| Max CVSS | 10.0 | Min CVSS | 2.6 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2006-1940 | 5.0 |
Unspecified vulnerability in Ethereal 0.10.4 up to 0.10.14 allows remote attackers to cause a denial of service (abort) via the SNDCP dissector.
|
14-02-2024 - 01:17 | 25-04-2006 - 12:50 | |
| CVE-2005-1111 | 3.7 |
Race condition in cpio 2.6 and earlier allows local users to modify permissions of arbitrary files via a hard link attack on a file while it is being decompressed, whose permissions are changed by cpio after the decompression is complete.
|
26-01-2024 - 17:07 | 02-05-2005 - 04:00 | |
| CVE-2007-1558 | 2.6 |
The APOP protocol allows remote attackers to guess the first 3 characters of a password via man-in-the-middle (MITM) attacks that use crafted message IDs and MD5 collisions. NOTE: this design-level issue potentially affects all products that use APO
|
16-10-2018 - 16:39 | 16-04-2007 - 22:19 | |
| CVE-2006-2193 | 7.5 |
Buffer overflow in the t2p_write_pdf_string function in tiff2pdf in libtiff 3.8.2 and earlier allows attackers to cause a denial of service (crash) and possibly execute arbitrary code via a TIFF file with a DocumentName tag that contains UTF-8 charac
|
03-10-2018 - 21:40 | 08-06-2006 - 19:06 | |
| CVE-2005-2704 | 5.0 |
Firefox before 1.0.7 and Mozilla Suite before 1.7.12 allows remote attackers to spoof DOM objects via an XBL control that implements an internal XPCOM interface.
|
11-10-2017 - 01:30 | 23-09-2005 - 19:03 | |
| CVE-2004-0235 | 6.4 |
Multiple directory traversal vulnerabilities in LHA 1.14 allow remote attackers or local users to create arbitrary files via an LHA archive containing filenames with (1) .. sequences or (2) absolute pathnames with double leading slashes ("//absolute/
|
11-10-2017 - 01:29 | 18-08-2004 - 04:00 | |
| CVE-2004-1017 | 10.0 |
Multiple "overflows" in the io_edgeport driver for Linux kernel 2.4.x have unknown impact and unknown attack vectors.
|
11-10-2017 - 01:29 | 31-12-2004 - 05:00 | |
| CVE-2009-1904 | 5.0 |
The BigDecimal library in Ruby 1.8.6 before p369 and 1.8.7 before p173 allows context-dependent attackers to cause a denial of service (application crash) via a string argument that represents a large number, as demonstrated by an attempted conversio
|
29-09-2017 - 01:34 | 11-06-2009 - 21:30 | |
| CVE-2008-2152 | 9.3 |
Integer overflow in the rtl_allocateMemory function in sal/rtl/source/alloc_global.c in OpenOffice.org (OOo) 2.0 through 2.4 allows remote attackers to execute arbitrary code via a crafted file that triggers a heap-based buffer overflow.
|
29-09-2017 - 01:31 | 10-06-2008 - 18:32 | |
| CVE-2008-1767 | 7.5 |
Buffer overflow in pattern.c in libxslt before 1.1.24 allows context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code via an XSL style sheet file with a long XSLT "transformation match" condition that trigg
|
29-09-2017 - 01:30 | 23-05-2008 - 15:32 | |
| CVE-2009-3374 | 7.5 |
The XPCVariant::VariantDataToJS function in the XPCOM implementation in Mozilla Firefox 3.0.x before 3.0.15 and 3.5.x before 3.5.4 does not enforce intended restrictions on interaction between chrome privileged code and objects obtained from remote w
|
19-09-2017 - 01:29 | 29-10-2009 - 14:30 |