which prevents
|
11-10-2017 - 01:30 | 10-04-2006 - 18:06 | |
CVE-2005-0241 | 5.0 |
The httpProcessReplyHeader function in http.c for Squid 2.5-STABLE7 and earlier does not properly set the debug context when it is handling "oversized" HTTP reply headers, which might allow remote attackers to poison the cache or bypass access contro
|
11-10-2017 - 01:29 | 02-05-2005 - 04:00 | |
CVE-2010-1198 | 9.3 |
Use-after-free vulnerability in Mozilla Firefox 3.5.x before 3.5.10 and 3.6.x before 3.6.4, and SeaMonkey before 2.0.5, allows remote attackers to execute arbitrary code via vectors involving multiple plugin instances.
|
19-09-2017 - 01:30 | 24-06-2010 - 12:30 | |
CVE-2009-4035 | 9.3 |
The FoFiType1::parse function in fofi/FoFiType1.cc in Xpdf 3.0.0, gpdf 2.8.2, kpdf in kdegraphics 3.3.1, and possibly other libraries and versions, does not check the return value of the getNextLine function, which allows context-dependent attackers
|
19-09-2017 - 01:29 | 21-12-2009 - 21:30 | |
CVE-2009-3379 | 10.0 |
Multiple unspecified vulnerabilities in libvorbis, as used in Mozilla Firefox 3.5.x before 3.5.4, allow remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via unknown vectors. NOTE: this might overla
|
19-09-2017 - 01:29 | 29-10-2009 - 14:30 |