| Max CVSS | 7.5 | Min CVSS | 1.2 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2008-3833 | 4.9 |
The generic_file_splice_write function in fs/splice.c in the Linux kernel before 2.6.19 does not properly strip setuid and setgid bits when there is a write to a file, which allows local users to gain the privileges of a different group, and obtain s
|
13-02-2023 - 02:19 | 03-10-2008 - 17:41 | |
| CVE-2009-3292 | 7.5 |
Unspecified vulnerability in PHP before 5.2.11, and 5.3.x before 5.3.1, has unknown impact and attack vectors related to "missing sanity checks around exif processing."
|
30-10-2018 - 16:26 | 22-09-2009 - 10:30 | |
| CVE-2005-2495 | 5.1 |
Multiple integer overflows in XFree86 before 4.3.0 allow user-assisted attackers to execute arbitrary code via a crafted pixmap image.
|
19-10-2018 - 15:33 | 15-09-2005 - 20:03 | |
| CVE-2005-2177 | 5.0 |
Net-SNMP 5.0.x before 5.0.10.2, 5.2.x before 5.2.1.2, and 5.1.3, when net-snmp is using stream sockets such as TCP, allows remote attackers to cause a denial of service (daemon hang and CPU consumption) via a TCP packet of length 1, which triggers an
|
19-10-2018 - 15:32 | 11-07-2005 - 04:00 | |
| CVE-2006-2223 | 5.0 |
RIPd in Quagga 0.98 and 0.99 before 20060503 does not properly implement configurations that (1) disable RIPv1 or (2) require plaintext or MD5 authentication, which allows remote attackers to obtain sensitive information (routing state) via REQUEST p
|
18-10-2018 - 16:38 | 05-05-2006 - 19:02 | |
| CVE-2007-3108 | 1.2 |
The BN_from_montgomery function in crypto/bn/bn_mont.c in OpenSSL 0.9.8e and earlier does not properly perform Montgomery multiplication, which might allow local users to conduct a side-channel attack and retrieve RSA private keys.
|
16-10-2018 - 16:47 | 08-08-2007 - 01:17 | |
| CVE-2006-6142 | 6.8 |
Multiple cross-site scripting (XSS) vulnerabilities in SquirrelMail 1.4.0 through 1.4.9 allow remote attackers to inject arbitrary web script or HTML via the (1) mailto parameter in (a) webmail.php, the (2) session and (3) delete_draft parameters in
|
11-10-2017 - 01:31 | 05-12-2006 - 11:28 | |
| CVE-2006-3694 | 6.4 |
Multiple unspecified vulnerabilities in Ruby before 1.8.5 allow remote attackers to bypass "safe level" checks via unspecified vectors involving (1) the alias function and (2) "directory operations".
|
11-10-2017 - 01:31 | 21-07-2006 - 14:03 | |
| CVE-2004-0055 | 5.0 |
The print_attr_string function in print-radius.c for tcpdump 3.8.1 and earlier allows remote attackers to cause a denial of service (segmentation fault) via a RADIUS attribute with a large length value.
|
11-10-2017 - 01:29 | 17-02-2004 - 05:00 | |
| CVE-2004-0694 | 6.8 |
Buffer overflow in LHA 1.14 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via unknown vectors related to "command line processing," a different vulnerability than CVE-2004-0771. NOTE: th
|
11-10-2017 - 01:29 | 04-02-2011 - 01:00 | |
| CVE-2008-5081 | 5.0 |
The originates_from_local_legacy_unicast_socket function (avahi-core/server.c) in avahi-daemon in Avahi before 0.6.24 allows remote attackers to cause a denial of service (crash) via a crafted mDNS packet with a source port of 0, which triggers an as
|
29-09-2017 - 01:32 | 17-12-2008 - 02:30 |