| Max CVSS | 7.5 | Min CVSS | 2.1 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2009-3553 | 5.0 |
Use-after-free vulnerability in the abstract file-descriptor handling interface in the cupsdDoSelect function in scheduler/select.c in the scheduler in cupsd in CUPS 1.3.7 and 1.3.10 allows remote attackers to cause a denial of service (daemon crash
|
02-02-2024 - 16:04 | 20-11-2009 - 02:30 | |
| CVE-2008-3272 | 2.1 |
The snd_seq_oss_synth_make_info function in sound/core/seq/oss/seq_oss_synth.c in the sound subsystem in the Linux kernel before 2.6.27-rc2 does not verify that the device number is within the range defined by max_synthdev before returning certain da
|
13-02-2023 - 02:19 | 08-08-2008 - 18:41 | |
| CVE-2008-1232 | 4.3 |
Cross-site scripting (XSS) vulnerability in Apache Tomcat 4.1.0 through 4.1.37, 5.5.0 through 5.5.26, and 6.0.0 through 6.0.16 allows remote attackers to inject arbitrary web script or HTML via a crafted string that is used in the message argument to
|
13-02-2023 - 02:18 | 04-08-2008 - 01:41 | |
| CVE-2008-1808 | 7.5 |
Multiple off-by-one errors in FreeType2 before 2.3.6 allow context-dependent attackers to execute arbitrary code via (1) a crafted table in a Printer Font Binary (PFB) file or (2) a crafted SHC instruction in a TrueType Font (TTF) file, which trigger
|
26-01-2021 - 12:41 | 16-06-2008 - 19:41 | |
| CVE-2003-0605 | 7.5 |
The RPC DCOM interface in Windows 2000 SP3 and SP4 allows remote attackers to cause a denial of service (crash), and local attackers to use the DoS to hijack the epmapper pipe to gain privileges, via certain messages to the __RemoteGetClassObject int
|
30-04-2019 - 14:27 | 27-08-2003 - 04:00 | |
| CVE-2008-5022 | 7.5 |
The nsXMLHttpRequest::NotifyEventListeners method in Firefox 3.x before 3.0.4, Firefox 2.x before 2.0.0.18, Thunderbird 2.x before 2.0.0.18, and SeaMonkey 1.x before 1.1.13 allows remote attackers to bypass the same-origin policy and execute arbitrar
|
02-11-2018 - 13:49 | 13-11-2008 - 11:30 | |
| CVE-2007-0908 | 5.0 |
The WDDX deserializer in the wddx extension in PHP 5 before 5.2.1 and PHP 4 before 4.4.5 does not properly initialize the key_length variable for a numerical key, which allows context-dependent attackers to read stack memory via a wddxPacket element
|
30-10-2018 - 16:26 | 13-02-2007 - 23:28 | |
| CVE-2009-0028 | 2.1 |
The clone system call in the Linux kernel 2.6.28 and earlier allows local users to send arbitrary signals to a parent process from an unprivileged child process by launching an additional child process with the CLONE_PARENT flag, and then letting thi
|
11-10-2018 - 20:58 | 27-02-2009 - 17:30 | |
| CVE-2005-0760 | 5.0 |
The TIFF decoder in ImageMagick before 6.0 allows remote attackers to cause a denial of service (crash) via a crafted TIFF file.
|
11-10-2017 - 01:30 | 02-05-2005 - 04:00 | |
| CVE-2003-0963 | 7.5 |
Buffer overflows in (1) try_netscape_proxy and (2) try_squid_eplf for lftp 2.6.9 and earlier allow remote HTTP servers to execute arbitrary code via long directory names that are processed by the ls or rels commands.
|
11-10-2017 - 01:29 | 05-01-2004 - 05:00 | |
| CVE-2008-1952 | 2.1 |
The backend for XenSource Xen Para Virtualized Frame Buffer (PVFB) in Xen ioemu does not properly restrict the frame buffer size, which allows attackers to cause a denial of service (crash) by mapping an arbitrary amount of guest memory.
|
29-09-2017 - 01:30 | 23-06-2008 - 19:41 |