Количество 18 763
Количество 18 763
CVE-2008-2149
CVE-2008-0888
CVE-2007-6353
Integer overflow in exif.cpp in exiv2 library allows context-dependent attackers to execute arbitrary code via a crafted EXIF file that triggers a heap-based buffer overflow.
CVE-2007-6109
CVE-2007-4998
cp when running with an option to preserve symlinks on multiple OSes allows local user-assisted attackers to overwrite arbitrary files via a symlink attack using crafted directories containing multiple source files that are copied to the same destination.
CVE-2007-4559
CVE-2007-3205
The parse_str function in (1) PHP, (2) Hardened-PHP, and (3) Suhosin, when called without a second parameter, might allow remote attackers to overwrite arbitrary variables by specifying variable names and values in the string to be parsed. NOTE: it is not clear whether this is a design limitation of the function or a bug in PHP, although it is likely to be regarded as a bug in Hardened-PHP and Suhosin.
CVE-2007-2768
CVE-2007-2650
CVE-2007-1397
Multiple stack-based buffer overflows in the (1) ExtractRnick and (2) decrypt_topic_332 functions in FiSH allow remote attackers to execute arbitrary code via long strings.
CVE-2007-0086
CVE-2006-5201
CVE-2005-2069
CVE-2005-0868
AS/400 Telnet 5250 terminal emulation clients, as implemented by (1) IBM client access, (2) Bosanova, (3) PowerTerm, (4) Mochasoft, and possibly other emulations, allows malicious AS/400 servers to execute arbitrary commands via a STRPCO (Start PC Organizer) command followed by STRPCCMD (Start PC command), as demonstrated by creating a backdoor account using REXEC.
CVE-2005-0469
Buffer overflow in the slc_add_reply function in various BSD-based Telnet clients, when handling LINEMODE suboptions, allows remote attackers to execute arbitrary code via a reply with a large number of Set Local Character (SLC) commands.
CVE-2004-2779
CVE-2004-2771
CVE-2002-0318
FreeRADIUS RADIUS server allows remote attackers to cause a denial of service (CPU consumption) via a flood of Access-Request packets.
CVE-2002-0130
Buffer overflow in efax 0.9 and earlier, when installed setuid root, allows local users to execute arbitrary code via a long -x argument.
CVE-2002-0129
efax 0.9 and earlier, when installed setuid root, allows local users to read arbitrary files via the -d option, which prints the contents of the file in a warning message.
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | 1% Низкий | около 4 лет назад | ||
| 19% Средний | больше 5 лет назад | ||
| CVE-2007-6353 Integer overflow in exif.cpp in exiv2 library allows context-dependent attackers to execute arbitrary code via a crafted EXIF file that triggers a heap-based buffer overflow. | 2% Низкий | 4 месяца назад | |
| 3% Низкий | больше 3 лет назад | ||
| CVE-2007-4998 cp when running with an option to preserve symlinks on multiple OSes allows local user-assisted attackers to overwrite arbitrary files via a symlink attack using crafted directories containing multiple source files that are copied to the same destination. | 0% Низкий | больше 5 лет назад | |
| CVSS3: 9.8 | 88% Высокий | больше 1 года назад | |
| CVE-2007-3205 The parse_str function in (1) PHP, (2) Hardened-PHP, and (3) Suhosin, when called without a second parameter, might allow remote attackers to overwrite arbitrary variables by specifying variable names and values in the string to be parsed. NOTE: it is not clear whether this is a design limitation of the function or a bug in PHP, although it is likely to be regarded as a bug in Hardened-PHP and Suhosin. | 1% Низкий | 4 месяца назад | |
| 0% Низкий | больше 5 лет назад | ||
| 4% Низкий | больше 5 лет назад | ||
| CVE-2007-1397 Multiple stack-based buffer overflows in the (1) ExtractRnick and (2) decrypt_topic_332 functions in FiSH allow remote attackers to execute arbitrary code via long strings. | 25% Средний | 4 месяца назад | |
| 2% Низкий | больше 5 лет назад | ||
| 5% Низкий | больше 5 лет назад | ||
| 3% Низкий | больше 5 лет назад | ||
| CVE-2005-0868 AS/400 Telnet 5250 terminal emulation clients, as implemented by (1) IBM client access, (2) Bosanova, (3) PowerTerm, (4) Mochasoft, and possibly other emulations, allows malicious AS/400 servers to execute arbitrary commands via a STRPCO (Start PC Organizer) command followed by STRPCCMD (Start PC command), as demonstrated by creating a backdoor account using REXEC. | 1% Низкий | 4 месяца назад | |
| CVE-2005-0469 Buffer overflow in the slc_add_reply function in various BSD-based Telnet clients, when handling LINEMODE suboptions, allows remote attackers to execute arbitrary code via a reply with a large number of Set Local Character (SLC) commands. | 48% Средний | 4 месяца назад | |
| CVSS3: 7.5 | 0% Низкий | 11 месяцев назад | |
| 2% Низкий | около 4 лет назад | ||
| CVE-2002-0318 FreeRADIUS RADIUS server allows remote attackers to cause a denial of service (CPU consumption) via a flood of Access-Request packets. | 1% Низкий | 4 месяца назад | |
| CVE-2002-0130 Buffer overflow in efax 0.9 and earlier, when installed setuid root, allows local users to execute arbitrary code via a long -x argument. | 0% Низкий | 4 месяца назад | |
| CVE-2002-0129 efax 0.9 and earlier, when installed setuid root, allows local users to read arbitrary files via the -d option, which prints the contents of the file in a warning message. | 0% Низкий | 4 месяца назад |
Уязвимостей на страницу